[ansible-project] List all ansible-vault encrypted files?

2017-01-27 Thread Alicia Smith 
Is there a way to list all files in a repo that are encrypted via 
ansible-vault?

If there is I haven't figured it out yet. I've searched on google and 
everything just points to how to use view or edit.
I was hoping there was something like "ansible-vault status" that would 
list all files in the repo in one column and whether encrypted or not in a 
second column.
It would also help people automate figuring out which files are not 
encrypted that should be without having to read/view/edit/open every file. 
For example - all conf files should be encrypted. This would help confirm 
they are.

Just a thought, if there is no way of doing this currently, I'll submit an 
issue for it.

Thank you,

Alicia





-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/031685f4-4970-497b-912d-88c770e453d3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible Yum Update revision from given version

2017-01-27 Thread Tiago Silva 
Im working on a project with several versions each version has it's own 
revision in the repo

Example:
fooproject-2.2.1-r4000.rpm
fooproject-2.2.1-r4005.rpm
fooproject-3.0.1-r4015.rpm

There's a server on version 2 rev 4000

doing the command-> yum install fooproject*2.2.1*
it will install -> fooproject-2.2.1-r4005.rpm


now on ansible I created a task that does:

- name: Update fooproject revision
  yum: 
name: fooproject*{{ foo_version }}*
state: present

this will say that the server (in rev4000) is on the latest version 


already tried 

- name: Update fooproject revision
  yum: 
name: fooproject*{{ foo_version }}*
state: latest

and it will install version 3


Workaround at the moment:

Im using 
command: yum install

Is there a way to use the yum module for this case?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ca5a0878-8b9b-4ed0-b4d4-bebafb7a9f5c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] how use aws profile when using ansible ec2.py module

2017-01-27 Thread Ronak Patel 
I wrote a quick ansible playbook to launch a simple ec2 instance but I 
think I have an issue on how I want to authenticate. 

What I don't want to do is set my aws access/secret keys as env variables 
since they expire each hour and I need to regenerate the 
`~/.aws/credentials` file via a script. 

Right now, my ansible playbook looks like this:

--- # Launch ec2
- name: Create ec2 instance
  hosts: local
  connection: local
  gather_facts: false
  vars:
profile: profile_
key_pair: usrxxx
region: us-east-1
subnet: subnet-38x
security_groups: ['sg-e54', 'sg-bfc', 'sg-a9dxxx']
image: ami-031xxx
instance_type: t2.small
num_instances: 1
tag_name: ansibletest
hdd_volumes:
- device_name: /dev/sdf
  volume_size: 50
  delete_on_termination: true
- device_name: /dev/sdh
  volume_size: 50
  delete_on_termination: true
  tasks:
- name: launch ec2
  ec2:
count: 1
key_name: "{{ key_pair }}"
profile: "{{ profile }}"
group_id: "{{ security_groups }}"
instance_type: "{{ instance_type }}"
image: "{{ image }}"
region: "{{ region }}"
vpc_subnet_id: "{{ subnet }}"
assign_public_ip: false
volumes: "{{ hdd_volumes }}"
instance_tags:
  Name: "{{ tag_name }}"
  ASV: "{{ tag_asv }}"
  CMDBEnvironment: "{{ tag_cmdbEnv }}"
  EID: "{{ tag_eid }}"
  OwnerContact: "{{ tag_eid }}"
  register: ec2
- name: print ec2 vars
  debug: var=ec

my hosts file is this:

[local]
localhost ansible_python_interpreter=/usr/local/bin/python2.7

I run my playbook like this:

ansible-playbook -i hosts launchec2.yml -vvv

and then get this back:

PLAYBOOK: launchec2.yml 

1 plays in launchec2.yml

PLAY [Create ec2 instance] 
*

TASK [launch ec2] 
**
task path: /Users/usrxxx/Desktop/cloud-jumper/Ansible/launchec2.yml:27
Using module file 
/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ansible/modules/core/cloud/amazon/ec2.py
 ESTABLISH LOCAL CONNECTION FOR USER: usrxxx
 EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
~/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730 `" && echo 
ansible-tmp-1485527483.82-106272618422730="` echo 
~/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730 `" ) && sleep 0'
 PUT 
/var/folders/cx/_fdv7nkn6dz21798p_bn9dp9ln9sqc/T/tmpnk2rh5 TO 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py
 PUT 
/var/folders/cx/_fdv7nkn6dz21798p_bn9dp9ln9sqc/T/tmpEpwenH TO 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args
 EXEC /bin/sh -c 'chmod u+x 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args 
&& sleep 0'
 EXEC /bin/sh -c '/usr/bin/env python 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args; 
rm -rf 
"/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/" > 
/dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
"changed": false, 
"failed": true, 
"invocation": {
"module_name": "ec2"
}, 
"module_stderr": "usage: ec2.py [-h] [--list] [--host HOST] 
[--refresh-cache]\n  [--profile BOTO_PROFILE]\nec2.py: error: 
unrecognized arguments: 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args\n", 
"module_stdout": "", 
"msg": "MODULE FAILURE"
}
to retry, use: --limit 
@/Users/usrxxx/Desktop/cloud-jumper/Ansible/launchec2.retry

PLAY RECAP 
*
localhost  : ok=0changed=0unreachable=0   
 failed=1 


I noticed in the `ec2.py` file it says this:

