[ansible-project] List all ansible-vault encrypted files?

Is there a way to list all files in a repo that are encrypted via ansible-vault? If there is I haven't figured it out yet. I've searched on google and everything just points to how to use view or edit. I was hoping there was something like "ansible-vault status" that would list all files in

[ansible-project] Ansible Yum Update revision from given version

Im working on a project with several versions each version has it's own revision in the repo Example: fooproject-2.2.1-r4000.rpm fooproject-2.2.1-r4005.rpm fooproject-3.0.1-r4015.rpm There's a server on version 2 rev 4000 doing the command-> yum install fooproject*2.2.1* it will install ->

[ansible-project] how use aws profile when using ansible ec2.py module

I wrote a quick ansible playbook to launch a simple ec2 instance but I think I have an issue on how I want to authenticate. What I don't want to do is set my aws access/secret keys as env variables since they expire each hour and I need to regenerate the `~/.aws/credentials` file via a

[ansible-project] how use aws profile when using ansible ec2.py module

I wrote a quick ansible playbook to launch a simple ec2 instance but I think I have an issue on how I want to authenticate. What I don't want to do is set my aws access/secret keys as env variables since they expire each hour and I need to regenerate the `~/.aws/credentials` file via a

Re: [ansible-project] I promise you.... I'm pretty smart!!

There several ways to do this, Ansible has an authorized_keys module that can do the copying, the user module can also generate keys. But it does need to log onto the servers, the first time it can use user/password as part of a bootstrapping play. As for root vs shared user with sudo vs

[ansible-project] I promise you.... I'm pretty smart!!

But I can't seem to wrap my head around this! I've started working for a new company as a Linux admin. I've dabbled in ansible a bit, but in a lab setting. We have about 300 plus existing servers and I will be building more in the future. This is where Ansible comes in. I would like to use

Re: [ansible-project] Send playbook output to Logstash/Elasticsearch

Try to use the new version https://github.com/ujenmr/ansible-logstash-callback On Thursday, January 26, 2017 at 11:13:53 PM UTC+2, Ievgen Khmelenko wrote: > > Hi, > > I'm author of the module, I can fix it. I will return with result... > > Ievgen > > On Wednesday, January 18, 2017 at 1:20:20 PM

Re: [ansible-project] Version dependency management

Thanks, Dick. On Friday, January 27, 2017 at 11:23:10 AM UTC-5, Dick Davies wrote: > > Hi Adam > > I'd put the servers into groups, and then use group_vars to set > specific versions. > > On 27 January 2017 at 15:39, Adam Shantz > wrote: > > Hi all - > > > > We're

[ansible-project] How to prevent git clone timeouts in playbook?

I have a task in my Ansible playbook that uses the git module to clone my Git repository which is hosted on bitbucket.com to my Linode-hosted web server. The playbook is run from my local laptop. My problem is that this task seems to timeout quit frequently. When it does, I'll get the

Re: [ansible-project] PostgreSQL 9.5 or Higher installation on Ubuntu 14.04 LTS

On 27.01.17 17:53 Shyam Yenna wrote: > I am trying to install PostgreSQL 9.5 version on Ubuntu 14.04 LTS > using ansible 2.2.1 version playbook tasks. According to my > workflow design add apt key, add apt repository and later install > postgresql packages. But dependencies packages are broken

[ansible-project] PostgreSQL 9.5 or Higher installation on Ubuntu 14.04 LTS

I am trying to install PostgreSQL 9.5 version on Ubuntu 14.04 LTS using ansible 2.2.1 version playbook tasks. According to my workflow design add apt key, add apt repository and later install postgresql packages. But dependencies packages are broken due to version difference. How to overcome

[ansible-project] Re: How to manage the crontab entries that were not done by Ansible's cron module

>My existing crontabs do not have this tag prefixed. Can I still update and delete them through Ansible cron module ? >From the documentation, it doesn't look likely since if you don't set a name parameter and if state=present then it will create a new crontab entry regardless of any existing

Re: [ansible-project] Re: ping windows - ssl: the specified credentials were rejected by the serve

Is the host 'mesh' a member of a group in your inventory file called 'windows'? The group needs to exist in your inventory so assuming you inventory contains [windows] mesh and you group_vars/windows.yml contains the connection parameters listed above? If it isn't then ansible will assume

Re: [ansible-project] Version dependency management

Hi Adam I'd put the servers into groups, and then use group_vars to set specific versions. On 27 January 2017 at 15:39, Adam Shantz wrote: > Hi all - > > We're using Ansible, but haven't gotten super advanced. I have a challenge > where I'm doing rolling upgrades across

[ansible-project] Version dependency management

Hi all - We're using Ansible, but haven't gotten super advanced. I have a challenge where I'm doing rolling upgrades across thousands of systems. Due to business reasons (i.e. different groups owning different systems, applications, and parts of the infrastructure), I can't schedule a mass

