date:20170921


On 22. sep. 2017 00:59, Joli Martinez wrote:



On Thursday, September 21, 2017 at 3:58:05 PM UTC-4, Bob Tanner wrote:


This is what I do.

https://gist.github.com/basictheprogram/29a093366b2bdc9d15a07312c8d29587



OK, but what is wrong with my playbook?



Your "- name: Add Unix Admins users" is wrongly indented.


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7034077a-dc9e-e3da-9c95-1f3461e1d84b%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] regexp help.....


On 22. sep. 2017 01:08, John Harmon wrote:

This works under a regexp tester, but fails under ansible.  I don't know
how to correct it.


You need to use a Python based one, since Ansible is using Python re.



Basically, it finds the lines starting with passwd or group, looks in the
lines for sss, and appends if it isn't found.

- name: Update nsswitch.conf
   replace:
 path: /etc/nsswitch.conf
 regexp: "{{item.regexp}}"
 replace: "{{item.replace}}"
   with_items:
 - {regexp: '^(?:passwd):\s+(?:(?!sss).)+$', replace: '\0 sss'}
 - {regexp: '^(?:group):\s+(?:(?!sss).)+$', replace: '\0 sss'}


\0 is interpreted as octal in Python re.

Try this instead

  - {regexp: '(^(?:passwd):\s+(?:(?!sss).)+$)', replace: '\1 sss'}
  - {regexp: '(^(?:group):\s+(?:(?!sss).)+$)', replace: '\1 sss'}

I added a parenthesis around the whole expression and references that as \1


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/003c497b-ccea-83e5-f4aa-7c44ae9a1a70%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] yum module localinstall many rpms from directory possible?

2017-09-21 Thread daddyocruzer

Success  

Some Learning Assumptions:
===

So, this section I think I kinda get - it sets up 'r' to iterate through 
the 'patterns' matches found beneath 'paths'.

 

 

  - yum: 
   name: "{{ r.files | map(attribute='path') | list }}" 

 

 

This must iterate through each match and install it?Assumptions:

   - Install must be a default, since there's no sign of it.   
   - map(attribute='path' expands to the absolute path of where the match 
   is?  
  -if so, why is path singlular here, and 'paths' plural is used 
  above? 
  -   how is all this done on a 'name' line?   because default yum 
  behavior is install local...? 
   - list iterates through matches registered to 'r' lets yum default 
   install it? 






On Thursday, September 21, 2017 at 12:50:01 PM UTC-7, Kai Stian Olstad 
wrote:
>
> On 21. sep. 2017 20:51, daddyocruzer wrote: 
> > Hello 
> > 
> > tasks: 
> >- name:  yum local install 
> >  yum:  name=/sharedfilesystem/*.rpm  state=present 
> > 
> > Our team has several environments that lead up to our production 
> > environment, so patches must be applied and tested in one environment at 
> a 
> > time (as they exist at a specific version 'point-in-time') so I can't do 
> a 
> > blind yum update latest in our production environment -- therefore, I 
> > download the latest available at a point-in-time and apply them to each 
> > environment only once testing has succeeded in the previous environment. 
> > 
> > Can ansible yum module help 'localinstall' patches that have been 
> > pre-downloaded?   (I've only seen yum module work with a single rpm) 
>
>
> The name support a list or comma separated listing. 
>
> So you could do something like this: 
>
>- find: 
>paths: /sharedfilesystem 
>patterns: '*.rpm' 
>  register: r 
>
>- yum: 
>name: "{{ r.files | map(attribute='path') | list }}" 
>
>
> -- 
> Kai Stian Olstad 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bb20a7fa-ea8f-4b21-ba8e-1d959d946818%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] regexp help.....

This works under a regexp tester, but fails under ansible.  I don't know 
how to correct it.

Basically, it finds the lines starting with passwd or group, looks in the 
lines for sss, and appends if it isn't found.

- name: Update nsswitch.conf
  replace:
path: /etc/nsswitch.conf
regexp: "{{item.regexp}}"
replace: "{{item.replace}}"
  with_items:
- {regexp: '^(?:passwd):\s+(?:(?!sss).)+$', replace: '\0 sss'}
- {regexp: '^(?:group):\s+(?:(?!sss).)+$', replace: '\0 sss'}
  notify: restart sssd

Actual results (it wipes out the match and adds " sss")
# Example:
#passwd:db files nisplus nis
#shadow:db files nisplus nis
#group: db files nisplus nis

 sss
shadow: files
 sss

#hosts: db files nisplus nis dns
hosts:  files dns


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e8781073-3278-4872-92c2-ca1fe847362d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Help with playbooks

2017-09-21 Thread Joli Martinez



On Thursday, September 21, 2017 at 3:58:05 PM UTC-4, Bob Tanner wrote:
>
> This is what I do.
>
> https://gist.github.com/basictheprogram/29a093366b2bdc9d15a07312c8d29587
>
>
OK, but what is wrong with my playbook?

thanks 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ffc42379-fe9a-40ec-9631-79d2d181158c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: specifying targets for win_psexec module?

2017-09-21 Thread Jordan Borean

You can have multiple plays in a playbook so your playbook could look
something like this.

- name: setup PS requirements on all hosts
hosts: firsthost
tasks:
- name: install psexec
win_chocolatey:
name: sysinternal
state: present

- name: setup PS with psexec
win_psexec:
command: powershell.exe -File C:\temp\upgrade_script.ps1
hostnames: '{{groups['windows']}}' # may need to find a way to
exclude the current host, would need to play around with this
username: username
password: password
priority: high

- name: run Ansible on all hosts
hosts: windows
tasks:
- name: wait for the WinRM connection to come online
wait_for_connection:

- name: run whatever you want
win_ping:

I haven't actually used this module before but I believe it is just a
wrapper around the PSExec executable so it should work. Your upgrade script
would need to handle the idempotency around skipping if PS is already v3.0
and also to setup the WinRM listeners. In the end if these are new servers
you are provisioning this stuff should be done in the bootstrapping/imaging
process but if they are existing servers then you don't have too much
choice.

Hopefully this helps.

Thanks

Jordan

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/89a5a0cc-47ba-405f-afa2-fd87a92b975f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Targeting Windows & Linux Machines from One Role

2017-09-21 Thread Jordan Borean

In your main.yml put in include_tasks: windows.yml when the host is Windows 
and include_tasks: unix.yml when it is not. You can use the gathered facts 
to do this or you can have a variable that can be set when running on 
Windows by the end user.

