Matt, thanks so much, I do believe that did the trick!
On Thursday, August 14, 2014 6:05:16 PM UTC-5, Matt Martz wrote:
>
> I think what you want is the following:
>
> ---
> - name: Allow eth1 port 5432 access to Web servers
> ufw: rule=allow interface=eth1 direction=in port=5432 proto=tcp src="{{
> hostvars[item]['ansible_eth1']['ipv4']['address'] }}"
> with_items: groups['webservers']
>
> That will loop over groups['webservers'] making item be an individual host
> in the group, then you can just grab what you need from hostvars.
>
>
> On Thu, Aug 14, 2014 at 4:16 PM, Abe Voelker <[email protected]
> <javascript:>> wrote:
>
>> I have an inventory file like this:
>>
>> [webservers]
>> 10.0.0.1
>> 10.0.0.2
>> 10.0.0.3
>>
>> [postgresservers]
>> 10.0.0.4
>>
>> And I'm trying to run this playbook against my Postgres host:
>>
>> ---
>> - name: Allow eth1 port 5432 access to Web servers
>> ufw: rule=allow interface=eth1 direction=in port=5432 proto=tcp src={{
>> item }}
>> with_items:
>> {% for host in groups['webservers'] %}
>> - "{{ hostvars[host]['ansible_eth1']['ipv4']['address'] }}"
>> {% endfor %}
>>
>> What I'm trying to accomplish is for the playbook to determine each Web
>> host's eth1 IPv4 address (which is different from the eth0 IPv4 address
>> listed in the inventory file) and add allowances for them in the Postgres
>> host's firewall.
>>
>> However, my syntax is incorrect (sorry, I'm a Python noob):
>>
>> ERROR: Syntax Error while loading YAML script,
>> /tmp/ansible/roles/postgres/tasks/firewall.yml
>> Note: The error may actually appear before this position: line 5, column 6
>>
>>
>> with_items:
>> {% for host in groups['web_servers'] %}
>> ^
>>
>> Am I taking the right approach here and just need to fix my syntax, or is
>> there a better way?
>>
>> Thanks!
>> Abe
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to [email protected] <javascript:>.
>> To post to this group, send email to [email protected]
>> <javascript:>.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/6bbb9367-d0ac-4931-adb9-471d86266be8%40googlegroups.com
>>
>> <https://groups.google.com/d/msgid/ansible-project/6bbb9367-d0ac-4931-adb9-471d86266be8%40googlegroups.com?utm_medium=email&utm_source=footer>
>> .
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> Matt Martz
> [email protected] <javascript:>
> http://sivel.net/
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/198f98af-c7f2-4715-bc1c-8c4e71d7395e%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
