When working on complex project, always install your own version of ansible in a dedicated virtual environment:
virtualenv -p python3 .venv
. .venv/bin/activate
Normally, you have at least a requirements.txt file determining python dependencies versions:
ansible==8.7.0
jmespath==1.0.1
zabbix-api==0.5.6
So to install the whoe thing:
pip install -r requirements.txt
Basic ansible.cfg:
[defaults]
inventory = inventories
# Speed tuning
pipelining = True
forks=15
[ssh_connection]
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
Discovery comamnds:
ansible-inventory --graph
ansible-playbook --check --diff site.yml
Direnv .envrc config would looks like:
layout python3
export ANSIBLE_VAULT_PASSWORD_FILE=$PWD/.vault.secret
export ANSIBLE_BECOME_PASSWORD_FILE=$PWD/.become.secret
Create both file, and paste your passwords in clear text without line returns. You should not need anymore to enter passwords.
Show inventory vars for a sinble host:
# ansible-inventory --list
ansible-inventory --host HOST
{
"always_pull": false,
"cert_key": "wildcard.domain.key",
"certificate": "wildcard.domain.crt"
}
Show facts only:
ansible -m setup HOST
Show runtime vars for a sinble host:
ansible -m debug -a "var=hostvars[inventory_hostname]" HOST