Personally I think you should still split the role into 2, Windows is 
really not interoperable with the Unix side and they use their own modules. 
You would get quite a large and messy role when trying to handle both and 
it could become quite complex when implementing and documenting features 
that one supports and the other doesn't. I had a lot of success doing this 
previously where there would be a java role and I would create a win-java 
role which tried to implement the same functionality where I could.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f776c1bc-3b75-4ce8-b7bc-c0b4571df329%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Targeting Windows & Linux Machines from One Role

2017-09-21 Thread Heather Luna

I currently have a role that I am trying to tailor to install a splunk 
forwarder on both Linux and Windows machines but I'm a little confused as 
to how I should be telling the main.yml to yes go target these other two 
tasks splunklinux.yml if it's a RedHat Linux distribution or go to 
splunkwindows.yml to target Windows. 

I found the following logic:

when: ansible_os_family == "Windows"

when: ansible_distribution == "RedHat"

But I'm unclear of whether this is the correct approach or not and also 
whether or not I need to provide further logic so Ansible knows that yes 
this machine is a windows machine or this machine is a linux machine. I'd 
rather keep it all under one role if I can. 

Thoughts? 


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9f43fe2c-4b95-4f41-8f5f-cf86518b909d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Trying to push locally stored .pub keys to the "authorized_keys" on a remote host

I see. I'm not thinking abstractly enough. Thanks!

On Thursday, September 21, 2017 at 4:47:49 PM UTC-4, Dave Florek wrote:
>
> Hi,
>
> I'm looking at the Ansible 'authorized_key' module and I'm unable to 
> figure out whether it's possible to push locally stored .pub keys to the 
> authorized_keys file on a remote host. I don't want to go the route of 
> uploading .pub keys to a webserver and use URL links to transfer the keys 
> to the target machine's 'authorized_key' file. Is there another way to 
> achieve this via Ansible? Please let me know if I'm not making much sense.
>
> thanks,
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ac4edc04-abc3-4b1f-8225-49b9bcdf7505%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] gconftool2 module odd behaviour

2017-09-21 Thread William Muriithi

Hello,

I am wondering if anyone have used the above before.  I have a task
that I was initially using command module but today came across above
module and decided to improve that task by using a module.  The task
is to prevent desktop users using auto login as its insecure.

After starting to use the module, I have notice that I can, for
example enable screen saver, but the same task can't be able to
disable screen save, essentially simply reversing the earlier change.
What could I be doing wrong here?  Or is it a bug?


This is where the screen saver changes are documented.
https://access.redhat.com/solutions/17384

The task looks like this:

- name: Enable Gnome screen saver for RHEL 6
  gconftool2: direct=yes
config_source=/etc/gconf/gconf.xml.mandatory value_type=bool
state=present key=/apps/gnome-screensaver/idle_activation_enabled
value=true
  when:
- ansible_distribution_major_version == "6"


When the value=true in above task, I get this:


ok: [niobium.eng.example.com] => {
"ansible_facts": {
"gconftool2": {
"changed": false,
"key": "/apps/gnome-screensaver/idle_activation_enabled",
"new_value": "true",
"playbook_value": "true",
"previous_value": "true",
"value_type": "bool"
}
},
"changed": false,
"invocation": {
"module_args": {
"config_source": "/etc/gconf/gconf.xml.mandatory",
"direct": true,
"key": "/apps/gnome-screensaver/idle_activation_enabled",
"state": "present",
"value": "true",
"value_type": "bool"
}
}
}

When I change the same task so that value=false, it fails with the error below:

/idle_activation_enabled"}}}\r\n', 'Shared connection to
niobium.eng.example.com closed.\r\n')
fatal: [niobium.eng.example.com]: FAILED! => {
"changed": false,
"failed": true,
"invocation": {
"module_args": {
"config_source": "/etc/gconf/gconf.xml.mandatory",
"direct": true,
"key": "/apps/gnome-screensaver/idle_activation_enabled",
"state": "present",
"value": "false",
"value_type": "bool"
}
},
"msg": "gconftool-2 failed with error: \n(gconftool-2:23708):
GConf-WARNING **: Failed to load source
\"/etc/gconf/gconf.xml.mandatory\": Couldn't resolve address for
configuration source: Bad address
`/etc/gconf/gconf.xml.mandatory'\nFailed to access configuration
source(s): Couldn't resolve address for configuration source: Bad
address `/etc/gconf/gconf.xml.mandatory'\n"
}

Why would this be the case?  I am a bit puzzled and hope the module
dev is around to pitch in on this?

Thanks a bunch in advance.

Regards,
William

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAE9rU%2B7ccA_HGtguXQCvP%3Dbh1GqdABJF%3Dg%2Bf%2BAOGC9vZo5BZcQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Trying to push locally stored .pub keys to the "authorized_keys" on a remote host


On 21. sep. 2017 22:47, Dave Florek wrote:

Hi,

I'm looking at the Ansible 'authorized_key' module and I'm unable to figure
out whether it's possible to push locally stored .pub keys to the
authorized_keys file on a remote host. I don't want to go the route of
uploading .pub keys to a webserver and use URL links to transfer the keys
to the target machine's 'authorized_key' file. Is there another way to
achieve this via Ansible? Please let me know if I'm not making much sense.

That's what the first example in the module documentation does.


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/091abf23-e361-f4cb-6cc5-3e384629a20c%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Trying to push locally stored .pub keys to the "authorized_keys" on a remote host

The docs for the authorized_key module has an example that covers this
exact case:

http://docs.ansible.com/ansible/latest/authorized_key_module.html

- name: Set authorized key took from file
  authorized_key:
user: charlie
state: present
key: "{{ lookup('file', '/home/charlie/.ssh/id_rsa.pub') }}"

On Thu, Sep 21, 2017 at 3:47 PM, Dave Florek 
wrote:

> Hi,
>
> I'm looking at the Ansible 'authorized_key' module and I'm unable to
> figure out whether it's possible to push locally stored .pub keys to the
> authorized_keys file on a remote host. I don't want to go the route of
> uploading .pub keys to a webserver and use URL links to transfer the keys
> to the target machine's 'authorized_key' file. Is there another way to
> achieve this via Ansible? Please let me know if I'm not making much sense.
>
> thanks,
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/9569d4f0-c58f-4986-8004-deefe671c839%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9UKjSCY%3DrgPJUxc-1_g-ZA4C2OjBO-bz9_Y%3D7STERQMw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Trying to push locally stored .pub keys to the "authorized_keys" on a remote host

Hi,

I'm looking at the Ansible 'authorized_key' module and I'm unable to figure 
out whether it's possible to push locally stored .pub keys to the 
authorized_keys file on a remote host. I don't want to go the route of 
uploading .pub keys to a webserver and use URL links to transfer the keys 
to the target machine's 'authorized_key' file. Is there another way to 
achieve this via Ansible? Please let me know if I'm not making much sense.

thanks,

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9569d4f0-c58f-4986-8004-deefe671c839%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] expected , but found '-'

I didn't go look at the authors page.  Based on what you provided, the
first play is missing `tasks:`

On Thu, Sep 21, 2017 at 3:41 PM, Bob Tanner 
wrote:

>
>
> On Thursday, September 21, 2017 at 3:11:41 PM UTC-5, Matt Martz wrote:
>>
>> You seem to be missing `tasks:` in your first play.  As such YAML wasn't
>> expecting you to start a list there.
>>
>>
> So the original authors Listing 11 is wrong?
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/d40736c8-b394-4ab4-8d10-b48e53e1ea6b%40googlegroups.
> com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v-ZYAhmuMnhiJMyBY4Tgac3DBj0fgeEfcsebBvc5xQanQ%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] expected , but found '-'

2017-09-21 Thread Bob Tanner



On Thursday, September 21, 2017 at 3:11:41 PM UTC-5, Matt Martz wrote:
>
> You seem to be missing `tasks:` in your first play.  As such YAML wasn't 
> expecting you to start a list there.
>
>
So the original authors Listing 11 is wrong?