NOTE: This script assumes Ansible is being executed where the 
environment
variables needed for Boto have already been set:
export AWS_ACCESS_KEY_ID='AK123'
export AWS_SECRET_ACCESS_KEY='abc123'

This script also assumes there is an ec2.ini file alongside it.  To 
specify a
different path to ec2.ini, define the EC2_INI_PATH environment variable:

export EC2_INI_PATH=/path/to/my_ec2.ini

If you're using eucalyptus you need to set the above variables and
you need to define:

export

[ansible-project] how use aws profile when using ansible ec2.py module

2017-01-27 Thread Ronak Patel 
I wrote a quick ansible playbook to launch a simple ec2 instance but I 
think I have an issue on how I want to authenticate. 

What I don't want to do is set my aws access/secret keys as env variables 
since they expire each hour and I need to regenerate the 
`~/.aws/credentials` file via a script. 

Right now, my ansible playbook looks like this:

--- # Launch ec2
- name: Create ec2 instance
  hosts: local
  connection: local
  gather_facts: false
  vars:
profile: profile_
key_pair: usrxxx
region: us-east-1
subnet: subnet-38x
security_groups: ['sg-e54', 'sg-bfc', 'sg-a9dxxx']
image: ami-031xxx
instance_type: t2.small
num_instances: 1
tag_name: ansibletest
hdd_volumes:
- device_name: /dev/sdf
  volume_size: 50
  delete_on_termination: true
- device_name: /dev/sdh
  volume_size: 50
  delete_on_termination: true
  tasks:
- name: launch ec2
  ec2:
count: 1
key_name: "{{ key_pair }}"
profile: "{{ profile }}"
group_id: "{{ security_groups }}"
instance_type: "{{ instance_type }}"
image: "{{ image }}"
region: "{{ region }}"
vpc_subnet_id: "{{ subnet }}"
assign_public_ip: false
volumes: "{{ hdd_volumes }}"
instance_tags:
  Name: "{{ tag_name }}"
  ASV: "{{ tag_asv }}"
  CMDBEnvironment: "{{ tag_cmdbEnv }}"
  EID: "{{ tag_eid }}"
  OwnerContact: "{{ tag_eid }}"
  register: ec2
- name: print ec2 vars
  debug: var=ec

my hosts file is this:

[local]
localhost ansible_python_interpreter=/usr/local/bin/python2.7

I run my playbook like this:

ansible-playbook -i hosts launchec2.yml -vvv

and then get this back:

PLAYBOOK: launchec2.yml 

1 plays in launchec2.yml

PLAY [Create ec2 instance] 
*

TASK [launch ec2] 
**
task path: /Users/usrxxx/Desktop/cloud-jumper/Ansible/launchec2.yml:27
Using module file 
/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/site-packages/ansible/modules/core/cloud/amazon/ec2.py
 ESTABLISH LOCAL CONNECTION FOR USER: usrxxx
 EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
~/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730 `" && echo 
ansible-tmp-1485527483.82-106272618422730="` echo 
~/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730 `" ) && sleep 0'
 PUT 
/var/folders/cx/_fdv7nkn6dz21798p_bn9dp9ln9sqc/T/tmpnk2rh5 TO 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py
 PUT 
/var/folders/cx/_fdv7nkn6dz21798p_bn9dp9ln9sqc/T/tmpEpwenH TO 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args
 EXEC /bin/sh -c 'chmod u+x 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args 
&& sleep 0'
 EXEC /bin/sh -c '/usr/bin/env python 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/ec2.py 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args; 
rm -rf 
"/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/" > 
/dev/null 2>&1 && sleep 0'
fatal: [localhost]: FAILED! => {
"changed": false, 
"failed": true, 
"invocation": {
"module_name": "ec2"
}, 
"module_stderr": "usage: ec2.py [-h] [--list] [--host HOST] 
[--refresh-cache]\n  [--profile BOTO_PROFILE]\nec2.py: error: 
unrecognized arguments: 
/Users/usrxxx/.ansible/tmp/ansible-tmp-1485527483.82-106272618422730/args\n", 
"module_stdout": "", 
"msg": "MODULE FAILURE"
}
to retry, use: --limit 
@/Users/usrxxx/Desktop/cloud-jumper/Ansible/launchec2.retry

PLAY RECAP 
*
localhost  : ok=0changed=0unreachable=0   
 failed=1 


I noticed in the `ec2.py` file it says this:

NOTE: This script assumes Ansible is being executed where the 
environment
variables needed for Boto have already been set:
export AWS_ACCESS_KEY_ID='AK123'
export AWS_SECRET_ACCESS_KEY='abc123'

This script also assumes there is an ec2.ini file alongside it.  To 
specify a
different path to ec2.ini, define the EC2_INI_PATH environment variable:

export EC2_INI_PATH=/path/to/my_ec2.ini

If you're using eucalyptus you need to set the above variables and
you need to define:

export

Re: [ansible-project] I promise you.... I'm pretty smart!!

2017-01-27 Thread Brian Coca 
There several ways to do this, Ansible has an authorized_keys module that
can do the copying, the user module can also generate keys. But it does
need to log onto the servers, the first time it can use user/password as
part of a bootstrapping play.

