2013-09-29 22:44:46 +00:00
Prompts
=======
2012-05-13 15:00:02 +00:00
2013-10-05 17:50:53 +00:00
When running a playbook, you may wish to prompt the user for certain input, and can
do so with the 'vars_prompt' section.
2012-08-01 02:19:04 +00:00
2013-10-05 17:50:53 +00:00
A common use for this might be for asking for sensitive data that you do not want to record.
2012-05-13 15:00:02 +00:00
2013-09-29 22:44:46 +00:00
This has uses beyond security, for instance, you may use the same playbook for all
2012-05-13 15:00:02 +00:00
software releases and would prompt for a particular release version
2013-10-05 17:50:53 +00:00
in a push-script.
Here is a most basic example::
2012-05-13 15:00:02 +00:00
---
- hosts: all
2018-11-02 18:57:39 +00:00
vars_prompt:
2014-02-28 19:18:44 +00:00
2018-11-02 18:57:39 +00:00
- name: username
prompt: "What is your username?"
private: no
2014-02-28 19:18:44 +00:00
2018-11-02 18:57:39 +00:00
- name: password
prompt: "What is your password?"
tasks:
2012-05-13 15:00:02 +00:00
2018-11-02 18:57:39 +00:00
- debug:
msg: 'Logging in as {{ username }}'
The user input is hidden by default but it can be made visible by setting `` private: no `` .
2017-09-14 15:17:56 +00:00
2017-03-30 03:14:43 +00:00
.. note ::
2017-09-14 15:17:56 +00:00
Prompts for individual `` vars_prompt `` variables will be skipped for any variable that is already defined through the command line `` --extra-vars `` option, or when running from a non-interactive session (such as cron or Ansible Tower). See :ref: `passing_variables_on_the_command_line` in the /Variables/ chapter.
2017-03-30 03:14:43 +00:00
2013-06-18 15:25:51 +00:00
If you have a variable that changes infrequently, it might make sense to
2018-11-02 18:57:39 +00:00
provide a default value that can be overridden. This can be accomplished using
2013-06-18 15:25:51 +00:00
the default argument::
vars_prompt:
2014-02-28 19:18:44 +00:00
2013-06-18 15:25:51 +00:00
- name: "release_version"
prompt: "Product release version"
default: "1.0"
2017-10-19 00:50:27 +00:00
If `Passlib <https://passlib.readthedocs.io/en/stable/> `_ is installed, vars_prompt can also encrypt the
2013-03-05 16:22:07 +00:00
entered value so you can use it, for instance, with the user module to define a password::
2013-03-05 15:26:24 +00:00
vars_prompt:
2014-02-28 19:18:44 +00:00
2013-03-05 15:26:24 +00:00
- name: "my_password2"
prompt: "Enter password2"
private: yes
2014-11-07 05:28:04 +00:00
encrypt: "sha512_crypt"
2013-03-05 15:26:24 +00:00
confirm: yes
salt_size: 7
2013-03-05 16:19:14 +00:00
2013-03-17 15:46:25 +00:00
You can use any crypt scheme supported by 'Passlib':
2013-03-05 16:22:07 +00:00
- *des_crypt* - DES Crypt
- *bsdi_crypt* - BSDi Crypt
- *bigcrypt* - BigCrypt
- *crypt16* - Crypt16
- *md5_crypt* - MD5 Crypt
- *bcrypt* - BCrypt
- *sha1_crypt* - SHA-1 Crypt
- *sun_md5_crypt* - Sun MD5 Crypt
- *sha256_crypt* - SHA-256 Crypt
- *sha512_crypt* - SHA-512 Crypt
2017-09-18 17:41:17 +00:00
- *apr_md5_crypt* - Apache's MD5-Crypt variant
- *phpass* - PHPass' Portable Hash
2013-03-05 16:22:07 +00:00
- *pbkdf2_digest* - Generic PBKDF2 Hashes
2017-09-18 17:41:17 +00:00
- *cta_pbkdf2_sha1* - Cryptacular's PBKDF2 hash
- *dlitz_pbkdf2_sha1* - Dwayne Litzenberger's PBKDF2 hash
2013-03-05 16:22:07 +00:00
- *scram* - SCRAM Hash
2017-09-18 17:41:17 +00:00
- *bsd_nthash* - FreeBSD's MCF-compatible nthash encoding
2013-03-05 16:22:07 +00:00
2014-02-18 13:23:23 +00:00
However, the only parameters accepted are 'salt' or 'salt_size'. You can use your own salt using
2013-03-08 09:08:28 +00:00
'salt', or have one generated automatically using 'salt_size'. If nothing is specified, a salt
2013-03-05 16:22:07 +00:00
of size 8 will be generated.
2012-08-01 02:19:04 +00:00
2018-08-27 15:40:41 +00:00
.. versionadded :: 2.7
When Passlib is not installed the `crypt <https://docs.python.org/2/library/crypt.html> `_ library is used as fallback.
Depending on your platform at most the following crypt schemes are supported:
- *bcrypt* - BCrypt
- *md5_crypt* - MD5 Crypt
- *sha256_crypt* - SHA-256 Crypt
- *sha512_crypt* - SHA-512 Crypt
2019-01-30 20:01:13 +00:00
.. versionadded :: 2.8
If you need to put in special characters (i.e `{%` ) that might create templating errors, use the `` unsafe `` option::
vars_prompt:
- name: "my_password_with_wierd_chars"
prompt: "Enter password"
unsafe: yes
private: yes
2013-10-05 16:31:16 +00:00
.. seealso ::
:doc: `playbooks`
An introduction to playbooks
:doc: `playbooks_conditionals`
Conditional statements in playbooks
:doc: `playbooks_variables`
All about variables
2018-07-21 13:48:47 +00:00
`User Mailing List <https://groups.google.com/group/ansible-devel> `_
2013-10-05 16:31:16 +00:00
Have a question? Stop by the google group!
`irc.freenode.net <http://irc.freenode.net> `_
#ansible IRC chat channel