Update var in ini file using bash

Question

I am attempting to write a bash script to configure various aspects of a server. The context here is replacing a value of a variable in a conf file (ini format) with another value.

The context is

[ssh-iptables]

enabled = false

And I simply need to change false to true.

Typically I'd just do this with a simple bit of sed

sed -i 's/^enabled = false/enabled = true/g' /etc/fail2ban/jail.conf

But enabled = false exists in multiple places.

I've tried using awk with no success

awk -F ":| " -v v1="true" -v opt="enabled" '$1 == "[ssh-iptables]" && !f {f=1}f && $1 == opt{sub("=.*","= "v1);f=0}1' /etc/fail2ban/jail.conf

The above was sourced from this forum thread but I don't really have enough understanding of how to use it in scripts to make it work. All it seems to do is the equivalent of cat /etc/fail2ban/jail.conf

I have found a few other scripts which are considerably longer which isn't ideal as this will happen to loads of ini files so I'm hoping someone can help me correct the above code or point me in the right direction.

Apologies if this belongs on ServerFault, but as it's scripting rather than the intricacies of server configuration itself I figured here might be more apt.

Answer 1

Assuming your format is that there are no square-bracket lines (like [ssh-iptables]) within sections, I would use your solution above (with sed) but restrict the query to within that block like so:

sed -i '/^\[ssh-iptables\]$/,/^\[/ s/^enabled = false/enabled = true/' /etc/fail2ban/jail.conf

The extra part at the beginning tells the following substitution statement to only run between the line that is [ssh-iptables] and the next one that starts with a [. It uses two regular expressions separated by a comma which indicate the bounds.

Answer 2

If you are open to use external applications, you could be interested into the use of crudini.

Example:

[oauth2provider]
module = SippoServiceOAuth2Provider
backend[] = none
wiface = public

; [calldirection]
; module = SippoServiceCallDirection
; backend[] = none
; wiface = internal

A standard grep will not filter commented exceptions.

With crudini things for consulting, setting and modify are easier:

$ crudini --get /myproject/config/main.ini oauth2provider wiface
public
$ crudini --get /myproject/config/main.ini calldirection wiface
Section not found: calldirection

I was on a bash-only app and moved to this approach. Just a suggestion.

Regards,