As for root vs shared user with sudo vs individual users with sudo ... it
does not matter to Ansible, do what fits your policy and worfklow better.
FYI, sudo is not the only privilege escalation method supported, just used
as example.



-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7c3nhHtf59n44ARBhzc_Kco7q7ep3qbj6NZzaT0VBi3mg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] I promise you.... I'm pretty smart!!

2017-01-27 Thread Leroy Walker Jr 
But I can't seem to wrap my head around this! 

I've started working for a new company as a Linux admin. I've dabbled in 
ansible a bit, but in a lab setting. 

We have about 300 plus existing servers and I will be building more in the 
future. This is where Ansible comes in. I would like to use ansible to 
install stuff onto existing servers if needed and to deploy new ones.  The 
thing I don't understand is how do I get the SSH keys onto the existing 
servers and how should I go about putting them on future servers. I know to 
generate a key and I know how to ssh-copy-id, but this can't be the best 
method for 300 servers. Also, should I create my keys as my user or root? 
I've looked and looked, but can't seem to find a concise answer. 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/396c2370-bd96-4198-8041-1de62e0b4c67%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Send playbook output to Logstash/Elasticsearch

2017-01-27 Thread Ievgen Khmelenko 
Try to use the new 
version https://github.com/ujenmr/ansible-logstash-callback

On Thursday, January 26, 2017 at 11:13:53 PM UTC+2, Ievgen Khmelenko wrote:
>
> Hi,
>
> I'm author of the module, I can fix it. I will return with result...
>
> Ievgen
>
> On Wednesday, January 18, 2017 at 1:20:20 PM UTC+2, dubravko sever wrote:
>>
>> Hi,
>>
>> Using given callback I'm able to log events from ansible to 
>> logstash/elastic search. But can't search ansible_result field because it 
>> represent field as string, for instance:
>> "{"changed":"false", "msg":"some message"}".
>>
>>
>> In ELK I'm trying to get format like this one
>>
>>  "ansible_result":{
>>
>>
>>
>>
>>
>> Any ideas how to resolve this issue?
>>
>> Dubravko
>>
>>
>>
>> On Saturday, December 17, 2016 at 8:22:30 PM UTC+1, dubravko sever wrote:
>>>
>>> Hi,
>>>
>>> Exactly I've been looking for, if it collects json results from ansible 
>>> (will test it)
>>>
>>> Thanks
>>> Dubravko
>>>
>>> On Saturday, December 17, 2016 at 7:15:05 PM UTC+1, Gabriel Rosca wrote:

 What about the callback module :) 


 https://github.com/ujenmr/ansible-logstash-callback/blob/master/README.md

 Regards,
 Gabriel



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7f6d9412-1452-4a6b-b68c-06f5f68e4430%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Version dependency management

2017-01-27 Thread Adam Shantz 
Thanks, Dick.  

On Friday, January 27, 2017 at 11:23:10 AM UTC-5, Dick Davies wrote:
>
> Hi Adam 
>
> I'd put the servers into groups, and then use group_vars to set 
> specific versions. 
>
> On 27 January 2017 at 15:39, Adam Shantz  
> wrote: 
> > Hi all - 
> > 
> > We're using Ansible, but haven't gotten super advanced.  I have a 
> challenge 
> > where I'm doing rolling upgrades across thousands of systems.  Due to 
> > business reasons (i.e. different groups owning different systems, 
> > applications, and parts of the infrastructure), I can't schedule a mass 
> > deployment of the latest & greatest software. 
> > 
> > I envision we'll get there some day, but in the meantime, I need a way 
> of 
> > saying which systems get which versions of software, while also tracking 
> > which systems have which versions. 
> > 
> > For example, if in a (de-normalized) database, it would be something 
> like: 
> > 
> > System | Application Name | Version | Date deployed 
> > host1| Adam's app  | 1.0 | 1/5/2017 
> > host1| John's app| 1.0 | 1/5/2017 
> > host2| Adam's app  | 1.3 | 1/20/2017 
> > 
> > 
> > Has anyone had to do something like this?  If so, can you share your 
> > experiences, and maybe any management software that has made this easier 
> for 
> > you to integrate with Ansible? 
> > 
> > Thanks in advance. 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups 
> > "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an 
> > email to ansible-proje...@googlegroups.com . 
> > To post to this group, send email to ansible...@googlegroups.com 
> . 
> > To view this discussion on the web visit 
> > 
> https://groups.google.com/d/msgid/ansible-project/82f50366-f7d4-4f51-9111-093063189f16%40googlegroups.com.
>  
>
> > For more options, visit https://groups.google.com/d/optout. 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2bbcc528-d66b-42e7-ae18-e2ab866a00f8%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to prevent git clone timeouts in playbook?

2017-01-27 Thread Robert F 
I have a task in my Ansible playbook that uses the git module to clone my 
Git repository which is hosted on bitbucket.com to my Linode-hosted web 
server.  The playbook is run from my local laptop.  My problem is that this 
task seems to timeout quit frequently.  When it does, I'll get the 
following error:

fatal: [web02.example.com]: FAILED! => {... "msg": "Cloning into 
'/srv/http/example.com/repo'...\nHost key verification failed.\r\nfatal: 
Could not read from remote repository.\\n\nPlease make sure you have the 
correct access rights\nand the repository exists", "rc" 128,...}

I'm pretty certain this is a timeout error because I haven't changed my SSH 
keys, the access rights are correct, and the repository does exist. 
 Furthermore, if I run the entire playbook again it will sometimes succeed 
and other times I'll have to re-run it a couple of times before it succeeds.

