Is there somewhere that documents what paths are searched when inside a
template or in include calls from within a template? I can't find much
information about this at all.
On Wednesday, October 22, 2014 9:22:05 AM UTC-4, Joe Adams wrote:
>
> I originally though it might be permissions, but both templates are 0664
> with my account being owner.
>
> I'm using ansible version 1.7.2
>
> On Tuesday, October 21, 2014 11:51:08 PM UTC-4, Michael DeHaan wrote:
>>
>> For starters, what ansible version are you using?
>>
>> On Tue, Oct 21, 2014 at 6:02 PM, John Favorite <john.f...@gmail.com>
>> wrote:
>>
>>> permissions issue?
>>>
>>> On Tue, Oct 21, 2014 at 5:35 PM, Joe Adams <adams...@gmail.com> wrote:
>>>
>>>> I tried asking the IRC channel but I didn't get any responses so I
>>>> figure that the mailing list might be better suited to this question. I'm
>>>> trying to build an extensible iptables template. All of my hosts will need
>>>> some amount of custom rules to be added so I feel that extending a
>>>> template
>>>> would be a great way to achieve this. My base template looks like this:
>>>>
>>>> #roles/common/templates/iptables.j2
>>>> {% block nat %}
>>>> {% endblock nat %}
>>>> *filter
>>>> :INPUT ACCEPT [0:0]
>>>> :FORWARD ACCEPT [0:0]
>>>> :OUTPUT ACCEPT [0:0]
>>>> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
>>>> -A INPUT -p icmp -j ACCEPT
>>>> -A INPUT -i lo -j ACCEPT
>>>> # SSH
>>>> -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
>>>> {% block role_rules %}
>>>> {% endblock role_rules %}
>>>> # Drop All
>>>> -A INPUT -j REJECT --reject-with icmp-host-prohibited
>>>> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
>>>> COMMIT
>>>>
>>>>
>>>> So then I created a template for another host to add it's role specific
>>>> information in. This template looks like this:
>>>>
>>>> {% extends "roles/common/templates/iptables.j2" %}
>>>> {% block role_rules %}
>>>> -A INPUT -m state --state NEW -m tcp -p tcp --dport 9000 -j ACCEPT
>>>> {% endblock role_rules %}
>>>>
>>>> This was working until I moved my playbooks into a folder to organize
>>>> them. Now I can't seem to fix the path to make the template extends tag
>>>> work. I even tried an absolute path.
>>>> Here's my directory structure:
>>>>
>>>> ansible/
>>>> ansible.cfg
>>>> hosts/
>>>> dev
>>>> qa
>>>> groupvars/
>>>> dev
>>>> qa
>>>> playbooks/
>>>> roles/
>>>> common.yml
>>>> roleA.yml
>>>> roleB.yml
>>>> roles/
>>>> common/
>>>> templates/
>>>> iptables.j2
>>>> tasks/
>>>> main.yml
>>>> roleA/
>>>> templates/
>>>> iptables.j2
>>>> tasks/
>>>> main.yml
>>>>
>>>>
>>>> I keep getting this error when I get to the play that templates the
>>>> iptables file:
>>>> {'msg': 'AnsibleError: file:
>>>> /path/to/ansible/roles/vickyvale/templates/iptables.j2, error: Cannot
>>>> find/not allowed to load (include) template
>>>> /path/to/ansible/roles/common/templates/iptables.j2', 'failed': True}
>>>>
>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Ansible Project" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to ansible-proje...@googlegroups.com.
>>>> To post to this group, send email to ansible...@googlegroups.com.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com
>>>>
>>>> <https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To post to this group, send email to ansible...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B%3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com
>>>
>>> <https://groups.google.com/d/msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B%3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/c2534bbb-8eaa-4875-9168-d1d6df1d57f1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
