c12s-kubespray/roles/bastion-ssh-config/tasks/main.yml
Jiří Stránský 728d56e74d Only write bastion ssh config when needed ()
This will allow running Kubespray when the user who runs it doesn't
have write permissions to the Kubespray dir, at least when not using
bastion.
2017-10-17 10:28:45 +01:00

21 lines
635 B
YAML

---
- set_fact:
has_bastion: "{{ 'bastion' in groups['all'] }}"
- set_fact:
bastion_ip: "{{ hostvars['bastion']['ansible_host'] }}"
when: has_bastion
# As we are actually running on localhost, the ansible_ssh_user is your local user when you try to use it directly
# To figure out the real ssh user, we delegate this task to the bastion and store the ansible_user in real_user
- set_fact:
real_user: "{{ ansible_user }}"
delegate_to: bastion
when: has_bastion
- name: create ssh bastion conf
become: false
template:
src: ssh-bastion.conf
dest: "{{ playbook_dir }}/ssh-bastion.conf"
when: has_bastion