 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d40736c8-b394-4ab4-8d10-b48e53e1ea6b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] expected , but found '-'

You seem to be missing `tasks:` in your first play.  As such YAML wasn't
expecting you to start a list there.

On Thu, Sep 21, 2017 at 3:03 PM, Bob Tanner 
wrote:

> I'm following this post, https://www.ibm.com/developerworks/cloud/library/
> cl-provision-docker-containers-ansible/index.html, and Listing 11
>
> ---
> - name: initialize provisioning
>   hosts: docker
>
>   - name: start up target container
> docker:
>   image: python:2.7
>   name: lab
>   pull: missing
>   detach: yes
>   tty: yes
>   command: sleep infinity
>   state: started
>   # dynamically update inventory to make it available down the playbook
>   - name: register new container hostname
> add_host: name=lab
>
> - name: provision container
>   connection: docker
>   hosts: lab
>   tasks:
>   # ...
>
> - name: finalize build
>   hosts: docker
>   tasks:
> - name: stop container
>   docker:
> name: lab
> image: python:2.7
> state: stopped
>
>
>
> But ansible-playbook throws an error
> ERROR! Syntax Error while loading YAML.
>
>  The error appears to have been in '/Users/tanner/projects/
> ansible.git/playbooks.git/docker-testing.yml': line 5, column 3, but may
> be elsewhere in the file depending on the exact syntax problem. The
> offending line appears to be: - name: start up target container ^ here
> exception type:  exception: while
> parsing a block mapping in "", line 2, column 3: - name:
> initialize provisioning ^ expected , but found '-' in " string>", line 5, column 3: - name: start up target container ^
> Why?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/8272e557-4555-450b-9ef0-f7d48f817441%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9o00JYtgpAVT74PocENWJ6MwUMDL%3D9-PRC-5ftvcEA4A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How to change this regexp to multiline?

I had seen the doc before, but I didn't notice the definition under the 
regexp before.  Thank you.

On Thursday, September 21, 2017 at 1:51:31 PM UTC-6, John Harmon wrote:
>
> I need to set the multiline flag on this, but don't know how to.  Can 
> anyone help?
>
> regexp: '^(?:passwd):\s+(?:(?!sss).)+$'
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/22827e30-974b-4ea9-a18c-c4284e2b6226%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: How to change this regexp to multiline?


On 21. sep. 2017 22:01, John Harmon wrote:

Just a thought I am using this with the replace module does it
already assume multiline (as lineinfile does not)?


Have you read the docs under regexp?
https://docs.ansible.com/ansible/latest/replace_module.html

--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/59bd02db-b102-8b53-b2c2-f0a154d8dfe1%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] expected , but found '-'

2017-09-21 Thread Bob Tanner

I'm following this
post,
https://www.ibm.com/developerworks/cloud/library/cl-provision-docker-containers-ansible/index.html,

and Listing 11

---
- name: initialize provisioning
hosts: docker

- name: start up target container
docker:
image: python:2.7
name: lab
pull: missing
detach: yes
tty: yes
command: sleep infinity
state: started
# dynamically update inventory to make it available down the playbook
- name: register new container hostname
add_host: name=lab

- name: provision container
connection: docker
hosts: lab
tasks:
# ...

- name: finalize build
hosts: docker
tasks:
- name: stop container
docker:
name: lab
image: python:2.7
state: stopped

But ansible-playbook throws an error
ERROR! Syntax Error while loading YAML.

The error appears to have been in
'/Users/tanner/projects/ansible.git/playbooks.git/docker-testing.yml': line
5, column 3, but may be elsewhere in the file depending on the exact syntax
problem. The offending line appears to be: - name: start up target
container ^ here exception type: exception
: while parsing a block mapping in "", line 2, column 3: -
name: initialize provisioning ^ expected , but found '-' in
"", line 5, column 3: - name: start up target container ^
Why?

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/8272e557-4555-450b-9ef0-f7d48f817441%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: How to change this regexp to multiline?

Just a thought I am using this with the replace module does it 
already assume multiline (as lineinfile does not)?

On Thursday, September 21, 2017 at 1:51:31 PM UTC-6, John Harmon wrote:
>
> I need to set the multiline flag on this, but don't know how to.  Can 
> anyone help?
>
> regexp: '^(?:passwd):\s+(?:(?!sss).)+$'
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0891a1b7-461b-420f-b49d-cce08628ce35%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Help with playbooks

2017-09-21 Thread Bob Tanner

This is what I do.

https://gist.github.com/basictheprogram/29a093366b2bdc9d15a07312c8d29587

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3f562ab3-6e0f-406f-bce5-c01ff2a5083d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Help with playbooks

2017-09-21 Thread Joli Martinez

Hello,

I am new to Ansible.

I am creating my first playbook. I would like to add a useraccount to all
my hosts, make the user a sudo user and have them sudo without a password.
Also remove root logins.

for some reason it is not working and seem to figure out why. I keep
getting the error.

*[WARNING]: While constructing a mapping from /root/adduser.yaml, line 8,
column 5, found a duplicate dict key (name). Using last defined*

*value only.*

ERROR! 'password' is not a valid attribute for a Play

The error appears to have been in '/root/adduser.yaml': line 8, column 5,
but may

be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

- name: Add Unix Admins users

^ here

---

- hosts: all

remote_user: root

become: no

tasks:

- name: Add Unix Admins users

user:

name: test

password:
$6$q1v7XfmWFa2sDcwL$oXfCcW/OjE4aJK154ymM/82mSAMVnHGBEewhpjQ44kPAD@!OMSerEnJk5XHlHjGAqVvGyPSexZjQcRBFHUUQY0dmfi1

append: yes

- name: Make sure we have a 'wheel' group

group:

name=wheel

state=present

- name: Allow wheel group to have passwordless sudo

lineinfile:

dest: /etc/sudoers

state: present

regexp: '^%wheel'

line: '%wheel ALL=(ALL) NOPASSWD: ALL'

- name: Add sudoers users to wheel group

user: groups=wheel append=yes state=present createhome=yes

- name: Disallow root SSH access

lineinfile: dest=/etc/ssh/sshd_config

regexp="^PermitRootLogin"

line="PermitRootLogin no"

state=present

notify: Restart ssh

*~*

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/bfab1824-d542-421b-8f24-d7c645bc55cf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] How to change this regexp to multiline?