Here's the task:
# webservers.yml
- name: check out dev version of django project repo
  git: >
repo={{ repo_url }}
version=dev
dest={{ repo_path }}
accept_hostkey=yes
  become: true
  become_user: "{{ me }}"

Here's my config file:
# ansible.cfg
[defaults]
inventory = inventories/development
remote_user = smith
roles_path = $HOME/playbooks/roles:$HOME/playbooks/community/roles
vault_password_file = vault_pass
retry_files_enabled = False
retry_files_save_path = "/tmp"
host_key_checking = False

# Try to prevent git clone from timing out
ssh_args = -o ControlPersist=360s

[ssh_connection]
pipelining = True

I read that setting ssh_args as shown above might prevent this problem but 
it doesn't seem to help.  Is there something else I can do to prevent these 
timeouts so that I don't have to keep re-running my playbook to get my repo 
cloned?  Thanks.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2657b047-7b53-4127-bd33-7066e6e6f5a5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] PostgreSQL 9.5 or Higher installation on Ubuntu 14.04 LTS

2017-01-27 Thread Johannes Kastl 
On 27.01.17 17:53 Shyam Yenna wrote:
> I am trying to install PostgreSQL 9.5 version on Ubuntu 14.04 LTS
> using ansible 2.2.1 version playbook tasks. According to my
> workflow design  add apt key, add apt repository and later install
> postgresql packages. But dependencies packages are broken due to
> version difference. How to overcome this issue i am unable to find
> below packages in default os packages. I appreciate your help.

Please show the exact playbook and the actual error messages.

Did you add the update_cache option to the apt installation task?

Johannes

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b6f85440-9213-1483-d581-693405188803%40ojkastl.de.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

[ansible-project] PostgreSQL 9.5 or Higher installation on Ubuntu 14.04 LTS

2017-01-27 Thread Shyam Yenna 
I am trying to install PostgreSQL 9.5 version on Ubuntu 14.04 LTS using 
ansible 2.2.1 version playbook tasks. According to my workflow design  add 
apt key, add apt repository and later install postgresql packages. But 
dependencies packages are broken due to version difference. How to overcome 
this issue i am unable to find below packages in default os packages. I 
appreciate your help.



Thanks
Shyam

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e5f1ccfd-455c-49b8-a80d-9f898c51921b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How to manage the crontab entries that were not done by Ansible's cron module

2017-01-27 Thread Jinesh Choksi 
>My existing crontabs do not have this tag prefixed. Can I still update and 
delete them through Ansible cron module ?

>From the documentation, it doesn't look likely since if you don't set a 
name parameter and if state=present then it will create a new crontab entry 
regardless of any existing ones. See the description for the "name" 
parameter in link .

However, nothing is stopping you from using the lineinfile module to remove 
entries your want to update / delete and then use the cron module to create 
a updated but "managed by Ansible" crontab entry.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/29237d59-7fd8-48fc-b5dd-b24ba11bc744%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: ping windows - ssl: the specified credentials were rejected by the serve

2017-01-27 Thread 'J Hawkesworth' via Ansible Project 
Is the host 'mesh' a member of a group in your inventory file called 
'windows'?

The group needs to exist in your inventory

so assuming you inventory contains

[windows]
mesh

and you group_vars/windows.yml contains the connection parameters listed 
above?

If it isn't then ansible will assume default connection type, which is ssh.

Hope this helps,

Jon

On Thursday, January 26, 2017 at 9:24:43 PM UTC, norricorp wrote:
>
> Thanks for this Johnny.
> That was typo in the message.  It was 
>
> ansible_port:5986
>>
> and in my hosts file ([windows:vars] I have it as
>
>   ansible_port=5986
> but when I edited the copy and paste, I replaced :5 with = rather than 
> just :.
>
> So in summary, the port is right.
>
>
>
>>
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/91fdcabc-63bd-47fe-9653-18bae9b3e2ad%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Version dependency management

2017-01-27 Thread Dick Davies 
Hi Adam

I'd put the servers into groups, and then use group_vars to set
specific versions.

On 27 January 2017 at 15:39, Adam Shantz  wrote:
> Hi all -
>
> We're using Ansible, but haven't gotten super advanced.  I have a challenge
> where I'm doing rolling upgrades across thousands of systems.  Due to
> business reasons (i.e. different groups owning different systems,
> applications, and parts of the infrastructure), I can't schedule a mass
> deployment of the latest & greatest software.
>
> I envision we'll get there some day, but in the meantime, I need a way of
> saying which systems get which versions of software, while also tracking
> which systems have which versions.
>
> For example, if in a (de-normalized) database, it would be something like:
>
> System | Application Name | Version | Date deployed
> host1| Adam's app  | 1.0 | 1/5/2017
> host1| John's app| 1.0 | 1/5/2017
> host2| Adam's app  | 1.3 | 1/20/2017
>
>
> Has anyone had to do something like this?  If so, can you share your
> experiences, and maybe any management software that has made this easier for
> you to integrate with Ansible?
>
> Thanks in advance.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/82f50366-f7d4-4f51-9111-093063189f16%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAK5eLPT2Re5gJCtq%2Bqwh_BFJaceZ%3DTm2%3DKXcz5erNVxPgTktVA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Version dependency management

2017-01-27 Thread Adam Shantz 
Hi all - 

We're using Ansible, but haven't gotten super advanced.  I have a challenge 
where I'm doing rolling upgrades across thousands of systems.  Due to 
business reasons (i.e. different groups owning different systems, 
applications, and parts of the infrastructure), I can't schedule a mass 
deployment of the latest & greatest software.  

