c12s-kubespray/roles/bastion-ssh-config/tasks/main.yml
Jiří Stránský 728d56e74d Only write bastion ssh config when needed (#1810)
This will allow running Kubespray when the user who runs it doesn't
have write permissions to the Kubespray dir, at least when not using
bastion.
2017-10-17 10:28:45 +01:00

21 lines
635 B
YAML

---
- set_fact:
has_bastion: "{{ 'bastion' in groups['all'] }}"
- set_fact:
bastion_ip: "{{ hostvars['bastion']['ansible_host'] }}"
when: has_bastion
# As we are actually running on localhost, the ansible_ssh_user is your local user when you try to use it directly
# To figure out the real ssh user, we delegate this task to the bastion and store the ansible_user in real_user
- set_fact:
real_user: "{{ ansible_user }}"
delegate_to: bastion
when: has_bastion
- name: create ssh bastion conf
become: false
template:
src: ssh-bastion.conf
dest: "{{ playbook_dir }}/ssh-bastion.conf"
when: has_bastion