I need to set the multiline flag on this, but don't know how to.  Can 
anyone help?

regexp: '^(?:passwd):\s+(?:(?!sss).)+$'


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/713661c6-4201-41d3-a44f-4605337af9d5%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] yum module localinstall many rpms from directory possible?


On 21. sep. 2017 20:51, daddyocruzer wrote:

Hello

tasks:
   - name:  yum local install
 yum:  name=/sharedfilesystem/*.rpm  state=present

Our team has several environments that lead up to our production
environment, so patches must be applied and tested in one environment at a
time (as they exist at a specific version 'point-in-time') so I can't do a
blind yum update latest in our production environment -- therefore, I
download the latest available at a point-in-time and apply them to each
environment only once testing has succeeded in the previous environment.

Can ansible yum module help 'localinstall' patches that have been
pre-downloaded?   (I've only seen yum module work with a single rpm)



The name support a list or comma separated listing.

So you could do something like this:

  - find:
  paths: /sharedfilesystem
  patterns: '*.rpm'
register: r

  - yum:
  name: "{{ r.files | map(attribute='path') | list }}"


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2156589c-2ff3-6060-5f04-dc37f6fbf517%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] yum module localinstall many rpms from directory possible?

2017-09-21 Thread Dick Davies

That's fine, look at with_items to get it all done in a single yum transaction.

On 21 September 2017 at 19:51, daddyocruzer  wrote:
> Hello
>
> tasks:
>   - name:  yum local install
> yum:  name=/sharedfilesystem/*.rpm  state=present
>
> Our team has several environments that lead up to our production
> environment, so patches must be applied and tested in one environment at a
> time (as they exist at a specific version 'point-in-time') so I can't do a
> blind yum update latest in our production environment -- therefore, I
> download the latest available at a point-in-time and apply them to each
> environment only once testing has succeeded in the previous environment.
>
> Can ansible yum module help 'localinstall' patches that have been
> pre-downloaded?   (I've only seen yum module work with a single rpm)
>
> Maybe should be using command instead of yum module?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/103e0a52-c075-4f66-9764-ae1f3372f77c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAK5eLPRbvzovV9PXrM%3DeqVerLdmrjstfdkohMUwV3pLave_BHA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Conflicting versions of wrapped roles in an Ansible project

2017-09-21 Thread Brian Coca

proposed .. developed .. remains to be seen.

-- 
--
Brian Coca

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CACVha7fkDkcQWBqAg9ch%2BanKyJYwi-u-%3DT-TS_04U-kX55L88A%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Question about force handlers

2017-09-21 Thread Anfield

Ok nevermind. This works now. I forgot to add become: yes to the main file 
in the last try. The task now calls the handler, despite the failure in the 
2nd task.

So with the tasks/main.yml

tasks/main.yml
- name: Install nginx
  yum:
name: nginx
state: installed
  register: nginx_installed
  notify:
 - restart nginx

- name: Run a command that fails
  shell: /bin/false


Output - 


[ansible@localhost roles]$ ansible-playbook nginx.yml

PLAY [localhost] 
***

TASK [Gathering Facts] 
*
ok: [localhost]

TASK [nginx : Install nginx] 
***
changed: [localhost]

TASK [nginx : Run a command that fails] 
*** *
fatal: [localhost]: FAILED! => {"changed": true, "cmd": "/bin/false", 
"delta":  "0:00:00.003499", "end": "2017-09-21 
15:19:14.897224", "failed": true, "rc": 1,  "start": 
"2017-09-21 15:19:14.893725", "stderr": "", "stderr_lines": [], "stdo   
  ut": "", "stdout_lines": []}

RUNNING HANDLER [nginx : restart nginx] 
*** *
changed: [localhost]
to retry, use: --limit @/etc/ansible/playbooks/roles/nginx.retry

PLAY RECAP 
   
  *
localhost  : ok=3changed=2unreachable=0failed=1

 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d719dba1-5083-4f42-85bb-e615293ea7b6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Problem referencing variables

Thanks Kai

On Thu, Sep 21, 2017 at 1:39 PM, Kai Stian Olstad <
ansible-project+l...@olstad.com> wrote:

> On 21. sep. 2017 17:20, Dave Florek wrote:
>
>> Hi Branko,
>>
>> Thanks for the response. I only posted what was on line 20.
>>
>
> It's recommended to show everything, you'll get help a lot faster that way
> because the problem can be anywhere as you can see by my comments bellow.
>
>
> Code:
>>
>> ---
>> - hosts: all
>>
>>   become: yes
>>
>>   vars_prompt:
>>- name: "new_user"
>>- prompt: "What is the name of the new user to create?"
>>
>
> You need to remove the dash in front of prompt, one list item contains
> name and prompt.
>
>
>   tasks:
>>   - name: Create new user
>> command: useradd {{ new_user }}
>>
>>
>>   - name: Generate new SSH pub/priv key for user
>> # Do you just have a file with a pasted public key for distribution or
>> auto-generate one?
>>
>
> You can't have a name: without a module, Ansible will fail.
>
>
>   - name: Add user to local authorized_keys file
>>   - lineinfile:
>>
>
> You need to remove the dash in front of lineinfile.
>
>
> path: /home/"{{ new_user }}"/.ssh/authorized_keys
>>
>
> Remove the double quotes.
>
>
> state: present
>> create: True
>> #   line: #Reference to what upper decision was
>> group: {{ new_user }}
>> owner: {{ new_user }}
>>
>
> When you have {{ after a colon you need to wrap them in single or double
> quotes like this "{{ new_user }}".
>
>
> For some reason, when I reference the new user name as part of a path to
>> set a file, I get the requirement that the variable needs to be in quotes.
>> Any ideas?
>>
>
> I don't understand the problem, but maybe the comments about give you the
> answer if not show the code and the error message.
>
>
> --
> Kai Stian Olstad
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/to
> pic/ansible-project/tXRBpl4c0U8/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/ms
> gid/ansible-project/b8e94527-9123-78ab-2751-8146053868c5%40olstad.com.
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CA%2BM9YCnrm7nCAN9_hg1d4T%3DbnQ0p3-gjKmwxA3KTN9hyvPO0LA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Question about force handlers