I envision we'll get there some day, but in the meantime, I need a way of 
saying which systems get which versions of software, while also tracking 
which systems have which versions.

For example, if in a (de-normalized) database, it would be something like:

System | Application Name | Version | Date deployed
host1| Adam's app  | 1.0 | 1/5/2017
host1| John's app| 1.0 | 1/5/2017
host2| Adam's app  | 1.3 | 1/20/2017


Has anyone had to do something like this?  If so, can you share your 
experiences, and maybe any management software that has made this easier 
for you to integrate with Ansible?

Thanks in advance.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/82f50366-f7d4-4f51-9111-093063189f16%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Authorize nginx reload without providing become-pass and full sudo privileges

2017-01-27 Thread Johannes Kastl 
On 27.01.17 15:42 Jonathan Bouzekri wrote:

> I think that it is quite a drawback on Ansible. If you use it for
> code shipping, you will have to do some tasks which needs
> privileges escalation (reload nginx or something else). And the
> people who are doing the delivery are not necessary engineers who
> should have access to all commands with a simple sudo. 

If you do not need to do anything else via ansible (at least the
people you mention) then raw module or shell with a script might be best.

As a side not, using a git repository with a post-receive hook that
might be an option for people more used to git than to sudo...
Depends on your exact environment, so YMMV.

Johannes

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/8a0b3c98-d143-7dd2-7b3e-7357bc0a5a48%40ojkastl.de.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] Authorize nginx reload without providing become-pass and full sudo privileges

2017-01-27 Thread Jonathan Bouzekri 
Thanks, I am looking at the raw module which seems to suite my need. And 
what about the shell module with a previously delivered shell script 
containing my reload nginx command ? Would it work ?

On Friday, January 27, 2017 at 1:46:15 AM UTC+1, Matt Martz wrote:
>
> As you can see in the command that is executed by Ansible:
>
> sudo -H -S -n -u root /bin/bash
>
> You cannot restrict individual commands, as we execute everything through 
> a sudoed shell.
>
> The recommendation is that sudo should be configure to allow any command 
> to be executed, and not be restricted.
>
> The only other option would be to not use the purpose built Ansible 
> modules, but instead use raw or such to execute those commands directly.
>
> On Thu, Jan 26, 2017 at 3:13 PM Jonathan Bouzekri  > wrote:
>
>> Hi,
>>
>> I am migrating to a new architecture and I have provisioned my servers 
>> with an ansible playbook. I am also using ansible to deploy my source code.
>>
>> I want to be able to reload nginx when the configuration change without 
>> having to :
>>
>> * give sudo rights on ALL commands to the deploy user
>> * having to pass a become-pass in the command line
>>
>> In my previous installation, I was doing everything manually and I had 
>> added this settings to allow my deployment user to reload the nginx 
>> configuration : 
>>
>> deploy ALL(ALL) NOPASSWD: /usr/local/sbin/nginx -t, /usr/local/sbin/nginx 
>> -s reload
>>
>> How can I have the same feature with Ansible ? Or what is the command 
>> which is executed when we use the service module and the state reloaded ?
>>
>> Right now, I have this error :
>>
>> sshpass -d15 ssh -C -o ControlMaster=auto -o ControlPersist=60s -o 
>> StrictHostKeyChecking=no -o User=deploy -o ConnectTimeout=10 -o 
>> ControlPath=/home/deploy/.ansible/cp/ansible-ssh-%h-%p-%r -tt 
>> x.x.x.x '/bin/bash -c '"'"'sudo -H -S -n -u root /bin/bash -c 
>> '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-lttadeaqujrmkjjfqaswosxpazzwmsoj; 
>> /usr/bin/python 
>> /home/deploy/.ansible/tmp/ansible-tmp-1485445894.86-256748839860893/systemd.py;
>>  
>> rm -rf 
>> "/home/deploy/.ansible/tmp/ansible-tmp-1485445894.86-256748839860893/" > 
>> /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
>>
>> fatal: [x.x.x.x]: FAILED! => {
>> "changed": false, 
>> "failed": true, 
>> "invocation": {
>> "module_args": {
>> "name": "nginx", 
>> "state": "reloaded"
>> }, 
>> "module_name": "service"
>> }, 
>> "module_stderr": "Shared connection to x.x.x.x closed.\r\n", 
>> "module_stdout": "sudo: a password is required\r\n", 
>> "msg": "MODULE FAILURE"
>> }
>>
>> Note that I am provisioning a CentOS 7.3 server with Ansible 2.2.1.
>>
>> Thanks
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/40e856bc-de0d-4a58-ac06-bc379025f728%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
> -- 
> Matt Martz
> @sivel
> sivel.net
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/59242257-9722-41b0-aeba-100b3a0a4aba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Authorize nginx reload without providing become-pass and full sudo privileges

2017-01-27 Thread Jonathan Bouzekri 
Yes my goal was to restrict on the OS side the commands the deployment user 
is allowed to execute.

