ansible/docsite/latest/rst/playbooks_prompts.rst

80 lines
2.5 KiB
ReStructuredText
Raw Normal View History

2013-09-30 00:44:46 +02:00
Prompts
=======
2012-05-13 17:00:02 +02:00
2013-09-30 00:44:46 +02:00
You may wish to prompt the user for certain input, and can
do so with the similarly named 'vars_prompt' section.
2013-09-30 00:44:46 +02:00
A common use for this might be for sensitive data.
2012-05-13 17:00:02 +02:00
2013-09-30 00:44:46 +02:00
This has uses beyond security, for instance, you may use the same playbook for all
2012-05-13 17:00:02 +02:00
software releases and would prompt for a particular release version
in a push-script::
---
- hosts: all
remote_user: root
2012-05-13 17:00:02 +02:00
vars:
from: "camelot"
vars_prompt:
name: "what is your name?"
quest: "what is your quest?"
favcolor: "what is your favorite color?"
There are full examples of both of these items in the github examples/playbooks directory.
If you have a variable that changes infrequently, it might make sense to
provide a default value that can be overridden. This can be accomplished using
the default argument::
vars_prompt:
- name: "release_version"
prompt: "Product release version"
default: "1.0"
An alternative form of vars_prompt allows for hiding input from the user, and may later support
some other options, but otherwise works equivalently::
vars_prompt:
- name: "some_password"
prompt: "Enter password"
private: yes
- name: "release_version"
prompt: "Product release version"
private: no
If `Passlib <http://pythonhosted.org/passlib/>`_ is installed, vars_prompt can also crypt the
entered value so you can use it, for instance, with the user module to define a password::
vars_prompt:
- name: "my_password2"
prompt: "Enter password2"
private: yes
encrypt: "md5_crypt"
confirm: yes
salt_size: 7
You can use any crypt scheme supported by 'Passlib':
- *des_crypt* - DES Crypt
- *bsdi_crypt* - BSDi Crypt
- *bigcrypt* - BigCrypt
- *crypt16* - Crypt16
- *md5_crypt* - MD5 Crypt
- *bcrypt* - BCrypt
- *sha1_crypt* - SHA-1 Crypt
- *sun_md5_crypt* - Sun MD5 Crypt
- *sha256_crypt* - SHA-256 Crypt
- *sha512_crypt* - SHA-512 Crypt
- *apr_md5_crypt* - Apaches MD5-Crypt variant
- *phpass* - PHPass Portable Hash
- *pbkdf2_digest* - Generic PBKDF2 Hashes
- *cta_pbkdf2_sha1* - Cryptaculars PBKDF2 hash
- *dlitz_pbkdf2_sha1* - Dwayne Litzenbergers PBKDF2 hash
- *scram* - SCRAM Hash
- *bsd_nthash* - FreeBSDs MCF-compatible nthash encoding
However, the only parameters accepted are 'salt' or 'salt_size'. You can use you own salt using
'salt', or have one generated automatically using 'salt_size'. If nothing is specified, a salt
of size 8 will be generated.