I think what you want is the following:
---
- name: Allow eth1 port 5432 access to Web servers
ufw: rule=allow interface=eth1 direction=in port=5432 proto=tcp src="{{
hostvars[item]['ansible_eth1']['ipv4']['address'] }}"
with_items: groups['webservers']
That will loop over groups['webservers'] making item be an individual host
in the group, then you can just grab what you need from hostvars.
On Thu, Aug 14, 2014 at 4:16 PM, Abe Voelker <[email protected]> wrote:
> I have an inventory file like this:
>
> [webservers]
> 10.0.0.1
> 10.0.0.2
> 10.0.0.3
>
> [postgresservers]
> 10.0.0.4
>
> And I'm trying to run this playbook against my Postgres host:
>
> ---
> - name: Allow eth1 port 5432 access to Web servers
> ufw: rule=allow interface=eth1 direction=in port=5432 proto=tcp src={{
> item }}
> with_items:
> {% for host in groups['webservers'] %}
> - "{{ hostvars[host]['ansible_eth1']['ipv4']['address'] }}"
> {% endfor %}
>
> What I'm trying to accomplish is for the playbook to determine each Web
> host's eth1 IPv4 address (which is different from the eth0 IPv4 address
> listed in the inventory file) and add allowances for them in the Postgres
> host's firewall.
>
> However, my syntax is incorrect (sorry, I'm a Python noob):
>
> ERROR: Syntax Error while loading YAML script,
> /tmp/ansible/roles/postgres/tasks/firewall.yml
> Note: The error may actually appear before this position: line 5, column 6
>
>
> with_items:
> {% for host in groups['web_servers'] %}
> ^
>
> Am I taking the right approach here and just need to fix my syntax, or is
> there a better way?
>
> Thanks!
> Abe
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6bbb9367-d0ac-4931-adb9-471d86266be8%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/6bbb9367-d0ac-4931-adb9-471d86266be8%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
Matt Martz
[email protected]
http://sivel.net/
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAD8N0v_EjCMfSLRuZJ2AkGUHjHZWuO2cWkDBZSj8BrrkYaO8eg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
