Re: [ansible-project] Multi-conditional when statements

[John Petro]

Thanks Brian!  That totally makes sense, and I hadn't even thought about it
that way.  Thanks for the help, it is very much appreciated.

--John

On Thu, May 30, 2024 at 12:28 PM Brian Coca  wrote:

> First of all, both are valid ways of writing conditionals.
>
> From the execution standpoint, the main difference is that the list
> version will be evaluated in order, one at a time by Ansible passing
> each item to Jinja.  While the other one will be passed as one item
> into Jinja. This creates a minor change in efficiency depending on the
> amount of conditions and the likelyhood of failure, but for most cases
> (less than 100 conditionals) I would consider it negligible.
>
> From a practical standpoint, the 2nd form is easier to put into a
> variable and compose 'ANDed' conditions by adding to a list, you only
> need to ensure each condition's correctness, not the aggregated whole.
> The first form on the other hand supports 'OR' conditions also.
>
> In the end I would consider it a preference issue, though most Ansible
> users are used to the 2nd form and might get confused by the first,
> but that is only a consideration when/if sharing the content.
>
> --
> --
> Brian Coca (he/him/yo)
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7fDShTB-g-68uo%3DnMAqZXOVM2Oq3i%2BWUsGgM-nGXSNiRg%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8sruX%3DsYLdAcn2Cmb6-sVkm1p_g5K5MfHuxxuv1vddNA%40mail.gmail.com.

[ansible-project] Multi-conditional when statements

[John Petro]

Good Morning Everyone!!

running into a difference of opinion between some coworkers, and I was
brought in to offer my opinion as SME.

Basically there are two different "when" statements that are being used...
What I am wondering is, what's the difference between them other than maybe
readability/syntax  I can't seem to find what I am looking for when I
do a search

Case 1:

 when: >
(
  ( condition 1 ) and
  ( condition 2 )
)

Case 2:

when:
   - condition 1
   - condition 2


Any guidance you have about when you would use one method over the other
would definitely help me out.  Thanks!!

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-T_GR8JJVim1h0uyj-Jb9NWE6JiJ7jPxOs7sQVYEqQrg%40mail.gmail.com.

Re: [ansible-project] become sudo not working for apt module

[John Petro]

Have you tried a ps on the host you are trying to upgrade to see if an apt
command is already running?  I've run into it before where an auto update
is running, so it has the lock file already in place.

--john

On Mon, May 13, 2024, 10:42 PM Gregory Machin  wrote:

> Hi
>
> I have a number of ubuntu servers that I want to update using ansible via
> AWX. my current test playbook :
>
> ---
>  - hosts: all
>tasks:
>- name: Test Connection
>  ansible.builtin.ping:
>
>- name: Update Cache
>  become: true
>  apt:
>update_cache: true
>
> is not work as expected on the ubuntu servers.
> The servers that have the root user configured are fine. But the Ubuntu
> servers where the root user doesn't have a password set are failing with
> the following error:
>
> "Failed to lock apt for exclusive operation: Failed to lock directory
> /var/lib/apt/lists/: E:Could not open lock file /var/lib/apt/lists/lock -
> open (13: Permission denied)"
>
> In AWX I have configured privilege escalation to use sudo but this doesnt
> help.
>
> I have tried moving the become: yes statement but this did help.
>
> Doe the apt module support the sudo ?
>
> What have I missed ?
>
> Thank you
>
>  Greg
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/5247dc46-a89e-4685-97af-53f8b91c8be8n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/5247dc46-a89e-4685-97af-53f8b91c8be8n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8HmzXZxiHvGnaP63yykLPrBmRkWeJurhm0P9%3DBzfUF4w%40mail.gmail.com.

Re: [ansible-project] Ansible and aureport

[John Harmon]

I will give it a try, thank you.  Sorry about the slow reply--been a busy 
day

On Thursday, May 9, 2024 at 1:30:29 AM UTC-6 Dick Visser wrote:

> In any case, the following tasks works fine for me:
>
>
> ---
> - name: test
> become: true
> hosts: bar
> tasks:
> - name: foo
> command: aureport
> register: out
>
> - debug: var=out.stdout_lines
>
>
>
>
> TASK [debug] 
> ***
> ok: [bar] =>
> out.stdout_lines:
> - ''
> - Summary Report
> - ==
> - 'Range of time in logs: 05/09/2024 09:21:28.628 - 05/09/2024 
> 09:28:42.513'
> - 'Selected time for report: 05/09/2024 09:21:28 - 05/09/2024 09:28:42.513'
> - 'Number of changes in configuration: 3'
> - 'Number of changes to accounts, groups, or roles: 0'
> - 'Number of logins: 6'
> - 'Number of failed logins: 0'
> - 'Number of authentications: 1'
> - 'Number of failed authentications: 0'
> - 'Number of users: 4'
> - 'Number of terminals: 9'
> - 'Number of host names: 3'
> - 'Number of executables: 6'
> - 'Number of commands: 5'
> - 'Number of files: 0'
> - 'Number of AVC''s: 0'
> - 'Number of MAC events: 0'
> - 'Number of failed syscalls: 0'
> - 'Number of anomaly events: 0'
> - 'Number of responses to anomaly events: 0'
> - 'Number of crypto events: 0'
> - 'Number of integrity events: 0'
> - 'Number of virt events: 0'
> - 'Number of keys: 0'
> - 'Number of process IDs: 49'
> - 'Number of events: 221'
>
> On Thu, 9 May 2024 at 09:28, Dick Visser  wrote:
> >
> > On Thu, 9 May 2024 at 00:12, John Harmon  wrote:
> > >
> > > I am running this in my task file (tried shell, command, and raw). Any 
> idea why and how to work around the issue?:
> > >
> > > - name: Check number of AVCs
> > > ansible.builtin.raw: "aureport | grep -i avc"
> > > register: avcreport
> > >
> > > - debug:
> > > var: avcreport
> > >
> > > It returns a report with all zero values, but if I run this directly 
> on a server I get non-zero values. Can't seem to figure out why:
> > >
> > > "aureport_output.stdout_lines": [
> > > "",
> > > "Summary Report",
> > > "==",
> > > "Range of time in logs: 01/01/1970 00:00:00.000 - 01/01/1970 
> 00:00:00.000",
> > > "Selected time for report: 01/01/1970 00:00:00 - 01/01/1970 
> 00:00:00.000",
> > > "Number of changes in configuration: 0",
> > > "Number of changes to accounts, groups, or roles: 0",
> > > "Number of logins: 0",
> > > "Number of failed logins: 0",
> > > "Number of authentications: 0",
> > > "Number of failed authentications: 0",
> > > "Number of users: 0",
> > > "Number of terminals: 0",
> > > "Number of host names: 0",
> > > "Number of executables: 0",
> > > "Number of commands: 0",
> > > "Number of files: 0",
> > > "Number of AVC's: 0",
> > > "Number of MAC events: 0",
> > > "Number of failed syscalls: 0",
> > > "Number of anomaly events: 0",
> > > "Number of responses to anomaly events: 0",
> > > "Number of crypto events: 0",
> > > "Number of integrity events: 0",
> > > "Number of virt events: 0",
> > > "Number of keys: 0",
> > > "Number of process IDs: 0",
> > > "Number of events: 0"
> >
> > This is NOT the output of the task you posted above, because that
> > command with the piped grep cannot return all those lines.
> > Can you post accurate playbooks and output?
> >
> > > Directly on the server I get this:
> > >
> > >
> > > Summary Report
> > > ==
> > > Range of time in logs: 05/08/2024 02:48:03.967 - 05/08/2024 
> 22:10:09.990
> > > Selected time for report: 05/08/2024 02:48:03 - 05/08/2024 22:10:09.990
> > > Number of changes in configuration: 0
> > > Number of changes to accounts, groups, or roles: 0
> > > Number of logins: 15
> > > Number of failed logins: 705
> > > Number of authentications: 3
> > > Number of failed authentications: 0
> > > Number of users: 3
> > > Number of terminals: 6
> > > Number of host names: 5
> > > Number of executables: 21
> > > Number of commands: 31
> > > Number of files: 1401
> > > Number of AVC's: 15184
> > > Number of MAC events: 1124
> > > Number of failed syscalls: 544
> > > Number of anomaly events: 0
> > > Number of responses to anomaly events: 0
> > > Number of crypto events: 4990
> > > Number of integrity events: 0
> > > Number of virt events: 0
> > > Number of keys: 0
> > > Number of process IDs: 10864
> > > Number of events: 70010
> >
> >
> > I would suspect some environment variables are off, or the become logic 
> is off.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/2e2affab-63af-4f10-bae0-5cdb1108495dn%40googlegroups.com.

[ansible-project] Re: ansible Loop help

[John Harmon]

You mean something like this?

- name: Run status check 
  pps_check:
vm_ip: "{{ item }}"
url: 
"https://bldrapp.sys.comcast.net/api/v3/hosts/status?host-list=;
  register: status_check
  with_items: "{{ available_ips }}"
  async: 900  # Adjust the timeout based on the expected maximum time 
to complete the task (15 minutes)
  poll: 0
  tags:
- pps-status

- name: Wait for all tasks to complete
  async_status:
jid: "{{ item.ansible_job_id }}"
  register: job_result
  until: job_result.finished
  retries: 30  # Adjust as needed
  delay: 60# Adjust as needed
  with_items: "{{ status_check.results }}"
  tags:
- pps-status

- name: Gather results
  set_fact:
all_results: "{{ all_results | default([]) + [item] }}"
  loop: "{{ job_result.results }}"
  tags:
- pps-status

On Thursday, May 2, 2024 at 5:36:48 AM UTC-6 Thirumalai Raja A wrote:

> HI TEAM,
>
> below is my task to check the job completed status for the set of ips, and 
> for an ip approximately taking 15 mins to get the status. if i am having 5 
> number of ips its taking too long to complete my task.
>
> so i am looking for parallel options to check for this particular task. is 
> is passible to do that?
> if yes can anyone guide me pls.
>
>
> - name: PPS Playbook Status
>   pps_check:
> vm_ip: "{{ item }}"
> url: "
> https://bldrapp.sys.comcast.net/api/v3/hosts/status?host-list=;
>   register: status_check
>   with_items: "{{available_ips}}"
>   tags:
> - pps-status
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6cca0856-c720-4f98-a5f2-63e5b2ee9083n%40googlegroups.com.

[ansible-project] Re: Create a variable based on a variable

[John Harmon]

Just off the top of my head you can use set_fact.
- name: Set datacenter variable based on hostname
  set_fact:
datacenter: "datacenter{{ ansible_hostname[-1] }}"
  when: ansible_hostname | regex_search('^[a-zA-Z0-9]*[1-2]')

You can then just use {{ datacenter }} and it should populate correctly.  I 
haven't tested the above, but if it doesn't work it should at least put you 
in the ball park.
On Wednesday, May 8, 2024 at 11:52:26 AM UTC-6 andregr...@gmail.com wrote:

> i am quite a newbee with ansible, but i would suggest to 
> a) use host-variables with e.g. "datacenter" set to the matching 
> datacenter value or
> b) use a regex on the host variable to create the datacenter on it
>
> regards,
> andre
>
> Dimitri Yioulos schrieb am Mittwoch, 8. Mai 2024 um 18:34:36 UTC+2:
>
>> Hello, all.
>>
>> The subject of this post is probably terribly named. That said, here's 
>> what I'm trying to accomplish:
>>
>> I have two VMware vCenter hosts - vcenter1.mycompany.com and 
>> vcenter2.mycompany.com. Within each host is are two datacenters - 
>> datacenter1 and datacenter2. for each host, the datacenter alignments are 
>> vcenter1 -- datacenter1 and vcenter2 -- datacenter2.
>>
>> I have a number of playbooks that do actions against vCenter. For 
>> example, I have one deletes all snapshots. It looks like this:
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> * hosts: all  become: false  gather_facts: false  vars_prompt:- 
>> name: "vcenter_username"  prompt: "Enter your Vcenter username (without 
>> @vsphere.local)"  private: no- name: "vcenter_password"  
>> prompt: "Enter your VMware password"  private: yes- name: 
>> "vcenter_hostname"  prompt: "Enter your Vcenter host 
>> name:\nvcenter1\nvcenter2\n"  private: no- name: 
>> "vcenter_datacenter"  prompt: "Enter your Vcenter 
>> datacenter:\ndatacenter1\ndatacenter2\n"  private: no  tasks:- 
>> name: Find vm folder name  ~- name: Remove all snapshots of all 
>> VMs  community.vmware.vmware_guest_snapshot:hostname: "{{ 
>> vcenter_hostname }}.fmycompany.com "
>> username: "{{ vcenter_username }}@vsphere.local"password: "{{ 
>> vcenter_password }}"datacenter: "{{ vcenter_datacenter }} 
>> Datacenter"folder: "{{ vm_folder.folders | 
>> regex_replace(\"([\\[\\]'])\",'') }}"name: "{{ inventory_hostname 
>> }}"state: remove_allvalidate_certs: False  delegate_to: 
>> localhost*
>>
>> As you can see, at present, I have to provide the vCenter name, and the 
>> corresponding datacenter name in order for the playbook to work. I would 
>> like to eliminate the need to specify the datacenter name, and have that 
>> populate datacenter ("{{ vcenter_datacenter }} Datacenter") based on the 
>> vCenter host that I choose (hostname: "{{ vcenter_hostname }}.
>> fmycompany.com"). I'm not clever enough to suss that out, and would 
>> appreciate your help.
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f649b281-ed50-46e0-963a-c477b65bd930n%40googlegroups.com.

[ansible-project] Ansible and aureport

[John Harmon]

I am running this in my task file (tried shell, command, and raw).  Any 
idea why and how to work around the issue?:

- name: Check number of AVCs
  ansible.builtin.raw: "aureport | grep -i avc"
  register: avcreport

- debug:
var: avcreport

It returns a report with all zero values, but if I run this directly on a 
server I get non-zero values.  Can't seem to figure out why:

"aureport_output.stdout_lines": [
"",
"Summary Report",
"==",
"Range of time in logs: 01/01/1970 00:00:00.000 - 01/01/1970 
00:00:00.000",
"Selected time for report: 01/01/1970 00:00:00 - 01/01/1970 
00:00:00.000",
"Number of changes in configuration: 0",
"Number of changes to accounts, groups, or roles: 0",
"Number of logins: 0",
"Number of failed logins: 0",
"Number of authentications: 0",
"Number of failed authentications: 0",
"Number of users: 0",
"Number of terminals: 0",
"Number of host names: 0",
"Number of executables: 0",
"Number of commands: 0",
"Number of files: 0",
"Number of AVC's: 0",
"Number of MAC events: 0",
"Number of failed syscalls: 0",
"Number of anomaly events: 0",
"Number of responses to anomaly events: 0",
"Number of crypto events: 0",
"Number of integrity events: 0",
"Number of virt events: 0",
"Number of keys: 0",
"Number of process IDs: 0",
"Number of events: 0"

*Directly on the server I get this:*


Summary Report
==
Range of time in logs: 05/08/2024 02:48:03.967 - 05/08/2024 22:10:09.990
Selected time for report: 05/08/2024 02:48:03 - 05/08/2024 22:10:09.990
Number of changes in configuration: 0
Number of changes to accounts, groups, or roles: 0
Number of logins: 15
Number of failed logins: 705
Number of authentications: 3
Number of failed authentications: 0
Number of users: 3
Number of terminals: 6
Number of host names: 5
Number of executables: 21
Number of commands: 31
Number of files: 1401
Number of AVC's: 15184
Number of MAC events: 1124
Number of failed syscalls: 544
Number of anomaly events: 0
Number of responses to anomaly events: 0
Number of crypto events: 4990
Number of integrity events: 0
Number of virt events: 0
Number of keys: 0
Number of process IDs: 10864
Number of events: 70010

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/1d4727fa-01e6-4179-9e59-6bc17b49ca8fn%40googlegroups.com.

Re: [ansible-project] Re: Role Handler Separation

[John Petro]

I did see that...  I have to go back and try it again, but I think it was
still reading in all of the handlers for some reason.  I did think about
just putting the handler in that tasks file too...  hadn't yet tried that
one, but I am pretty sure that would work too.


On Mon, Feb 12, 2024 at 9:32 AM Vinay Mulugund  wrote:

> This seems similar to something you are looking for:
>
> https://stackoverflow.com/questions/75134796/ansible-handlers-per-operating-system-with-same-name
>
> On Friday, February 9, 2024 at 5:12:06 AM UTC+5:30 John Petro wrote:
>
>> Good Evening...  A coworker of mine is working on finishing up a role,
>> that may be use across multiple operating systems.  We were wondering, if
>> there was a way to separate the handler files into files based on OS, that
>> are only parsed when you are running the role against that particular OS.
>>
>> For example, if you were running the role against a windows server, the
>> handler would be in windows.yml, or if it was debian, then the handler
>> would be in Debian.yml.
>>
>> I know how to do this for the tasks files, but wasn't sure if this was
>> possible for handlers files.
>>
>> --John
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/88253787-22e0-43cd-ad6a-a3362a1f717fn%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/88253787-22e0-43cd-ad6a-a3362a1f717fn%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_vDo2jJ5t0%3DTqVMZgUBiQUwr0z9OUQaNA3fa%3D69Dja1A%40mail.gmail.com.

[ansible-project] Role Handler Separation

[John Petro]

Good Evening...  A coworker of mine is working on finishing up a role, that
may be use across multiple operating systems.  We were wondering, if there
was a way to separate the handler files into files based on OS, that are
only parsed when you are running the role against that particular OS.

For example, if you were running the role against a windows server, the
handler would be in windows.yml, or if it was debian, then the handler
would be in Debian.yml.

I know how to do this for the tasks files, but wasn't sure if this was
possible for handlers files.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_5A0-PoBTZq5gdj230NuN8Pxyv%2B7XyLh1dHaLwOXoj3Q%40mail.gmail.com.

[ansible-project] outputs to a multivalue with_items list.

[John Simmons]

Hi Hope you can help me,

I have a step in a playbook that makes a uri call to the gihub api servers 
and returns all the info regarding all of our repo's. I need to create a 
with_items list with information from that json response to have 3 items 
per repo(for example) for the next part of the playbook. Does anybody know 
any great ideas on how to go about this?

