When I run the command remote_src: true I get the error
ERROR! 'remote_src' is not a valid attribute for a Task
I was wondering if there is a better way to write the code or if this is a bug
Tried to remove the offending line of code, however, the files exist on the remote host so I'm unable to copy the files into the correct location
- hosts: openvpn_server
vars:
file_vars:
- { name: ca }
- { name: server }
tasks:
- name: check if ca.crt and server.crt exists
stat:
path: /tmp/{{ item.name }}.crt
with_items: "{{ file_vars }}"
register: ensure_ca_crt_exists
- name: copying server.crt and ca.crt
become: true
copy: src={{ item.src }} dest={{ item.dest }}
with_items:
- { src: '/tmp/server.crt' , dest: '/etc/openvpn/server.crt' }
- { src: '/tmp/ca.crt' , dest: '/etc/openvpn/ca.crt' }
remote_src: true
when: ensure_ca_crt_exists.results
- name: creating Diffie-Hellman key to use during key exchange
shell: ./easyrsa gen-dh
args:
chdir: ~/EasyRSA-v3.0.6/
- name: Generating HMAC signature to strengthen servers TLS integrity
shell: openvpn --genkey --secret ta.key
- name: copying ta.key and dh.pem to /etc/openvpn
become: true
copy: src={{ item.src }} dest={{ item.dest }}
with_items:
- { src: '/home/dc/EasyRSA-v3.0.6/ta.key' , dest: '/etc/openvpn/ta.key' }
- { src: '/home/dc/EasyRSA-v3.0.6/dh.pem' , dest: '/etc/openvpn/dh.pem' }
I should be able to copy the file from the tmp folder to /etc/openvpn folder
via the remote_src command, apologizes for the badly configured register I'm fairly new to ansible
ERROR! 'remote_src' is not a valid attribute for a Task
Indentation is wrong
- name: copying server.crt and ca.crt
become: true
copy: src={{ item.src }} dest={{ item.dest }}
with_items:
- { src: '/tmp/server.crt' , dest: '/etc/openvpn/server.crt' }
- { src: '/tmp/ca.crt' , dest: '/etc/openvpn/ca.crt' }
remote_src: true
Correct
- name: copying server.crt and ca.crt
copy:
src: "{{ item.src }}"
dest: "{{ item.dest }}"
remote_src: true
loop:
- {src: '/tmp/server.crt', dest: '/etc/openvpn/server.crt'}
- {src: '/tmp/ca.crt', dest: '/etc/openvpn/ca.crt'}
become: true
Related
I'm trying to make loop with 2 lookup(fileglob) in my task
---
- hosts: localhost
become: yes
become_user: root
tasks:
- name: Loop with 2 lookup
copy:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
loop:
- { src: "{{ lookup('fileglob', 'custom_scripts/*', wantlist=True) }}", dest: /var/custom_scripts/ }
- { src: "{{ lookup('fileglob','certs/*', wantlist=True) }}", dest: /var/custom_certs/ }
When i try to run this i get Could not find or access "path to files" in error log ansible is seeing all this files, because is listing all files which can't access. Permissions for all folders and files are set on 777
This logic to copy files seems to be flawed, and most likely causing this issue. item.src as you are trying to access, is a list (wantlist=True). In effect, you are passing a list of files to the src parameter of copy, and not 1 file.
Also, the copy module supports copying entire directories. So there should be no need to actually get the list of files.
A task such as below should do it:
- name: Loop with 2 lookup
copy:
src: '{{ item.src }}'
dest: '{{ item.dest }}'
loop:
- { src: 'custom_scripts/', dest: '/var/custom_scripts' }
- { src: 'certs/', dest: '/var/custom_certs' }
I'm trying to copy the content of my directories (located on my bastion) on a server but it doesn't work.
I tried with "with_fileglob:", "with_items:" but each times, I had the error :
"'item' is undefined"
I don't understand why.
Ths is my code which doesn't work:
tasks:
- name: Copy directories...
copy:
src: "{{ item }}"
dest: "{{ dir_dest }}/"
owner: "{{ dir_owner }}"
group: "{{ dir_group }}"
mode: '0755'
with_fileglob:
- /home/ansible/delivery/my_dir/*
whereas this one works :
tasks:
- name: Copy directories...
copy:
src: "/home/ansible/delivery/my_dir/"
dest: "{{ dir_dest }}/"
owner: "{{ dir_owner }}"
group: "{{ dir_group }}"
mode: '0755'
But I can't use this 2nd solution because I have a lot a directories to copy.
