cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
ansible/docs/docsite/rst/user_guide/playbooks_prompts.rst
Toshio Kuratomi 80e7e1a17c
Due to the takeover of freenode we're moving to a different irc network. (#74775) 
* Due to the takeover of freenode we're moving to a different irc network.

* Our channels updated to point at the same channel name on libera.chat
* Some links went to webchat.freenode.net.  At this time, libera.chat
  doesn't point you to an official webchat client so I changed these to
  https://libera.chat. (kiwi irc does work with libera.chat so that
  could be another option).
* In general, I used the name irc.libera.net for link names and
  https://libera.chat for link targets.  This is because the irc service
  is hosted on irc.libera.chat but the project web server is hosted on
  libera.chat.  (This appears to also be true for freenode but we were
  using http://irc.freenode.net which doesn't seem to work.  Oops).
* Removed http://irc.freenode.net from the linkcheck exceptions.
  linkcheck was actually correct to flag that as invalid (should have
  been http://frenode.net instead).

* Looks like hte important people in #yaml are now in libera.chat

* Link to where contributors should get help

Add a link target and then link to where contributors should get support
for developing groups of modules.

* Update docs/docsite/rst/dev_guide/developing_modules_in_groups.rst

Co-authored-by: Felix Fontein <felix@fontein.de>

Co-authored-by: John R Barker <john@johnrbarker.com>
Co-authored-by: Felix Fontein <felix@fontein.de>
2021-06-01 08:48:09 +01:00

3.9 KiB
Raw Blame History

Interactive input: prompts

If you want your playbook to prompt the user for certain input, add a 'vars_prompt' section. Prompting the user for variables lets you avoid recording sensitive data like passwords. In addition to security, prompts support flexibility. For example, if you use one playbook across multiple software releases, you could prompt for the particular release version.

Here is a most basic example:

---
- hosts: all
  vars_prompt:

    - name: username
      prompt: What is your username?
      private: no

    - name: password
      prompt: What is your password?

  tasks:

    - name: Print a message
      ansible.builtin.debug:
        msg: 'Logging in as {{ username }}'

The user input is hidden by default but it can be made visible by setting private: no.

Note

Prompts for individual vars_prompt variables will be skipped for any variable that is already defined through the command line --extra-vars option, or when running from a non-interactive session (such as cron or Ansible Tower). See passing_variables_on_the_command_line.

If you have a variable that changes infrequently, you can provide a default value that can be overridden:

vars_prompt:

  - name: release_version
    prompt: Product release version
    default: "1.0"

Encrypting values supplied by vars_prompt

You can encrypt the entered value so you can use it, for instance, with the user module to define a password:

vars_prompt:

  - name: my_password2
    prompt: Enter password2
    private: yes
    encrypt: sha512_crypt
    confirm: yes
    salt_size: 7

If you have Passlib installed, you can use any crypt scheme the library supports:

  • des_crypt - DES Crypt
  • bsdi_crypt - BSDi Crypt
  • bigcrypt - BigCrypt
  • crypt16 - Crypt16
  • md5_crypt - MD5 Crypt
  • bcrypt - BCrypt
  • sha1_crypt - SHA-1 Crypt
  • sun_md5_crypt - Sun MD5 Crypt
  • sha256_crypt - SHA-256 Crypt
  • sha512_crypt - SHA-512 Crypt
  • apr_md5_crypt - Apache's MD5-Crypt variant
  • phpass - PHPass' Portable Hash
  • pbkdf2_digest - Generic PBKDF2 Hashes
  • cta_pbkdf2_sha1 - Cryptacular's PBKDF2 hash
  • dlitz_pbkdf2_sha1 - Dwayne Litzenberger's PBKDF2 hash
  • scram - SCRAM Hash
  • bsd_nthash - FreeBSD's MCF-compatible nthash encoding

The only parameters accepted are 'salt' or 'salt_size'. You can use your own salt by defining 'salt', or have one generated automatically using 'salt_size'. By default Ansible generates a salt of size 8.

2.7

If you do not have Passlib installed, Ansible uses the crypt library as a fallback. Ansible supports at most four crypt schemes, depending on your platform at most the following crypt schemes are supported:

  • bcrypt - BCrypt
  • md5_crypt - MD5 Crypt
  • sha256_crypt - SHA-256 Crypt
  • sha512_crypt - SHA-512 Crypt

2.8

Allowing special characters in vars_prompt values

Some special characters, such as { and % can create templating errors. If you need to accept special characters, use the unsafe option:

vars_prompt:
  - name: my_password_with_weird_chars
    prompt: Enter password
    unsafe: yes
    private: yes
playbooks_intro

An introduction to playbooks

playbooks_conditionals

Conditional statements in playbooks

playbooks_variables

All about variables

User Mailing List

Have a question? Stop by the google group!

irc.libera.chat

#ansible IRC chat channel