2017-09-21 Thread Anfield

So I switched around the tasks in the task/main.yml to get this, and the 
notify still doesnt happen

tasks/main.yml
- name: Install nginx
  yum:
name: nginx
state: installed
  register: nginx_installed
  notify:
 - restart nginx

- name: Run a command that fails
  shell: /bin/false

Output - 

[ansible@localhost roles]$ ansible-playbook nginx.yml

PLAY [localhost] 
***

TASK [Gathering Facts] 
*
ok: [localhost]

TASK [nginx : Install nginx] 
***
fatal: [localhost]: FAILED! => {"changed": true, "failed": true, "msg": 
"Repository epel is listed more than once in the configuration\nRepository 
epel-source is listed more than once in the configuration\nYou need to be 
root to perform this command.\n", "rc": 1, "results": ["Loaded plugins: 
fastestmirror, langpacks\n"]}
to retry, use: --limit @/etc/ansible/playbooks/roles/nginx.retry

PLAY RECAP 
*
localhost  : ok=1changed=0unreachable=0failed=1




>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b40db3cf-6d58-4635-9df5-fdda1bd0a11e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Conflicting versions of wrapped roles in an Ansible project

2017-09-21 Thread jhammerman via Ansible Project

Yes great info. Thanks Brian. +1 for developing this feature!
Joe

On Monday, September 18, 2017 at 6:55:26 PM UTC-4, Brian Coca wrote:
>
> Not sure if this would help your case 
> https://github.com/ansible/proposals/issues/23 
>
>
>
> -- 
> -- 
> Brian Coca 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/dc73996c-14d5-43eb-a97c-f7296ba5cbb6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] yum module localinstall many rpms from directory possible?

2017-09-21 Thread daddyocruzer

Hello

tasks:
  - name:  yum local install
yum:  name=/sharedfilesystem/*.rpm  state=present

Our team has several environments that lead up to our production 
environment, so patches must be applied and tested in one environment at a 
time (as they exist at a specific version 'point-in-time') so I can't do a 
blind yum update latest in our production environment -- therefore, I 
download the latest available at a point-in-time and apply them to each 
environment only once testing has succeeded in the previous environment.

Can ansible yum module help 'localinstall' patches that have been 
pre-downloaded?   (I've only seen yum module work with a single rpm)   

Maybe should be using command instead of yum module?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/103e0a52-c075-4f66-9764-ae1f3372f77c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] replace module: Invalid group reference

Perfect.  Thanks Matt!  I am really horrible at regexp.  I totally missed 
grouping it.  I tested it and it works.  Thanks again.

On Thursday, September 21, 2017 at 12:18:20 PM UTC-6, Matt Martz wrote:
>
> You haven't actually created a match group in your regex.  I assume you 
> want something like ^(group.*) or something.  The () create the match group.
>
> On Thu, Sep 21, 2017 at 1:13 PM, John Harmon  > wrote:
>
>> I am trying to append to some lines within the nsswitch file to setup 
>> sssd.  I am trying this with the loop below, but I have never used backrefs 
>> before.  I am unsure if I am doing it correctly.  I get an error about an 
>> invalid group reference.  I wonder if my regexp is wrong?
>>
>> Code
>> - name: Update nsswitch.conf
>>   replace:
>> path: /etc/nsswitch.conf
>> regexp: "{{item.regexp}}"
>> replace: "{{item.replace}}"
>>   with_items:
>> - {regexp: '^passwd.*',
>>replace: '\1 sss'}
>> - {regexp: '^group.*',
>>replace: '\1 sss'}
>>   notify: restart sssd
>>
>> Traceback results
>>
>> The full traceback is:
>> Traceback (most recent call last):
>>   File "/tmp/ansible_q0xtoH/ansible_module_replace.py", line 200, in 
>> 
>> main()
>>   File "/tmp/ansible_q0xtoH/ansible_module_replace.py", line 173, in main
>> result = re.subn(mre, params['replace'], contents, 0)
>>   File "/usr/lib64/python2.6/re.py", line 162, in subn
>> return _compile(pattern, 0).subn(repl, string, count)
>>   File "/usr/lib64/python2.6/re.py", line 278, in filter
>> return sre_parse.expand_template(template, match)
>>   File "/usr/lib64/python2.6/sre_parse.py", line 795, in expand_template
>> raise error, "invalid group reference"
>> sre_constants.error: invalid group reference
>>
>> failed: [ansibletest-oel6] (item={u'regexp': u'^group.*', u'replace': u'\\1 
>> sss'}) => {
>> "failed": true,
>> "item": {
>> "regexp": "^group.*",
>> "replace": "\\1 sss"
>> },
>> "module_stderr": "Traceback (most recent call last):\n  File 
>> \"/tmp/ansible_q0xtoH/ansible_module_replace.py\", line 200, in \n 
>>main()\n  File \"/tmp/ansible_q0xtoH/ansible_module_replace.py\", line 
>> 173, in main\nresult = re.subn(mre, params['replace'], contents, 0)\n 
>>  File \"/usr/lib64/python2.6/re.py\", line 162, in subn\nreturn 
>> _compile(pattern, 0).subn(repl, string, count)\n  File 
>> \"/usr/lib64/python2.6/re.py\", line 278, in filter\nreturn 
>> sre_parse.expand_template(template, match)\n  File 
>> \"/usr/lib64/python2.6/sre_parse.py\", line 795, in expand_template\n   
>>  raise error, \"invalid group reference\"\nsre_constants.error: invalid 
>> group reference\n",
>> "module_stdout": "",
>> "msg": "MODULE FAILURE",
>> "rc": 1
>> }
>>
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com .
>> To post to this group, send email to ansible...@googlegroups.com 
>> .
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/4d26cef9-107d-4f41-967e-dcb52328491b%40googlegroups.com
>>  
>> 
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> -- 
> Matt Martz
> @sivel
> sivel.net
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e984e8d4-8c01-4121-ac1e-10ba6fba6627%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] replace module: Invalid group reference

You haven't actually created a match group in your regex.  I assume you
want something like ^(group.*) or something.  The () create the match group.

