Have a good look at https://docs.ansible.com/ansible/latest/user_guide/playbooks_environment.html and make sure you understand what it says.
On Fri, 5 Mar 2021 at 21:38, VB C <[email protected]> wrote: > hello folks I am unable to set env variables, so that app_user is able to > run app as a linux service. can someone help ? > --- > # tasks file for dvmt {{ app_name }} > - name: include per-app variables > include_vars: > file: ../../../vars/{{ ENV }}-{{platform_type}}.yml > > - name: create app user {{ app_user }} > user: > name: "{{ app_user }}" > state: present > > - name: install packages > yum: > name: "{{ item }}" > state: present > with_items: > - "python36u" > - "python36u-pip" > - "{{ packages }}" > > - include_tasks: replace-freetds.yml > when: use_isrg_freetds or use_isrg_freetds_force > > - name: create directories > file: > path: "{{ item }}" > state: directory > owner: "{{ app_user }}" > group: "{{ app_user }}" > mode: 0755 > with_items: > - "{{ directories }}" > > - name: copy extra packages > unarchive: > src: "{{ item.name }}" > dest: "{{ item.dest }}" > with_items: > - "{{ extra_packages }}" > when: extra_packages|length > 0 > > - name: remove existing virtual environment > file: > path: /opt/intuitive/{{ app_name }}/{{ app_version }} > state: absent > when: remove_first is defined and remove_first > notify: restart {{ servicename }} > - debug: > msg: "**************** pip_server {{ pip_server }} **************** > pip_serverport {{ pip_serverport }} " > > - name: install pip packages > pip: > name: "{{item.name}}" > version: "{{item.version}}" > extra_args: "--index-url=http://{{ pip_server }}:{{ pip_serverport }} > --trusted-host {{ pip_server }}" > virtualenv: /opt/intuitive/{{ app_name }}/{{ app_version }} > virtualenv_command: "{{ virtualenv_cmd }}" > with_items: > - "{{ pip_packages }}" > > - name: set current symlink to this version > file: > src: /opt/intuitive/{{ app_name }}/{{ app_version }} > dest: /opt/intuitive/{{ app_name }}/current > state: link > notify: restart {{ servicename }} > > - name: configure the config file > template: > src: templates/{{ app_config_template }} > dest: /etc/intuitive/{{ app_name }}/{{ app_config_name }} > owner: "{{ app_user }}" > mode: 0600 > notify: restart {{ servicename }} > > - name: setup certificate file > copy: > content: "{{trusted_certs}}" > dest: "{{cert_file}}" > when: trusted_certs is defined and cert_file is defined > notify: restart {{ servicename }} > > - name: copy service file > template: > src: templates/{{ service_config_template }} > dest: /etc/systemd/system/{{ servicename }} > notify: restart {{ servicename }} > > - name: enforce directory permissions > file: > dest: "{{ item }}" > owner: "{{ app_user }}" > group: "{{ app_user }}" > recurse: yes > with_items: > - "{{ directories }}" > > - name: "enforce write permissions on /var/tmp/intuitive/dvmt-file-manager > to file-sender" > command: "setfacl -R -m g:app-user:rwx > /var/tmp/intuitive/dvmt-file-manager/ & setfacl -R -d -m g:app-user:rwX > /var/tmp/intuitive/dvmt-file-manager/" > when: (app_user == "app-user") > > - name: setup environment variable > environment: > db_url: "mssql+pymssql://{{app_db_user}}:{{app_db_password}}@ > {{app_db_server}}:{{app_db_port}}/{{app_db_name}}" > pki_client_cacert_password: "{{pki_client_cacert_password}}" > This means nothing, there is no such module 'environment'. > - name: daemon-reload {{ servicename }} > systemd: > name: "{{ servicename }}" > daemon-reload: yes > > - name: enable service > service: > name: "{{ servicename }}" > enabled: yes > > -- > You received this message because you are subscribed to the Google Groups > "Ansible Project" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/15f25da7-58a2-4351-b75b-451dc370d32fn%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/15f25da7-58a2-4351-b75b-451dc370d32fn%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Sent from a mobile device - please excuse the brevity, spelling and punctuation. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAL8fbwMneCe%3DoUpMBGwr6itOcCq16ZMoKCh%2B0ot85%3DUTtqdgrg%40mail.gmail.com.
