This role contains no tasks, but provides blockinfile module which might be useful when you want to apply multi-line snippets in config files in /etc.
Ansible Galaxy Page: https://galaxy.ansible.com/list#/roles/1475
If this section doesn't show nicely in Ansible Galaxy Page, please refer to equeivalent in GitHub Page.
parameter | required | default | choices | comments |
---|---|---|---|---|
backup | no | no |
|
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
content | no | The text to insert inside the marker lines. If it's empty string, marker lines will also be removed. | ||
create | no | no |
|
Create a new file if it doesn't exist. |
dest | yes | The file to modify. | ||
follow | no | no |
|
This flag indicates that filesystem links, if they exist, should be followed. (added in Ansible 1.8) |
group | no | name of the group that should own the file/directory, as would be fed to chown | ||
marker | no | # {mark} ANSIBLE MANAGED BLOCK | The marker line template. "{mark}" will be replaced with "BEGIN" or "END". | |
mode | no | mode the file or directory should be, such as 0644 as would be fed to chmod. As of version 1.8, the mode may be specified as a symbolic mode (for example, u+rwx or u=rw,g=r,o=r ). |
||
owner | no | name of the user that should own the file/directory, as would be fed to chown | ||
selevel | no | s0 | level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the range . _default feature works as for seuser. |
|
serole | no | role part of SELinux file context, _default feature works as for seuser. |
||
setype | no | type part of SELinux file context, _default feature works as for seuser. |
||
seuser | no | user part of SELinux file context. Will default to system policy, if applicable. If set to _default , it will use the user portion of the policy if available |
||
validate | no | None | validation to run before copying into place |
Simple task with YAML block literal:
- blockinfile: |
dest=/etc/network/interfaces backup=yes
content="iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0"
It will insert/update the following text block in /etc/network/interfaces:
# BEGIN ANSIBLE MANAGED BLOCK
iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0
# END ANSIBLE MANAGED BLOCK
Another task with alternative marker lines and variable substitution:
- blockinfile: |
dest=/var/www/html/index.html backup=yes
marker="<!-- {mark} ANSIBLE MANAGED BLOCK -->"
content="<h1>Welcome to {{ansible_hostname}}</h1>"
- Add insertafter/insertbefore options to insert a block at an arbitrary position.
None.
None.
None.
Complete playbook that makes SSH password authentication for specific user prohibited, then restarts sshd if needed.
---
- hosts: all
remote_user: ansible-agent
sudo: yes
roles:
- yaegashi.blockinfile
tasks:
- name: Prohibit SSH password authentication for $SUDO_USER
blockinfile: |
dest=/etc/ssh/sshd_config backup=yes
content='Match User {{ansible_env.SUDO_USER}}\nPasswordAuthentication no'
notify: Restart sshd
handlers:
- name: Restart sshd
service: name=ssh state=restarted
GPLv3+