On Thu, Sep 21, 2017 at 1:13 PM, John Harmon 
wrote:

> I am trying to append to some lines within the nsswitch file to setup
> sssd.  I am trying this with the loop below, but I have never used backrefs
> before.  I am unsure if I am doing it correctly.  I get an error about an
> invalid group reference.  I wonder if my regexp is wrong?
>
> Code
> - name: Update nsswitch.conf
>   replace:
> path: /etc/nsswitch.conf
> regexp: "{{item.regexp}}"
> replace: "{{item.replace}}"
>   with_items:
> - {regexp: '^passwd.*',
>replace: '\1 sss'}
> - {regexp: '^group.*',
>replace: '\1 sss'}
>   notify: restart sssd
>
> Traceback results
>
> The full traceback is:
> Traceback (most recent call last):
>   File "/tmp/ansible_q0xtoH/ansible_module_replace.py", line 200, in
> 
> main()
>   File "/tmp/ansible_q0xtoH/ansible_module_replace.py", line 173, in main
> result = re.subn(mre, params['replace'], contents, 0)
>   File "/usr/lib64/python2.6/re.py", line 162, in subn
> return _compile(pattern, 0).subn(repl, string, count)
>   File "/usr/lib64/python2.6/re.py", line 278, in filter
> return sre_parse.expand_template(template, match)
>   File "/usr/lib64/python2.6/sre_parse.py", line 795, in expand_template
> raise error, "invalid group reference"
> sre_constants.error: invalid group reference
>
> failed: [ansibletest-oel6] (item={u'regexp': u'^group.*', u'replace': u'\\1
> sss'}) => {
> "failed": true,
> "item": {
> "regexp": "^group.*",
> "replace": "\\1 sss"
> },
> "module_stderr": "Traceback (most recent call last):\n  File
> \"/tmp/ansible_q0xtoH/ansible_module_replace.py\", line 200, in
> \nmain()\n  File 
> \"/tmp/ansible_q0xtoH/ansible_module_replace.py\",
> line 173, in main\nresult = re.subn(mre, params['replace'], contents,
> 0)\n  File \"/usr/lib64/python2.6/re.py\", line 162, in subn\nreturn
> _compile(pattern, 0).subn(repl, string, count)\n  File
> \"/usr/lib64/python2.6/re.py\", line 278, in filter\nreturn
> sre_parse.expand_template(template, match)\n  File
> \"/usr/lib64/python2.6/sre_parse.py\", line 795, in expand_template\n
>  raise error, \"invalid group reference\"\nsre_constants.error: invalid
> group reference\n",
> "module_stdout": "",
> "msg": "MODULE FAILURE",
> "rc": 1
> }
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To post to this group, send email to ansible-project@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/
> msgid/ansible-project/4d26cef9-107d-4f41-967e-dcb52328491b%40googlegroups.
> com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>



-- 
Matt Martz
@sivel
sivel.net

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAD8N0v9%3D2x1VOumAp5mHgr5_pteZ81t18zLTHw2_orna0ALftA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Template module. MODE all wrong when using loop

Actually, that brings up a follow-up question.   why doesn't it treat 
it that way in the first example, when I don't use a loop?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/dbda728f-73ff-4665-80b3-45e0799b2cab%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Template module. MODE all wrong when using loop

Perfect!  Thank you Kai Stian Olstad 

On Thursday, September 21, 2017 at 12:13:29 PM UTC-6, Kai Stian Olstad 
wrote:
>
> On 21. sep. 2017 20:03, John Harmon wrote: 
> > If I do the following it works (putting quotes around the mode).  Can 
> > anybody explain to my why? 
>
> Yes, Ansible interprets number starting with 0 as octal number. 
> 0644 = 6*8^2 + 4*8^1 + 4*8^0 = 420 decimal. 
>
> So to avoid this conversion you need to use the quotes. 
>
>
> -- 
> Kai Stian Olstad 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f907b121-9cbe-4192-9f42-940abea2fa58%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] replace module: Invalid group reference

I am trying to append to some lines within the nsswitch file to setup 
sssd.  I am trying this with the loop below, but I have never used backrefs 
before.  I am unsure if I am doing it correctly.  I get an error about an 
invalid group reference.  I wonder if my regexp is wrong?

Code
- name: Update nsswitch.conf
  replace:
path: /etc/nsswitch.conf
regexp: "{{item.regexp}}"
replace: "{{item.replace}}"
  with_items:
- {regexp: '^passwd.*',
   replace: '\1 sss'}
- {regexp: '^group.*',
   replace: '\1 sss'}
  notify: restart sssd

Traceback results

The full traceback is:
Traceback (most recent call last):
  File "/tmp/ansible_q0xtoH/ansible_module_replace.py", line 200, in 

main()
  File "/tmp/ansible_q0xtoH/ansible_module_replace.py", line 173, in main
result = re.subn(mre, params['replace'], contents, 0)
  File "/usr/lib64/python2.6/re.py", line 162, in subn
return _compile(pattern, 0).subn(repl, string, count)
  File "/usr/lib64/python2.6/re.py", line 278, in filter
return sre_parse.expand_template(template, match)
  File "/usr/lib64/python2.6/sre_parse.py", line 795, in expand_template
raise error, "invalid group reference"
sre_constants.error: invalid group reference

failed: [ansibletest-oel6] (item={u'regexp': u'^group.*', u'replace': u'\\1 
sss'}) => {
"failed": true,
"item": {
"regexp": "^group.*",
"replace": "\\1 sss"
},
"module_stderr": "Traceback (most recent call last):\n  File 
\"/tmp/ansible_q0xtoH/ansible_module_replace.py\", line 200, in \n 
   main()\n  File \"/tmp/ansible_q0xtoH/ansible_module_replace.py\", line 
173, in main\nresult = re.subn(mre, params['replace'], contents, 0)\n 
 File \"/usr/lib64/python2.6/re.py\", line 162, in subn\nreturn 
_compile(pattern, 0).subn(repl, string, count)\n  File 
\"/usr/lib64/python2.6/re.py\", line 278, in filter\nreturn 
sre_parse.expand_template(template, match)\n  File 
\"/usr/lib64/python2.6/sre_parse.py\", line 795, in expand_template\n   
 raise error, \"invalid group reference\"\nsre_constants.error: invalid 
group reference\n",
"module_stdout": "",
"msg": "MODULE FAILURE",
"rc": 1
}


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4d26cef9-107d-4f41-967e-dcb52328491b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Re: Template module. MODE all wrong when using loop


On 21. sep. 2017 20:03, John Harmon wrote:

If I do the following it works (putting quotes around the mode).  Can
anybody explain to my why?


Yes, Ansible interprets number starting with 0 as octal number.
0644 = 6*8^2 + 4*8^1 + 4*8^0 = 420 decimal.

So to avoid this conversion you need to use the quotes.


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f8876e14-ba5b-6eb1-f8ce-a27cd4eefc6e%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Template module. MODE all wrong when using loop

If I do the following it works (putting quotes around the mode).  Can 
anybody explain to my why?

