ansible: copy file between hosts when ssh keys are not setup
This is not another question about how to copy a file between remote hosts, I already know how to do that. I'm asking for workarounds when the involved servers are not setup to trust each other (either by ssh keys, or subnet whitelist or any other method).
I am considering a couple of alternatives, but I don't know which one is best.
- Mounting a samba share on the source host to the target host. The problem with this is that my playbook will require the samba credentials and it may require root access, which I tend to avoid unless necessary
- Temporarily copy the ssh keys of the ansible controller to the source host and then run a normal ansible fetch (or rsync if fetch doesn't allow me to specify a ssh key). The problem with this is that a failing run may leave the ssh keys on the source machine. Even if they are on the /tmp folder, which is supposed to not live long, feels like a risk
- Copy the file to the ansible controller and then copy the file to the target server. This is probably the simplest and safest solution, but this is literally doubling the traffic on my local network and will require a cleanup task on the ansible controller and will probably require to increase the local filesystem size as the database backups may be big
- Setup some other file transfer method on the target server (for example, something S3 compatible) and use that, but this may require extra installation steps on the source machine too, and with such requirement I can just properly setup ssh between the nodes
