with_items

Question

with_items

Closed this issue 7 years ago · 3 comments

hi
is this syntax supported, specifically the use of 'with_items'? It seems only one rule is saved per invocation.

name: "..."
iptables_raw:
name: my_rule
state: '{{ db_port | ternary("present", "absent") }}'
rules: -A INPUT -p tcp -s {{ hostvars[item].ansible_ssh_host }}/32 --dport {{ db_port }} -j ACCEPT
with_items: "{{ myhosts }}"

Answer 1 · 2017-08-23T10:30:12.000Z

OK I think the problem above is with "name: my_rule", as that needs to be made unique for every invocation of the loop eg "name: my_rule_{{ item }}"

Answer 2 · 2017-08-23T14:01:44.000Z

You are correct. Name needs to be unique if you want to add multiple rules.

What you can do is something like this:

- set_fact:
    myhosts_ips: '{{ groups[myhosts] | map("extract", hostvars, ["ansible_ssh_host"]) | list }}'

- name: "..."
    iptables_raw:
      name: my_rule
      state: '{{ db_port | ternary("present", "absent") }}'
      rules: -A INPUT -p tcp -s {{ myhosts_ips | join(",") }} --dport {{ db_port }} -j ACCEPT

But myhosts needs to be a group of hosts in the Ansible inventory.

Answer 3 · 2017-08-24T10:10:52.000Z

nice one.. thanks