Hi John Python has the re.escape() method but I don't know if Ansible exposes this in the form of a Jinja2 filter (seemingly not, looking at https://github.com/ansible/ansible/blob/devel/lib/ansible/runner/filter_plugins/core.py ).
I'm curious, why both the check with grep *and* the regexp option to lineinfile? Regards Tom On 25 November 2014 at 19:02, John Oliver <[email protected]> wrote: > - name: Check if postgres is already allowed via IPv4 > shell: grep '^-A\ INPUT\ -s\ {{roundcube_host}}\ -p\ tcp\ -m\ state\ > --state\ NEW\ -m\ tcp\ --dport\ 5432\ -j\ ACCEPT' /etc/sysconfig/iptables > >/dev/null 2>&1 > ignore_errors: true > register: result > > - name: Allow incoming IPv4 PostGreSQL connections through iptables > lineinfile: dest=/etc/sysconfig/iptables > regexp='^-A\ INPUT\ -s\ {{roundcube_host}}\ -p\ tcp\ -m\ > state\ --state\ NEW\ -m\ tcp\ --dport\ 5432\ -j\ ACCEPT' > insertbefore='^-A\ INPUT\ -j\ LOGGING' > line="-A INPUT -s {{roundcube_host}} -p tcp -m state --state > NEW -m tcp --dport 5432 -j ACCEPT" > when: result|failed > notify: Restart iptables > > > My test will always fail because I'm sure it's trying to evaluate the > {{roundcube_host}} variable without escaping the periods in the IP address. > > I could write a sed recipe that will read out {{roundcube_host}}, insert > backslashes before dots, and write that to a new variable. But has this > wheel already been invented? I can assume the presence of tools like sed > on the target host, but not on the host that's running the playbook. And > it's possible that the playbook might be run from either a GNU or BSD > system, and a recipe I write for one might not work with the other. It > seems a little messy to send this to the remote host for operations and > bring the result back :-) > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/4fef3e9b-75f2-40e0-8fe8-801a248993ec%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/4fef3e9b-75f2-40e0-8fe8-801a248993ec%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAAnNz0OVW9fWimyvaY9sXTYZ3ti5cDMJ83zwg4RHQT_chFMseQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
