====== ansible ======

===== Usage =====

==== Add public key to server ====

0. Install ''sshpass'' first:

  sudo pacman -S sshpass

1. Edit host inventory, add server host like this:

<code ini host>
[test]
test1 ansible_ssh_host=1.1.1.1
test2 ansible_ssh_host=2.2.2.2
</code>

2. Create ''upload_ssh_keys.yml'':

<code ini upload_ssh_keys.yml>
---
- hosts: all
  remote_user: root
  tasks:
    - name: upload key to server
      authorized_key:
        user: root
        state: present
        key: "{{ lookup('file', lookup('env', 'HOME') + '/.ssh/id_rsa.pub') }}"
</code>

3. Run ''ansible-playbook'' command and input password:

  ansible-playbook -k -l test upload_ssh_keys.yml

==== Handling SSH host key prompts ====

When you first time connected to server, it would prompts you something like this:

  The authenticity of host 'xxx (x.x.x.x)' can't be established.
  ED25519 key fingerprint is xxxxxxxx.
  Are you sure you want to continue connecting (yes/no)?

Solution: disable SSH key host checking:

<code ini ansible.cfg>
[defaults]
host_key_checking = False
</code>

===== Tips =====

==== Set global host inventory variables ====

<code ini host>
[all:vars]
ansible_port=22
ansible_user=root
ansible_ssh_private_key_file="~/.ssh/id_rsa"
</code>

==== Usage of sub-group ====

<code ini host>
[test-db]
test-db1 ansible_host=1.1.1.1

[test-api]
test-api1 ansible_host=2.2.2.2
test-api2 ansible_host=3.3.3.3

[test:children]
test-db
test-api
</code>