[英]Ansible playbook loop with with_items
我必须使用ansible
剧本用几行/命令更新sudoers.d
多个用户文件
用户.yml
user1:
- Line1111
- Line2222
- Line3333
user2:
- Line4444
- Line5555
- Line6666
主.yml
- hosts: "{{ host_group }}"
vars_files:
- ../users.yml
tasks:
- name: Add user "user1" to sudoers.d
lineinfile:
path: /etc/sudoers.d/user1
line: '{{ item }}'
state: present
mode: 0440
create: yes
validate: 'visudo -cf %s'
with_items:
- "{{ user1 }}"
以上仅适用于user1
..
如果我还想包含 user2 --> 如何更改文件名:路径: /etc/sudoers.d/user1
我在下面尝试过,但它不起作用:
在运行时将以下用户作为变量传递给main.yml
users:
- "user1"
- "user2"
- name: Add user "{{users}}" to sudoers.d
lineinfile:
path: /etc/sudoers.d/{{users}}
line: '{{ item }}'
state: present
mode: 0440
create: yes
validate: 'visudo -cf %s'
with_items:
- "{{ users }}"
所以,基本上我想将用户传递给变量{{users}}
作为user1
和user2
并希望使用users.yml
中每个用户的行并将其添加到相应的用户文件( /etc/sudoers.d/user1
和/etc/sudoers.d/user2
)。
所以/etc/sudoers.d/user1
应该看起来像
Line1111
Line2222
Line3333
和/etc/sudoers.d/user2
应该看起来像
Line4444
Line5555
Line6666
尝试添加引号:
users:
- "user1"
- "user2"
- name: "Add user {{users}} to sudoers.d"
lineinfile:
path: "/etc/sudoers.d/{{users}}"
line: "{{ item }}"
state: present
mode: 0440
create: yes
validate: 'visudo -cf %s'
with_items:
- "{{ users }}"
根据Ansible关于使用变量的文档:
YAML 语法要求,如果您以
{{ foo }}
开始一个值,则引用整行,因为它想确保您没有尝试启动 YAML 字典。 YAML 语法文档对此进行了介绍。这不起作用:
- hosts: app_servers vars: app_path: {{ base_path }}/22
这样做,你会没事的:
- hosts: app_servers vars: app_path: "{{ base_path }}/22"
cat users.yml
---
users:
- user1:
filename: user1sudoers
args:
- Line1111
- Line2222
- Line3333
- user2:
filename: user2sudoers
args:
- Line4444
- Line5555
- Line6666
我在这里使用模板,而不是 lineinfile
---
cat sudoers.j2
{% if item.args is defined and item.args %}
{% for arg in item.args %}
{{ arg }}
{% endfor %}
{% endif %}
任务内容
---
- hosts: localhost
vars_files: ./users.yml
tasks:
- name: sync sudoers.j2 to localhost
template:
src: sudoers.j2
dest: "/tmp/{{ item.filename }}"
loop: "{{ users_list }}"
when: "users_list is defined and users_list"
运行task.yml后,在/tmp目录下生成两个文件。
cat /tmp/user1sudoers
Line1111
Line2222
Line3333
cat /tmp/user2sudoers
Line4444
Line5555
Line6666
我为 users.yml 尝试了以下内容
users:
- user1:
- "Line1111"
- "Line2222"
- "Line3333"
- user2:
- "Line4444"
- "Line5555"
还有 main.yml
- name: Add user "wasadmin" to sudo avsrelmgmt
lineinfile: ```
path: /etc/sudoers.d/"{{ users }}"
line: '{{ item}}'
state: present
mode: 0440
create: yes
validate: 'visudo -cf %s'
with_items:
- "{{ users }}"
上面的行路径: /etc/sudoers.d/"{{ users }}"指定正在创建具有名称的文件夹( "- user1: - "Line1111" )
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.