Menu
Uncommenting a line in Ansible using the replace module You just have to remove the first character, right. We can do that using the matching and grouping. The regexp matches every line starting with a '#' character and having 'Uncomment this line' pattern.
You can use the lineinfile Ansible module to achieve that. The regexp option tells the module what will be the content to replace. The line option replaces the previously found content with the new content of your choice. The backrefs option guarantees that if the regexp does not match, the file will be left unchanged.
You can use the lineinfile built-in in a loop. Here's an example:
- name: Set some kernel parameters
lineinfile:
dest: /etc/sysctl.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: '^kernel.shmall', line: 'kernel.shmall = 2097152' }
- { regexp: '^kernel.shmmax', line: 'kernel.shmmax = 134217728' }
- { regexp: '^fs.file-max', line: 'fs.file-max = 65536' }
You can try using blockinfile instead.
You can do something like
- blockinfile: |
dest=/etc/network/interfaces backup=yes
content="iface eth0 inet static
address 192.168.0.1
netmask 255.255.255.0"
Here is a noise-free version of the solution which is to use with_items:
- name: add lines
lineinfile:
dest: fruits.txt
line: '{{ item }}'
with_items:
- 'Orange'
- 'Apple'
- 'Banana'
For each item, if the item exists in fruits.txt no action is taken.
If the item does not exist it will be appended to the end of the file.
Easy-peasy.
If you need to configure a set of unique property=value lines, I recommend a more concise loop. For example:
- name: Configure kernel parameters
lineinfile:
dest: /etc/sysctl.conf
regexp: "^{{ item.property | regex_escape() }}="
line: "{{ item.property }}={{ item.value }}"
with_items:
- { property: 'kernel.shmall', value: '2097152' }
- { property: 'kernel.shmmax', value: '134217728' }
- { property: 'fs.file-max', value: '65536' }
Using a dict as suggested by Alix Axel and adding automatic removing of matching commented out entries,
- name: Configure IPV4 Forwarding
lineinfile:
path: /etc/sysctl.conf
regexp: "^#? *{{ item.key | regex_escape() }}="
line: "{{ item.key }}={{ item.value }}"
with_dict:
'net.ipv4.ip_forward': 1
It's not ideal, but you're allowed multiple calls to lineinfile. Using that with insert_after, you can get the result you want:
- name: Set first line at EOF (1/3)
lineinfile: dest=/path/to/file regexp="^string 1" line="string 1"
- name: Set second line after first (2/3)
lineinfile: dest=/path/to/file regexp="^string 2" line="string 2" insertafter="^string 1"
- name: Set third line after second (3/3)
lineinfile: dest=/path/to/file regexp="^string 3" line="string 3" insertafter="^string 2"
I was able to do that by using \n in the line parameter.
It is specially useful if the file can be validated, and adding a single line generates an invalid file.
In my case, I was adding AuthorizedKeysCommand and AuthorizedKeysCommandUser to sshd_config, with the following command:
- lineinfile: dest=/etc/ssh/sshd_config line='AuthorizedKeysCommand /etc/ssh/ldap-keys\nAuthorizedKeysCommandUser nobody' validate='/usr/sbin/sshd -T -f %s'
Adding only one of the options generates a file that fails validation.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With