A simple Ansible connection plugin that uses gRPC. This project includes both client and server implementations.
- gRPC-based connection plugin for Ansible
- SSH key-based authentication
- Dynamic SSH key reloading
- Support for user-specific environment variables
- Systemd service configuration for gRPC server
-
Clone the repository:
git clone https://github.com/HZ89/simple-ansible-connection-plugin.git cd simple-ansible-connection-plugin
-
Build the project:
make
-
Ensure the required Python packages are installed:
pip install paramiko grpcio
- The Dockerfile uses the
golang:1.22-buster
base image. If this image is not accessible, replace it with any suitable Golang image from Docker Hub.
- The plugin now includes improved SSH key handling and error management.
- The
grpc_plugin.py
script fetches SSH keys and handles multiple keys dynamically. - The
SSHAuthenticator
class inssh_key.go
uses fsnotify to monitor changes in the authorized keys file and reload keys automatically. - The main server code has been updated to parse structured metadata for authentication and support user-specific environment variables during command execution.
- Home directory tilde expansion is implemented for file paths in
PutFile
andFetchFile
methods.
- A systemd service file
ansible-grpc-connection-server.service
is added to manage the gRPC server as a systemd service.
-
Start the gRPC server:
./target/ansible-grpc-connection-server --v 3 -l ":60051"
-
Configure the client to connect to the gRPC server by setting the appropriate connection parameters in your Ansible playbook.
-
Copy the systemd service file to
/etc/systemd/system/
:cp utils/ansible-grpc-connection-server.service /etc/systemd/system/
-
Reload systemd manager configuration:
systemctl daemon-reload
-
Enable and start the service:
systemctl enable ansible-grpc-connection-server systemctl start ansible-grpc-connection-server
Contributions are welcome! Please fork the repository and submit a pull request for any improvements or bug fixes.
This project is licensed under the MIT License.