*wanted with_items list:*
with_items: - { name: REPO1, disabled: False, has_wiki: *True* } - { name: 
REPO2, disabled: False, has_wiki: True }

*Example json output from previous step:*

"json": [
{
"allow_forking": true,
"archive_url": 
"https://api.github.com/repos/**/REPO1/{archive_format}{/ref};,
"archived": false,
"assignees_url": 
"https://api.github.com/repos/**/REPO1/assignees{/user};,
"blobs_url": 
"https://api.github.com/repos/**/REPO1/git/blobs{/sha};,
"branches_url": 
"https://api.github.com/repos/**/REPO1/branches{/branch};,
"clone_url": "https://github.com/**/REPO1.git;,
"collaborators_url": 
"https://api.github.com/repos/**/REPO1/collaborators{/collaborator};,
"comments_url": 
"https://api.github.com/repos/**/REPO1/comments{/number};,
"commits_url": 
"https://api.github.com/repos/**/REPO1/commits{/sha};,
"compare_url": 
"https://api.github.com/repos/**/REPO1/compare/{base}...{head};,
"contents_url": 
"https://api.github.com/repos/**/REPO1/contents/{+path};,
"contributors_url": 
"https://api.github.com/repos/**/REPO1/contributors;,
"created_at": "2023-12-14T09:22:56Z",
"default_branch": "main",
"deployments_url": 
"https://api.github.com/repos/**/REPO1/deployments;,
"description": "",
"disabled": false,
"downloads_url": 
"https://api.github.com/repos/**/REPO1/downloads;,
"events_url": "https://api.github.com/repos/**/REPO1/events;,
"fork": true,
"forks": 0,
"forks_count": 0,
"forks_url": "https://api.github.com/repos/**/REPO1/forks;,
"full_name": "**/REPO1",
"git_commits_url": 
"https://api.github.com/repos/**/REPO1/git/commits{/sha};,
"git_refs_url": 
"https://api.github.com/repos/**/REPO1/git/refs{/sha};,
"git_tags_url": 
"https://api.github.com/repos/**/REPO1/git/tags{/sha};,
"git_url": "git://github.com/**/REPO1.git",
"has_downloads": true,
"has_issues": true,
"has_pages": false,
"has_projects": true,
"has_wiki": true,
"homepage": null,
"hooks_url": "https://api.github.com/repos/**/REPO1/hooks;,
"html_url": "https://github.com/**/REPO1;,
"id": ***,
"issue_comment_url": 
"https://api.github.com/repos/**/REPO1/issues/comments{/number};,
"issue_events_url": 
"https://api.github.com/repos/**/REPO1/issues/events{/number};,
"issues_url": 
"https://api.github.com/repos/**/REPO1/issues{/number};,
"keys_url": 
"https://api.github.com/repos/**/REPO1/keys{/key_id};,
"labels_url": 
"https://api.github.com/repos/**/REPO1/labels{/name};,
"language": "Python",
"languages_url": 
"https://api.github.com/repos/**/REPO1/languages;,
"license": null,
"merges_url": "https://api.github.com/repos/**/REPO1/merges;,
"milestones_url": 
"https://api.github.com/repos/**/REPO1/milestones{/number};,
"mirror_url": null,
"name": "REPO1",
"node_id": "***",
"notifications_url": 
"https://api.github.com/repos/**/REPO1/notifications{?since,all,participating};,
"open_issues": 0,
"open_issues_count": 0,
"owner": {
"avatar_url": "https://avatars.githubusercontent.com/u/20?v=4;,
"events_url": 
"https://api.github.com/users/**/events{/privacy};,
"followers_url": 
"https://api.github.com/users/**/followers;,
"following_url": 
"https://api.github.com/users/**/following{/other_user};,
"gists_url": 
"https://api.github.com/users/**/gists{/gist_id};,
"gravatar_id": "",
"html_url": "https://github.com/**;,
"id": 20,
"login": "**",
"node_id": "",
"organizations_url": "https://api.github.com/users/**/orgs;,
"received_events_url": 
"https://api.github.com/users/**/received_events;,
"repos_url": "https://api.github.com/users/**/repos;,
"site_admin": false,
"starred_url": 
"https://api.github.com/users/**/starred{/owner}{/repo};,
"subscriptions_url": 
"https://api.github.com/users/**/subscriptions;,
"type": "Organization",
"url": "https://api.github.com/users/**;
},
"permissions": {
"admin": false,
"maintain": false,
"pull": true,
"push": false,
"triage": false
},
"private": 

[ansible-project] Problem inserting element at top of xml file

[John Himpel]

I am trying to learn how to insert a new element after the  
element.

Contents of the xml file



remote+http


remote+http
xx.xx.xx.xx
9990



This is my task:
- name: Insert element after jboss-cli element
  community.general.xml:
add_children:
  - "Inserted"
input_type: xml
namespaces:
  x: urn:jboss:cli:3.4
path: /opt/wildfly/wf29/bin/jboss-cli.xml
pretty_print: true
xpath: "/x:jboss-cli"

When I execute the role containing this task,  I get 
FAILED! => {"changed": false, "msg": "Syntax error in xpath expression: 
/x:jboss-cli/ (Invalid expression)"

How do I insert this new element immediately following the ?
I've tried xpath:"x:"
I've tried xpath: "/"
I've tried xpath: "/x:"

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/0a96577e-6a9f-459e-9c76-bc3cdda73bf5n%40googlegroups.com.

[ansible-project] Antivirus Whitelist Recommendations

[John Petro]

Good Morning,
  running into an issue, which seems to be turning into a game of
whack-a-mole.  Our org uses SentinelOne for server antivirus, and it keeps
flagging various python scripts, which I know are valid scripts for the
modules that are running at that time they get flagged.  I didn't see any
whitelisting recommendations for Antivirus software, so was just curious if
anyone has run into this and how you got around it.  I was thinking of just
having whitelist anything that has AnsiballZ*.py but I am not sure if this
will cover everything or not.

Any guidance folks have would be greatly appreciated.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8E8aGBqM3Bt5t7mGLxCvLVhM6raYiKdMB4UhKQ16SHLw%40mail.gmail.com.

Re: [ansible-project] command/shell module warn deprecation

[John Petro]

yeah, I saw that, and I might go down that road, but wanted to see if there
was a better way first.

--jp

On Wed, Jul 12, 2023 at 11:39 AM 'Rowe, Walter P. (Fed)' via Ansible
Project  wrote:

> I think you can place an ansible.cfg file in the folder where your ansible
> is running. We do this for our packer image management service that also
> uses ansible in the provisioner stage.
>
> Walter
> --
> Walter Rowe, Division Chief
> Infrastructure Services, OISM
> Mobile: 202.355.4123
>
> On Jul 12, 2023, at 11:30 AM, John Petro  wrote:
>
> Good Morning,
>   I manage the building of some virtual machine templates using packer.  I
> am leveraging ansible as part of this, and when I am doing some cleanup
> after the setup is done to prepare for the conversion to template, and a
> couple of the options I need in yum/dnf, etc don't exist in the module
> don't exist.  So, to get around this, I am using the command module, but I
> get a warning that I should use the module, but that if I am doing it for a
> specific reason, I should use warn: false or set the option to ignore
> warnings in my ansible.cfg.  Since I am using a "ansible_local" provisioner
> in packer, I don't use an ansible.cfg, so I was wondering if there is
> another way to accomplish the warn: false option since it has been removed
> in the more recent versions of ansible.
>
> --John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAPAjob92oJ2rXs8UnESjNJ4URE37WtO0XZ1P0O9Sbo980RQ5_A%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAPAjob92oJ2rXs8UnESjNJ4URE37WtO0XZ1P0O9Sbo980RQ5_A%40mail.gmail.com?utm_medium=email_source=footer>
> .
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/52131541-D791-4DFE-B2A0-B5BA479DF444%40nist.gov
> <https://groups.google.com/d/msgid/ansible-project/52131541-D791-4DFE-B2A0-B5BA479DF444%40nist.gov?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-ACmAduepvGddFW0sTOsv3ymCQB2pd0xdLAGT3S8uP%3DA%40mail.gmail.com.

[ansible-project] command/shell module warn deprecation

[John Petro]

Good Morning,
  I manage the building of some virtual machine templates using packer.  I
am leveraging ansible as part of this, and when I am doing some cleanup
after the setup is done to prepare for the conversion to template, and a
couple of the options I need in yum/dnf, etc don't exist in the module
don't exist.  So, to get around this, I am using the command module, but I
get a warning that I should use the module, but that if I am doing it for a
specific reason, I should use warn: false or set the option to ignore
warnings in my ansible.cfg.  Since I am using a "ansible_local" provisioner
in packer, I don't use an ansible.cfg, so I was wondering if there is
another way to accomplish the warn: false option since it has been removed
in the more recent versions of ansible.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob92oJ2rXs8UnESjNJ4URE37WtO0XZ1P0O9Sbo980RQ5_A%40mail.gmail.com.

Re: [ansible-project] WSL1 localhost

[John Petro]

If I am reading the output correctly, it looks like it can't find
powershell.  have you tried running a powershell command in WSL to see if
you get that expected output?

--John

On Wed, Jun 28, 2023 at 11:40 AM Filipe Gonçalves <
filipe.pereira@gmail.com> wrote:

> ### Summary
>
> When running a simple playbook that uses the ansible.windows.* module(i've
> tested some ansible.windows, not all) it always fails on runtime, I'm using
> WSL1 on Windows 10, so I imagine it is because it is recognizing localhost
> as the wsl virtual machine and not my windows machine, I'm unsure if this
> is the case since im new to Ansible, but I have researched this quite a bit
> and didn't find a concrete awnser.
>
> My inventory
> [localhost]
> 127.0.0.1 ansible_connection=local
>
> Can upgrading the WSL version to WSL2 fix this issue?
>
>
> ### Ansible Version
> $ ansible --version
> ansible [core 2.14.5]
>
>
> ### OS / Environment
>
> WSL1, Windows 10
>
> ### Steps to Reproduce
> - name: test
>   hosts: localhost
>   gather_facts: false
>
>   tasks:
> - name: Run basic PowerShell script
>   ansible.windows.win_powershell:
> script: |
>   echo "Hello World"
>
>
> ### Expected Results
>
> Hello World
>
> ### Actual Results
> fatal: [127.0.0.1]: FAILED! => {
> "changed": false,
> "module_stderr": "/bin/sh: 1: powershell: not found\n",
> "module_stdout": "",
> "msg": "The module failed to execute correctly, you probably need to
> set the interpreter.\nSee stdout/stderr for the exact error",
> "rc": 127
> }
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/6164a4d5-a582-4586-ac4b-1c7403512ab8n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/6164a4d5-a582-4586-ac4b-1c7403512ab8n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8FVHD365ozTR0zEvRWQHmZe294niAzCe20H6_i5uRhxw%40mail.gmail.com.

Re: [ansible-project] Configuration Drift

[John Petro]

Oh, thanks. that is really helpful.  In parallel, we have been kicking the
tires on Insights for our RHEL servers too.  We have a few Ubuntu servers,
so obviously that won't work for them, but I do like the idea of using a
Tripwire/AIDE type tool and then passing it off to Ansible if needed.  You
have definitely given me some things to ponder.

--John

On Tue, Jun 27, 2023 at 5:18 PM Brian Coca  wrote:

> For drift control i've found most CM systems to be lacking. I've
> always used something like tripwire/aide to detect file changes and
> correlate that with the proper configuration updates. Puppet and other
> 'resident' systems seemsgood for this but they run every Nminutes
> doing a lot of work to verify things, instead of using something like
> inotify to trigger immediate response from a passive kenrel hook (via
> fam deamon or something as simple as incron). This ends up being a LOT
> more efficient and avoids a lot of useless processing.
>
> --
> --
> Brian Coca
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7e7L_4mCsjTXxW7aK0TpastFRmZ3sobo7aCc6%3Dhtk83jA%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9_qGAnXG6qFmmWVkjjpsaY%2BBmYC6H%3D75y3qe8pBjoC8w%40mail.gmail.com.

Re: [ansible-project] Configuration Drift

[John Petro]

yeah, we are going to do it through AAP/AWX.  Where my interest is besides
the method ( reporting vs clobbering ), is the intervals people are using,
which you answered.  We are currently migrating away from Puppet in favor
of Ansible, and in the process, we are reviewing decisions that were made
when puppet was installed, to see if those are still valid.  Many have been
changed, because technology has changed.  Thanks for the info, it's really
helpful.

On Tue, Jun 27, 2023 at 4:09 PM Evan Hisey  wrote:

> For drift control I don't find ansible the best tool when compared to
> something like Puppet in this role. However if drift control is important,
> that is were Tower/AWX or Satellite (ir pure RHEL based) start to shine.
> You can setup a scheduled application of playbooks to always ensure the
> configurations are current and up to date. I used Satellite and Ansible to
> maintain STIG. and FISMA MED security configs across multiple federal sites
> with a scheduled nightly push of core configs to all systems.
>
> On Tue, Jun 27, 2023 at 2:11 PM John Petro  wrote:
>
>> Good Afternoon,
>>   I was wondering what you all are doing to manage configuration drift.
>> Are you having ansible  fix the drift, are you having it notify you of the
>> drift, or are you doing something else.  At work, we are preparing to start
>> having some conversations about what we want to do, and I thought this
>> information from you all might be helpful in our journey.
>>
>> Thanks for your time!!
>>
>> ---john
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob9NsjTGPNa_J8oeBbfZQOHjjqy7ELd6eHhodbHuTykkrQ%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAPAjob9NsjTGPNa_J8oeBbfZQOHjjqy7ELd6eHhodbHuTykkrQ%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAEcFzYwKs0zETYYuPR0TPHNJwtLQDS8ENyoE7ec%2Bvxk_vGfntA%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAEcFzYwKs0zETYYuPR0TPHNJwtLQDS8ENyoE7ec%2Bvxk_vGfntA%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9uAPQT%2BObJw1u8hZje1ymDc-45GqjYv59F54VBRJd%2Bug%40mail.gmail.com.

Re: [ansible-project] Configuration Drift

[John Petro]

That is very interesting, and helpful.  Thanks..

On Tue, Jun 27, 2023 at 3:21 PM 'Rowe, Walter P. (Fed)' via Ansible Project
 wrote:

> We have an ansible role that applies the CIS Distro Independent Linux 2
> baseline when we launch new machines. We also have an ansible tower
> workflow for regularly scheduled patching. At the end of the patching
> workflow we again run the CIS baseline role to ensure we are maintaining
> compliance with our secure configuration baseline.
>
> stop machine -> snapshot -> start machine -> patch -> reboot -> test ->
> snapshot -> secure config -> reboot
>
> if patching fails we revert to the starting snapshot.
> if secure config fails we revert to the post-test snapshot.
>
> All of this is done via ansible automation platform.
>
> Walter
> --
> Walter Rowe, Division Chief
> Infrastructure Services, OISM
> Mobile: 202.355.4123
>
> On Jun 27, 2023, at 3:11 PM, John Petro  wrote:
>
> Good Afternoon,
>   I was wondering what you all are doing to manage configuration drift.
> Are you having ansible  fix the drift, are you having it notify you of the
> drift, or are you doing something else.  At work, we are preparing to start
> having some conversations about what we want to do, and I thought this
> information from you all might be helpful in our journey.
>
> Thanks for your time!!
>
> ---john
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAPAjob9NsjTGPNa_J8oeBbfZQOHjjqy7ELd6eHhodbHuTykkrQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAPAjob9NsjTGPNa_J8oeBbfZQOHjjqy7ELd6eHhodbHuTykkrQ%40mail.gmail.com?utm_medium=email_source=footer>
> .
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/74E8295F-0895-4DF2-9CF2-1C363FD92C38%40nist.gov
> <https://groups.google.com/d/msgid/ansible-project/74E8295F-0895-4DF2-9CF2-1C363FD92C38%40nist.gov?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8_UviH_X75AZqrPpPSyjx7BKnfX%3DvJBN0dznHZ4H%2B6ag%40mail.gmail.com.

[ansible-project] Configuration Drift

[John Petro]

Good Afternoon,
  I was wondering what you all are doing to manage configuration drift.
Are you having ansible  fix the drift, are you having it notify you of the
drift, or are you doing something else.  At work, we are preparing to start
having some conversations about what we want to do, and I thought this
information from you all might be helpful in our journey.

Thanks for your time!!

---john

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9NsjTGPNa_J8oeBbfZQOHjjqy7ELd6eHhodbHuTykkrQ%40mail.gmail.com.

[ansible-project] win_shell cmd parsing domain\usernmame issue

[John Veliss]

Hello, 

I am trying to use the win_shell module to run a script which includes the 
username parameter.


- name: Execute {{ set_wmi}} to capture the existing user accounts for WMI 
security for the root namespace 
win_shell: .\set-WmiNamespaceSecurity.ps1 root add "domain\username_sls" 
Enable,RemoteAccess,Methodexecute 
args: 
chdir: "{{ temp }}" 
register: set_wminamespace

The result always seems to be "account not found". I am not sure if it is 
trying to always pass the \\ as part of the username.

If anyone can help or advise here, that would be much appreciated as I 
think I have tried username@domain, also I have tried to use variables 
instead of the actual account. Tried single and double quotes, everything 
results in account not found.

