Gave playbook a name, added helpful comments, and specified user authentication information under vars playbook item key

2025-09-05 12:32:30 -04:00
parent c42feba85c
commit 966bd6751d
1 changed files with 12 additions and 2 deletions
--- a/playbooks/admin_login.yml
+++ b/playbooks/admin_login.yml
@@ -1,10 +1,20 @@
 ---
- hosts: servers # @NOTE for IPv6, switch to 'servers6' instead of 'servers4'--for both, 'servers'
+- name: admin_login
+  hosts: servers # @NOTE for IPv6, switch to 'servers6' instead of 'servers4'--for both, 'servers'
  vars_files:
+    # @NOTE if second line is uncommented with its variables actively in use, first line should too be uncommented
    # - vars/ssh_keys_vault.yml
    - vars/ssh_keys.yml
  vars:
-    ansible_ssh_private_key_file: "{{ chosen_native_ssh_private_key_file | default(chosen_local_ssh_private_key_file, true) }}"
+    ansible_user: "{{ passwords[0].username }}"
+    ansible_ssh_user: "{{ passwords[0].username }}"
+    # @NOTE one of below two lines should be commented/uncommented in a mutually exclusive fashion
+    # ansible_ssh_private_key_file: "{{ chosen_native_ssh_private_key_file | default(chosen_local_ssh_private_key_file, true) }}" # @NOTE only works with soft-coded SSH key list building
+    ansible_ssh_private_key_file: "{{ chosen_local_ssh_private_key_file }}"
+    # @NOTE below three lines should only be uncommented when above two are commented and vice versa; key-based authentication should have already been enabled prior to running this playbook
+    # ansible_password: "{{ passwords[0].password }}"
+    # ansible_ssh_pass: "{{ passwords[0].username }}"
+    # ansible_ssh_password: "{{ passwords[0].username }}"
  tasks:
    - name: Disable shell access for root
      ansible.builtin.include_role: