---
- name: main
hosts: all
become: true
vars:
sudoers_include:
sudofile1:
- "%kombit ALL=NOPASSWD: /usr/local/bin/create_sftp_dirs.sh"
- "%kombit ALL=NOPASSWD: /usr/local/bin/add_public_key.sh"
- "%kombit ALL=NOPASSWD: /usr/local/bin/remove_sftp_dirs.sh"
- "%kombit ALL=NOPASSWD: /usr/local/bin/lock_file.sh"
- "%kombit ALL=NOPASSWD: /usr/local/bin/unlock_file.sh"
sudofile2:
- "%admin1 ALL=NOPASSWD: /usr/local/bin/create_sftp_dirs.sh"
- "%admin2 ALL=NOPASSWD: /usr/local/bin/add_public_key.sh"
tasks:
- copy:
dest: "/tmp/{{item.key}}"
content: |
{%- for k,v in sudoers_include.items() -%}
{% for c in v -%}
{{c}}
{% endfor -%}
{%- endfor -%}
loop: "{{ sudoers_include | dict2items }}"
However, this generate something like::
Either I\m using the wrong approach or I do miss something in defining the loop ?
root@localhost:~# cat /tmp/sudofile1
%kombit ALL=NOPASSWD: /usr/local/bin/create_sftp_dirs.sh
%kombit ALL=NOPASSWD: /usr/local/bin/add_public_key.sh
%kombit ALL=NOPASSWD: /usr/local/bin/remove_sftp_dirs.sh
%kombit ALL=NOPASSWD: /usr/local/bin/lock_file.sh
%kombit ALL=NOPASSWD: /usr/local/bin/unlock_file.sh
%admin1 ALL=NOPASSWD: /usr/local/bin/create_sftp_dirs.sh
%admin2 ALL=NOPASSWD: /usr/local/bin/add_public_key.sh
So, the idea is to generate the sudoers file... Don't know if the best approach would be templates or or the copy module ...
Q: "Would the best approach be templates or the copy module?"
A: The only difference is the template in a file vs. in a block.
Q: "Do I miss something in defining the loop?"
A: The fixed template in the below content
- copy:
dest: "/tmp/{{ item.key }}"
content: |
{% for c in item.value %}
{{ c }}
{% endfor %}
loop: "{{ sudoers_include|dict2items }}"
gives
shell> cat /tmp/sudofile1
%kombit ALL=NOPASSWD: /usr/local/bin/create_sftp_dirs.sh
%kombit ALL=NOPASSWD: /usr/local/bin/add_public_key.sh
%kombit ALL=NOPASSWD: /usr/local/bin/remove_sftp_dirs.sh
%kombit ALL=NOPASSWD: /usr/local/bin/lock_file.sh
%kombit ALL=NOPASSWD: /usr/local/bin/unlock_file.sh
shell> cat /tmp/sudofile2
%admin1 ALL=NOPASSWD: /usr/local/bin/create_sftp_dirs.sh
%admin2 ALL=NOPASSWD: /usr/local/bin/add_public_key.sh