TASK [Execute Set-WmiNamespaceSecurity.ps1 to capture the existing user 
accounts for WMI security for the root namespace] ***
Wednesday 10 May 2023  06:06:09 + (0:00:00.062)   0:00:46.653 
*
fatal: [xxyzwappf0013.domain]: FAILED! => {"changed": true, "cmd": 
".set-WmiNamespaceSecurity.ps1 root add \\"domainusername_sls\\" 
Enable,RemoteAccess,Methodexecute", "delta": "0:00:01.203183", "end": 
"2023-05-10 06:06:13.528524", "msg": "non-zero return code", "rc": 1, 
"start": "2023-05-10 06:06:12.325341", "stderr": "Account was not found: 
domainusername_sls\\r\\nAt 
C:tempwmiSet-WmiNamespaceSecurity.ps1:138 char:9\\r\\n+ 
throw \\"Account was not found: $account\\"\\r\\n+ 
~~~\\r\\n+ CategoryInfo  : 
OperationStopped: (Account was not...username \\r\\n   _sls:String) [], 
RuntimeException\\r\\n+ FullyQualifiedErrorId : Account was not found: 
domainusername_sls", "stderr_lines": ["Account was not found: 
domainusername_sls", "At 
C:tempwmiSet-WmiNamespaceSecurity.ps1:138 char:9", "+ 
throw \\"Account was not found: $account\\"", "+ 
~~~", "+ CategoryInfo  : 
OperationStopped: (Account was not...username ", "   _sls:String) [], 
RuntimeException", "+ FullyQualifiedErrorId : Account was not found: 
domainusername_sls"], "stdout": "", "stdout_lines": []}
...ignoring

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7d708ab6-e2a4-456a-af16-2bab178de6e5n%40googlegroups.com.

[ansible-project] Set-WmiNamespaceSecurity-ps1 + Account not found

[John Veliss]

Hello,

I am trying to run a PS script using win_shell modules
The name of the script is called Set-WmiNamespaceSecurity-ps1
https://github.com/grbray/PowerShell/blob/main/Windows/Set-WMINameSpaceSecurity.ps1

When I run the command from the command line, it runs fine with no issues.

When I copy the script to a remote host and try to run using ansibles 
win_shell, I always have errors in regards to "Account was not found"

The syntax of my win_shell command is as below

win_shell: .\Set-WmiNamespaceSecurity.ps1 -namespace root -operation add 
-account 'user@domain' Enable,RemoteAccess,Methodexecute

or 

win_shell: .\Set-WmiNamespaceSecurity.ps1 -namespace root -operation add 
-account 'domain\user' Enable,RemoteAccess,Methodexecute

I have tried both domain\username and also username@domain but still 
getting "Account was not found" errors.

I think it may have something to do with the PS script, but if anyone can 
shed any light, that would be much appreciated.

Thanks

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/15c493eb-2efc-4ffd-89d4-e038c7e9f3bdn%40googlegroups.com.

Re: [ansible-project] Play is skipped in playbook

[John Welby]

Thank you Alex!

Got it working now.

Cheers,

John

On Thu, Apr 27, 2023 at 12:34 PM Alex Wanderley 
wrote:

> Hello,
>
> Whenever possible, use Ansible modules instead of shell/command.
>
> Take a look at Ansible's "systemd" module. It will help you doing both the
> stop and masking in a single task.
>
> Alex
>
> On Thu, Apr 27, 2023 at 10:22 AM John Welby  wrote:
>
>> Team;
>>
>> I am trying to 'stop' and 'mask' packagekit because it appears it is
>> causing yum locks and blocking the playbook from executing instance
>> patching.  Below is at the top of the playbook:
>>
>> ---
>> - name: stop and mask packagekit
>>   hosts: jwelby_sandbox
>>   remote_user: ec2-user
>>   become: True
>>   become_method: sudo
>>
>>   ansible.builtin.shell:
>>   cmd: systemctl stop packagekit
>>   systemctl mask packagekit
>>
>>
>> Thanks!
>>
>> John
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/e16884de-0b9c-4211-8cd2-281436216ca5n%40googlegroups.com
>> <https://groups.google.com/d/msgid/ansible-project/e16884de-0b9c-4211-8cd2-281436216ca5n%40googlegroups.com?utm_medium=email_source=footer>
>> .
>>
>
>
> --
>
>
>
> [image: Edmonton_sig_RGB_S.jpg]
>
> Alex Wanderley
>
> Application and Infrastructure Analyst II
> Server Solutions & Automation
>
> Financial and Corporate Services | Open City and Technology
>
>
>
> 780-496-4156  Office
>
> 780-819-0273  Mobile
>
>
>
> City of Edmonton
>
> Century Place, 19th Floor
>
> 9803 102A Avenue NW
>
> Edmonton AB, T5J 3A3
>
>
>
> All information contained in this email post is proprietary to the City of
> Edmonton, confidential and intended only for the addressed recipient. If
> you have received this post in error, please disregard the contents, inform
> the sender of the misdirection, and remove it from your system. The
> copying, dissemination or distribution of this email, if misdirected, is
> strictly prohibited.
>
> *The contents of this message and any attachment(s) are confidential,
> proprietary to the City of Edmonton, and are intended only for the
> addressed recipient. If you have received this in error, please disregard
> the contents, inform the sender of the misdirection, and remove it from
> your system. The copying, dissemination, or distribution of this message,
> if misdirected, is strictly prohibited.*
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Ansible Project" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/ansible-project/e-zSqiUJlG0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CADp8UUQdcvW2mhLGBpbjOuBPQa408wcx-H0WhoGbM5srYajkOg%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CADp8UUQdcvW2mhLGBpbjOuBPQa408wcx-H0WhoGbM5srYajkOg%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAHpQa2ABwqpz0DBAA%3DjLYM9oEgqYg_-XdqMWtnY%3D_P0O-9co3w%40mail.gmail.com.

[ansible-project] Play is skipped in playbook

[John Welby]

Team;

I am trying to 'stop' and 'mask' packagekit because it appears it is 
causing yum locks and blocking the playbook from executing instance 
patching.  Below is at the top of the playbook:

---
- name: stop and mask packagekit
  hosts: jwelby_sandbox
  remote_user: ec2-user
  become: True
  become_method: sudo
  
  ansible.builtin.shell:
  cmd: systemctl stop packagekit
  systemctl mask packagekit


Thanks!

John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e16884de-0b9c-4211-8cd2-281436216ca5n%40googlegroups.com.

Re: [ansible-project] ansible.builtin.cron

[John Welby]

Thanks, I will try that.

On Wednesday, April 19, 2023 at 1:19:14 PM UTC-4 Will McDonald wrote:

> It works as expected for me on a test Fedora machine.
>
> As a test user, create a debug playbook and test it runs.
>
> [test-user@fedora ~]$ id
> uid=1001(test-user) gid=1001(test-user) groups=1001(test-user) 
> context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> [test-user@fedora ~]$ cat debug.yaml 
> ---
> - name: touch a timestamped file
>   hosts: localhost
>   tasks: 
> - name: touch a file
>   ansible.builtin.command: touch /tmp/ansible-cron
>
> [test-user@fedora ~]$ ansible-playbook debug.yaml 
> PLAY RECAP 
> *
> localhost  : ok=2changed=1unreachable=0   
>  failed=0skipped=0rescued=0ignored=0   
>
> [test-user@fedora ~]$ ll /tmp/ansible-cron 
> -rw-r--r--. 1 test-user test-user 0 Apr 19 17:36 /tmp/ansible-cron
> [test-user@fedora ~]$ rm /tmp/ansible-cron 
>
> As a real user, schedule the previously tested playbook via cron.
>
> [real-user@fedora ansible-cron]$ cat add-cron.yaml 
> ---
> - name: Create a test cronjob to touch a file
>   hosts: localhost
>   become: true
>   tasks: 
> - name: add crontab entry
>
>   ansible.builtin.cron:
> name: This cronjob is scheduled by Ansible
> minute: "*"
> hour: "*"
> day: "*"
> month: "*"
> weekday: "*"
> user: test-user
> job: "ansible-playbook -i localhost /home/test-user/debug.yaml"
> state: present
>
> [real-user@fedora ansible-cron]$ ansible-playbook add-cron.yaml 
>
> PLAY RECAP 
> *
> localhost  : ok=2changed=1unreachable=0   
>  failed=0skipped=0rescued=0ignored=0   
>
> [root@fedora ~]# crontab -l -u test-user
> #Ansible: This cronjob is scheduled by Ansible
> * * * * * ansible-playbook -i localhost /home/test-user/debug.yaml
>
> [root@fedora ~]# systemctl start crond.service
>
> [root@fedora ~]# ll /tmp/ans*
> -rw-r--r--. 1 test-user test-user 0 Apr 19 17:42 /tmp/ansible-cron
>
> For me the level of log info sent to the journal wasn't terribly helpful, 
> so you might want to try stopping the service and running in the foreground 
> with debug for more detail (YMMV depending on distro/config and 
> customisation):
>
> # systemctl stop crond.service
> # crond -n -s -x ext,sch,proc,pars,load,misc
>
>
> On Wed, 19 Apr 2023 at 17:38, John Welby  wrote:
>
>> Yes, there are copy/paste errors as I am transcribing and scrubbing info 
>> from a high-side environment.
>>
>>
>> On Wednesday, April 19, 2023 at 12:21:47 PM UTC-4 Dick Visser wrote:
>>
>>> Also the file name extensions are different (yml vs yaml). Are we 
>>> looking at some copy paste errors?
>>>
>>> On Wed, 19 Apr 2023 at 18:18, 'Rowe, Walter P. (Fed)' via Ansible 
>>> Project  wrote:
>>>
>>>> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i 
>>>> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
>>>>
>>>>
>>>>
>>>>30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
>>>>
>>>>
>>>> These don't match. cron isn't running ansible-playbook. It is trying to 
>>>> run the YAML file itself.
>>>>
>>>> Walter
>>>> --
>>>> Walter Rowe, Division Chief
>>>> Infrastructure Services, OISM
>>>> Mobile: 202.355.4123 <(202)%20355-4123>
>>>>
>>>> On Apr 19, 2023, at 12:08 PM, John Welby  wrote:
>>>>
>>>> ---
>>>> - name: Create a cronjob to patch dev instances
>>>>   hosts: controller
>>>>   tasks: 
>>>> - name: Schedule cron
>>>>   ansible.builtin.cron:
>>>> name: This cronjob is scheduled by Ansible
>>>> minute: "15"
>>>> hour: "12"
>>>> day: "*"
>>>> month: "*"
>>>> weekday: "3"
>>>> user: ec2-user
>>>> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i 
>>>> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
>>>> state: present
>>>>
>>>> crontab -l
>>>>30 15 * * 3 /home/jwelby/ansi

Re: [ansible-project] ansible.builtin.cron

[John Welby]

Yes, there are copy/paste errors as I am transcribing and scrubbing info 
from a high-side environment.


On Wednesday, April 19, 2023 at 12:21:47 PM UTC-4 Dick Visser wrote:

> Also the file name extensions are different (yml vs yaml). Are we looking 
> at some copy paste errors?
>
> On Wed, 19 Apr 2023 at 18:18, 'Rowe, Walter P. (Fed)' via Ansible Project <
> ansible...@googlegroups.com> wrote:
>
>> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i 
>> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
>>
>>
>>
>>30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
>>
>>
>> These don't match. cron isn't running ansible-playbook. It is trying to 
>> run the YAML file itself.
>>
>> Walter
>> --
>> Walter Rowe, Division Chief
>> Infrastructure Services, OISM
>> Mobile: 202.355.4123 <(202)%20355-4123>
>>
>> On Apr 19, 2023, at 12:08 PM, John Welby  wrote:
>>
>> ---
>> - name: Create a cronjob to patch dev instances
>>   hosts: controller
>>   tasks: 
>> - name: Schedule cron
>>   ansible.builtin.cron:
>> name: This cronjob is scheduled by Ansible
>> minute: "15"
>> hour: "12"
>> day: "*"
>> month: "*"
>> weekday: "3"
>> user: ec2-user
>> job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i 
>> dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
>> state: present
>>
>> crontab -l
>>30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml
>>
>> crond.service is active and running
>>
>>
>> Thanks!
>>
>> John
>> On Wednesday, April 19, 2023 at 10:56:07 AM UTC-4 Will McDonald wrote:
>> More information would be helpful here.
>>
>> 1. Can you share your usage of ansible.builtin.cron?
>> 2. Can you share the output of crontab -l for the user you're creating 
>> the cron job for/as, or the contents of /etc/crontab and/or /etc/cron.* ?
>> 3. What's in your cronlog or systemd journal?
>> 4. Obvious question but you do have a vixie cron variant installed and 
>> the appropriate services started? 
>>
>>
>> On Wed, 19 Apr 2023 at 15:26, John Welby  wrote:
>> All,
>>
>> Can a playbook be run by 'job', i.e. instead of a script.
>>
>> I created a playbook that creates an entry in crontab, which it does 
>> successfully, but it does not execute the playbook I specified in job:
>>
>> Thanks!
>>
>> John
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com
>> .
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com
>> .
>>
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>>
> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/DFE1A099-5F3B-4992-8993-CB0B03F7BD26%40nist.gov
>>  
>> <https://groups.google.com/d/msgid/ansible-project/DFE1A099-5F3B-4992-8993-CB0B03F7BD26%40nist.gov?utm_medium=email_source=footer>
>> .
>>
> -- 
> Sent from Gmail Mobile
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/ce8f41d2-237e-48fa-8d80-5da96dca751fn%40googlegroups.com.

Re: [ansible-project] ansible.builtin.cron

[John Welby]

---
- name: Create a cronjob to patch dev instances
  hosts: controller
  tasks: 
- name: Schedule cron
  ansible.builtin.cron:
name: This cronjob is scheduled by Ansible
minute: "15"
hour: "12"
day: "*"
month: "*"
weekday: "3"
user: ec2-user
job: "/home/jwelby/ansible/sub-playbooks/ansible-playbook -i 
dev-hosts /home/jwelby/ansible/sub-playbooks/patching.yml"
state: present

crontab -l
   30 15 * * 3 /home/jwelby/ansible/sub-playbooks/patching.yaml

crond.service is active and running


Thanks!

John
On Wednesday, April 19, 2023 at 10:56:07 AM UTC-4 Will McDonald wrote:

> More information would be helpful here.
>
> 1. Can you share your usage of ansible.builtin.cron?
> 2. Can you share the output of crontab -l for the user you're creating the 
> cron job for/as, or the contents of /etc/crontab and/or /etc/cron.* ?
> 3. What's in your cronlog or systemd journal?
> 4. Obvious question but you do have a vixie cron variant installed and the 
> appropriate services started? 
>
>
> On Wed, 19 Apr 2023 at 15:26, John Welby  wrote:
>
>> All,
>>
>> Can a playbook be run by 'job', i.e. instead of a script.
>>
>> I created a playbook that creates an entry in crontab, which it does 
>> successfully, but it does not execute the playbook I specified in job:
>>
>> Thanks!
>>
>> John
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com?utm_medium=email_source=footer>
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d31172bf-3b3a-4749-882f-437e0401d345n%40googlegroups.com.

[ansible-project] ansible.builtin.cron

[John Welby]

All,

Can a playbook be run by 'job', i.e. instead of a script.

I created a playbook that creates an entry in crontab, which it does 
successfully, but it does not execute the playbook I specified in job:

Thanks!

John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/34c698f9-be82-4e15-a486-3dddb5ebf3ecn%40googlegroups.com.

[ansible-project] Assert that fails with list

[John Harmon]

I have the following assert that works when I specify a single user in my 
variable/list 'username'.  If I change my variable to a list of names, this 
fails, but I don't understand how to fix it.  I have tried multiple things 
(ie with_items), but nothing is working for me.  I am sure I just have 
syntax issues.  Could use some guidance.

- assert:
that: ansible_facts.getent_passwd[user] != none
fail_msg:  User doesn't exist
success_msg: Users exists
  failed_when: false
  when: not remove_user

Failure with list:
FAILED! => {"msg": "The conditional check 
'ansible_facts.getent_passwd[user] != none' failed. The error was: error 
while evaluating conditional (ansible_facts.getent_passwd[user] != none): 
'user' is undefined"}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/35fd6cb7-174b-484d-9be3-074f11ccee82n%40googlegroups.com.

Re: [ansible-project] Synchronize module troubleshoot

[John Petro]

I would look at the ssh log on the client.  If it's just sitting there,
that tells me that your problem may be elsewhere, and not with the
synchronize module.  Also, make sure that rsync is installed on the client
as well, that is a requirement.  Although, I think if it weren't there,
that synchronize would complain about that.  I would also try something
like an ansible ping or something, using the same user, etc to try and
further narrow the scope of the problem down.

