Develop Reference

Unexpected behavior in ansible when using variables [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 5 days ago.
Improve this question
I have a playbook to add users to a system, and to sudoers. The output indicates ansible is not separating values out.
How would I do this properly?
Here is my main.yml.
tasks:
- name: Add User to sudoers
community.general.sudoers:
name: '{{ admin }}'
state: present
user: '{{ admin }}'
commands: ALL
nopassword: true
- name: Add User
ansible.builtin.user:
name: '{{ admin }}'
shell: /bin/bash
password: '*'
- name: Read variables
include_vars: '{{ item }}'
with_first_found:
- files:
- "{{admin + '_key.yml'"
paths: "./vars/"
Here is my Vars file (minus the ssh keys which are separate yml files)
---
admin:
- user1
- user2
- user3
Ansible takes this and creates
['user1', 'user2', 'user3']'\n", "name": "['user1', 'user2', 'user3']"

Ansible lineinfile not performing idempotency [closed]

Closed. This question is not reproducible or was caused by typos. It is not currently accepting answers.
This question was caused by a typo or a problem that can no longer be reproduced. While similar questions may be on-topic here, this one was resolved in a way less likely to help future readers.
Closed 1 year ago.
Improve this question
I have an ansible task that writes 2 lines into journald.conf, however it doesn't perform idempotency when running again.
I have seen the following questions that didn't work for me:
Ansible lineinfile duplicates line
Idempotency in ansible playbook
https://github.com/ansible/ansible/issues/4531
My regex seems to be okay, you can see below my task:
- name: set cpu affinity settings in systemd
lineinfile:
dest: /etc/systemd/journald.conf
line: "{{ item.key }}={{ item.value }}"
regexp: "^#?{{ item.value }}"
state: present
with_dict:
RateLimitIntervalSec: 0
RateLimitBurst: 0
tags: journald
notify: restart journald
The expected behavior should be: keep the commented line and add new ones at the end of the file with the items in the list, unless the uncommented lines already exists.
My file journald.conf file is like this:
[Journal]
#Storage=auto
#Compress=yes
#Seal=yes
#SplitMode=uid
#SyncIntervalSec=5m
#RateLimitIntervalSec=30s
#RateLimitBurst=1000
#SystemMaxUse=
#SystemKeepFree=
#SystemMaxFileSize=
#SystemMaxFiles=100
#RuntimeMaxUse=
#RuntimeKeepFree=
#RuntimeMaxFileSize=
#RuntimeMaxFiles=100
#MaxRetentionSec=
#MaxFileSec=1month
#ForwardToSyslog=yes
#ForwardToKMsg=no
#ForwardToConsole=no
#ForwardToWall=yes
#TTYPath=/dev/console
#MaxLevelStore=debug
#MaxLevelSyslog=debug
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
#LineMax=48K
RateLimitIntervalSec=0
RateLimitBurst=0
RateLimitIntervalSec=0
RateLimitBurst=0
RateLimitIntervalSec=0
RateLimitBurst=0
RateLimitIntervalSec=0
RateLimitBurst=0
I tried to use the parameter backrefs: yes as suggested in above mentioned articles, but it performs idempotency every time, even when there is no any uncommented line.
Do you guys have any suggestions?
I'm using ansible 2.9.0

I'd suggest an alternative approach - use the ini_file module, as settings in journald.conf are INI style key=value (with a section as well). This will simplify the task required and be idempotent as well.
Example:
- name: set cpu affinity settings in systemd
ini_file:
path: /etc/systemd/journald.conf
section: Journal
option: "{{ item.key }}"
value: "{{ item.value }}"
no_extra_spaces: yes
with_dict:
RateLimitIntervalSec: 0
RateLimitBurst: 0
Note: If you want a reference of settings prior to change, add backup: yes to the task.

How to create an assertion on my playbook? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I would like to use the assert function in ansible for a test.
The goal is to check if they are some files and directories that contains the permission 1500, if it is the case than I would like to show the message fail
- hosts: localhost
tasks:
- name: Check assertion
shell: find . -perm 1500
register: list_files_directories
- name: Check if file testfile.txt exists
assert:
that:
- mode =! '1500' in list_files_directories
After multiple test,cannot find the right syntax to execute the assertion...

Use find module. For example, given the files
shell> find . -perm 1500
./file2
The tasks below
- find:
paths: .
register: result
- debug:
msg: "{{ result.files|json_query(query) }}"
vars:
query: "[?mode=='1500'].path"
give the list of the files with permissions '1500'
"msg": [
"file2"
]
To check if there are any files and directories with the permission 1500 test the length of the list
- assert:
that: result.files|json_query(query)|length > 0
vars:
query: "[?mode=='1500'].path"

how to send output of fail module to file [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 2 years ago.
Improve this question
I have below part of my play for ansible fail module I want to redirect output of this module to file
- name:
fail:
msg: "SVRELOAD NOT DONE ON THIS PTS {{ ansible_hostname }}"
when: last_restart_date.stdout != ansible_date_time.date
register: failed_task

Here is how I would do it ( a little different approach). Just to demo the solution, I tried to download a package that does not exist. And I captured that message, and wrote in a file. you will have to adjust your play book with block and rescues.
Playbook ( with block, rescue )
---
- name: writing error to a file
hosts: localhost
become: true
tasks:
- name: block to create block-rescue-always
block:
- name: this module intentionally fails
yum: name=does_not_exist state=latest
register: failed_msg
rescue:
- name: write the error to a file
debug: msg="failed with yum block"
- name: create an error file
file:
path: /home/user1/ansible/error-msg.txt
owner: user1
group: user1
mode: '0755'
state: touch
- name: write to a file with lineinfile
lineinfile:
path: /home/user1/ansible/error-msg.txt
line: "{{ failed_msg }}"
and here is the response in the file error-msg.txt
{'msg': "No package matching 'does_not_exist' is available", 'failed': True, 'changed': False, 'ansible_facts': {'pkg_mgr': 'apt'}}
you don't have to create a new file if your error file already exists with write permissions.

Ansible - print gathered facts for debugging purposes [duplicate]

This question already has answers here:
Where can I get a list of Ansible pre-defined variables?
(10 answers)
Closed 4 years ago.
Is there exists some way to print on console gathered facts ?
I mean gatering facts using setup module. I would like to print gathered facts. Is it possible ? If it is possible can someone show example?

Use setup module as ad-hoc command:
ansible myhost -m setup

You can simply dump the hostvars:
dump.yml
---
- name: Dump
hosts: "{{ target|default('localhost') }}"
tasks:
- name: Facts
setup:
- name: Dump
delegate_to: localhost
run_once: true
copy:
content: "{{ hostvars[inventory_hostname] | to_nice_json }}"
dest: /tmp/setup-dump.json
Call this playbook with ansible-playbook dump.yml -e target=hostname or simply without hostname.