cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add an ansible_ssh_extra_args inventory variable

Browse source 
This can be used to configure a per-host or per-group ProxyCommand to
connect to hosts through a jumphost, e.g.:

    inventory:
        [gatewayed]
        foo ansible_ssh_host=192.0.2.1

    group_vars/gatewayed.yml:
        ansible_ssh_extra_args: '-o ProxyCommand="ssh -W %h:%p -q bounceuser@gateway.example.com"'

Note that this variable is used in addition to any ssh_args configured
in the [ssh_connection] section of ansible.cfg (so you don't need to
repeat the ControlPath settings in ansible_ssh_extra_args).
This commit is contained in:
Abhijit Menon-Sen 2015-08-10 19:06:19 +05:30
parent 8774ff5f57
commit b023ace8a8
2 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
docsite/rst/intro_inventory.rst
View file

@ -211,6 +211,9 @@ SSH connection::
The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys) The ssh password to use (this is insecure, we strongly recommend using --ask-pass or SSH keys)
ansible_ssh_private_key_file ansible_ssh_private_key_file
Private key file used by ssh. Useful if using multiple keys and you don't want to use SSH agent. Private key file used by ssh. Useful if using multiple keys and you don't want to use SSH agent.
ansible_ssh_extra_args
Additional arguments for ssh. Useful to configure a ``ProxyCommand`` for a certain host (or group).
This is used in addition to any ``ssh_args`` configured in ``ansible.cfg``.
Privilege escalation (see :doc:`Ansible Privilege Escalation<become>` for further details):: Privilege escalation (see :doc:`Ansible Privilege Escalation<become>` for further details)::

12
lib/ansible/plugins/connections/ssh.py
View file

@ -58,6 +58,12 @@ class Connection(ConnectionBase):
super(Connection, self).__init__(*args, **kwargs) super(Connection, self).__init__(*args, **kwargs)
self.host = self._play_context.remote_addr self.host = self._play_context.remote_addr
self.ssh_extra_args = ''
def set_host_overrides(self, host):
v = host.get_vars()
if 'ansible_ssh_extra_args' in v:
self.ssh_extra_args = v['ansible_ssh_extra_args']
@property @property
def transport(self): def transport(self):
@ -114,6 +120,12 @@ class Connection(ConnectionBase):
self._common_args += ("-o", "User={0}".format(self._play_context.remote_user)) self._common_args += ("-o", "User={0}".format(self._play_context.remote_user))
self._common_args += ("-o", "ConnectTimeout={0}".format(self._play_context.timeout)) self._common_args += ("-o", "ConnectTimeout={0}".format(self._play_context.timeout))
# If any extra SSH arguments are specified in the inventory for
# this host, add them in.
if self.ssh_extra_args is not None:
extra_args = self.ssh_extra_args
self._common_args += [x.strip() for x in shlex.split(extra_args) if x.strip()]
self._connected = True self._connected = True
return self return self