--John

On Sat, Dec 17, 2022 at 5:20 PM Indirajith V  wrote:

> Thank you John,
>
> The entire output is as follows. I don't get any error, it just waits
> forever without returning anything, I have to end it by ctrl+c.
>
> ```
>  ESTABLISH SSH CONNECTION FOR USER: ansibleuser
>  SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o 'User="ansibleuser"' -o ConnectTimeout=10
> -o ControlPath=/home/user/.ansible/cp/be86fc6f7e a.b.c.d '/bin/sh -c
> '"'"'echo ~ansibleuser && sleep 0'"'"''
>  (0, b'/home/ansibleuser\n', b'OpenSSH_8.2p1 Ubuntu-4ubuntu0.3,
> OpenSSL 1.1.1f  31 Mar 2020\r\ndebug1: Reading configuration data
> /etc/ssh/ssh_config\r\ndebug1: /etc/ssh/ssh_config line 19: include
> /etc/ssh/ssh_config.d/*.conf matched no files\r\ndebug1:
> /etc/ssh/ssh_config line 21: Applying options for *\r\ndebug2:
> resolve_canonicalize: hostname a.b.c.d is address\r\ndebug1: auto-mux:
> Trying existing master\r\ndebug2: fd 3 setting O_NONBLOCK\r\ndebug2:
> mux_client_hello_exchange: master version 4\r\ndebug3: mux_client_forwards:
> request forwardings: 0 local, 0 remote\r\ndebug3:
> mux_client_request_session: entering\r\ndebug3: mux_client_request_alive:
> entering\r\ndebug3: mux_client_request_alive: done pid = 2164684\r\ndebug3:
> mux_client_request_session: session request sent\r\ndebug3:
> mux_client_read_packet: read header failed: Broken pipe\r\ndebug2: Received
> exit status from master 0\r\n')
>  ESTABLISH SSH CONNECTION FOR USER: ansibleuser
>  SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o 'User="ansibleuser"' -o ConnectTimeout=10
> -o ControlPath=/home/user/.ansible/cp/be86fc6f7e a.b.c.d '/bin/sh -c '"'"'(
> umask 77 && mkdir -p "` echo /home/ansibleuser/.ansible/tmp `"&& mkdir "`
> echo
> /home/ansibleuser/.ansible/tmp/ansible-tmp-1671315155.764345-2164717-127377077541884
> `" && echo ansible-tmp-1671315155.764345-2164717-127377077541884="` echo
> /home/ansibleuser/.ansible/tmp/ansible-tmp-1671315155.764345-2164717-127377077541884
> `" ) && sleep 0'"'"''
>  (0,
> b'ansible-tmp-1671315155.764345-2164717-127377077541884=/home/ansibleuser/.ansible/tmp/ansible-tmp-1671315155.764345-2164717-127377077541884\n',
> b'OpenSSH_8.2p1 Ubuntu-4ubuntu0.3, OpenSSL 1.1.1f  31 Mar 2020\r\ndebug1:
> Reading configuration data /etc/ssh/ssh_config\r\ndebug1:
> /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched
> no files\r\ndebug1: /etc/ssh/ssh_config line 21: Applying options for
> *\r\ndebug2: resolve_canonicalize: hostname a.b.c.d is address\r\ndebug1:
> auto-mux: Trying existing master\r\ndebug2: fd 3 setting
> O_NONBLOCK\r\ndebug2: mux_client_hello_exchange: master version
> 4\r\ndebug3: mux_client_forwards: request forwardings: 0 local, 0
> remote\r\ndebug3: mux_client_request_session: entering\r\ndebug3:
> mux_client_request_alive: entering\r\ndebug3: mux_client_request_alive:
> done pid = 2164684\r\ndebug3: mux_client_request_session: session request
> sent\r\ndebug3: mux_client_read_packet: read header failed: Broken
> pipe\r\ndebug2: Received exit status from master 0\r\n')
> <137.44.6.56> Attempting python interpreter discovery
>  ESTABLISH SSH CONNECTION FOR USER: ansibleuser
>  SSH: EXEC ssh -vvv -C -o ControlMaster=auto -o
> ControlPersist=60s -o StrictHostKeyChecking=no -o
> KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o 'User="ansibleuser"' -o ConnectTimeout=10
> -o ControlPath=/home/user/.ansible/cp/be86fc6f7e a.b.c.d '/bin/sh -c
> '"'"'echo PLATFORM; uname; echo FOUND; command -v
> '"'"'"'"'"'"'"'"'/usr/bin/python'"'"'"'"'"'"'"'"'; command -v
> '"'"'"'"'"'"'

Re: [ansible-project] Synchronize module troubleshoot

[John Petro]

If possible, can you post the entire output?  That looks like it's just the
ssh connect string, and I am not seeing any error there, which makes me
think the error is probably elsewhere in your output.

--John


On Sat, Dec 17, 2022 at 2:04 PM Indirajith V  wrote:

> Hi all,
>
> I am new to Ansible and trying to use synchronize module, but it just
> stuck in the middle and I can not figure out how to troubleshoot this. Can
> anyone help?
>
> <> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o
> StrictHostKeyChecking=no -o KbdInteractiveAuthentication=no -o
> PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey
> -o PasswordAuthentication=no -o 'User="ansibleuser"' -o ConnectTimeout=10
> -o ControlPath=/home/abc/.ansible/cp/be86fc6f7e -tt xxx.xxx.xxx.xxx
> '/bin/sh -c '"'"'/usr/bin/python3
> /home/ansibleuser/.ansible/tmp/ansible-tmp-1671215842.4024777-2122152-168151047792095/AnsiballZ_synchronize.py
> && sleep 0'"'"'
>
> Thank you,
> Indirajith
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/ddf82aa8-5f79-40b1-9648-41f4a1ec10b9n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/ddf82aa8-5f79-40b1-9648-41f4a1ec10b9n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_tZ2gf%3DKgS10wQw0NnAAb6aTgExjQe4MS7jVF-KpmODA%40mail.gmail.com.

[ansible-project] password errors importing windows ssl certificate

[John Veliss]

I am trying to import a certificate using both 

1. win_certificate_store
 - name: Import certificate be used by IIS
win_certificate_store:
  path: c:\temp\SDCW.abc.com.pfx
  password: test01
  state: present
  file_type: pkcs12
  store_location: LocalMachine
  store_name: My
  key_storage: machine
  key_exportable: yes
become: yes
become_method: runas
become_user: SYSTEM

2. win_shell + Import-PfxCertificate
 - name: Import certificate to be used by IIS, using win_shell (powershell)
win_shell: |
  $securePassword = "test01"
  $mypwd = ConvertTo-SecureString -String $securePassword -Force 
-AsPlainText
  $certFilePath = "c:\temp\SDCW.abc.com.pfx"
  Import-PfxCertificate -FilePath $certFilePath -CertStoreLocation 
cert:\LocalMachine\My -Exportable -Password $mypwd

Both ways always give me errors relating to password

The specified network password is not correct

I am able to run the above PS script locally on my local computer and 
import the cert successfully, so I know the password is correct.

If anyone has any ideas, it would be appreciated.

Thanks


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/43e3ca3c-cb3e-4388-a94f-778cf196be80n%40googlegroups.com.

[ansible-project] Register var from copy buffer

[John Harmon]

I have a command that I run on my local machine.  It doesn't send anything 
to screen, rather, it just copies some content to my copy buffer.  I would 
like to register the buffer content to a variable.  How can I do this?


-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/a32e4645-6371-4ece-9faf-5c1e7602e936n%40googlegroups.com.

Re: [ansible-project] rsync failure

[John Petro]

Have you run the playbook in verbose mode to get more detail?  Maybe
there's a mis-spelling in the inventory hostname you used or something in
the inventory.

The only other idea I have is to copy/paste the msg section that starts
with "Could" into your search engine of choice and see what comes up
there.

--John


On Mon, Aug 1, 2022, 7:07 AM Ashok Reddy  wrote:

> Hi Team,
>
> whatever i've mentioned the inventory hostname just ref i.e not the actual
> one.
>
> On Mon, Aug 1, 2022 at 4:18 PM Dick Visser  wrote:
>
>>
>>
>> On Mon, 1 Aug 2022 at 12:23, Ashok Reddy  wrote:
>>
>>> ---
>>>
>>> - hosts: all
>>>
>>>   become: true
>>>
>>>   become_method: sudo
>>>
>>>   gather_facts: true
>>>
>>>   tasks:
>>>
>>> - name: block
>>>
>>>   block:
>>>
>>> - name: rsync
>>>
>>>   command: "cat /proc/meminfo"
>>>
>>>   rescue:
>>>
>>> - debug:
>>>
>>> msg: proceed to install
>>>
>>> - name: install rsync
>>>
>>>   dnf:
>>>
>>> name: rsync
>>>
>>> state: present
>>>
>>>   delegate_to: localhost
>>>
>>> - name: sync
>>>
>>>   ansible.posix.synchronize:
>>>
>>> src: /root
>>>
>>> dest: /root
>>>
>>>   delegate_to: inventory hostname
>>>
>>>
>>> Error:
>>>
>>>
>>>  FAILED! => {"changed": false, "msg": "Could not determine controller
>>> hostname for rsync to send to"}
>>>
>>
>>
>> The listeral string "inventory hostname" is not a valid hostname. Fix
>> that.
>> Also, "become_method: sudo" and "gather_facts: true" are both the same as
>> the defaults, so you can leave that out.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAF8BbLa4-JSaG5%2BB2yQ0%2BRm_S-t4JgayH6TJKfxS97%2Bz0Kwinw%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAF8BbLa4-JSaG5%2BB2yQ0%2BRm_S-t4JgayH6TJKfxS97%2Bz0Kwinw%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAKRLcHg2Sbjz7Ysgkvb5NsFjn9xdm%3DwmVzn4ja4iSTz9BKUpTQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAKRLcHg2Sbjz7Ysgkvb5NsFjn9xdm%3DwmVzn4ja4iSTz9BKUpTQ%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8hCdxBzPhP2CwhbEg6bq%3D9m-Gic4Cor2X%2BL50dHXdfyw%40mail.gmail.com.

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

glad to hear that you got it working.  Now on to the next thing, right?
hehe

--John

On Fri, Jul 22, 2022, 6:20 PM Tony Wong  wrote:

> ok finally got it working. Thanks all for your help
>
> ---
> # tasks file for createuser
> - include_vars:
>dir: vars
>
>#- name: copy id_rsa.pub to tmp for reading
>#ansible.builtin.shell:
># cmd: "{{ command2 }}"
>#register: shell_output
>#become: true
>#delegate_to: localhost
>
> - name: read id_rsa.pub
>   slurp:
> path: "{{ authorized_key }}"
>   become: yes
>   delegate_to: localhost
>   register: rke_pub_key
>
> - name: create user rke
>   ansible.builtin.user:
> name: '{{ username }}'
> shell: '{{ shell }}'
> generate_ssh_key: yes
> create_home: yes
> groups: [ "{{ group1 }}", "{{ group2 }}" ]
> append: yes
> ssh_key_file: .ssh/id_rsa
>   become: true
>
> - name: Make sure we have a 'wheel' group
>   group:
> name: wheel
> state: present
>
> - name: Allow 'wheel' group to have passwordless sudo
>   lineinfile:
> dest: /etc/sudoers
> state: present
> regexp: '^%wheel'
> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
> validate: 'visudo -cf %s'
>
> - name: Setup authkeys for user rke
>   become: true
>   authorized_key:
> user: '{{ username }}'
> state: present
> *key: "{{ rke_pub_key['content'] | b64decode }}"*
> validate_certs: false
>
> On Fri, Jul 22, 2022 at 3:02 PM Tony Wong  wrote:
>
>> ok now getting different error
>>
>>
>>
>> ASK [rancherpocreplay : Setup authkeys for user rke]
>> 
>> [WARNING]: The value {'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI
>>
>> 0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVt
>>
>> VVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT
>>
>> 2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0rOFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3
>> g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhdGVkIG9uIGs4Z3VpCg==',
>> 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
>> False, 'encoding': 'base64', 'failed': False} (type dict) in a string
>> field was converted to u"{'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZ
>>
>> zNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdW
>>
>> VrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2Q
>>
>> zbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowYitXWlR5WmdZYzgvY295Vi8wb293L3VOMHB6bTl3L1k4VnlUWURxdk5ZSGJnem0r
>>
>> OFJTRmRKc25qOTdYU05OY3hWZXA4N2QwY2d2Tk5ERWU5dXVmdkl6eVBOZmh3Y2dvYlhTampzU3g0b0tGc216eWlaWGFJVnZaYmRzYzk3Z3J5ZytWUXBmemYyRkhuanBrTExsYlMwclhhc3FQbmJCL2s9IGFuc2libGUtZ2VuZXJhd
>> GVkIG9uIGs4Z3VpCg==', 'source': '/home/rke/.ssh/id_rsa.pub', 'changed':
>> False, 'encoding': 'base64', 'failed': False}" (type string). If this does
>> not look like what you
>> expect, quote the entire value to ensure it does not change.
>> fatal: [k8node01]: FAILED! => {"changed": false, "msg": "invalid key
>> specified: {'content':
>> 'c3NoLXJzYSBBQUFBQjNOemFDMXljMkVBQUFBREFRQUJBQUFCZ1FERjhsU2I2d01VZzNBaWwrd1I5ajZGTFViMzE1eWp4WkpFY0huQkV6a0lwNG5rZ2RqbVpiWHFUb3FwN0hGMkdydUI0RnRzNldJMjFXQVhtSGFKekkyUXlJdHhPdjJ4R1VoVnFlTUM3MkIxZUJVaHNDNHlOZXh4VTZLN200MXVFTVJxVEFVR2wweFZZdWVrYk00S0dXWlpSMXhMWVFXcElWN1dPY2hYbklDcnl6TDNIYkdvL01weGxGTWxBVmdQcGp4dWVtVVNycnQ3c1VpanVBK09aTGNScTlzOVg5aHZkeGZ0YUdPNEhndlFvWmV0cEgvTnFySitZUENKMjRzSC9BM0hRcEhsYVhVemdYa2QzbUpIdzdBOFBzcExESjBmbHN6L2hqbWhnQmF6OWN1SmZaQUp1eWxsbUk3NXpRekFRRklFYUtMT2RVRW5XQWR3a2F3N1FnWXZGbmZwODk3SVowY

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

The one thing I will add to this, is that if you are using ansible 2.9.x,
make sure you are looking at that version of the docs.  Some of the
problems you might be having could be from exactly what Todd was getting
at.  This goes for the module that was suggested to you earlier for this
task. ( the ssh_key module ) if you haven't already looked at the 2.9
specific documentation.

When it comes to this, I also have found google to be my friend in these
cases.  It will many times, point me to a github repository where someone
has written something similar to what I am trying to do, which definitely
has helped get me on the right track more than a few times.  Hope you are
able to get this worked out.

--John

On Fri, Jul 22, 2022 at 4:28 PM Todd Lewis  wrote:

> The error message is pretty clear: the command module doesn't have a "cmd"
> parameter. (Then it helpfully lists the parameters it does have.)
> You could say
>
>   ansible.builtin.shell: "{{ command2 }}"
>
> But Brian already gave you a solution, which I'll repeat here:
> You either need to run ansible-playbook as a user with permissions (rke,
> root?)
> or use a task to read the file while using privilege escalation (become):
>  - slurp:
>  path: , '*/home/rke/*.ssh/id_rsa.pub'
>become: yes
>delegate_to: localhost
>register: rke_pub_key
> This is the equivalent of you doing `sudo cat */home/rke/*.ssh/id_rsa.pub'
> (lookups always run 'locally and are not affected by become, which only
> affects the 'remote' side of a task).
>
>
>
> On Friday, July 22, 2022 at 2:06:55 PM UTC-4 tdub...@gmail.com wrote:
>
>>
>> trying to do this another way
>>
>> - name: copy id_rsa.pub to tmp for reading on localhost
>>   ansible.builtin.shell:
>> cmd: "{{ command2 }}"
>>   register: shell_output
>>   become: true
>>   delegate_to: localhost
>>
>>
>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>
>> I am trying to run this only on the ansible controller (localhost)
>>
>> but it looks like its trying to run on remote nodes
>>
>>
>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>> "Unsupported parameters for (command) module: cmd Supported parameters
>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>
>>
>> any idea?
>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>
>>> do you mean something like this?
>>>
>>>
>>> ---
>>> # tasks file for createuser
>>> - include_vars:
>>>dir: vars
>>>
>>>
>>>
>>>
>>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>>
>>> - name: create user rke
>>>   ansible.builtin.user:
>>> name: '{{ username }}'
>>> shell: '{{ shell }}'
>>> generate_ssh_key: yes
>>> create_home: yes
>>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>>> append: yes
>>> ssh_key_file: .ssh/id_rsa
>>>   become: true
>>>
>>> - name: Make sure we have a 'wheel' group
>>>   group:
>>> name: wheel
>>> state: present
>>>
>>> - name: Allow 'wheel' group to have passwordless sudo
>>>   lineinfile:
>>> dest: /etc/sudoers
>>> state: present
>>> regexp: '^%wheel'
>>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>>> validate: 'visudo -cf %s'
>>>
>>>
>>> - name: Setup authkeys for user rke
>>>   become: true
>>>
>>>   authorized_key:
>>> user: '{{ username }}'
>>> state: present
>>> key: auth_key
>>>
>>>
>>>
>>> On Thu, Jul 21, 2022 

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

What ansible version do you have installed

On Fri, Jul 22, 2022 at 2:37 PM Tony Wong  wrote:

> still failed
>
> TASK [rancherpocreplay : copy id_rsa.pub to tmp for reading]
> *
> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>
> On Fri, Jul 22, 2022 at 11:32 AM John Petro  wrote:
>
>> just for giggles, have you tried putting a sudo in front of your
>> command?  I am not saying this would work, but just curious if maybe the
>> "become" is being honored on the remote site only, so locally it might
>> still be running as whatever local user you are running the ansible
>> playbook as.
>>
>> On Fri, Jul 22, 2022 at 2:21 PM Tony Wong  wrote:
>>
>>> trying to copy id_rsa.pub for a user (rke) on my ansible controller to
>>> authorized_keys on remote hosts
>>>
>>> I am running ansible playbook as user ansible
>>>
>>> since ansible user cannt access /home/rke/.ssh, it cannot lookup the pub
>>> key
>>>
>>> I tried elevating privileges on lookup tasks and cannot do it
>>>
>>>
>>>
>>> On Fri, Jul 22, 2022 at 11:12 AM John Petro 
>>> wrote:
>>>
>>>> I am sure you have mentioned this before, so forgive me if it's a
>>>> repeat. I couldn't find the email in my inbox.  What is it you are trying
>>>> to do again?
>>>>
>>>> On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:
>>>>
>>>>>
>>>>> trying to do this another way
>>>>>
>>>>> - name: copy id_rsa.pub to tmp for reading on localhost
>>>>>   ansible.builtin.shell:
>>>>> cmd: "{{ command2 }}"
>>>>>   register: shell_output
>>>>>   become: true
>>>>>   delegate_to: localhost
>>>>>
>>>>>
>>>>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>>>>
>>>>> I am trying to run this only on the ansible controller (localhost)
>>>>>
>>>>> but it looks like its trying to run on remote nodes
>>>>>
>>>>>
>>>>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>>>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>>>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>>>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>>>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>>>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>>>>
>>>>>
>>>>> any idea?
>>>>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>>>>
>>>>>> do you mean something like this?
>>>>>>
>>>>>>
>>>>>> ---
>>>>>> # tasks file for createuser
>>>>>> - include_vars:
>>>>>>dir: vars
>>>&

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

just for giggles, have you tried putting a sudo in front of your command?
I am not saying this would work, but just curious if maybe the "become" is
being honored on the remote site only, so locally it might still be running
as whatever local user you are running the ansible playbook as.