>
> - name: test
>   template:
> src: "files/sssd.conf"
> dest: "/etc/sssd/sssd.conf"
> mode: 0600
> group: root
> owner: root
>
> - name: Add/Update required files
>   template:
> src: "{{item.src}}"
> dest: "{{item.dst}}"
> owner: root
> group: root
> mode: "{{item.mode}}"
>   with_items:
> - {src: "files/sssd.conf",
>dst: "/etc/sssd/sssd.conf",
>mode: "0600"}
> - {src: "files/krb5.conf",
>dst: "/etc/krb5.conf",
>mode: "0644"}
> - {name: "dc1.cer",
>src: "files/dc1.cer",
>dst: "/etc/ssl/certs/dc1.cer",
>mode: "0644"}
>   notify: restart sssd
>
>
> Results :
> TASK [ldap_users : test] 
> *
> ok: [ansibletest-oel6]
>
> TASK [ldap_users : Add/Update required files] 
> 
> ok: [ansibletest-oel6] => (item={u'dest': u'/etc/sssd/sssd.conf', u'src': 
> u'files/sssd.conf', u'mode': u'0600'})
> changed: [ansibletest-oel6] => (item={u'dest': u'/etc/krb5.conf', u'src': 
> u'files/krb5.conf', u'mode': u'0644'})
> changed: [ansibletest-oel6] => (item={u'dest': u'/etc/ssl/certs/dc1.cer', 
> u'src': u'files/dc1.cer', u'name': u'dc1.cer', u'mode': u'0644'})
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4a13994f-1337-4be4-8913-6966c9dfa087%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Template module. MODE all wrong when using loop

When using the template module within a loop, my mode comes out all 
weird/wrong.  When using stand-alone it works:

- name: test
  template:
src: "files/sssd.conf"
dest: "/etc/sssd/sssd.conf"
mode: 0600
group: root
owner: root

- name: Add/Update required files
  template:
src: "{{item.src}}"
dest: "{{item.dst}}"
owner: root
group: root
mode: "{{item.mode}}"
  with_items:
- {src: "files/sssd.conf",
   dst: "/etc/sssd/sssd.conf",
   mode: 0600}
- {src: "files/krb5.conf",
   dst: "/etc/krb5.conf",
   mode: 0644}
- {name: "dc1.cer",
   src: "files/dc1.cer",
   dst: "/etc/ssl/certs/dc1.cer",
   mode: 0644}
  notify: restart sssd


Results :
TASK [ldap_users : test] 

changed: [ansibletest-oel6]


TASK [ldap_users : Add/Update required files] 

failed: [ansibletest-oel6] (item={u'src': u'files/sssd.conf', u'dst': u
'/etc/sssd/sssd.conf', u'mode': 384}) => {"details": "bad symbolic 
permission for mode: 384", "failed": true, "gid": 0, "group": "root", "item"
: {"dst": "/etc/sssd/sssd.conf", "mode": 384, "src": "files/sssd.conf"}, 
"mode": "0416", "msg": "mode must be in octal or symbolic form", "owner": 
"root", "path": "/etc/sssd/sssd.conf", "size": 1445, "state": "file", "uid": 
0}
ok: [ansibletest-oel6] => (item={u'src': u'files/krb5.conf', u'dst': u
'/etc/krb5.conf', u'mode': 420})
ok: [ansibletest-oel6] => (item={u'src': u'files/dc1.cer', u'dst': u
'/etc/ssl/certs/dc1.cer', u'name': u'dc1.cer', u'mode': 420})

As you can see from the above, the test works (confirmed that the mode is 
truly 0600 on the target server).  From the second part of the results, you 
can see that it is trying to tweak the mode different than the test.  The 
first one it bombs on (mode 0600) and the second two (0644) it changes to 
420 like a umask is being applied.

Is this a bug? or am I doing something wrong?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9d67bcc1-bdbc-49fe-abca-b1294e2070df%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Re: Ansible report - Web interface

2017-09-21 Thread manu

Thanks, Initially, I developed my interface to connect it with another 
product I use; which was more difficult with ara.
(There is a (still in development) version of ansible-report with 
PostgreSQL storage and user management)



On Thursday, 21 September 2017 05:51:25 UTC-4, Mike Fennemore wrote:
>
> Looks good, have you seen this https://github.com/openstack/ara ?
>
> On Wednesday, September 20, 2017 at 3:14:16 PM UTC+2, ma...@unixdev.ca 
> wrote:
>>
>> Hi,
>>
>> I developed and now share an Ansible report in Python (flask)
>>
>> The python script create a personal temporary tiny web server where you 
>> can analyse your ansible report in a nice web interface.
>>
>> You can found my little project, here :   
>> https://github.com/manuBocquet/ansible-report
>>
>> I hope it will help some people.
>>
>> Comments are welcome, have a good day.
>>
>> Manu
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/99de299f-9deb-4544-90f4-7f6d03923ebb%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Question about force handlers


On 21. sep. 2017 16:11, Anfield wrote:

Testing out the force handlers parameter in a role and it is not working
for me.The first tasks fails, so I though the force handlers would force
the second one to get trigger anyway


As I understand the documentation it will only run the handlers that has 
been notified before the failed tasj. So any notify after the failed 
task will not trigger a handler.




nginx.yml

---
- hosts: appservers
   force_handlers: True
   roles:
 - { role: nginx, when: "ansible_os_family == 'RedHat'"}


tasks/main.yml

- name: Run a command that fails
   shell: /bin/false

- name: Install nginx
   yum:
 name: nginx
 state: installed
   register: nginx_installed
   notify:
  - restart nginx


Since shell task failes the yum is not run and the notify will not 
trigger the handler.



--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/631b4b54-dfd3-2c28-59ac-85186fc2541a%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Problem referencing variables

On 21. sep. 2017 17:20, Dave Florek wrote:

Hi Branko,

Thanks for the response. I only posted what was on line 20.

It's recommended to show everything, you'll get help a lot faster that
way because the problem can be anywhere as you can see by my comments
bellow.

Code:

---
- hosts: all

become: yes

vars_prompt:
- name: "new_user"
- prompt: "What is the name of the new user to create?"

You need to remove the dash in front of prompt, one list item contains
name and prompt.

tasks:
- name: Create new user
command: useradd {{ new_user }}

- name: Generate new SSH pub/priv key for user
# Do you just have a file with a pasted public key for distribution or
auto-generate one?

You can't have a name: without a module, Ansible will fail.

- name: Add user to local authorized_keys file
- lineinfile:

You need to remove the dash in front of lineinfile.

path: /home/"{{ new_user }}"/.ssh/authorized_keys

Remove the double quotes.

state: present
create: True
# line: #Reference to what upper decision was
group: {{ new_user }}
owner: {{ new_user }}

When you have {{ after a colon you need to wrap them in single or double
quotes like this "{{ new_user }}".

For some reason, when I reference the new user name as part of a path to
set a file, I get the requirement that the variable needs to be in quotes.
Any ideas?

I don't understand the problem, but maybe the comments about give you
the answer if not show the code and the error message.