Thank for your help.
tasks:
- name: Copy directories...
copy:
src: "{{ item }}"
dest: "{{ dir_dest }}/"
owner: "{{ dir_owner }}"
group: "{{ dir_group }}"
mode: '0755'
with_fileglob:
- /home/ansible/delivery/my_dir/*
Try this.
I am trying to modify and use this httpd ansible role https://github.com/CentOS/ansible-role-httpd
I'm facing an issue with pki-tls.yml
This piece of code will reproduce the issue I am facing.
---
- name: Copy certificates
hosts: myhost.domain.com
remote_user: user
become: yes
vars:
httpd_vhost_shared_list:
- name: emacs
fqdn: domain.com
path: /var/www/emacs
acl:
- 10.10.40.0/24
pkistore: /home/user/certificates
tasks:
- name: Debug
debug:
var: httpd_vhost_shared_list
- name: TLS certs
copy:
src: "{{ pkistore }}/{{ item.name }}"
dest: "/etc/pki/tls/certs/{{ item.name }}"
with_items:
- "{{ httpd_vhost_shared_list }}.crt"
- "{{ httpd_vhost_shared_list }}-CAChain.crt"
- name: TLS key
copy:
src: "{{ pkistore }}/{{ item.name }}"
dest: "/etc/pki/tls/private/{{ item.name }}"
with_items:
- "{{ httpd_vhost_shared_list }}.key"
When I run my playbook, I get the following error:
The task includes an option with an undefined variable. The error was: 'ansible.utils.unsafe_proxy.AnsibleUnsafeT
ext object' has no attribute 'name'
However the variable is defined. How would one do to access name in variable httpd_vhost_shared_list?
Any feedback is welcome.
In the meantime, I figured out it is simple to split the play "TLS certs" in 2 plays. One for the server certificate and another one for chain certificate.
- name: TLS certificate
copy:
src: "{{ pkistore }}/{{ item.name }}.crt"
dest: "/etc/pki/tls/certs/{{ item.name }}.crt"
with_items:
- "{{ httpd_vhost_shared_list }}"
- name: TLS chain
copy:
src: "{{ pkistore }}/{{ item.name }}-CAChain.crt"
dest: "/etc/pki/tls/certs/{{ item.name }}-CAChain.crt"
with_items:
- "{{ httpd_vhost_shared_list }}"
- name: TLS key
copy:
src: "{{ pkistore }}/{{ item.name }}.key"
dest: "/etc/pki/tls/private/{{ item.name }}.key"
with_items:
- "{{ httpd_vhost_shared_list }}"
How do i loop using "with_fileglob". I am trying to copy files matching wildcard, but with different permissions at the destination.
- hosts: myhost
gather_facts: no
tasks:
- name: Ansible copy test
copy:
src: "{{ item.origin }}"
dest: /home/user1/tmps/
owner: user1
mode: "{{item.mode}}"
with_fileglob:
- { origin: '/tmp/hello*', mode: '640'}
- { origin: '/tmp/hi*', mode: '600'}
It throws error as below:
An exception occurred during task execution. To see the full traceback, use
-vvv. The error was: AttributeError: 'dict' object has no attribute 'rfind'
I think the cleanest way is to implement this, would be a nested loop with include_tasks.
Where you main playbook file contains:
...
vars:
my_patterns:
- origin: "/tmp/hello*"
mode: "0640"
- origin: "/tmp/hi*"
mode: "0600"
tasks:
- include_tasks: "my_glob.yml"
with_items: "{{ my_patterns }}"
loop_control:
loop_var: my_pattern
...
and a subordinate my_glob.yml-tasks file:
---
- name: Ansible copy test
copy:
src: "{{ item }}"
dest: /home/user1/tmps/
owner: user1
mode: "{{ my_pattern.mode }}"
with_fileglob: "{{ my_pattern.origin }}"
Alternative method
Using Jinja2 to populate a list of objects { 'path': '...', 'mode': '...' }' based on fileglob-lookup plugin results.
vars:
my_patterns:
- origin: '/tmp/hello*'
mode: '0640'
- origin: '/tmp/hi*'
mode: '0600'
tasks:
- copy:
src: "{{ item.paht }}"
dest: /home/user1/tmps/
owner: user1
mode: "{{ item.mode }}"
with_items: "[{% for match in my_patterns %}{% for file in lookup('fileglob', match.origin, wantlist=True) %}{ 'path':'{{ file }}','mode':'{{ match.mode }}'}{% if not loop.last %},{% endif %}{% endfor %}{% if not loop.last %},{% endif %}{% endfor %}]"
The above works if patterns are matched, you'd need to add checks if the results are not empty.
