Optionally fill /etc/hosts

README.md

@@ -5,6 +5,8 @@ Generates self-signed CA, client and server certificates. Runs locally on contro
 Notes:
 - Will not overwrite any files in output cert dir
 - Will not copy the files to the remote servers if the local files are unchanged
+- Will optionally (see `populate_etc_hosts` variable) add to each machine's `/etc/hosts`
+  a line for each host in the inventory.
 
 
 Requirements
@@ -64,6 +66,7 @@ the resulting relevant files are `copy`ed to the remote target machine.
       tls_ca_locality: Rome
       tls_ca_organization: Example Inc.
       tls_ca_organizationalunit: SysAdmins
+      populate_etc_hosts: yes
   ```
 
 If you want to tinker, you can use `vagrant` with the provided `Vagrantfile`.

defaults/main.yml

@@ -44,3 +44,8 @@ tls_server_valid_days: 730
 tls_server_key_size: 4096
 # Enable Subject Alternate Name (SAN)
 tls_server_enable_san: true
+
+# -------------------
+# POPULATE /etc/hosts
+# -------------------
+populate_etc_hosts: false

inventory.yml

@@ -16,3 +16,4 @@ all:
     tls_ca_locality: Rome
     tls_ca_organization: Example Inc.
     tls_ca_organizationalunit: SysAdmins
+    populate_etc_hosts: yes

tasks/main.yml

@@ -17,3 +17,7 @@
   when:
     - generate_tls_certs
     - generate_server_cert|bool
+
+- name: Populate /etc/hosts with inventory's hosts
+  include_tasks: populate-etc-hosts.yaml
+  when: populate_etc_hosts|bool

tasks/populate-etc-hosts.yaml

@@ -0,0 +1,10 @@
+---
+- name: Add IP address of all hosts to all hosts
+  become: yes
+  lineinfile:
+    dest: /etc/hosts
+    regexp: '.*{{ item }}$'
+    line: "{{ hostvars[item].ansible_host }} {{item}}"
+    state: present
+  when: hostvars[item].ansible_host is defined
+  loop: "{{ groups.all }}"