On Fri, Jul 22, 2022 at 2:21 PM Tony Wong  wrote:

> trying to copy id_rsa.pub for a user (rke) on my ansible controller to
> authorized_keys on remote hosts
>
> I am running ansible playbook as user ansible
>
> since ansible user cannt access /home/rke/.ssh, it cannot lookup the pub
> key
>
> I tried elevating privileges on lookup tasks and cannot do it
>
>
>
> On Fri, Jul 22, 2022 at 11:12 AM John Petro  wrote:
>
>> I am sure you have mentioned this before, so forgive me if it's a repeat.
>> I couldn't find the email in my inbox.  What is it you are trying to do
>> again?
>>
>> On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:
>>
>>>
>>> trying to do this another way
>>>
>>> - name: copy id_rsa.pub to tmp for reading on localhost
>>>   ansible.builtin.shell:
>>> cmd: "{{ command2 }}"
>>>   register: shell_output
>>>   become: true
>>>   delegate_to: localhost
>>>
>>>
>>> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>>>
>>> I am trying to run this only on the ansible controller (localhost)
>>>
>>> but it looks like its trying to run on remote nodes
>>>
>>>
>>> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
>>> "Unsupported parameters for (command) module: cmd Supported parameters
>>> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
>>> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>>>
>>>
>>> any idea?
>>> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>>>
>>>> do you mean something like this?
>>>>
>>>>
>>>> ---
>>>> # tasks file for createuser
>>>> - include_vars:
>>>>dir: vars
>>>>
>>>>
>>>>
>>>>
>>>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>>>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>>>
>>>> - name: create user rke
>>>>   ansible.builtin.user:
>>>> name: '{{ username }}'
>>>> shell: '{{ shell }}'
>>>> generate_ssh_key: yes
>>>> create_home: yes
>>>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>>>> append: yes
>>>> ssh_key_file: .ssh/id_rsa
>>>>   become: true
>>>>
>>>> - name: Make sure we have a 'wheel' group
>>>>   group:
>>>> name: wheel
>>>> state: present
>>>>
>>>> - name: Allow 'wheel' group to have passwordless sudo
>>>>   lineinfile:
>>>> dest: /etc/sudoers
>>>> state: present
>>>> regexp: '^%wheel'
>>>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>>>> validate: 'visudo -cf %s'
>>>>
>>>>
>>>> - name: Setup authkeys for user rke
>>>>   become: true
>>>>
>>>>   authorized_key:
>>>> user: '{{ username }}'
>>>> state: present
>>>> key: auth_key
>>>>
>>>>
>>>>
>>>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>>>>
>>>>> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>>>>> >
>>>>> > yes it does, but the user (ansible) i am running the playbook with
>>>>> even though it has sudo rights and in root group cant access that folder.
>&g

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

I am sure you have mentioned this before, so forgive me if it's a repeat. I
couldn't find the email in my inbox.  What is it you are trying to do
again?

On Fri, Jul 22, 2022 at 2:07 PM Tony Wong  wrote:

>
> trying to do this another way
>
> - name: copy id_rsa.pub to tmp for reading on localhost
>   ansible.builtin.shell:
> cmd: "{{ command2 }}"
>   register: shell_output
>   become: true
>   delegate_to: localhost
>
>
> where command2 is 'cp /home/rke/.ssh/id_rsa.pub /tmp'
>
> I am trying to run this only on the ansible controller (localhost)
>
> but it looks like its trying to run on remote nodes
>
>
> fatal: [k8node02 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8master -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
> fatal: [k8node01 -> localhost]: FAILED! => {"changed": false, "msg":
> "Unsupported parameters for (command) module: cmd Supported parameters
> include: _raw_params, _uses_shell, argv, chdir, creates, executable,
> removes, stdin, stdin_add_newline, strip_empty_ends, warn"}
>
>
> any idea?
> On Thursday, July 21, 2022 at 9:42:44 AM UTC-7 Tony Wong wrote:
>
>> do you mean something like this?
>>
>>
>> ---
>> # tasks file for createuser
>> - include_vars:
>>dir: vars
>>
>>
>>
>>
>> *- name: Get id_rsa.pub from localhost  set_fact:auth_key: "{{
>> lookup('file', '/home/rke/.ssh/id_rsa.pub')}}"  delegate_to: localhost*
>>
>> - name: create user rke
>>   ansible.builtin.user:
>> name: '{{ username }}'
>> shell: '{{ shell }}'
>> generate_ssh_key: yes
>> create_home: yes
>> groups: [ "{{ group1 }}", "{{ group2 }}" ]
>> append: yes
>> ssh_key_file: .ssh/id_rsa
>>   become: true
>>
>> - name: Make sure we have a 'wheel' group
>>   group:
>> name: wheel
>> state: present
>>
>> - name: Allow 'wheel' group to have passwordless sudo
>>   lineinfile:
>> dest: /etc/sudoers
>> state: present
>> regexp: '^%wheel'
>> line: '%wheel ALL=(ALL) NOPASSWD: ALL'
>> validate: 'visudo -cf %s'
>>
>>
>> - name: Setup authkeys for user rke
>>   become: true
>>
>>   authorized_key:
>> user: '{{ username }}'
>> state: present
>> key: auth_key
>>
>>
>>
>> On Thu, Jul 21, 2022 at 7:48 AM Dick Visser  wrote:
>>
>>> On Thu, 21 Jul 2022 at 16:32, Tony Wong  wrote:
>>> >
>>> > yes it does, but the user (ansible) i am running the playbook with
>>> even though it has sudo rights and in root group cant access that folder.
>>>
>>>
>>> Your authorized_keys task is run on the remote host, but using the
>>> lookup/file plugin in one of the arguments doesn't allow for privilege
>>> escalation locally.
>>> I think for fetching the materials, you should have an initial
>>> set_fact task with delegate_to=localhost and set become=true on that.
>>>
>>> (not verified)
>>>
>>>
>>>
>>> > i tried to copy the id_rsa.pub to /tmp and it works
>>> >
>>> > On Thu, Jul 21, 2022 at 7:10 AM John Petro 
>>> wrote:
>>> >>
>>> >> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
>>> ansible playbook from?  Also, what happens if you try to do a ls on that
>>> directory as the user that is executing the ansible playbook, are you
>>> getting any errors?
>>> >>
>>> >> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>>> >>>
>>> >>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected
>>> paths (use -v to see paths)
>>> >>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception
>>> occurred while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> 

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

Sounds like you have a local permissions issue.

On Thu, Jul 21, 2022 at 10:32 AM Tony Wong  wrote:

> yes it does, but the user (ansible) i am running the playbook with even
> though it has sudo rights and in root group cant access that folder.
>
> i tried to copy the id_rsa.pub to /tmp and it works
>
> On Thu, Jul 21, 2022 at 7:10 AM John Petro  wrote:
>
>> Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
>> ansible playbook from?  Also, what happens if you try to do a ls on that
>> directory as the user that is executing the ansible playbook, are you
>> getting any errors?
>>
>> On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:
>>
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
>>> (use -v to see paths)
>>> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
>>> while running the lookup plugin 'file'. Error was a >> 'ansible.errors.AnsibleError'>, original message: could not locate file in
>>> lookup: /home/rke/.ssh/id_pub.rsa"}
>>>
>>> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>>>
>>>> how do i access to lookup the id_rsa.pub file? The user running ansible
>>>> playbook has sudo rights on the controller
>>>>
>>>> On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>>>>
>>>>> It would have root access — on the target machine, but not on the
>>>>> Ansible controller.
>>>>>
>>>>> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com
>>>>> wrote:
>>>>>
>>>>>> But I used become: in my main.yml
>>>>>>
>>>>>> Would that have root access?
>>>>>>
>>>>> --
>>>>> You received this message because you are subscribed to a topic in the
>>>>> Google Groups "Ansible Project" group.
>>>>> To unsubscribe from this topic, visit
>>>>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>>>>> .
>>>>> To unsubscribe from this group and all its topics, send an email to
>>>>> ansible-project+unsubscr...@googlegroups.com.
>>>>> To view this discussion on the web visit
>>>>> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
>>>>> <https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com?utm_medium=email_source=footer>
>>>>> .
>>>>>
>>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com
>>> <https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com?utm_medium=email_source=footer>
>>> .
>>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Ansible Project" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>> .
>> To unsubscribe from this group and all its topics, send an email to
>> ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob8Kz3CmwXpnREAMYW_omF0J5HuEz

Re: [ansible-project] how do i lookup id_rsa.pub on a host and copy it to authorized keys on multiple servers

[John Petro]

Does /home/rke/.ssh/id_pub.rsa exist on the host you are running the
ansible playbook from?  Also, what happens if you try to do a ls on that
directory as the user that is executing the ansible playbook, are you
getting any errors?

On Thu, Jul 21, 2022 at 9:09 AM Tony Wong  wrote:

> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
> (use -v to see paths)
> fatal: [k8master]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
> (use -v to see paths)
> fatal: [k8node01]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
> [WARNING]: Unable to find '/home/rke/.ssh/id_pub.rsa' in expected paths
> (use -v to see paths)
> fatal: [k8node02]: FAILED! => {"msg": "An unhandled exception occurred
> while running the lookup plugin 'file'. Error was a  'ansible.errors.AnsibleError'>, original message: could not locate file in
> lookup: /home/rke/.ssh/id_pub.rsa"}
>
> On Thu, Jul 21, 2022 at 5:32 AM Tony Wong  wrote:
>
>> how do i access to lookup the id_rsa.pub file? The user running ansible
>> playbook has sudo rights on the controller
>>
>> On Wed, Jul 20, 2022 at 4:31 PM Todd Lewis  wrote:
>>
>>> It would have root access — on the target machine, but not on the
>>> Ansible controller.
>>>
>>> On Wednesday, July 20, 2022 at 6:24:24 PM UTC-4 tdub...@gmail.com wrote:
>>>
 But I used become: in my main.yml

 Would that have root access?

>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Ansible Project" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/ansible-project/gkaigHAiAC0/unsubscribe
>>> .
>>> To unsubscribe from this group and all its topics, send an email to
>>> ansible-project+unsubscr...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/420506bd-39ce-4cc5-b6c5-58a65b3a3e3bn%40googlegroups.com
>>> 
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CALmkhkohoHcMf3KBDbprOgPPZkyQTvALAyH%2Bov%2Bnr_OcCz1koA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8Kz3CmwXpnREAMYW_omF0J5HuEz5UtMACrSG7sMnSitw%40mail.gmail.com.

Re: [ansible-project] Ansible playbook to monitor disk space utilization and generate alert

[John Petro]

If you are looking to learn, one of the first things I learned to do, was I
wrote a playbook, that would set up everything I needed when I would load
an OS on one of my Raspberry Pi devices.

--John

On Mon, Jul 18, 2022 at 4:24 PM Amit Das  wrote:

> Thank you for your suggestion. We already have Dynatrace at work.
> For my learning purposes, I wanted to write a playbook.
>
> Kind regards,
> Amit
>
> On Mon, 18 Jul 2022 at 22:01, Dick Visser  wrote:
>
>> On Mon, 18 Jul 2022 at 20:18, Amit Das  wrote:
>> >
>> > Dear All,
>> >
>> > I am relatively new to Ansible. Could someone please guide me on
>> writing a playbook which runs hourly to monitor the disk space and
>> generates an email alert if the threshold is breached?
>>
>> Ansible is a configuration management tool. You should not waste
>> effort trying to shoehorn ansible into some home grown service
>> monitoring tool.
>> Instead, use a dedicated service monitoring tool for that job.
>> Picking the right one is outside the scope of this list, but there is
>> plenty of information out there, take a look at zabbix, nagios, etc.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAF8BbLa1PDhep9dOqhjK7GdnV8y%3DzGOYRM26e7LsuQhqCxkf8A%40mail.gmail.com
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CALEnQg-MVLZLm--YeEiRZkPje9nG8SpirogNYooxKxJ0abN6iw%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CALEnQg-MVLZLm--YeEiRZkPje9nG8SpirogNYooxKxJ0abN6iw%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_MyYYFwgQGy04DkuU-mGcue%2BauJZsvy0DP4yq_4ccNKA%40mail.gmail.com.

Re: [ansible-project] nested roles

[John Petro]

That's really where I come down.  I'd rather see all dependancies in the
playbook, to avoid potential problems down the road.

On Tue, Jun 21, 2022, 6:13 PM Brian Coca  wrote:

> Yes, but that is not a commonly held view, why 'dependencies' exist,
> so I suggest using import/include_role instead ... if i cannot
> convince people of avoiding role 'trees'.
>
>
> --
> --
> Brian Coca
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7cqGgnT4qaz60m4AdT6zW977AyiAMBf9N3dLJ3K4v8_XQ%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob94QrGhOxfq35pis-mk49OHkHsr_iozrS_f7q6wicgP3g%40mail.gmail.com.

Re: [ansible-project] nested roles

[John Petro]

@Brian Coca,
   So what you are suggesting, when you say you "prefer to keep things
simple and obvious" is that you suggest keeping the import statements in
the playbook that calls the role, not really inside the role itself, is
that what I am understanding you to mean by that?

--John

On Tue, Jun 21, 2022 at 11:45 AM Brian Coca  wrote:

> I prefer to keep things simple and obvious, I would keep role imports
> to the play, not everyone agrees and many use complex role
> hierarchies.
>
> If it is a choice between setting 'dependencies' (which imports a role
> from a role) and import_role, I always advise to use the latter.
> reasons against dependencies:
> - it is hidden in the 'meta' so it adds 'yet another file' to find out
> the task flow
> - they execute prior to the role with a lot of rules to which
> variables and keywords are inherited
> - the dependent is also the parent, which many find counterintuitive
> - the import always happens, conditionals are appended to the
> tasks/handlers on execution
>
> with import/include:
> - inheritance is clear, set at the time of import/inclusion (import
> directly,  include via apply option)
> - with include_role you can avoid importing at all, import_role
> behaves closer to roles:/dependencies
> - finer control on when to execute
> - you can dynamically choose the role and/or entry points for the role
> (tasks_from/vars_from/etc)
>
> Currently the only advantage of dependency over include/import is that
> it is both runtime and install time so you don't need to add the role
> to 'requirements' file, which can be dealt with if we automate
> requirements file creation (some issues with dynamic role selection,
> but should work for static references).
>
> --
> Brian Coca
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CACVha7cJWniX7iYMVN7SmPDdvim_wVDyWD9ppnjS_xnvMN%3D3fQ%40mail.gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9BGF9NiLszJRo0ojx0_maOgKaLx_2bs%2BT9UWGD%3DgLn5Q%40mail.gmail.com.

Re: [ansible-project] nested roles

[John Petro]

Paul,
  Thanks for that feedback.  Definitely some things to think about here for
sure.  I thought I had remembered reading somewhere that is wasn't a great
idea, and was not able to figure out where I had read that so I am glad you
brought up that it wasn't recommended with earlier versions.  My thought,
is that if a role is being imported inside a role to make sure that
dependencies were met, that it might be better done in the master playbook,
instead of the role to make debugging easier.  I am sure there are other
reasons too but that is one of the first things that came to mind.

--John

On Sun, Jun 19, 2022 at 10:30 AM Paul Manno  wrote:

> Hello flowerysong,
>
> I'm sure it was the case, at least with older versions of ansible, that
> the doc included a statement that roles should not be included from other
> roles and that the dependency mechanism should be used instead. Looking at
> the link you posted, that feature has only been available since v2.10. I'm
> using AWX, running 2.9, and the official RedHat ansible tower is only up to
> ansible 2.9.27. That suggests that the feature you're referencing wouldn't
> even work in Tower or AWX? Are you using tower and/or AWX and are you able
> to use that feature? Another question world be about dependencies for the
> roles you import because older roles may still use the older meta/main.yml
> which would not be evaluated on role import?
>
> So maybe we are finding even more reason to not import roles in roles due
> to backwards compatibility issues?
>
>
>
> Sent from my T-Mobile 5G Device
> Get Outlook for Android <https://aka.ms/AAb9ysg>
> --
> *From:* ansible-project@googlegroups.com 
> on behalf of flowerysong 
> *Sent:* Saturday, June 18, 2022 11:45:26 PM
> *To:* Ansible Project 
> *Subject:* Re: [ansible-project] nested roles
>
> I highly disagree with this, and would be interested in a pointer to the
> documentation that you say claims "importing a role in the tasks of another
> role is a bad idea" since I've never seen that in the official Ansible
> documentation.
>
> Explicitly importing or including the role provides more control over
> execution order, and ansible-galaxy can still handle dependency install by
> listing them in meta/requirements.yml (
> https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#using-meta-requirements-yml
> )
>
> On Saturday, June 18, 2022 at 11:33:55 AM UTC-4 pgm...@gmail.com wrote:
>
> Hi John,
>
> Per ansible doc, you should not import a role within another role.
> Instead, you should use the built in dependencies model. Importing a role
> in the tasks of another role is a bad idea because it reduces the
> portability of the role. You'd have to guarantee that the role you're using
> and the role you import are both present in your roles dir. The dependency
> model ansible provides solves this problem by leveraging the ansible galaxy
> command to pull dependencies from remote repositories.
>
> Paul
>
> Sent from my T-Mobile 5G Device
> Get Outlook for Android <https://aka.ms/AAb9ysg>
>
> --
> *From:* ansible...@googlegroups.com  on
> behalf of John Petro 
> *Sent:* Friday, June 17, 2022, 3:26 PM
> *To:* ansible...@googlegroups.com 
> *Subject:* [ansible-project] nested roles
>
> I have a question regarding nested roles.
>
> Back Story:  I am doing some code reviews for some ansible code a coworker
> has done.  I noticed that they are importing other roles into the role they
> are working on.
>
> Question:  I feel like this is not a good idea, that dependencies should
> be taken care of at the playbook level, but I am having a difficult time
> justifying why nesting roles is not necessarily a good idea, so I am
> looking for some feedback to help me here.  I welcome your thoughts on
> this...
>
> --John
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-proje...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAPAjob8sDH_4Sz23MFPTsBiB0wzmokOKmyJdfkGdsPY6nTZchQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAPAjob8sDH_4Sz23MFPTsBiB0wzmokOKmyJdfkGdsPY6nTZchQ%40mail.gmail.com?utm_medium=email_source=footer>
> .
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> h

[ansible-project] nested roles

[John Petro]

I have a question regarding nested roles.

Back Story:  I am doing some code reviews for some ansible code a coworker
has done.  I noticed that they are importing other roles into the role they
are working on.

