0

I have the following task

- name: Create users
  user:
    uid: "{{ item.uid }}"
    name: "{{ item.username }}"
    comment: "{{ item.comment }}"
    shell: /bin/bash
    groups: "{{ item.groups }}"
  with_items: users

users contains all the users working in the company and I want to create all of them on the samba servers. But there are also 3 admins and I only want to create them in the other servers that is not in the samba group.

I can create the admin users with the above if I add when: item.username in admin_users, but that will do it for all users and I want the default for new servers to be to only create the admin_users, but if the server is in the samba group, create all the users.

Will there be an easy way to do this? I'm thinking of splitting users into two group and create admin_user and other_users by running two tasks, but I would like to know if there is a DRY solution to this problem.

Dax
  • 294
  • 2
  • 11
  • If i understand correctly you have different behaviour for different servers group. You should split this groups in different tasks. However it's depends on your ansible role structure – Navern Aug 15 '15 at 22:14

1 Answers1

2

playbook.yml

---
- hosts: all
  gather_facts: no
  vars:
    users:
      - { uid: user1, username: username1, comment: comment1, shell: /bin/bash, groups: group1 }
      - { uid: user2, username: username2, comment: comment2, shell: /bin/bash, groups: group2 }
    admin_users: [ username1 ]
    users_admin:  |
      {%- set o=[] %}
      {%- for i in users %}
        {%- if i.username in admin_users %}
          {%- if o.append(i) %}
          {%- endif %}
        {%- endif %}
      {%- endfor %}
      {{ o }}
    users_filtered: "{{ users if 'samba' in group_names else users_admin }}"
  tasks:
    - debug:
        var: users_filtered

hosts

host1 ansible_ssh_host=localhost
[samba]
host2 ansible_ssh_host=localhost

sample session:

$ ansible-playbook -i hosts playbook.yml 

PLAY [all] ******************************************************************** 

TASK: [debug ] **************************************************************** 
ok: [host1] => {
    "var": {
        "users_filtered": [
            {
                "comment": "comment1", 
                "groups": "group1", 
                "shell": "/bin/bash", 
                "uid": "user1", 
                "username": "username1"
            }
        ]
    }
}
ok: [host2] => {
    "var": {
        "users_filtered": [
            {
                "comment": "comment1", 
                "groups": "group1", 
                "shell": "/bin/bash", 
                "uid": "user1", 
                "username": "username1"
            }, 
            {
                "comment": "comment2", 
                "groups": "group2", 
                "shell": "/bin/bash", 
                "uid": "user2", 
                "username": "username2"
            }
        ]
    }
}

PLAY RECAP ******************************************************************** 
host1                      : ok=1    changed=0    unreachable=0    failed=0   
host2                      : ok=1    changed=0    unreachable=0    failed=0
yaegashi
  • 841
  • 5
  • 11
  • I see now. You actually build a new dictionary for the admin_users and the decide which dictionary to use. Nice solution to the problem. – Dax Aug 16 '15 at 11:38