I did not know the raw module. i am looking into it. It does not seem 
"ugly" ;)

I think that it is quite a drawback on Ansible. If you use it for code 
shipping, you will have to do some tasks which needs privileges escalation 
(reload nginx or something else). And the people who are doing the delivery 
are not necessary engineers who should have access to all commands with a 
simple sudo. But if this raw module allows me to do this, so big up Ansible 
 ;)

Anyway thanks for pointing that module to me.

On Friday, January 27, 2017 at 8:59:17 AM UTC+1, Johannes Kastl wrote:
>
> On 26.01.17 17:04 Jonathan Bouzekri wrote: 
>
> > I want to be able to reload nginx when the configuration change 
> > without having to : 
> > 
> > * give sudo rights on ALL commands to the deploy user 
> > * having to pass a become-pass in the command line 
>
> You can use ansible-vault to encrypt the host_vars file that contains 
> the become password, and either enter the vault password on execution 
> or have ansible read it from some file. 
>
> But that might not achieve what you want to do. So, what is your goal? 
> Do you want to restrict the one calling ansible to only be able to 
> reload nginx? 
> Then, as Matt said, using the raw module with an explicit sudo call, 
> that is allowed in /etc/sudoers might work (but is kind of ugly, of 
> course). 
>
> Johannes 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4729206c-8b5f-4ed8-a47b-47f596171b5b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Allowed specific commands with NOPASSWD in sudoers file, Ansible complains...

2017-01-27 Thread Jonathan Bouzekri 
Sorry I started a discussion on this before seeing this one 
: https://groups.google.com/d/msg/ansible-project/TZoUZUPO5no/6ZOxMmF3BQAJ

Yes I mean to restrict (with sudoes configuration or something else) on the 
OS side, the command the user can execute but still allow ansible to 
execute.

We are using ansible for code deployment and there is a single task which 
needs become privilege : nginx reload.

So except the NOPASSWD settings, is there any other solution ? If not it 
seems to me it is a big drawback on Ansible to be used as code shipping 
tools.

On Friday, January 27, 2017 at 2:41:34 PM UTC+1, Johannes Kastl wrote:
>
> On 26.01.17 19:11 Jonathan Bouzekri wrote: 
>
> > Is there any progress on this feature? is it available in the 
> > latest version of ansible? More specifically on the service module 
> > (for example to allow reloading of specific services) 
>
> As you don't quote what you are talking about I can only assume the 
> title is what you are after. 
>
> No, ansible needs to run something like "sudo -H -S -n -u root 
> /bin/bash" to work. You might set that to NOPASSWD, but it just means 
> you allow the ansible user everything. 
>
> Johannes 
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3a57a456-40e8-484a-9b38-1e4fbd61e4ed%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to define and use the environment (production/development)?

2017-01-27 Thread Cev Ing 


Am Freitag, 27. Januar 2017 14:53:14 UTC+1 schrieb Johannes Kastl:
>
> On 27.01.17 14:46 Cev Ing wrote: 
>
> I.e. set 'foobar=production' in your production variable file, and 
> then use the value of foobar to get the right hash. 
>
>
I got the idea. It is explained here:

https://www.digitalocean.com/community/tutorials/how-to-manage-multistage-environments-with-ansible
 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fb57c262-1553-4a6a-882d-cd679eebc2ba%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] How to define and use the environment (production/development)?

2017-01-27 Thread Johannes Kastl 
On 27.01.17 14:46 Cev Ing wrote:

> How to get the different SSH keys in the users.yml without
> duplicating all the remaining data for each environment?

group_vars would be another idea.

> But how to know in a playbook in which environment the playbook is
> executed?

Setting a variable? If you set this variable inside your different
variable files, then you could use this variable to get the right item
out of the hash.

I.e. set 'foobar=production' in your production variable file, and
then use the value of foobar to get the right hash.

Or am I missing a bit here?

Johannes


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/10e40750-f90f-7a05-14f4-9fade17cbe69%40ojkastl.de.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

[ansible-project] How to define and use the environment (production/development)?

2017-01-27 Thread Cev Ing 
I have different environments and for each an inventory: production.ini and 
development.ini.

I have a users.yml containing user data:

users:
  - username: foo
uid: 1001
gid: 1001
pw_hash: $6$...
ssh_key: ssh-rsa ...
  - username: bar
uid: 1002
gid: 1002
pw_hash: $6$...
ssh_key: ssh-rsa ...

I use the users in a user task.

user:
  name: "{{ item.username }}"
  uid: "{{ item.uid }}"
  gid: "{{ item.gid }}"
with_items: "{{ users }}"

And I use the SSH keys in an authorized_key task.

authorized_key: user={{ item.username }} key={{ item.ssh_key }}
with_items: "{{ users }}"

This works in the production end development environment.

Now I have the requirement to use different SSH keys for some but not all 
users in production and development.

How to get the different SSH keys in the users.yml without duplicating all 
the remaining data for each environment?

My first idea was to make the ssh_key attribute a hash:

users:
  - username: foo
uid: 1001
gid: 1001
pw_hash: $6$...
ssh_key:
  production: ssh-rsa ...
  development: ssh-rsa ...

By this I can select the right key based on the environment:

authorized_key: user={{ item.username }} key={{ item.ssh_key[environment] | 
default(item.ssh_key.production) }}
with_items: "{{ users }}"

But how to know in a playbook in which environment the playbook is executed?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2ea7d335-6c99-4647-91a6-6f38522cc6fb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Allowed specific commands with NOPASSWD in sudoers file, Ansible complains...

2017-01-27 Thread Johannes Kastl 
On 26.01.17 19:11 Jonathan Bouzekri wrote:

> Is there any progress on this feature? is it available in the
> latest version of ansible? More specifically on the service module
> (for example to allow reloading of specific services)

As you don't quote what you are talking about I can only assume the
title is what you are after.

No, ansible needs to run something like "sudo -H -S -n -u root
/bin/bash" to work. You might set that to NOPASSWD, but it just means
you allow the ansible user everything.

Johannes

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/84950170-74c3-5d19-415a-9568218b0b09%40ojkastl.de.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

Re: [ansible-project] How to manage the crontab entries that were not done by Ansible's cron module

2017-01-27 Thread Johannes Kastl 
On 26.01.17 20:46 Manas Shukla wrote:

> As I understand the ansible cron module prefixes all the cron jobs
> set by it with* #Ansible: Name *and uses this to manage them in the
> future. My existing crontabs do not have this tag prefixed. Can I
> still update and delete them through Ansible cron module ?

The lineinfile is always an option, but you lose a lot of ansibles
simplicity, and the regexp stuff is horror...

I would try to convert your existing cronjobs to ansible syntax (i.e.
write an ansible task that spits out the same line in the crontab) and
then prefix your lines with the corresponding "#Ansibe: foo" line.
This can be done manually, via template or with lineinefile.

It all depends on the variety of your existing cronjobs. One per
server? 20? The same everywhere, only with different arguments?

Testing this with the disabled option to the cron module seems like a
good idea. ;-)

Johannes

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/44d69bdb-8d11-e136-db6a-f3b53bc8417c%40ojkastl.de.
For more options, visit https://groups.google.com/d/optout.


signature.asc
Description: OpenPGP digital signature

[ansible-project] Re: Multiple Hostnames in AWS Dynamic Inventory list

2017-01-27 Thread Kishor Ramanan 
Worked like a charm! Thanks :) 

On Wednesday, 25 January 2017 01:19:13 UTC+5:30, Sonny Heer wrote:
>
> I believe its colon (:)
>
> On Tuesday, January 24, 2017 at 10:05:24 AM UTC-8, Kishor Ramanan wrote:
>>
>> I am using a dynamic inventory so I don't have option of placing all host 
>> in a single file
>>
>> For dynamic host the syntax is 
>>
>>   hosts: tag_Name_us_east_1a_weblogic_dev*
>>
>> What I want to use is 
>>  
>>  hosts: tag_Name_us_east_1a_weblogic_dev*, tag_Name_us_east_1a_apache_qa*
>>
>> But when i pass the above syntax, Ansible takes only one host
>>
>> How do I use multiple syntax is my question.
>>
>> On Tuesday, 24 January 2017 23:07:43 UTC+5:30, Simon Wydooghe wrote:
>>>
>>> What exactly do you mean? Do you mean running a play on multiple hosts? 
>>> Maybe you should put your playbook and inventory here + output when running 
>>> it.
>>>
>>> On Tuesday, January 24, 2017 at 4:37:09 PM UTC+1, Kishor Ramanan wrote:

 I have configured Ansible to use dynamic inventory list but  I am able 
 to use only one hostname instead of multiple hostnames.

 Even if I give multiple hostname, it takes only one

 Is there a way to add dynamic multiple host to a single play?



-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e3a53490-2a4a-4ffb-816b-4e03426dc1c3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] lineinfile problem

2017-01-27 Thread Jinesh Choksi 

*File: example_file.txt*
string1 string2 string3
string4 string5 string0
string7 string8 string9


*File: run.sh*

#!/usr/bin/env bash
ansible-playbook -vvv -i 'localhost,' -c local test.yml


*File: test.yml*

- hosts:
- localhost
  tasks:
- name: "Slurp the file we wish to search"
  slurp:
src: ./example_file.txt
  register: slurped_file


- name: "To avoid base64 decoding multiple times, we do it once"
  set_fact: plain_file="{{ slurped_file['content'] | b64decode }}"


#- name: "You can use this task to test your regex"
#  debug: msg="{{ plain_file | regex_search('string7') is none}}"

- name: "Insert the wanted line into the file as it doesn't exist"
  lineinfile:
dest: ./example_file.txt
line: "something {{ item }} somethingelse"
state: present
  when: plain_file | regex_search(item) is none
  with_items:
- string6
- string1
- string8
- foobar


Example output:

$  ./run.sh
Using /etc/ansible/ansible.cfg as config file

PLAYBOOK: test.yml 
*
1 plays in test.yml

PLAY [localhost] 
***

TASK [setup] 
***
Using module file 
/usr/lib/python2.7/site-packages/ansible/modules/core/system/setup.py
 ESTABLISH LOCAL CONNECTION FOR USER: algomi-deploy
 EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
~/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950 `" && echo 
ansible-tmp-1485515755.89-254326766505950="` echo 
~/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950 `" ) && sleep 0'
 PUT /tmp/tmpP7Zu66 TO 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950/setup.py
 EXEC /bin/sh -c 'chmod u+x 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950/ 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950/setup.py
 
&& sleep 0'
 EXEC /bin/sh -c '/usr/bin/python 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950/setup.py;
 
rm -rf 
"/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515755.89-254326766505950/"
 
> /dev/null 2>&1 && sleep 0'
ok: [localhost]

TASK [Slurp the file we wish to search] 

task path: /opt/home/algomi-deploy/test.yml:4
Using module file 
/usr/lib/python2.7/site-packages/ansible/modules/core/network/basics/slurp.py
 ESTABLISH LOCAL CONNECTION FOR USER: algomi-deploy
 EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
~/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445 `" && echo 
ansible-tmp-1485515756.18-190467128946445="` echo 
~/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445 `" ) && sleep 0'
 PUT /tmp/tmpUjpiaz TO 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445/slurp.py
 EXEC /bin/sh -c 'chmod u+x 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445/ 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445/slurp.py
 
&& sleep 0'
 EXEC /bin/sh -c '/usr/bin/python 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445/slurp.py;
 
rm -rf 
"/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.18-190467128946445/"
 
> /dev/null 2>&1 && sleep 0'
ok: [localhost] => {
"changed": false,
"content": 
"c3RyaW5nMSBzdHJpbmcyIHN0cmluZzMKc3RyaW5nNCBzdHJpbmc1IHN0cmluZzAKc3RyaW5nNyBzdHJpbmc4IHN0cmluZzkK",
"encoding": "base64",
"invocation": {
"module_args": {
"src": "./example_file.txt"
},
"module_name": "slurp"
},
"source": "./example_file.txt"
}

TASK [To avoid base64 decoding multiple times, we do it once] 
**
task path: /opt/home/algomi-deploy/test.yml:10
ok: [localhost] => {
"ansible_facts": {
"plain_file": "string1 string2 string3\nstring4 string5 
string0\nstring7 string8 string9\n"
},
"changed": false,
"invocation": {
"module_args": {
"plain_file": "string1 string2 string3\nstring4 string5 
string0\nstring7 string8 string9\n"
},
"module_name": "set_fact"
}
}

TASK [Insert the wanted line into the file as it doesn't exist] 

task path: /opt/home/algomi-deploy/test.yml:17
Using module file 
/usr/lib/python2.7/site-packages/ansible/modules/core/files/lineinfile.py
 ESTABLISH LOCAL CONNECTION FOR USER: algomi-deploy
 EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
~/.ansible/tmp/ansible-tmp-1485515756.42-101048875702270 `" && echo 
ansible-tmp-1485515756.42-101048875702270="` echo 
~/.ansible/tmp/ansible-tmp-1485515756.42-101048875702270 `" ) && sleep 0'
 PUT /tmp/tmpPv_qtT TO 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.42-101048875702270/lineinfile.py
 EXEC /bin/sh -c 'chmod u+x 
/opt/home/algomi-deploy/.ansible/tmp/ansible-tmp-1485515756.42-101048875702270/

Re: [ansible-project] Ansible evaulate dynamic varaible name from vars

2017-01-27 Thread Kai Stian Olstad 

On 26.01.2017 14:18, Yordan Borisov wrote:

I have vars where I put something like this:

vars/main.yml

hello_port: 80
world_port: 81

in my ansbile file I load the vars with
  vars_files:
 - ./vars/main.yml

and after that I have task with iterate using with_items:

 - debug:
  msg: "{{ (item + '_port') }}"
   with_items: "{{ m_name }}"

But I've got as output
hello_port
world_port

not the values.
Is there a way to evaluate the dynamically created variables name - to 
get

the value?


- debug:
msg: "{{ vars[item + '_port'] }}"
  with_items: "{{ m_name }}"

--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0c75e02eed2ffe4d84efe71d57238f39%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Trouble with regex_replace

2017-01-27 Thread Kai Stian Olstad 

On 26.01.2017 15:51, Yuval Mund wrote:

I'm having trouble parsing a string.

The situation:
- parameters:

full: ['hostname1:abcdefg1','hostname2:-vip2','hostname3:abc-vip3']

It is required of me to have a parameter/list of hostnames without the 
rest

of the string
i.e
just_hostnames: ['hostname1','hostname2','hostname3']

I tried using using regex_replace like this
just_hostnames: "{{ full | regex_replace(':(?(?!'))*', '') }}"

But i got the error -
template error while templating string expected token 'end of print
statement', got '.'.


Because full is a list you can't do it like this since regex_replace 
don't work with lists.


Bu you can do something like this.

  - set_fact:
  loop_item: "{{ item.split(':')[0] }}"
register: loop_result
with_items: "{{ full }}"

  - set_fact:
  just_hostnames: "{{ loop_result.results | 
map(attribute='ansible_facts.loop_item') | list }}"


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/233cca97fcefac95509d45701076e9b0%40olstad.com.
For more options, visit https://groups.google.com/d/optout.