Re: [ansible-project] Authorize nginx reload without providing become-pass and full sudo privileges

On 27.01.17 15:42 Jonathan Bouzekri wrote: > I think that it is quite a drawback on Ansible. If you use it for > code shipping, you will have to do some tasks which needs > privileges escalation (reload nginx or something else). And the > people who are doing the delivery are not necessary

Re: [ansible-project] Authorize nginx reload without providing become-pass and full sudo privileges

Thanks, I am looking at the raw module which seems to suite my need. And what about the shell module with a previously delivered shell script containing my reload nginx command ? Would it work ? On Friday, January 27, 2017 at 1:46:15 AM UTC+1, Matt Martz wrote: > > As you can see in the command

Re: [ansible-project] Authorize nginx reload without providing become-pass and full sudo privileges

Yes my goal was to restrict on the OS side the commands the deployment user is allowed to execute. I did not know the raw module. i am looking into it. It does not seem "ugly" ;) I think that it is quite a drawback on Ansible. If you use it for code shipping, you will have to do some tasks

Re: [ansible-project] Allowed specific commands with NOPASSWD in sudoers file, Ansible complains...

Sorry I started a discussion on this before seeing this one : https://groups.google.com/d/msg/ansible-project/TZoUZUPO5no/6ZOxMmF3BQAJ Yes I mean to restrict (with sudoes configuration or something else) on the OS side, the command the user can execute but still allow ansible to execute. We

Re: [ansible-project] How to define and use the environment (production/development)?

Am Freitag, 27. Januar 2017 14:53:14 UTC+1 schrieb Johannes Kastl: > > On 27.01.17 14:46 Cev Ing wrote: > > I.e. set 'foobar=production' in your production variable file, and > then use the value of foobar to get the right hash. > > I got the idea. It is explained here:

Re: [ansible-project] How to define and use the environment (production/development)?

On 27.01.17 14:46 Cev Ing wrote: > How to get the different SSH keys in the users.yml without > duplicating all the remaining data for each environment? group_vars would be another idea. > But how to know in a playbook in which environment the playbook is > executed? Setting a variable? If you

[ansible-project] How to define and use the environment (production/development)?

I have different environments and for each an inventory: production.ini and development.ini. I have a users.yml containing user data: users: - username: foo uid: 1001 gid: 1001 pw_hash: $6$... ssh_key: ssh-rsa ... - username: bar uid: 1002 gid: 1002 pw_hash:

Re: [ansible-project] Allowed specific commands with NOPASSWD in sudoers file, Ansible complains...

On 26.01.17 19:11 Jonathan Bouzekri wrote: > Is there any progress on this feature? is it available in the > latest version of ansible? More specifically on the service module > (for example to allow reloading of specific services) As you don't quote what you are talking about I can only assume

Re: [ansible-project] How to manage the crontab entries that were not done by Ansible's cron module

On 26.01.17 20:46 Manas Shukla wrote: > As I understand the ansible cron module prefixes all the cron jobs > set by it with* #Ansible: Name *and uses this to manage them in the > future. My existing crontabs do not have this tag prefixed. Can I > still update and delete them through Ansible cron

[ansible-project] Re: Multiple Hostnames in AWS Dynamic Inventory list

Worked like a charm! Thanks :) On Wednesday, 25 January 2017 01:19:13 UTC+5:30, Sonny Heer wrote: > > I believe its colon (:) > > On Tuesday, January 24, 2017 at 10:05:24 AM UTC-8, Kishor Ramanan wrote: >> >> I am using a dynamic inventory so I don't have option of placing all host >> in a

Re: [ansible-project] lineinfile problem

*File: example_file.txt* string1 string2 string3 string4 string5 string0 string7 string8 string9 *File: run.sh* #!/usr/bin/env bash ansible-playbook -vvv -i 'localhost,' -c local test.yml *File: test.yml* - hosts: - localhost tasks: - name: "Slurp the file we wish to search"

Re: [ansible-project] Ansible evaulate dynamic varaible name from vars

On 26.01.2017 14:18, Yordan Borisov wrote: I have vars where I put something like this: vars/main.yml hello_port: 80 world_port: 81 in my ansbile file I load the vars with vars_files: - ./vars/main.yml and after that I have task with iterate using with_items: - debug:

Re: [ansible-project] Trouble with regex_replace

On 26.01.2017 15:51, Yuval Mund wrote: I'm having trouble parsing a string. The situation: - parameters: full: ['hostname1:abcdefg1','hostname2:-vip2','hostname3:abc-vip3'] It is required of me to have a parameter/list of hostnames without the rest of the string i.e just_hostnames: