It looks for the file in the "base" directory or in the templates/ subdirectory. The "base" directory is the directory of the current play or role.
On Mon, Oct 27, 2014 at 6:31 AM, Joe Adams <[email protected]> wrote: > Is there somewhere that documents what paths are searched when inside a > template or in include calls from within a template? I can't find much > information about this at all. > > On Wednesday, October 22, 2014 9:22:05 AM UTC-4, Joe Adams wrote: >> >> I originally though it might be permissions, but both templates are 0664 >> with my account being owner. >> >> I'm using ansible version 1.7.2 >> >> On Tuesday, October 21, 2014 11:51:08 PM UTC-4, Michael DeHaan wrote: >>> >>> For starters, what ansible version are you using? >>> >>> On Tue, Oct 21, 2014 at 6:02 PM, John Favorite <[email protected]> >>> wrote: >>> >>>> permissions issue? >>>> >>>> On Tue, Oct 21, 2014 at 5:35 PM, Joe Adams <[email protected]> wrote: >>>> >>>>> I tried asking the IRC channel but I didn't get any responses so I >>>>> figure that the mailing list might be better suited to this question. I'm >>>>> trying to build an extensible iptables template. All of my hosts will need >>>>> some amount of custom rules to be added so I feel that extending a >>>>> template >>>>> would be a great way to achieve this. My base template looks like this: >>>>> >>>>> #roles/common/templates/iptables.j2 >>>>> {% block nat %} >>>>> {% endblock nat %} >>>>> *filter >>>>> :INPUT ACCEPT [0:0] >>>>> :FORWARD ACCEPT [0:0] >>>>> :OUTPUT ACCEPT [0:0] >>>>> -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT >>>>> -A INPUT -p icmp -j ACCEPT >>>>> -A INPUT -i lo -j ACCEPT >>>>> # SSH >>>>> -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT >>>>> {% block role_rules %} >>>>> {% endblock role_rules %} >>>>> # Drop All >>>>> -A INPUT -j REJECT --reject-with icmp-host-prohibited >>>>> -A FORWARD -j REJECT --reject-with icmp-host-prohibited >>>>> COMMIT >>>>> >>>>> >>>>> So then I created a template for another host to add it's role >>>>> specific information in. This template looks like this: >>>>> >>>>> {% extends "roles/common/templates/iptables.j2" %} >>>>> {% block role_rules %} >>>>> -A INPUT -m state --state NEW -m tcp -p tcp --dport 9000 -j ACCEPT >>>>> {% endblock role_rules %} >>>>> >>>>> This was working until I moved my playbooks into a folder to organize >>>>> them. Now I can't seem to fix the path to make the template extends tag >>>>> work. I even tried an absolute path. >>>>> Here's my directory structure: >>>>> >>>>> ansible/ >>>>> ansible.cfg >>>>> hosts/ >>>>> dev >>>>> qa >>>>> groupvars/ >>>>> dev >>>>> qa >>>>> playbooks/ >>>>> roles/ >>>>> common.yml >>>>> roleA.yml >>>>> roleB.yml >>>>> roles/ >>>>> common/ >>>>> templates/ >>>>> iptables.j2 >>>>> tasks/ >>>>> main.yml >>>>> roleA/ >>>>> templates/ >>>>> iptables.j2 >>>>> tasks/ >>>>> main.yml >>>>> >>>>> >>>>> I keep getting this error when I get to the play that templates the >>>>> iptables file: >>>>> {'msg': 'AnsibleError: file: /path/to/ansible/roles/ >>>>> vickyvale/templates/iptables.j2, error: Cannot find/not allowed to >>>>> load (include) template >>>>> /path/to/ansible/roles/common/templates/iptables.j2', >>>>> 'failed': True} >>>>> >>>>> -- >>>>> You received this message because you are subscribed to the Google >>>>> Groups "Ansible Project" group. >>>>> To unsubscribe from this group and stop receiving emails from it, send >>>>> an email to [email protected]. >>>>> To post to this group, send email to [email protected]. >>>>> To view this discussion on the web visit https://groups.google.com/d/ >>>>> msgid/ansible-project/77a802c6-b3a5-4895-8430- >>>>> 700f99daf0f1%40googlegroups.com >>>>> <https://groups.google.com/d/msgid/ansible-project/77a802c6-b3a5-4895-8430-700f99daf0f1%40googlegroups.com?utm_medium=email&utm_source=footer> >>>>> . >>>>> For more options, visit https://groups.google.com/d/optout. >>>>> >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Ansible Project" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> To view this discussion on the web visit https://groups.google.com/d/ >>>> msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B% >>>> 3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com >>>> <https://groups.google.com/d/msgid/ansible-project/CAKsMCETohhhtbr79k8cgqm%2B%3DqxM-Fjytc-Kz_jbnimxQ456cJg%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/c2534bbb-8eaa-4875-9168-d1d6df1d57f1%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/c2534bbb-8eaa-4875-9168-d1d6df1d57f1%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Brian Coca -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAJ5XC8nMvCnTsD1Y%3DE5qgfib30YcNvhAZLvYUQYwNcwc4gQhAg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
