THIS MODULE HAS MIGRATED TO https://github.com/ansible-collections/community.general/blob/main/plugins/modules/system/ssh_config.py Use the community version instead.
A module for Ansible for configuring ssh configuration files.
We have several libraries that carry shared functionality between projects at work. These libraries are on GitHub and they're in their own repo. Our deploy users don't have access to every single repo but only the ones they need to deploy a specific project.
To manage this we have added in fake hostnames to our ~/.ssh/config files on the line of:
Host: internal-lib.github.com
Hostname: github.com
IdentityFile: id_rsa.internal-lib
When I started out with Ansible I tried just adding in our lines with lineinfile, but it didn't work out for me since several lines needed to be added.
The usage is fairly straightforward and it handles the normal use cases of adding, changing and removing hosts from your config file.
- name: Add internal-lib.github.com to ssh config
ssh_config: host=internal-lib.github.com hostname=github.com
identity_file=id_rsa.internal-lib port=222 state=present
- name: Remove old-internal-lib.github.com from ssh config
ssh_config: host=old-internal-lib.github.com state=absent
For the full set of options please look at the top of the module file.
Note: The module needs to be installed into your library folder for Ansible to pick it up.
Add the following line to your requirements.yml
:
- src: gaqzi.ssh-config
path: library/
Alternatively install it from Ansible Galaxy by doing:
$ ansible-galaxy install gaqzi.ssh-config -p library/
Your directory structure should then look like this:
.
├── library
│ └── gaqzi.ssh-config
│ ├── CHANGELOG.md
│ ├── library
│ │ └── ssh_config.py
│ ├── meta
│ │ └── main.yml
│ └── README.md
└── site.yml
Copy ssh_config
into the library directory at the root of your Playbook.
.
├── library
│ └── ssh_config
└── site.yml
For managing the config files I blatantly copied ConfigParser
from stormssh and paramiko which implemented all the functionality,
but since I want to keep everything in one file to be easily
reusable/shareable with Ansible we ended up here.