Question:  I feel like this is not a good idea, that dependencies should be
taken care of at the playbook level, but I am having a difficult time
justifying why nesting roles is not necessarily a good idea, so I am
looking for some feedback to help me here.  I welcome your thoughts on
this...

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8sDH_4Sz23MFPTsBiB0wzmokOKmyJdfkGdsPY6nTZchQ%40mail.gmail.com.

Re: [ansible-project] How do you keep your ansible collections and roles from the galaxy current ?

[John Petro]

If I am understanding the requirement here.   You want to be able to grab a
specific version of a role or collection for some reason.If that is
what you are asking for, then what about cloning the collection or role to
a personal git repository.

--John

On Wed, Jun 1, 2022 at 3:30 AM Norbert Klamann <
norbert.klam...@klamann-software.de> wrote:

> Hallo all,
> what is the best way to keep the ansible collections and roles current
> which you use ?
>  I think about parsing the output of `ansible-galaxy role list` or
> `ansible-galaxy collection list` but this is not very elegant.
>
> I think I overlook a very simple solution, can somebody point me in the
> right directione, please ?
>
> Many thanks
>
> Norbert
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/df51ba2e-2900-4de3-ba1f-a4e625296003n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/df51ba2e-2900-4de3-ba1f-a4e625296003n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-Emi%3DTXm6yWragEU40ONyZp5dEw9X9aQWYraZef%2Bma5A%40mail.gmail.com.

Re: [ansible-project] Adding Windows host via SSH

[John Carter]

I am so sorry, I totally misunderstood what you were saying. I should have 
known how to do that. Thank you very much for the help. That solved my 
issue.

On Friday, April 29, 2022 at 2:55:04 PM UTC-4 lat...@gmail.com wrote:

>
> https://docs.ansible.com/ansible/latest/user_guide/playbooks_vars_facts.html#disabling-facts
>
> On Fri, Apr 29, 2022 at 10:46 AM John Carter  wrote:
>
>> Any suggestions on how to disable that?
>>
>> On Friday, April 29, 2022 at 10:36:18 AM UTC-4 lat...@gmail.com wrote:
>>
>>> The setup facts module is looking for Python. I would comment more but 
>>> am away from systems. You have success in connecting to the host but it is 
>>> likely trying to run an ansible-ball file.
>>>
>>> On Fri, Apr 29, 2022 at 7:05 AM John Carter  wrote:
>>>
>>>> Hello. I am running AWX with ansible 2.9.18. I have it working with 
>>>> several hosts running Linux without issue. I wanted to test it with a 
>>>> Windows host. 
>>>> Windows host is Windows Pro x64 10.0.19044. I have OpenSSH installed on 
>>>> it and can SSH into it from the ansible host with keys. I also updated to 
>>>> Powershell 7 and .Net has 4.5 is installed and updated. 
>>>>
>>>> The user, for the purposes of testing, is an Administrator user. The 
>>>> error logs indicate an SSH connection issue but I am not sure why. On the 
>>>> Windows 10 side, the SSH logs show the user connects and then the user 
>>>> disconnects. The server doesn't close the session. 
>>>>
>>>> The part of the log (below) that stands out to me is:
>>>> debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: not matched 'final'
>>>> I am not sure what it is trying to match with this. 
>>>>
>>>> Would someone be able to point me in the right direction to resolve 
>>>> this? I appreciate it.
>>>>
>>>> Here are the logs from the test playbook on AWX: 
>>>>
>>>> TASK [Gathering Facts] 
>>>> *
>>>> task path: 
>>>> /tmp/bwrap_3532_q41e0hw1/awx_3532_85fcjjj9/project/baseline-tem.yml:15
>>>> Using module file 
>>>> /usr/lib/python3.6/site-packages/ansible/modules/windows/setup.ps1
>>>> Pipelining is enabled.
>>>> <192.168.185.98> ESTABLISH SSH CONNECTION FOR USER: ansible
>>>> <192.168.185.98> SSH: EXEC sshpass -d11 ssh -vvv -C -o 
>>>> ControlMaster=auto -o ControlPersist=60s -o StrictHostKeyChecking=no -o 
>>>> 'User="ansible"' -o ConnectTimeout=10 -o 
>>>> ControlPath=/tmp/bwrap_3532_q41e0hw1/awx_3532_85fcjjj9/cp/7506950686 
>>>> 192.168.185.98 'chcp.com 65001 >nul 2>&1 && PowerShell -NoProfile 
>>>> -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand 
>>>> UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAASgBnAEIAagBBAEcAZwBBAFkAdwBCAHcAQQBDADQAQQBZAHcAQgB2AEEARwAwAEEASQBBAEEAMgBBAEQAVQBBAE0AQQBBAHcAQQBEAEUAQQBJAEEAQQArAEEAQwBBAEEASgBBAEIAdQBBAEgAVQBBAGIAQQBCAHMAQQBBAG8AQQBKAEEAQgBsAEEASABnAEEAWgBRAEIAagBBAEYAOABBAGQAdwBCAHkAQQBHAEUAQQBjAEEAQgB3AEEARwBVAEEAYwBnAEIAZgBBAEgATQBBAGQAQQBCAHkAQQBDAEEAQQBQAFEAQQBnAEEAQwBRAEEAYQBRAEIAdQBBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBmAEEAQQBnAEEARQA4AEEAZABRAEIAMABBAEMAMABBAFUAdwBCADAAQQBIAEkAQQB…
>>>> <192.168.185.98> (1, b'{"exception":"The specified service does not 
>>>> exist as an installed service. \\r\\nAt line:63 char:44\\r\\n+ ... e_name] 
>>>> = $(Get-CimInstance -Namespace $namespace -ClassName $instanc ...\\r\\n+   
>>>>   
>>>> ~\\r\\n+ 
>>>> CategoryInfo  : ObjectNotFound: 
>>>> (RootCIMV2:Win3...erConfiguration:String) [Get-CimInstance], 
>>>> CimException\\r\\n+ FullyQualifiedErrorId : HRESULT 
>>>> 0x80070424,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand\\r\\n\\r\\nScriptStackTrace:\\r\\nat
>>>>  
>>>> Get-LazyCimInstance, \\u003cNo file\\u003e: line 63\\r\\nat 
>>>> \\u003cScriptBlock\\u003e, \\u003cNo file\\u003e: line 
>>>> 142\\r\\n\\r\\nMicrosoft.Management.Infrastructure.CimException: The 
>>>> specified service does not exist as an installed service. \\r\\n   at 
>>>> Microsoft.Management.Infrastructure.Internal.Ope

Re: [ansible-project] Adding Windows host via SSH

[John Carter]

Any suggestions on how to disable that?

On Friday, April 29, 2022 at 10:36:18 AM UTC-4 lat...@gmail.com wrote:

> The setup facts module is looking for Python. I would comment more but am 
> away from systems. You have success in connecting to the host but it is 
> likely trying to run an ansible-ball file.
>
> On Fri, Apr 29, 2022 at 7:05 AM John Carter  wrote:
>
>> Hello. I am running AWX with ansible 2.9.18. I have it working with 
>> several hosts running Linux without issue. I wanted to test it with a 
>> Windows host. 
>> Windows host is Windows Pro x64 10.0.19044. I have OpenSSH installed on 
>> it and can SSH into it from the ansible host with keys. I also updated to 
>> Powershell 7 and .Net has 4.5 is installed and updated. 
>>
>> The user, for the purposes of testing, is an Administrator user. The 
>> error logs indicate an SSH connection issue but I am not sure why. On the 
>> Windows 10 side, the SSH logs show the user connects and then the user 
>> disconnects. The server doesn't close the session. 
>>
>> The part of the log (below) that stands out to me is:
>> debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: not matched 'final'
>> I am not sure what it is trying to match with this. 
>>
>> Would someone be able to point me in the right direction to resolve this? 
>> I appreciate it.
>>
>> Here are the logs from the test playbook on AWX: 
>>
>> TASK [Gathering Facts] 
>> *
>> task path: 
>> /tmp/bwrap_3532_q41e0hw1/awx_3532_85fcjjj9/project/baseline-tem.yml:15
>> Using module file 
>> /usr/lib/python3.6/site-packages/ansible/modules/windows/setup.ps1
>> Pipelining is enabled.
>> <192.168.185.98> ESTABLISH SSH CONNECTION FOR USER: ansible
>> <192.168.185.98> SSH: EXEC sshpass -d11 ssh -vvv -C -o ControlMaster=auto 
>> -o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="ansible"' -o 
>> ConnectTimeout=10 -o 
>> ControlPath=/tmp/bwrap_3532_q41e0hw1/awx_3532_85fcjjj9/cp/7506950686 
>> 192.168.185.98 'chcp.com 65001 >nul 2>&1 && PowerShell -NoProfile 
>> -NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand 
>> UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAASgBnAEIAagBBAEcAZwBBAFkAdwBCAHcAQQBDADQAQQBZAHcAQgB2AEEARwAwAEEASQBBAEEAMgBBAEQAVQBBAE0AQQBBAHcAQQBEAEUAQQBJAEEAQQArAEEAQwBBAEEASgBBAEIAdQBBAEgAVQBBAGIAQQBCAHMAQQBBAG8AQQBKAEEAQgBsAEEASABnAEEAWgBRAEIAagBBAEYAOABBAGQAdwBCAHkAQQBHAEUAQQBjAEEAQgB3AEEARwBVAEEAYwBnAEIAZgBBAEgATQBBAGQAQQBCAHkAQQBDAEEAQQBQAFEAQQBnAEEAQwBRAEEAYQBRAEIAdQBBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBmAEEAQQBnAEEARQA4AEEAZABRAEIAMABBAEMAMABBAFUAdwBCADAAQQBIAEkAQQB…
>> <192.168.185.98> (1, b'{"exception":"The specified service does not exist 
>> as an installed service. \\r\\nAt line:63 char:44\\r\\n+ ... e_name] = 
>> $(Get-CimInstance -Namespace $namespace -ClassName $instanc ...\\r\\n+ 
>> ~\\r\\n 
>>+ CategoryInfo  : ObjectNotFound: 
>> (RootCIMV2:Win3...erConfiguration:String) [Get-CimInstance], 
>> CimException\\r\\n+ FullyQualifiedErrorId : HRESULT 
>> 0x80070424,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand\\r\\n\\r\\nScriptStackTrace:\\r\\nat
>>  
>> Get-LazyCimInstance, \\u003cNo file\\u003e: line 63\\r\\nat 
>> \\u003cScriptBlock\\u003e, \\u003cNo file\\u003e: line 
>> 142\\r\\n\\r\\nMicrosoft.Management.Infrastructure.CimException: The 
>> specified service does not exist as an installed service. \\r\\n   at 
>> Microsoft.Management.Infrastructure.Internal.Operations.CimAsyncObserverProxyBase`1.ProcessNativeCallback(OperationCallbackProcessingContext
>>  
>> callbackProcessingContext, T currentItem, …
>> <192.168.185.98> Failed to connect to the host via ssh: OpenSSH_8.0p1, 
>> OpenSSL 1.1.1g FIPS  21 Apr 2020
>> debug1: Reading configuration data /etc/ssh/ssh_config
>> debug3: /etc/ssh/ssh_config line 52: Including file 
>> /etc/ssh/ssh_config.d/05-redhat.conf depth 0
>> debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf
>> debug2: checking match for 'final all' host 192.168.185.98 originally 
>> 192.168.185.98
>> debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: not matched 'final'
>> debug2: match not found
>> debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 5: Including file 
>> /etc/crypto-policies/back-ends/openssh.co

[ansible-project] Adding Windows host via SSH

[John Carter]

Hello. I am running AWX with ansible 2.9.18. I have it working with several 
hosts running Linux without issue. I wanted to test it with a Windows host. 
Windows host is Windows Pro x64 10.0.19044. I have OpenSSH installed on it 
and can SSH into it from the ansible host with keys. I also updated to 
Powershell 7 and .Net has 4.5 is installed and updated. 

The user, for the purposes of testing, is an Administrator user. The error 
logs indicate an SSH connection issue but I am not sure why. On the Windows 
10 side, the SSH logs show the user connects and then the user disconnects. 
The server doesn't close the session. 

The part of the log (below) that stands out to me is:
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: not matched 'final'
I am not sure what it is trying to match with this. 

Would someone be able to point me in the right direction to resolve this? I 
appreciate it.

Here are the logs from the test playbook on AWX: 

TASK [Gathering Facts] 
*
task path: 
/tmp/bwrap_3532_q41e0hw1/awx_3532_85fcjjj9/project/baseline-tem.yml:15
Using module file 
/usr/lib/python3.6/site-packages/ansible/modules/windows/setup.ps1
Pipelining is enabled.
<192.168.185.98> ESTABLISH SSH CONNECTION FOR USER: ansible
<192.168.185.98> SSH: EXEC sshpass -d11 ssh -vvv -C -o ControlMaster=auto 
-o ControlPersist=60s -o StrictHostKeyChecking=no -o 'User="ansible"' -o 
ConnectTimeout=10 -o 
ControlPath=/tmp/bwrap_3532_q41e0hw1/awx_3532_85fcjjj9/cp/7506950686 
192.168.185.98 'chcp.com 65001 >nul 2>&1 && PowerShell -NoProfile 
-NonInteractive -ExecutionPolicy Unrestricted -EncodedCommand 
UABvAHcAZQByAFMAaABlAGwAbAAgAC0ATgBvAFAAcgBvAGYAaQBsAGUAIAAtAE4AbwBuAEkAbgB0AGUAcgBhAGMAdABpAHYAZQAgAC0ARQB4AGUAYwB1AHQAaQBvAG4AUABvAGwAaQBjAHkAIABVAG4AcgBlAHMAdAByAGkAYwB0AGUAZAAgAC0ARQBuAGMAbwBkAGUAZABDAG8AbQBtAGEAbgBkACAASgBnAEIAagBBAEcAZwBBAFkAdwBCAHcAQQBDADQAQQBZAHcAQgB2AEEARwAwAEEASQBBAEEAMgBBAEQAVQBBAE0AQQBBAHcAQQBEAEUAQQBJAEEAQQArAEEAQwBBAEEASgBBAEIAdQBBAEgAVQBBAGIAQQBCAHMAQQBBAG8AQQBKAEEAQgBsAEEASABnAEEAWgBRAEIAagBBAEYAOABBAGQAdwBCAHkAQQBHAEUAQQBjAEEAQgB3AEEARwBVAEEAYwBnAEIAZgBBAEgATQBBAGQAQQBCAHkAQQBDAEEAQQBQAFEAQQBnAEEAQwBRAEEAYQBRAEIAdQBBAEgAQQBBAGQAUQBCADAAQQBDAEEAQQBmAEEAQQBnAEEARQA4AEEAZABRAEIAMABBAEMAMABBAFUAdwBCADAAQQBIAEkAQQB…
<192.168.185.98> (1, b'{"exception":"The specified service does not exist 
as an installed service. \\r\\nAt line:63 char:44\\r\\n+ ... e_name] = 
$(Get-CimInstance -Namespace $namespace -ClassName $instanc ...\\r\\n+ 
~\\r\\n 
   + CategoryInfo  : ObjectNotFound: 
(RootCIMV2:Win3...erConfiguration:String) [Get-CimInstance], 
CimException\\r\\n+ FullyQualifiedErrorId : HRESULT 
0x80070424,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand\\r\\n\\r\\nScriptStackTrace:\\r\\nat
 
Get-LazyCimInstance, \\u003cNo file\\u003e: line 63\\r\\nat 
\\u003cScriptBlock\\u003e, \\u003cNo file\\u003e: line 
142\\r\\n\\r\\nMicrosoft.Management.Infrastructure.CimException: The 
specified service does not exist as an installed service. \\r\\n   at 
Microsoft.Management.Infrastructure.Internal.Operations.CimAsyncObserverProxyBase`1.ProcessNativeCallback(OperationCallbackProcessingContext
 
callbackProcessingContext, T currentItem, …
<192.168.185.98> Failed to connect to the host via ssh: OpenSSH_8.0p1, 
OpenSSL 1.1.1g FIPS  21 Apr 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: /etc/ssh/ssh_config line 52: Including file 
/etc/ssh/ssh_config.d/05-redhat.conf depth 0
debug1: Reading configuration data /etc/ssh/ssh_config.d/05-redhat.conf
debug2: checking match for 'final all' host 192.168.185.98 originally 
192.168.185.98
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 3: not matched 'final'
debug2: match not found
debug3: /etc/ssh/ssh_config.d/05-redhat.conf line 5: Including file 
/etc/crypto-policies/back-ends/openssh.config depth 1 (parse only)
debug1: Reading configuration data 
/etc/crypto-policies/back-ends/openssh.config
debug3: gss kex names ok: 
[gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-,gss-gex-sha1-,gss-group14-sha1-]
debug3: kex name…
fatal: [Windows10Pro]: FAILED! => {
"ansible_facts": {},
"changed": false,
"failed_modules": {
"setup": {
"exception": "The specified service does not exist as an 
installed service. \r\nAt line:63 char:44\r\n+ ... e_name] = 
$(Get-CimInstance -Namespace $namespace -ClassName $instanc ...\r\n+   
  ~\r\n   
 + CategoryInfo  : ObjectNotFound: 
(Root\\CIMV2:Win3...erConfiguration:String) [Get-CimInstance], 
CimException\r\n+ FullyQualifiedErrorId : HRESULT 
0x80070424,Microsoft.Management.Infrastructure.CimCmdlets.GetCimInstanceCommand\r\n\r\nScriptStackTrace:\r\nat
 
Get-LazyCimInstance, : line 63\r\nat , : 
line 

[ansible-project] get snmp config from windows

[John Veliss]

Does anyone know if I can display the SNMP configuration on a windows 
server.

I noticed there is a win_snmp module, but the actions are only set, remove 
and add, there is no get action.

I have a number of windows servers and would like to view their SNMP config

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/18a7abd7-fa2d-4646-97c2-f595241414dbn%40googlegroups.com.

Re: [ansible-project] Issue 62360 not fixed?

[John Pfuntner]

Were packages actually removed?  I noted in the original issue that if 
package are removed, it works.  It no packages are removed, it will fail.