according to the documentation, you cant pass to the fileglob a dictionary variable, adding the desired file permissions after copy as you have attempted (i mean the declaration { origin: '/tmp/hello*', mode: '640'}).
simple module call that will work for you:
- hosts: localhost
gather_facts: no
tasks:
- name: Ansible copy test
copy:
src: "{{ item }}"
dest: /SAMBA_ROOT/TEMP/
owner: root
with_fileglob:
- '/tmp/hello*'
- '/tmp/hi*'
if you want to have each of the file group have different file permissions, i suggest you use 2 different calls where the mode is "hardcoded", for example:
- hosts: localhost
gather_facts: no
tasks:
- name: copy hello files
copy:
src: "{{ item }}"
dest: /SAMBA_ROOT/TEMP/
owner: root
mode: 0640
with_fileglob:
- '/tmp/hello*'
- name: copy hi files
copy:
src: "{{ item }}"
dest: /SAMBA_ROOT/TEMP/
owner: root
mode: 0600
with_fileglob:
- '/tmp/hi*'
In my current playbook, I have something like the following:
- name: Copy cov-analysis-linux64-8.0.0.tgz
copy: src=/home/devops/chroot/cov-analysis-linux64-8.0.0.tgz dest=/var/tmp/cov-analysis.tgz owner=devops
register: coverity
- name: Copy fortidev-2.02.chroot.tar.bz2
copy: src=/home/devops/chroot/fortidev-2.02.chroot.tar.bz2
dest=/var/tmp/fortidev2.chroot.tar.bz2 owner=devops
register: fortidev2
The list is getting longer and longer and for code readability, I want to use with_items to do it. I've updated it to something like:
- name: copy chroot tarball to the servers
copy: src={{ item.src }} dest={{ item.dest }} owner=devops
register: "{{ item.register }}"
with_items:
- { src: /home/devops/chroot/cov-analysis-linux64-8.0.0.tgz,
dest: /var/tmp/cov-analysis.tgz,
register: coverity
}
- { src: /home/devops/chroot/fortidev-2.02.chroot.tar.bz2,
dest: /var/tmp/fortidev2.chroot.tar.bz2,
register: fortidev2
}
- { src: /home/devops/chroot/fmdev-6.0.tar.xz,
dest: /var/tmp/fmdev6.tar.xz,
register: fmdev6
}
The problem is now when I want to refer to one of the registers in subsequent tasks, it couldn't find the variable. The code to refer it is:
- name: umount fortidev2 /proc|/dev|/tmp|/cov-analysis
command: umount {{ item }}
become: yes
when: fortidev2.changed
with_items:
- /home/devops/fortidev2/proc
- /home/devops/fortidev2/dev
- /home/devops/fortidev2/tmp
ignore_errors: yes
The error is
{"failed": true, "msg": "The conditional check 'fortidev2.changed' failed. The error was: error while evaluating conditional (fortidev2.changed): 'fortidev2' is undefined\n\nThe error appears to have been in '/var/lib/jenkins/jobs/Devops/jobs/update_chroot/workspace/roles/chroot/tasks/main.yml': line 70, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# unmount /proc and /dev first before deleting the folder\n- name: umount fortidev2 /proc|/dev|/tmp|/cov-analysis\n ^ here\n"}
Try this:
- name: copy chroot tarball to the servers
copy: src={{ item.src }} dest={{ item.dest }} owner=devops
register: tarballs
with_items:
- { src: /home/devops/chroot/cov-analysis-linux64-8.0.0.tgz,
dest: /var/tmp/cov-analysis.tgz,
name: coverity
}
- { src: /home/devops/chroot/fortidev-2.02.chroot.tar.bz2,
dest: /var/tmp/fortidev2.chroot.tar.bz2,
name: fortidev2
}
- { src: /home/devops/chroot/fmdev-6.0.tar.xz,
dest: /var/tmp/fmdev6.tar.xz,
name: fmdev6
}
- name: umount fortidev2 /proc|/dev|/tmp|/cov-analysis
command: umount {{ item }}
become: yes
when: tarballs.results | selectattr('item.name','equalto','fortidev2') | join('',attribute='changed') | bool
with_items:
- /home/devops/fortidev2/proc
- /home/devops/fortidev2/dev
- /home/devops/fortidev2/tmp