[ansible-project] Template paths

Joe Adams Tue, 21 Oct 2014 14:36:18 -0700

I tried asking the IRC channel but I didn't get any responses so I figure 
that the mailing list might be better suited to this question. I'm trying 
to build an extensible iptables template. All of my hosts will need some 
amount of custom rules to be added so I feel that extending a template 
would be a great way to achieve this. My base template looks like this:


#roles/common/templates/iptables.j2
{% block nat %}
{% endblock nat %}
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
# SSH
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
{% block role_rules %}
{% endblock role_rules %}
# Drop All
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT


So then I created a template for another host to add it's role specific 
information in. This template looks like this:

{% extends "roles/common/templates/iptables.j2" %}
{% block role_rules %}
-A INPUT -m state --state NEW -m tcp -p tcp --dport 9000 -j ACCEPT
{% endblock role_rules %}

This was working until I moved my playbooks into a folder to organize them. 
Now I can't seem to fix the path to make the template extends tag work. I 
even tried an absolute path. 
Here's my directory structure:

ansible/
    ansible.cfg
    hosts/
        dev
        qa
        groupvars/
            dev
            qa
    playbooks/
        roles/
            common.yml
            roleA.yml
            roleB.yml
    roles/
        common/
            templates/
                iptables.j2
            tasks/
                main.yml
        roleA/
            templates/
                iptables.j2
            tasks/
                main.yml


I keep getting this error when I get to the play that templates the 
iptables file:
{'msg': 'AnsibleError: file: 
/path/to/ansible/roles/vickyvale/templates/iptables.j2, error: Cannot 
find/not allowed to load (include) template 
/path/to/ansible/roles/common/templates/iptables.j2', 'failed': True}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[ansible-project] Template paths

Reply via email to