run the playbook on multiple hosts with different credentials (#1980)

* run the playbook on multiple hosts with different credentials with this script * fix: add yaml missing document start "---" * fix: *now really* allow this script to be run from any directory * add about-note to examples/host.yml Co-authored-by: Slavi Pantaleev <slavi@devture.com> * improve ansible-all-hosts.sh related docs/configuring-playbook.md Co-authored-by: Slavi Pantaleev <slavi@devture.com> * fix typos :) Co-authored-by: Slavi Pantaleev <slavi@devture.com>
2 years ago · 72309ed0a1
parent 4685509171
commit 72309ed0a1
3 changed files with 44 additions and 0 deletions
--- a/docs/configuring-playbook.md
+++ b/docs/configuring-playbook.md
@ -18,6 +18,7 @@ You can then follow these steps inside the playbook directory:

 1. edit the inventory hosts file (`inventory/hosts`) to your liking

+1. (optional, advanced) to run Ansible against multiple servers with different `sudo` credentials, you can copy the sample inventory hosts yaml file for each of your hosts: (`cp examples/host.yml inventory/my_host1.yml` …) and use the [`ansible-all-hosts.sh`](../inventory/scripts/ansible-all-hosts.sh) script [in the installation step](installing.md).

 For a basic Matrix installation, that's all you need.
 For a more custom setup, see the [Other configuration options](#other-configuration-options) below.
--- a/examples/host.yml
+++ b/examples/host.yml
@ -0,0 +1,11 @@
+---
+
+# This is a host file for usage with the `ansible-all-hosts.sh` script,
+# which runs Ansible against a bunch of hosts, each with its own `sudo` password.
+matrix_servers:
+  hosts:
+    matrix.<your domain>:
+      ansible_host: <your server's external ip address>
+      ansible_ssh_user: <your ssh user>
+      become: true
+      become_user: root
--- a/inventory/scripts/ansible-all-hosts.sh
+++ b/inventory/scripts/ansible-all-hosts.sh
@ -0,0 +1,32 @@
+#!/usr/bin/env bash
+#
+# Run the playbook on multiple hosts with different credentials with this script
+# It defaults to ansible tags "setup-all,start". You can pass alternative tags
+# to this script as arguments, e.g.
+#
+#     ./inventory/scripts/ansible-all-hosts.sh self-check
+#
+
+# set playbook root path
+root=$(dirname "$(readlink -f "$0")")/../..
+
+# set default tags or get from first argument if any
+tags="${1:-setup-all,start}"
+
+# init password array
+declare -A pws
+
+# capture passwords for all hosts
+for host in "$root"/inventory/*.yml; do
+    read -rp "sudo password for $(basename "$host"): " -s pw
+    pws[$host]="$pw"
+    echo
+done
+
+# run ansible on all captured passwords/hosts
+for host in "${!pws[@]}"; do
+    ansible-playbook "$root"/setup.yml \
+        --inventory-file "$host" \
+        --extra-vars "ansible_become_pass=${pws[$host]}" \
+        --tags="$tags"
+done