run the playbook on multiple hosts with different credentials (#1980)

* run the playbook on multiple hosts with different credentials with this script

* fix: add yaml missing document start "---"

* fix: *now really* allow this script to be run from any directory

* add about-note to examples/host.yml

Co-authored-by: Slavi Pantaleev <>

* improve related docs/

Co-authored-by: Slavi Pantaleev <>

* fix typos :)

Co-authored-by: Slavi Pantaleev <>
This commit is contained in:
mcnesium 2022-07-26 15:34:55 +02:00 committed by GitHub
parent 4685509171
commit 72309ed0a1
No known key found for this signature in database
3 changed files with 44 additions and 0 deletions

View File

@ -18,6 +18,7 @@ You can then follow these steps inside the playbook directory:
1. edit the inventory hosts file (`inventory/hosts`) to your liking
1. (optional, advanced) to run Ansible against multiple servers with different `sudo` credentials, you can copy the sample inventory hosts yaml file for each of your hosts: (`cp examples/host.yml inventory/my_host1.yml` …) and use the [``](../inventory/scripts/ script [in the installation step](
For a basic Matrix installation, that's all you need.
For a more custom setup, see the [Other configuration options](#other-configuration-options) below.

examples/host.yml Normal file
View File

@ -0,0 +1,11 @@
# This is a host file for usage with the `` script,
# which runs Ansible against a bunch of hosts, each with its own `sudo` password.
matrix.<your domain>:
ansible_host: <your server's external ip address>
ansible_ssh_user: <your ssh user>
become: true
become_user: root

View File

@ -0,0 +1,32 @@
#!/usr/bin/env bash
# Run the playbook on multiple hosts with different credentials with this script
# It defaults to ansible tags "setup-all,start". You can pass alternative tags
# to this script as arguments, e.g.
# ./inventory/scripts/ self-check
# set playbook root path
root=$(dirname "$(readlink -f "$0")")/../..
# set default tags or get from first argument if any
# init password array
declare -A pws
# capture passwords for all hosts
for host in "$root"/inventory/*.yml; do
read -rp "sudo password for $(basename "$host"): " -s pw
# run ansible on all captured passwords/hosts
for host in "${!pws[@]}"; do
ansible-playbook "$root"/setup.yml \
--inventory-file "$host" \
--extra-vars "ansible_become_pass=${pws[$host]}" \