permissions issue?
On Tue, Oct 21, 2014 at 5:35 PM, Joe Adams <[email protected]> wrote:
> I tried asking the IRC channel but I didn't get any responses so I figure
> that the mailing list might be better suited to this question. I'm trying
> to build an extensible iptables template. All of my hosts will need some
> amount of custom rules to be added so I feel that extending a template
> would be a great way to achieve this. My base template looks like this:
>
> #roles/common/templates/iptables.j2
> {% block nat %}
> {% endblock nat %}
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [0:0]
> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> -A INPUT -p icmp -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> # SSH
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
> {% block role_rules %}
> {% endblock role_rules %}
> # Drop All
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
>
>
> So then I created a template for another host to add it's role specific
> information in. This template looks like this:
>
> {% extends "roles/common/templates/iptables.j2" %}
> {% block role_rules %}
> -A INPUT -m state --state NEW -m tcp -p tcp --dport 9000 -j ACCEPT
> {% endblock role_rules %}
>
> This was working until I moved my playbooks into a folder to organize
> them. Now I can't seem to fix the path to make the template extends tag
> work. I even tried an absolute path.
> Here's my directory structure:
>
> ansible/
> ansible.cfg
> hosts/
> dev
> qa
> groupvars/
> dev
> qa
> playbooks/
> roles/
> common.yml
> roleA.yml
> roleB.yml
> roles/
> common/
> templates/
> iptables.j2
> tasks/
> main.yml
> roleA/
> templates/
> iptables.j2
> tasks/
> main.yml
>
>
> I keep getting this error when I get to the play that templates the
> iptables file:
> {'msg': 'AnsibleError: file:
> /path/to/ansible/roles/vickyvale/templates/iptables.j2, error: Cannot
> find/not allowed to load (include) template
> /path/to/ansible/roles/common/templates/iptables.j2', 'failed': True}
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B%3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