Can you try running the playbook again?

On Tuesday, March 29, 2022 at 11:02:43 AM UTC-4 Matt Martz wrote:

> Seems to work as expected for me.  state=absent with an asterisk for the 
> name removed all the matching packages.
>
> On Tue, Mar 29, 2022 at 9:50 AM John Pfuntner  wrote:
>
>> I opened issue 62360 <https://github.com/ansible/ansible/issues/62360> and 
>> when I looked at it today, I saw it had been closed with the remark  *This 
>> has been fixed in supported versions of Ansible*.  I upgraded:
>>
>> ansible [core 2.12.4]
>>   config file = /etc/ansible/ansible.cfg
>>   configured module search path = 
>> ['/home/ubuntu/.ansible/plugins/modules', 
>> '/usr/share/ansible/plugins/modules']
>>   ansible python module location = 
>> /usr/local/lib/python3.8/dist-packages/ansible
>>   ansible collection location = 
>> /home/ubuntu/.ansible/collections:/usr/share/ansible/collections
>>   executable location = /usr/local/bin/ansible
>>   python version = 3.8.5 (default, Jul 28 2020, 12:59:40) [GCC 9.3.0]
>>   jinja version = 3.0.1
>>   libyaml = True
>>
>> and appears that the original problem persists.  Should I open a new 
>> issue?
>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/b9dd9e93-b3e3-4d2d-95fb-dd8a99d9142cn%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/b9dd9e93-b3e3-4d2d-95fb-dd8a99d9142cn%40googlegroups.com?utm_medium=email_source=footer>
>> .
>>
>
>
> -- 
> Matt Martz
> @sivel
> sivel.net
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/81946f86-1400-4cba-8b76-edacd5a73a28n%40googlegroups.com.

[ansible-project] Issue 62360 not fixed?

[John Pfuntner]

I opened issue 62360  and 
when I looked at it today, I saw it had been closed with the remark  *This 
has been fixed in supported versions of Ansible*.  I upgraded:

ansible [core 2.12.4]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/ubuntu/.ansible/plugins/modules', 
'/usr/share/ansible/plugins/modules']
  ansible python module location = 
/usr/local/lib/python3.8/dist-packages/ansible
  ansible collection location = 
/home/ubuntu/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.8.5 (default, Jul 28 2020, 12:59:40) [GCC 9.3.0]
  jinja version = 3.0.1
  libyaml = True

and appears that the original problem persists.  Should I open a new issue?

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b9dd9e93-b3e3-4d2d-95fb-dd8a99d9142cn%40googlegroups.com.

[ansible-project] Looping contruct - linode.cloud.nodebalancer

[John Stoffel]

Hi,
I'm looking for some help in setting up a Linode Nodebalancer, but I think 
my question is more about how to build a more dynamic playbook using the 
'linode.cloud.nodebalancer' module from Ansible Galaxy.  

So I could hardcode my playbook to use two nodes (hosts) and thier private 
IPs for the setup.  But what if I want to have three hosts or more behind 
the nodebalancer?  An example playbook looks like this:

---
- name: Create single linode nodebalancer
  hosts: localhost
  tasks:

- name: Create a Linode NodeBalancer
  linode.cloud.nodebalancer:
label: "{{ nb_label }}"
region: "{{ nb_region }}"
tags: nb_tags
state: present
configs:
  - port: 80
protocol: http
algorithm: roundrobin
nodes:
  - label: 'test-node1'
address: 192.168.10.3:80
   - label: 'test-node2'
 address: 192.168.175.221:80

So I think could do do a loop over the nodes: block, but the role doesn't 
seem to support a 'state: present' or 'state:absent' flag, so I *think* 
that I have to run my task with all my definitions setup ahead of time.  
Which kind of ruins the ideal of idempotency.  

So would this be the way to do a loop, starting with creating the linodes 
and setting facts: 
   
---
- name: Create linode using linode.cloud.instance
  linode.cloud.instance:
label: "{{ linode.name }}"
type: "{{ linode.type | default(def_type) }}"
region: "{{ linode.region | default(def_region) }}"
image: "{{ linode.image | default(def_image) }}"
authorized_keys: "{{ ssh_keys }}"
root_pass: "{{ password }}"
state: present
private_ip: true
wait: true
  register: my_linode

- name: "Found one or more linodes"
  debug:
msg="Name={{ my_linode.instance.label }}, ID={{ my_linode.instance.id 
}}, IP(s)= {{ my_linode.i\
nstance.ipv4 }}"
  when: my_linode|length > 0


- name: "Set a fact of private IPs"
  set_fact:
private_ips: "{{ private_ips }} + [ { label: {{ 
my_linode.instance.label }} , IP: {{ my_linode.\
instance.ipv4[1] }} } ]"



- name: Create a Linode NodeBalancer using loop
  linode.cloud.nodebalancer:
label: "{{ nb_label }}"
region: "{{ nb_region }}"
tags: nb_tags
state: present
configs:
  - port: 80
protocol: http
algorithm: roundrobin
nodes:
  - label: {{ item.label }}
address: {{ item.IP}}
 loop:
 private_ips

Or do I need to do something funkier?  This is honestly where my ansible-fu 
fails me...

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/93926f40-c532-4adb-960d-c092dc09bb06n%40googlegroups.com.

[ansible-project] ansible.builtin.apt - Updating all installed packages to latest gives "parameters are mutually exclusive deb|package|upgrade

[John Himpel]

The following ansible block:
- name: Block update APT hosts
  block:
- name: main - Update APT repo and cache
  ansible.builtin.apt:
update_cache: true
force_apt_get: true
cache_valid_time: 3600   # 1 Hour

- name: main - Update APT hosts
  ansible.builtin.apt:
upgrade: dist
force_apt_get: true
  register: apt_return

- name: main - Display APT log
  ansible.builtin.debug:
var: apt_return.stdout_lines
  when: apt_return.stdout_lines is defined

- name: main - Check if reboot is needed
  ansible.builtin.stat:
path: /var/run/reboot-required
get_md5: false
  register: reboot_required_file

- name: main - Reboot APT host
  ansible.builtin.reboot:
msg: "Reboot initiated by Ansible due to kernel updates"
connect_timeout: 5
reboot_timeout: 300
pre_reboot_delay: 0
post_reboot_delay: 30
test_command: uptime
  when: reboot_required_file.stat.exists
  when: ansible_pkg_mgr == "apt"
  become: true

Yields:
TASK [update_software : main - update APT hosts] 
***
fatal: [testRadicale.jlhimpel.net]: FAILED! => {"changed": false, "msg": 
"parameters are mutually exclusive: deb|package|upgrade"}

Ansible version: 2.2.12
Python version: 3.10.3
Ansible Controller: Fedora 36 (same issue occurs on Fedora 35)
Ansible target: Ubuntu 18.04.5 (Bionic Beaver)
Ansible target: python 3..6.9

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/11cb52e9-3c7e-4714-94d5-739d56bcdbdan%40googlegroups.com.

Re: [ansible-project] question on LVM exists or not

[John Petro]

Well,
  Someone else might have a clearer answer, but the way you coded it, the
task would be skipped if ln_mysql is not defined.  Did you try adding some
verbosity to the ansible-playbook command?  When something like this
happens to me, I go right for the - and that will usually point me in
the right direction.

--John

On Wed, Mar 16, 2022 at 7:08 PM subbamma natla 
wrote:

> why am I getting output when " when:
> ansible_facts['lvm']['lvs']['lv_mysql'] is not defined"
> ---
> - hosts: database
>   gather_facts: yes
>   tasks:
>   - name: check lv_mysql exists
> debug:
>   msg: "LV_MYSQL not there"
> when: ansible_facts['lvm']['lvs']['lv_mysql'] is not defined
>
>   - name: check lv_mysql exists
> debug:
>   msg: "LV_MYSQL is there"
> when: ansible_facts['lvm']['lvs']['lv_mysql'] is defined
> output:
> TASK [check lv_mysql exists]
> **
> ok: [mhost5] => {
> "msg": "LV_MYSQL not there"
> }
>
> TASK [check lv_mysql exists]
> **
> skipping: [mhost5]
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAJVhugJz5Wn%2BjokOWtAcN2p2guHTqM%2BrxV%2BztLYpQ-Zy%2BtYD_A%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAJVhugJz5Wn%2BjokOWtAcN2p2guHTqM%2BrxV%2BztLYpQ-Zy%2BtYD_A%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-EvJoi4fWg2QG0PFtDivsR_hZ%2BCg1SvGTyVnmYH1BQpA%40mail.gmail.com.

Re: [ansible-project] Apt behaviour

[John Petro]

Usually I tend to see this when the apt cache isn't current.  I am sure
there are other reasons as well, but more than 80% of the time for me, that
usually fixes my issue.

--John

On Sun, Mar 6, 2022 at 9:11 PM Igor Cicimov 
wrote:

> Hi all,
>
> Anyone knows why is apt behaving differently here? I have this var
>
> fonts_packages:
>   - ttf-wqy-zenhei
>   - fonts-takao-mincho
>   - fonts-indic
>   - ttf-wqy-microhei
>
> and simple task:
>
> - name: install additional fonts
>   apt:
> name: "{{ fonts_packages }}"
> state: present
>
>  passing the list to apt.
>
> That works in Ansible 2.4.4 as expected:
>
> "invocation": {
> "module_args": {
>
> "name": [
> "ttf-wqy-zenhei",
> "fonts-takao-mincho",
> "fonts-indic",
> "ttf-wqy-microhei"
> ],
> "only_upgrade": false,
> "package": [
> "ttf-wqy-zenhei",
> "fonts-takao-mincho",
> "fonts-indic",
> "ttf-wqy-microhei"
> ],
> ...
>
> But in 2.5+ fails because:
>
> fatal: [hostname]: FAILED! => {
> "changed": false,
> "invocation": {
> "module_args": {
>
> "name": "['ttf-wqy-zenhei', 'fonts-takao-mincho',
> 'fonts-indic', 'ttf-wqy-microhei']",
> "only_upgrade": false,
> "package": [
> "['ttf-wqy-zenhei'",
> " 'fonts-takao-mincho'",
> " 'fonts-indic'",
> " 'ttf-wqy-microhei']"
> ],
> ...
> },
> "msg": "No package(s) matching '['ttf-wqy-zenhei'' available"
> }
>
> I'm passing a list to apt "name" parameter as per the documentation.
>
> Thanks
>
>
>
>
> Know Your Customer due diligence on demand, powered by intelligent process
> automation
>
>
> Blogs <https://www.encompasscorporation.com/blog/>  | LinkedIn
> <https://www.linkedin.com/company/encompass-corporation/>  | Twitter
> <https://twitter.com/EncompassCorp>
>
>
>
>
> Encompass Corporation UK Ltd  | Company No. SC493055 | Address: Level 3,
> 33 Bothwell Street, Glasgow, UK, G2 6NL
>
> Encompass Corporation Pty Ltd  | ACN 140 556 896 | Address: Level 10, 117
> Clarence Street, Sydney, New South Wales, 2000
>
> This email and any attachments is intended only for the use of the
> individual or entity named above and may contain confidential information.
>
> If you are not the intended recipient, any dissemination, distribution or
> copying of this email is prohibited.
>
> If received in error, please notify us immediately by return email and
> destroy the original message.
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/13465a54-4216-450c-a9f9-a079495425f3n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/13465a54-4216-450c-a9f9-a079495425f3n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-psyniU9Fs3sFQNvxrVcYCQ0ks4gCaH7MZMJRErm3wZg%40mail.gmail.com.

Re: [ansible-project] ansible-galaxy vs. ansible-galaxy collections

[John Petro]

Maybe you have a formatting issue with your requirements.yml.   Mine looks
like this, and it worked no problem.

collections:
   - name: theforeman.foreman

On Fri, Mar 4, 2022 at 10:36 AM Hiero-nymo  wrote:

> Hi everyone,
>
> On the ansible documentation, I found the collection "the foreman.foreman"
> here's the link: theforeman.foreman
> 
>
> This collection can manually be installed like:
> ansible-galaxy collection install the foreman.foreman and all seems ok.
>
> So, now I need to do the same things but automatically through the 
> requirements.yml
> file, like this:
> ---
> collections:
> - theforeman.foreman
>
> Unfortunately this collection will not be find and when I do a search into
> ansible-galaxy I don't find it.
>
> Is the collection something else than ansible-galaxy?
> I've the feeling that something goes wrong but I don't know what.
> Has anyone an idea about my issue?
> Could someone explain me the difference between these both repo?
>
> Thank you in advance for your help,
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/c9118723-986e-44fa-9a36-59a559b6f201n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9KwPG5g%2BwLU3T%2BL77gN%2Bd5nRQ7tfbFJyvLv0C2rcrsCw%40mail.gmail.com.

Re: [ansible-project] issue in installation of ansible

[John Petro]

Is python 3.8 installed?  If not, you might want to try that

--John

On Thu, Feb 3, 2022 at 9:08 PM Kevin Y  wrote:

> Hi Ubuntu is installed at windows10 and then the below commands are
> entered in the Ubunto. It looks like the installing ansible is successful
> without error message.
>
>
> $ sudo apt-get update
> $ sudo apt-get install software-properties-common
> $ sudo apt-add-repository ppa:ansible/ansible
> $ sudo apt-get update
> $ sudo apt-get install ansible -y
>
>
> However, the installation mayby unsuccessful because we can see below
> message with command "ansible -v". Please see the below. Did I miss some
> step for the installation? Anyone can help for this?  Thank you
>
>
> admin1@Le:~$ ansible -v
> Traceback (most recent call last):
>   File "/usr/bin/ansible", line 44, in 
> from ansible import context
>   File "/usr/local/lib/python3.8/dist-packages/ansible/context.py", line
> 18, in 
> from ansible.module_utils.common._collections_compat import Mapping,
> Set
> ModuleNotFoundError: No module named 'ansible.module_utils'
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/981a6842-ce60-4b79-bcca-5236900eae4en%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/981a6842-ce60-4b79-bcca-5236900eae4en%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9fHGOHJyK-tp97F13%2BfxfLZMqm55uK28vmc85o7Nb8oQ%40mail.gmail.com.

Re: [ansible-project] Re: Getting Timed Out Error when running the playbook using `vagrant provision`

[John Petro]

ALso, what version of virtualbox are you using?  The newer versions don't
support the 172.* subnets out of the box anymore.  So it could be that as
well


On Thu, Feb 3, 2022 at 12:42 PM arjungoel 1995 
wrote:

> Can you please tell me how to fix this issue?
>
> On Thu, Feb 3, 2022 at 7:16 PM Stefan Hornburg (Racke) 
> wrote:
>
>> On 03/02/2022 14:39, arjungoel 1995 wrote:
>> > This is the output I am getting after running `vagrant ssh-config`
>> >
>> > image.png
>> >
>> > Also want to know why I am experiencing the timeout error while running
>> the ansible playbook using ansible-playbook command.
>>
>> Vagrant uses 127.0.0.1 and port .
>>
>> Ansible uses 172.30.240.1.
>>
>> Again: *Vagrant didn't setup **172.30.240.1 properly*
>>
>> Regards
>>
>> Racke
>>
>> >
>> > On Thu, Feb 3, 2022 at 6:59 PM Stefan Hornburg (Racke) <
>> ra...@linuxia.de> wrote:
>> >
>> > On 03/02/2022 14:22, arjungoel 1995 wrote:
>> > > `vagrant ssh` is working but when I tried to run the playbook
>> using `ansible-playbook ` command I am getting a timeout error
>> again.
>> > >
>> > > image.png
>> > >
>> > > I have checked the /etc/ansible/hosts file and the IP address is
>> there. How I can fix the timeout issue with both ways?
>> >
>> > What does `vagrant ssh-config` say?  Does it use the IP
>> 172.30.240.1?
>> >
>> > I don't think so. Looks like Vagrant didn't set up the IP properly.
>> >
>> > Regards
>> >
>> >   Racke
>> >
>> >
>> > >
>> > > Thanks
>> > >
>> > > On Thu, Feb 3, 2022 at 6:21 PM Stefan Hornburg (Racke) <
>> ra...@linuxia.de> wrote:
>> > >
>> > > On 03/02/2022 13:47, arjungoel 1995 wrote:
>> > > > Hi, I tried to ping the port and IP address using SSH and
>> getting timeout error. Can you please help me how to fix this?
>> > > >
>> > > >
>> > > > image.png
>> > > >
>> > > Does "vagrant ssh" work?
>> > >
>> > > Regards
>> > >
>> > >   Racke
>> > >
>> > >
>> > > > On Thu, Feb 3, 2022 at 5:37 PM Roberto Paz <
>> rjr...@gmail.com> wrote:
>> > > >
>> > > > Have you tried to manually run an *ssh *command to that
>> IP address and port? If ssh command also returns a timeout, then that is
>> the main source of the issue.
>> > > >
>> > > > El miércoles, 2 de febrero de 2022 a la(s) 14:29:08
>> UTC-3, arjung...@gmail.com escribió:
>> > > >
>> > > > Hi,
>> > > >
>> > > > I am trying to run a basic ansible playbook using
>> vagrant provision but while doing so experiencing this error:
>> > > >
>> > > > I even added the ip in my Vagrantfile:
>> > > >
>> > > > # -*- mode: ruby -*-
>> > > > # vi: set ft=ruby :
>> > > > Vagrant.configure("2") do |config|
>> > > >   config.vm.box = "centos/7"
>> > > > *  config.vm.network "private_network", ip:
>> "172.30.240.1"*
>> > > >   config.vm.provision "ansible" do |ansible|
>> > > > ansible.playbook = "playbook.yaml"
>> > > >   end
>> > > > Also I am not able to install ansible on windows
>> using pip and like you know git bash won't support installation of ansible.
>> > > > While I am getting version compatibility issues
>> while trying the same using WSL.
>> > > > Please help.
>> > > > Thanks
>> > > > Arjun Goel
>> > > > But still experiencing the
>> issue.ansible_timeout_error.PNG
>> > > > end
>> > > >
>> > > > --
>> > > > You received this message because you are subscribed to
>> the Google Groups "Ansible Project" group.
>> > > > To unsubscribe from this group and stop receiving
>> emails from it, send an email to
>> ansible-project+unsubscr...@googlegroups.com > ansible-project%2bunsubscr...@googlegroups.com> > ansible-project%2bunsubscr...@googlegroups.com > ansible-project%252bunsubscr...@googlegroups.com>>.
>> > > > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/ac2f697a-ee8d-483f-b9df-c08f8142a182n%40googlegroups.com
>> <
>> https://groups.google.com/d/msgid/ansible-project/ac2f697a-ee8d-483f-b9df-c08f8142a182n%40googlegroups.com?utm_medium=email_source=footer
>> <
>> https://groups.google.com/d/msgid/ansible-project/ac2f697a-ee8d-483f-b9df-c08f8142a182n%40googlegroups.com?utm_medium=email_source=footer>
>> <
>> https://groups.google.com/d/msgid/ansible-project/ac2f697a-ee8d-483f-b9df-c08f8142a182n%40googlegroups.com?utm_medium=email_source=footer
>> <
>> https://groups.google.com/d/msgid/ansible-project/ac2f697a-ee8d-483f-b9df-c08f8142a182n%40googlegroups.com?utm_medium=email_source=footer
>> >>>.
>> > > >
>> > > 

[ansible-project] Re: when condition based on software version

[John Veliss]

would anyone have any suggestions on this

On Sunday, January 30, 2022 at 12:05:39 AM UTC+11 John Veliss wrote:

> I would like to include some ansible *"when"* conditions based on if a 
> software package is greater than a value, ie when a package is greater than 
> 8.2, perform a task such as stop a service, uninstall the package, copy a 
> file, install a new version of the package
>
> I have the below which shows the version of a package called "Double" if 
> found
>
> The results appear as this --> * 
> ansible_facts.packages['Double'][0].version: 8.2.2*
>
>- name: Gather the Package facts
>   package_facts:
> manager: auto
>   tags:
> - dt-check
>
> - name: "Double Found result"
>   debug: var=ansible_facts.packages['Double'][0].version
>   when: "'Double' in ansible_facts.packages"
>   register: dtversion
>   tags:
> - dt-check
>
> - debug:
> var: dtversion
>   tags:
> - dt-check
>
> - name: "Double Not-found result"
>   debug:
> msg: "Double NOT found"
>   when: "'Double' not in ansible_facts.packages"
>   register: notfound
>   tags:
> - dt-check
>
> - debug:
> var: notfound
>   tags:
> - dt-check
>
>
> Thanks in advance for any ideas that you may suggest to me
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6ede3b54-c555-47e0-8b13-af544ff6a48an%40googlegroups.com.

