Is there somewhere that documents what paths are searched when inside a template or in include calls from within a template? I can't find much information about this at all.
On Wednesday, October 22, 2014 9:22:05 AM UTC-4, Joe Adams wrote: > > I originally though it might be permissions, but both templates are 0664 > with my account being owner. > > I'm using ansible version 1.7.2 > > On Tuesday, October 21, 2014 11:51:08 PM UTC-4, Michael DeHaan wrote: >> >> For starters, what ansible version are you using? >> >> On Tue, Oct 21, 2014 at 6:02 PM, John Favorite <[email protected]> >> wrote: >> >>> permissions issue? >>> >>> On Tue, Oct 21, 2014 at 5:35 PM, Joe Adams <[email protected]> wrote: >>> >>>> I tried asking the IRC channel but I didn't get any responses so I >>>> figure that the mailing list might be better suited to this question. I'm >>>> trying to build an extensible iptables template. All of my hosts will need >>>> some amount of custom rules to be added so I feel that extending a >>>> template >>>> would be a great way to achieve this. My base template looks like this: >>>> >>>> #roles/common/templates/iptables.j2 >>>> {% block nat %} >>>> {% endblock nat %} >>>> *filter >>>> :INPUT ACCEPT [0:0] >>>> :FORWARD ACCEPT [0:0] >>>> :OUTPUT ACCEPT [0:0] >>>> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT >>>> -A INPUT -p icmp -j ACCEPT >>>> -A INPUT -i lo -j ACCEPT >>>> # SSH >>>> -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT >>>> {% block role_rules %} >>>> {% endblock role_rules %} >>>> # Drop All >>>> -A INPUT -j REJECT --reject-with icmp-host-prohibited >>>> -A FORWARD -j REJECT --reject-with icmp-host-prohibited >>>> COMMIT >>>> >>>> >>>> So then I created a template for another host to add it's role specific >>>> information in. This template looks like this: >>>> >>>> {% extends "roles/common/templates/iptables.j2" %} >>>> {% block role_rules %} >>>> -A INPUT -m state --state NEW -m tcp -p tcp --dport 9000 -j ACCEPT >>>> {% endblock role_rules %} >>>> >>>> This was working until I moved my playbooks into a folder to organize >>>> them. Now I can't seem to fix the path to make the template extends tag >>>> work. I even tried an absolute path. >>>> Here's my directory structure: >>>> >>>> ansible/ >>>> ansible.cfg >>>> hosts/ >>>> dev >>>> qa >>>> groupvars/ >>>> dev >>>> qa >>>> playbooks/ >>>> roles/ >>>> common.yml >>>> roleA.yml >>>> roleB.yml >>>> roles/ >>>> common/ >>>> templates/ >>>> iptables.j2 >>>> tasks/ >>>> main.yml >>>> roleA/ >>>> templates/ >>>> iptables.j2 >>>> tasks/ >>>> main.yml >>>> >>>> >>>> I keep getting this error when I get to the play that templates the >>>> iptables file: >>>> {'msg': 'AnsibleError: file: >>>> /path/to/ansible/roles/vickyvale/templates/iptables.j2, error: Cannot >>>> find/not allowed to load (include) template >>>> /path/to/ansible/roles/common/templates/iptables.j2', 'failed': True} >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com >>>> >>>> <https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "Ansible Project" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To post to this group, send email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B%3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com >>> >>> <https://groups.google.com/d/msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B%3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/c2534bbb-8eaa-4875-9168-d1d6df1d57f1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
