Help us understand the problem. What is going on with this article?

Ansibleでパスワードをスマートに

More than 1 year has passed since last update.

はじめに

ansibleでsshログイン時のパスワードを入力したり、sudo実行時のパスワード入力など
ansibleでパスワード入力をどう解決したらいいのか悩んでいる人向けの記事です。

解決方法

1. playbookコマンド実行時のパラメータで指定(対話形式で入力)

$ ansible-playbook sample.yml -i hosts --ask-pass --ask-sudo-pass

2. ansible.cfgで設定(上記パラメータ指定するのが面倒な方へ)
ansible.cfg
ask_pass = True
ask_sudo_pass = True
3. Ansible Vaultでパスワードを暗号化してパスワード入力を省略
passwd.ymlを作成
---
ansible_sudo_pass: hoge
ansible_ssh_pass: hogehoge
passwd.ymlを暗号化
$ ansible-vault encrypt passwd.yml
Vault password:
Confirm Vault password:
Encryption successful
ansible.cfgにvaultのパスワードを要求するよう設定
ask_vault_pass = True

playbookコマンド実行時に外部変数として読み込む

$ ansible-playbook sample.yml -i hosts --extra-vars="@password.yml"
Vault password:

参考サイト

Ansible で sudo を実行する
(公式)ansible.cfg

Why not register and get more from Qiita?
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away
Comments
Sign up for free and join this conversation.
If you already have a Qiita account
Why do not you register as a user and use Qiita more conveniently?
You need to log in to use this function. Qiita can be used more conveniently after logging in.
You seem to be reading articles frequently this month. Qiita can be used more conveniently after logging in.
  1. We will deliver articles that match you
    By following users and tags, you can catch up information on technical fields that you are interested in as a whole
  2. you can read useful information later efficiently
    By "stocking" the articles you like, you can search right away