You can copy-paste the code in this document and simply replace the UPPERCASE vairables with your configurations.
all:
hosts:
# Add this block for each server
SERVERNAME:
ansible_become_pass: "{{ become_pass_SERVERNAME }}"
ansible_ssh_host: "{{ ssh_host_SERVERNAME }}"
ansible_ssh_user: "{{ ssh_user_SERVERNAME }}"
ansible_ssh_port: "{{ ssh_port_SERVERNAME }}"
ansible_ssh_pass: "{{ ssh_pass_SERVERNAME }}"
ansible_ssh_private_key_file: "{{ ssh_private_key_file_SERVERNAME }}"
# ...
children:
allservers:
hosts:
# Add the server to the hosts group
SERVERNAME:host_vars/
└── SERVERNAME
├── vars
└── vault---
# SERVERNAME Vars
become_pass_SERVERNAME: "{{ vault_become_pass_SERVERNAME }}"
ssh_host_SERVERNAME: "IP"
ssh_user_SERVERNAME: "USERNAME"
ssh_port_SERVERNAME: "PORT"
ssh_private_key_file_SERVERNAME: "SSH_KEY_PATH"
ssh_pass_SERVERNAME: "{{ vault_ssh_pass_SERVERNAME }}"Create the vault using the ansible-vault command:
ansible-vault create host_vars/server_name/vault---
vault_become_pass_SERVERNAME: "BECOME_PASS"
vault_ssh_pass_SERVERNAME: "SSH_PASS"all:
hosts:
# ...
SERVERNAME:
ansible_become_pass: "{{ become_pass_SERVERNAME }}"
ansible_ssh_host: "{{ ssh_host_SERVERNAME }}"
ansible_ssh_user: "{{ ssh_user_SERVERNAME }}"
ansible_ssh_port: "{{ ssh_port_SERVERNAME }}"
ansible_ssh_pass: "{{ ssh_pass_SERVERNAME }}"
ansible_ssh_private_key_file: "{{ ssh_private_key_file_SERVERNAME }}"
# ...
children:
allservers:
hosts:
SERVERNAME:If you use a passhphrase encrypted private key you need to use ssh-agent due to the fact that ansible doesn’t support that.
eval "$(ssh-agent -s)"
ssh-add "SSH_KEY_PATH"ansible all -i inventory.yaml --ask-vault-pass --fork NUMBER_OF_SERVERS -m command -a COMMANDansible all -i inventory.yaml --ask-vault-pass --fork NUMBER_OF_SERVERS -m module MODULE_NAMEansible-playbook -i inventory.yaml --ask-vault-pass --fork NUMBER_OF_SERVERS PLAYBOOK_PATH