快速開始 - jenhaoyang/backend_blog GitHub Wiki
- 安裝:
- wsl2:https://www.thomaspreischl.de/ansible-wsl-windows/
- ubuntu 使用pip安裝
-
官方建議使用pip install --user ansible
-
設定ssh登入 ssh-copy-id
4.1使用ssh-agent fordwarding 管理密碼 A -> B -> gitlab 的ssh都有使用passphrase 開啟ssh-agent
eval $(ssh-agent)
使用ssh-agent add加入指定的pub key
ssh-add <ssh pub key file>
4.2.使用ansible-vault 加密ssh 密碼
Protecting sensitive variables with ansible-vault
https://docs.ansible.com/ansible/latest/network/getting_started/first_inventory.html#protecting-sensitive-variables-with-ansible-vault
ansible-vault encrypt_string --vault-id id_for_this_string@prompt 'some_secret_string' --name 'ansible_password'
把產生出來的密文直接貼到host裡面
apt-get install sshpass
ansible all -m ping --vault-id id_for_this_string@prompt
參考:
https://www.middlewareinventory.com/blog/ansible-git-example/
https://blog.gtwang.org/linux/using-ssh-agent-forwarding-to-avoid-being-asked-passphrase/
https://www.jeffgeerling.com/blog/2018/cloning-private-github-repositories-ansible-on-remote-server-through-ssh