Stupid Ansible tips

Some useful Ansible hints I had collected over time from around the web.

This one runs playbook against one host only - beware of the comma at the end:

[root@somedude ~]# ansible-playbook webserver.yml -i 10.10.10.10,

Run plays with a specific tag up_named:

[root@somedude ~]# ansible-playbook  ./production.yml -i productionhosts --private-key=~/.ssh/id_ed25519_ansible_deploy --tags="up_named"

Run play with a specific tags up_named against group of servers noc:

[root@somedude ~]# ansible-playbook  ./production.yml -i ./productionhosts --private-key=~/.ssh/id_ed25519_ansible_deploy --tags="up_named" -l noc

Display facts on localhost:

[root@somedude ~]# ansible myhost -m setup

Replace maxsessions 4 with MaxSessions 4 in /etc/ssh/sshd_config on inventory of productionhosts, using become.

[root@somedude ~]# ansible all -m shell -a "sed -i 's/maxsessions 4/MaxSessions 4/g' /etc/ssh/sshd_config" --private-key=~/.ssh/id_ed25519_ansible_deploy -i inventory/productionhosts -b

Replace maxsessions 4 with MaxSessions 4 in /etc/ssh/sshd_config on inventory of developmenthosts, using become - limiting to hostnames starting with minikub*.

[root@somedude ~]# ansible minikub* -m shell -a "sed -i 's/maxsessions 4/MaxSessions 4/g' /etc/ssh/sshd_config" --private-key=~/.ssh/id_ed25519_ansible_deploy -i inventory/developmenthosts -b

Change root password on all production hosts

[root@somedude ~]# ansible all -m user -a "name=root update_password=always password={{ newpassword|password_hash('sha512') }}" --extra-vars "newpassword=somesecurepassphrase" --private-key=~/.ssh/id_ed25519_ansible_deploy -i inventory/productionhosts -b -u automagic