cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ansible/docsite/latest/rst/playbooks_prompts.rst
Michael DeHaan c10904bcef Prompts chapter
2013-09-29 18:44:46 -04:00

2.5 KiB
Raw Blame History

Prompts

You may wish to prompt the user for certain input, and can do so with the similarly named 'vars_prompt' section.

A common use for this might be for sensitive data.

This has uses beyond security, for instance, you may use the same playbook for all software releases and would prompt for a particular release version in a push-script:

---
- hosts: all
  remote_user: root
  vars:
    from: "camelot"
  vars_prompt:
    name: "what is your name?"
    quest: "what is your quest?"
    favcolor: "what is your favorite color?"

There are full examples of both of these items in the github examples/playbooks directory.

If you have a variable that changes infrequently, it might make sense to provide a default value that can be overridden. This can be accomplished using the default argument:

vars_prompt:
  - name: "release_version"
    prompt: "Product release version"
    default: "1.0"

An alternative form of vars_prompt allows for hiding input from the user, and may later support some other options, but otherwise works equivalently:

vars_prompt:
  - name: "some_password"
    prompt: "Enter password"
    private: yes
  - name: "release_version"
    prompt: "Product release version"
    private: no

If Passlib is installed, vars_prompt can also crypt the entered value so you can use it, for instance, with the user module to define a password:

vars_prompt:
  - name: "my_password2"
    prompt: "Enter password2"
    private: yes
    encrypt: "md5_crypt"
    confirm: yes
    salt_size: 7

You can use any crypt scheme supported by 'Passlib':

  • des_crypt - DES Crypt
  • bsdi_crypt - BSDi Crypt
  • bigcrypt - BigCrypt
  • crypt16 - Crypt16
  • md5_crypt - MD5 Crypt
  • bcrypt - BCrypt
  • sha1_crypt - SHA-1 Crypt
  • sun_md5_crypt - Sun MD5 Crypt
  • sha256_crypt - SHA-256 Crypt
  • sha512_crypt - SHA-512 Crypt
  • apr_md5_crypt - Apaches MD5-Crypt variant
  • phpass - PHPass Portable Hash
  • pbkdf2_digest - Generic PBKDF2 Hashes
  • cta_pbkdf2_sha1 - Cryptaculars PBKDF2 hash
  • dlitz_pbkdf2_sha1 - Dwayne Litzenbergers PBKDF2 hash
  • scram - SCRAM Hash
  • bsd_nthash - FreeBSDs MCF-compatible nthash encoding

However, the only parameters accepted are 'salt' or 'salt_size'. You can use you own salt using 'salt', or have one generated automatically using 'salt_size'. If nothing is specified, a salt of size 8 will be generated.