--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/b8e94527-9123-78ab-2751-8146053868c5%40olstad.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Ansible Snapshot size for Vmware Guest

2017-09-21 Thread Hemant Kulkarni

Hello All,

I am using vmware_guest_snapshot: module to take snapshot of VMS , I 
observed that snapshot Process is very fast and snapshot size is very less 
..

if I login to vmware console & take snapshot it will take 11 min and size 
of that snap is around 800 MB . on other side ansible play book take 
snapshot within no time and snapshot size is 40 KB only .. 


let me know if this is normal ? or do I need to change something from my 
side .

Thanks 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f7cf0db8-1bab-40cf-ad23-f8fcd752581e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Using yum module to install/update to defined version of a package-X.

2017-09-21 Thread Rui Goncalves

Hi all.

I'd like to install or update a package specifying  the major.minor 
version. I.e, upgrade only if there's a bugfix package available.  I've 
tried using state=*latest* and *present*, but does not work as I expected.

Using:  yum: name=nginx-debuginfo-1.6* state=latest
> Suffix "-1.6*" is ignored, and version nginx-debuginfo-1.10 (which is the 
latest available version on the repo) gets installed. I want to remain on 
1.6.* version.

Using: yum: name=nginx-debuginfo-1.6* state=present
> If the host already contains nginx-debuginfo-1.6.1 installed and there's 
a new version nginx-debuginfo-1.6.2 available on the repo, the package is 
not updated.

Any idea how can I achieve the desired result.

Thanks.
Rui

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0077bef5-d9d9-4438-89a8-be91c614a2f3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] ec2_win_password unable to parse key file

2017-09-21 Thread Ryan Howe

Hello,

I'm trying to use the ec2_win_password module to retrieve the default 
Administrator password for an EC2 instance. I had a play working and then 
upgraded to Ansible 2.4. I added the cryptography module as the notes 
indicate. My play continually fails returning a message that it can't parse 
the key file (and the key file is not encrypted). 

I ran a test where I encrypted the key file and provided a passphrase in 
the play and things did work successfully. 

Would anyone have any thoughts on why this might be failing with an 
unecrypted key and no password? Below is the debug output from the play.
It kind of feels to me like it thinks a password is being given even though 
I don't mention the parameter in the play. As such, it's existing because 
the key is not encrypted.

Thank you
Ryan

ansible-playbook 2.4.0.0
  config file = None
  configured module search path = 
[u'/Users/rhowe/.ansible/plugins/modules', 
u'/usr/share/ansible/plugins/modules']
  ansible python module location = /Library/Python/2.7/site-packages/ansible
  executable location = /usr/local/bin/ansible-playbook
  python version = 2.7.10 (default, Feb  7 2017, 00:08:15) [GCC 4.2.1 
Compatible Apple LLVM 8.0.0 (clang-800.0.34)]
No config file found; using defaults
setting up inventory plugins
Parsed /etc/ansible/hosts inventory source with ini plugin
Loading callback plugin default of type stdout, v2.0 from 
/Library/Python/2.7/site-packages/ansible/plugins/callback/__init__.pyc

PLAYBOOK: 03_retrieve_admin_password.yml 
*
1 plays in 03_retrieve_admin_password.yml

PLAY [localhost] 
*
META: ran handlers

TASK [Get Administrator Password] 

task path: /Users/rhowe/ansible_scripts/03_retrieve_admin_password.yml:10
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/_text.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/basic.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/ec2.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/six/__init__.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/parsing/convert_bool.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/parsing/__init__.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/pycompat24.py
Using module_utils file 
/Library/Python/2.7/site-packages/ansible/module_utils/cloud.py
Using module file 
/Library/Python/2.7/site-packages/ansible/modules/cloud/amazon/ec2_win_password.py
<127.0.0.1> ESTABLISH LOCAL CONNECTION FOR USER: rhowe
<127.0.0.1> EXEC /bin/sh -c 'echo ~ && sleep 0'
<127.0.0.1> EXEC /bin/sh -c '( umask 77 && mkdir -p "` echo 
/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967 `" && 
echo ansible-tmp-1506010305.03-241574263221967="` echo 
/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967 `" ) && 
sleep 0'
<127.0.0.1> PUT /var/folders/92/sndgxv6s3dnfhpptzcbf98k8gn/T/tmpwA8R2C 
TO 
/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ec2_win_password.py
<127.0.0.1> EXEC /bin/sh -c 'chmod u+x 
/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ 
/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ec2_win_password.py
 
&& sleep 0'
<127.0.0.1> EXEC /bin/sh -c '/usr/bin/python 
/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/ec2_win_password.py;
 
rm -rf 
"/Users/rhowe/.ansible/tmp/ansible-tmp-1506010305.03-241574263221967/" > 
/dev/null 2>&1 && sleep 0'
The full traceback is:
  File 
"/var/folders/92/sndgxv6s3dnfhpptzcbf98k8gn/T/ansible_vLagCP/ansible_module_ec2_win_password.py",
 
line 167, in main
key = load_pem_private_key(f.read(), b_key_passphrase, BACKEND)
  File 
"/Library/Python/2.7/site-packages/cryptography/hazmat/primitives/serialization.py",
 
line 20, in load_pem_private_key
return backend.load_pem_private_key(data, password)
  File 
"/Library/Python/2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py",
 
line 1006, in load_pem_private_key
password,
  File 
"/Library/Python/2.7/site-packages/cryptography/hazmat/backends/openssl/backend.py",
 
line 1231, in _load_key
"Password was given but private key is not encrypted.")

fatal: [localhost]: FAILED! => {
"changed": false, 
"failed": true, 
"invocation": {
"module_args": {
"aws_access_key": "", 
"aws_region": "us-east-1", 
"aws_secret_key": "VAL

[ansible-project] specifying targets for win_psexec module?

2017-09-21 Thread 'Steve Kersley' via Ansible Project

As I understand it, the win_psexec action connects to a Windows host via
winrm and then uses that to run commands on a second Windows host via
psexec?

My question is how to write a playbook such that the first (proxy) host is
always constant, but the second hosts are the ones defined in the inventory
and/or filtered on the command line (not listed in the
playbook/role/variables).
i.e. I want to run a playbook against, say, 10 hosts. Each time the
win_psexec action runs, I want it to connect to 'proxyserver' and use that
to run remote commands on the 10 hosts, but without defining those hosts in
the playbook as otherwise they'd keep needing to be changed.

(What I'm actually trying to do is to have a playbook to actually install
powershell3+ and run a script to configure winrm access to allow direct
ansible connection without having to go round and do that on every single
server by hand, so if there's another way to do that - or what I'm wanting
to do simply can't be done via win_psexec then would be grateful to hear
that also!)

--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/d920e574-2561-4019-a5bd-3972ce1b3200%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Re: [ansible-project] Problem referencing variables