[ansible-project] when condition based on software version

[John Veliss]

I would like to include some ansible *"when"* conditions based on if a 
software package is greater than a value, ie when a package is greater than 
8.2, perform a task such as stop a service, uninstall the package, copy a 
file, install a new version of the package

I have the below which shows the version of a package called "Double" if 
found

The results appear as this --> * 
ansible_facts.packages['Double'][0].version: 8.2.2*

   - name: Gather the Package facts
  package_facts:
manager: auto
  tags:
- dt-check

- name: "Double Found result"
  debug: var=ansible_facts.packages['Double'][0].version
  when: "'Double' in ansible_facts.packages"
  register: dtversion
  tags:
- dt-check

- debug:
var: dtversion
  tags:
- dt-check

- name: "Double Not-found result"
  debug:
msg: "Double NOT found"
  when: "'Double' not in ansible_facts.packages"
  register: notfound
  tags:
- dt-check

- debug:
var: notfound
  tags:
- dt-check


Thanks in advance for any ideas that you may suggest to me

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/f3a67817-720c-429b-ba3c-bd8b01d28522n%40googlegroups.com.

[ansible-project] Re: to_json filter (sometimes) turns values into strings

[John Riendeau]

Apologies - just noticed that my test playbook had an error in it (was 
trying to simplify and clarify the test case and forgot to change the 
template file name in a couple places). It doesn't change the behavior I'm 
seeing, but this is the corrected version:

---
- name: Test with trivial template
  hosts: localhost
  tasks:
  - copy:
  dest: "trivial.json.j2"
  content: '{ "hello": "world" }'
  - set_fact:
  template_result: "{{ lookup('template', 'trivial.json.j2') }}"
  - set_fact:
  json_from_fact_trivial_template: "{{ template_result | to_json }}"
  json_from_template_trivial_template: "{{ lookup('template', 
'trivial.json.j2') | to_json }}"
  - debug:
  var: json_from_fact_trivial_template
  - debug:
  var: json_from_template_trivial_template

- name: Test with template including variable
  hosts: localhost
  tasks:
  - copy:
  dest: "withvar.json.j2"
  content: '{% raw %}{ "{{ greeting }}": "world" }{% endraw %}'
  - set_fact:
  greeting: 'howdy'
  - set_fact:
  template_result: "{{ lookup('template', 'withvar.json.j2') }}"
  - set_fact:
  json_from_fact_template_withvar: "{{ template_result | to_json }}"
  json_from_template_withvar: "{{ lookup('template', 'withvar.json.j2') 
| to_json }}"
  - debug:
  var: json_from_fact_template_withvar
  - debug:
  var: json_from_template_withvar

On Friday, January 21, 2022 at 2:57:31 PM UTC-6 John Riendeau wrote:

> Hi all,
>
> It seems like the to_json filter behaves differently depending on:
> - Whether it's passed the result of a template call directly, or whether 
> the result of the template call is placed into a fact first
> - Whether the template call actually does any substitutions or not
> - Whether I'm using ansible community <=v4.10.0 or >=5.0.1
>
> I'm including a test playbook that illustrates the behavior below, along 
> with the relevant portions of the output. I'm relatively new to Ansible, so 
> wanted to check in here before submitting a bug report -- this may be just 
> a nuance I'm not grasping.
>
> When I run the playbook using Ansible 4.10.0, to_json turns the value into 
> a JSON string, if and only if it's passed the result of a template call 
> which does no substitutions. If the template has a variable in it, or if 
> the result of the template call is stored in a fact before being sent to 
> to_json, the JSON looks how I'd expect.
>
> When using Ansible 5.0.1, the value is turned into a string whenever 
> to_json is passed the result of a template call, regardless of whether the 
> template has a variable in it or not.
>
> There's a lot of permutations here, and I'm not sure which, if any, of 
> these behaviors are unexpected. Thanks in advance for any help!
>
>  - John
>
> *Test playbook:*
> ---
> - name: Test with trivial template
> hosts: localhost
> tasks:
> - copy:
> dest: "trivial.json.j2"
> content: '{ "hello": "world" }'
> - set_fact:
> template_result: "{{ lookup('template', 'test.json.j2') }}"
> - set_fact:
> json_from_fact_trivial_template: "{{ template_result | to_json }}"
> json_from_template_trivial_template: "{{ lookup('template', 
> 'test.json.j2') | to_json }}"
> - debug:
> var: json_from_fact_trivial_template
> - debug:
> var: json_from_template_trivial_template
>
> - name: Test with template including variable
> hosts: localhost
> tasks:
> - copy:
> dest: "withvar.json.j2"
> content: '{% raw %}{ "{{ greeting }}": "world" }{% endraw %}'
> - set_fact:
> greeting: 'howdy'
> - set_fact:
> template_result: "{{ lookup('template', 'withvar.json.j2') }}"
> - set_fact:
> json_from_fact_template_withvar: "{{ template_result | to_json }}"
> json_from_template_withvar: "{{ lookup('template', 'withvar.json.j2') | 
> to_json }}"
> - debug:
> var: json_from_fact_template_withvar
> - debug:
> var: json_from_template_withvar
>
> *Output with Ansible 4.10.0:*
>
> TASK [debug] 
> 
> ok: [localhost] => {
> "json_from_fact_trivial_template": {
> "hello": "world"
> }
> }
>
> TASK [debug] 
> 
> ok: [localhost] => {
> "json_from_template_trivial_template": "\"{ \\\"hello\\\": 
> \\\"wor

[ansible-project] to_json filter (sometimes) turns values into strings

[John Riendeau]

Hi all,

It seems like the to_json filter behaves differently depending on:
- Whether it's passed the result of a template call directly, or whether 
the result of the template call is placed into a fact first
- Whether the template call actually does any substitutions or not
- Whether I'm using ansible community <=v4.10.0 or >=5.0.1

I'm including a test playbook that illustrates the behavior below, along 
with the relevant portions of the output. I'm relatively new to Ansible, so 
wanted to check in here before submitting a bug report -- this may be just 
a nuance I'm not grasping.

When I run the playbook using Ansible 4.10.0, to_json turns the value into 
a JSON string, if and only if it's passed the result of a template call 
which does no substitutions. If the template has a variable in it, or if 
the result of the template call is stored in a fact before being sent to 
to_json, the JSON looks how I'd expect.

When using Ansible 5.0.1, the value is turned into a string whenever 
to_json is passed the result of a template call, regardless of whether the 
template has a variable in it or not.

There's a lot of permutations here, and I'm not sure which, if any, of 
these behaviors are unexpected. Thanks in advance for any help!

 - John

*Test playbook:*
---
- name: Test with trivial template
hosts: localhost
tasks:
- copy:
dest: "trivial.json.j2"
content: '{ "hello": "world" }'
- set_fact:
template_result: "{{ lookup('template', 'test.json.j2') }}"
- set_fact:
json_from_fact_trivial_template: "{{ template_result | to_json }}"
json_from_template_trivial_template: "{{ lookup('template', 'test.json.j2') 
| to_json }}"
- debug:
var: json_from_fact_trivial_template
- debug:
var: json_from_template_trivial_template

- name: Test with template including variable
hosts: localhost
tasks:
- copy:
dest: "withvar.json.j2"
content: '{% raw %}{ "{{ greeting }}": "world" }{% endraw %}'
- set_fact:
greeting: 'howdy'
- set_fact:
template_result: "{{ lookup('template', 'withvar.json.j2') }}"
- set_fact:
json_from_fact_template_withvar: "{{ template_result | to_json }}"
json_from_template_withvar: "{{ lookup('template', 'withvar.json.j2') | 
to_json }}"
- debug:
var: json_from_fact_template_withvar
- debug:
var: json_from_template_withvar

*Output with Ansible 4.10.0:*

TASK [debug] 

ok: [localhost] => {
"json_from_fact_trivial_template": {
"hello": "world"
}
}

TASK [debug] 

ok: [localhost] => {
"json_from_template_trivial_template": "\"{ \\\"hello\\\": 
\\\"world\\\" }\""
}

TASK [debug] 

ok: [localhost] => {
"json_from_fact_template_withvar": {
"howdy": "world"
}
}

TASK [debug] 

ok: [localhost] => {
"json_from_template_withvar": {
"howdy": "world"
}
}

*Output with Ansible 5.0.1:*

TASK [debug] 

ok: [localhost] => {
"json_from_fact_trivial_template": {
"hello": "world"
}
}

TASK [debug] 

ok: [localhost] => {
"json_from_template_trivial_template": "\"{ \\\"hello\\\": 
\\\"world\\\" }\""
}

TASK [debug] 

ok: [localhost] => {
"json_from_fact_template_withvar": {
"howdy": "world"
}
}

TASK [debug] 

ok: [localhost] => {
"json_from_template_withvar": "\"{\\\"howdy\\\": \\\"world\\\"}\""
}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/51f1a393-9d72-4e93-a7e7-d9e5420f718dn%40googlegroups.com.

[ansible-project] Keeping directory content in sync

[John Petro]

I am working on a role for work, and it needs to keep the source directory
( that lives on the ansible controlnode ), and the destination ( lives on
teh remote ) in sync. I know that the copy module can keep the
changes/additions in sync.  I am not so much worried about that part.
Where I am getting stuck, is how to handle if we delete a file at the
source, and want that delete carried forward to the remote.

Is there a good way to do that, other than stat the files, loop through the
variable, and delete anything that doesn't exist?

Any advice you have here would be much appreciated.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8UvQuOSCGMUqiO--vM6dVAB27aa_-RMmYegbCtcCninw%40mail.gmail.com.

[ansible-project] Ansible Control Node Configuration

[John Petro]

Good Afternoon,
  My team is in the process of doing a review of our current environment.
The question came up, that since the ansible control node has the "keys to
the kingdom"  that it should not live on public IP space.  So I thought I
might ask, what are you folks doing in terms of where your control node
sits.  Are you exposed to the internet, are you on either private IP space
( ie. 10 net or 192.168 space ), or are you behind a firewall, or some
other kinds of network security type devices/technologies.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-8vVrK0KqjgiETt786XfRZNtUwvSWaOznDoyFH4M4doA%40mail.gmail.com.

Re: [ansible-project] Question about template module

[John Petro]

Thanks Matt!!   That is the answer I was looking for.

--John

On Wed, Nov 10, 2021 at 9:42 AM Matt Martz  wrote:

> The template is always generated locally where ansible is executed from.
> Then we call the `copy` action internally, which will call the `stat`
> module to get the checksum of the remote file and determine if it exists.
> If the local checksum and remote checksum matches, the file is not copied
> to the remote.  Afterwards we call the `file` action/module, and
> potentially modify permissions/ownership/mode on the destination file.
>
> On Wed, Nov 10, 2021 at 8:36 AM John Petro  wrote:
>
>> Good morning!!
>>
>> I have a quick question about how the template module works under the
>> hood, that I wasn't able to find any information on, and was asked about by
>> a coworker.
>>
>> So, let's say I have a role where I created a config file from a
>> template.  If I run that role a second time, the result comes back having
>> not making any changes, which is what I expect.   So the question I have is
>> when I run a playbook against that role multiple times, how does ansible
>> check the value to determine if a change needs to be made or not.
>>
>> --john
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob_ikZ60_ijHj9hA%3DLoGVc-7Yy-tzh1m8Dfkm1YHSSX_yQ%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAPAjob_ikZ60_ijHj9hA%3DLoGVc-7Yy-tzh1m8Dfkm1YHSSX_yQ%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>
>
> --
> Matt Martz
> @sivel
> sivel.net
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAD8N0v-Prdkn9POzfw3prtZ5AcrBN4-fpd4zF1p8n%2BLC-ugS-A%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAD8N0v-Prdkn9POzfw3prtZ5AcrBN4-fpd4zF1p8n%2BLC-ugS-A%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_Kr8uE7SAXV1x3OTAEtS9YqFD%3D3U9KVWAWZkVLLcyzLg%40mail.gmail.com.

[ansible-project] Question about template module

[John Petro]

Good morning!!

I have a quick question about how the template module works under the hood,
that I wasn't able to find any information on, and was asked about by a
coworker.

So, let's say I have a role where I created a config file from a template.
If I run that role a second time, the result comes back having not making
any changes, which is what I expect.   So the question I have is when I run
a playbook against that role multiple times, how does ansible check the
value to determine if a change needs to be made or not.

--john

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_ikZ60_ijHj9hA%3DLoGVc-7Yy-tzh1m8Dfkm1YHSSX_yQ%40mail.gmail.com.

Re: [ansible-project] Determining the primary IP address

[John Petro]

Ok.. so some more info...  I think I have a workable solution.  I"ll be
testing it tomorrow, but I am 99% sure I have it figured out.  The code
above, actually didn't work as I thought..  so, I changed this:

  when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] |
select('match', '^10.[0-9]+')

to this:
when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] |
regex_search('^10.[0-9]+')

That seems to have gotten me the result I was looking for.

As for the "default ipv4" not being consistent, I went back and re-read the
article.  Basically, the author said that if you don't set a default route,
then the default.ipv4.address will be empty.  I decided this was not a huge
deal, since I can't think of a situation where I have installed a server
without a default route.  :)

So anyway, thanks again for the help, I do appreciate it.
--John

On Thu, Oct 21, 2021 at 7:43 PM Dick Visser  wrote:

> I don't know about any such unreliability.
> As for determining if the address is in a specific prefix, I would
> definitely use the ipaddr filter:
>
> https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters_ipaddr.html
>
> On Fri, 22 Oct 2021 at 00:06, John Petro  wrote:
>
>> Good afternoon.
>>   I have this snippet of code, that sets a proxy variable if the default
>> ipv4 IP address is in 10 net space.  I had read somewhere that using the
>> ansible_default_ipv4 fact, wasn't always reliable.  So is there a better
>> way to grab the primary IP other than what I did below?
>>
>> - name:  PreTask | Configure proxy
>>   set_fact:
>> _zabbix_proxy: "{{zabbix_http_proxy}}"
>>   when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] |
>> select('match', '^10.[0-9]+')
>>
>> Thanks for the help!!
>>
>> --John
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob_VTLnFFUannftz9cgMbdGj7etHN8TtmA%2B%2B7M7aA7L8qg%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAPAjob_VTLnFFUannftz9cgMbdGj7etHN8TtmA%2B%2B7M7aA7L8qg%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
> --
> Sent from a mobile device - please excuse the brevity, spelling and
> punctuation.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwMpKBNdfM1FtH4-FemVx_FW1hNk03uwXeLW%2Bv5esTiGcQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAL8fbwMpKBNdfM1FtH4-FemVx_FW1hNk03uwXeLW%2Bv5esTiGcQ%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-pyQvn3qhyK0aWtKi0YX7O3bSbJVKd5Cd4P2LHBvZ2_Q%40mail.gmail.com.

Re: [ansible-project] Determining the primary IP address

[John Petro]

I hadn't heard about any inconsistencies either, which is why I figured I'd
ask here.  I thought about the ipaddr filter, but you need to install a
python module for it to work. (netaddr I think) and I was just trying to
figure it out using the base set of modules, etc.  Thanks for the info
though, I appreciate it

--John

On Thu, Oct 21, 2021, 7:43 PM Dick Visser  wrote:

> I don't know about any such unreliability.
> As for determining if the address is in a specific prefix, I would
> definitely use the ipaddr filter:
>
> https://docs.ansible.com/ansible/latest/user_guide/playbooks_filters_ipaddr.html
>
> On Fri, 22 Oct 2021 at 00:06, John Petro  wrote:
>
>> Good afternoon.
>>   I have this snippet of code, that sets a proxy variable if the default
>> ipv4 IP address is in 10 net space.  I had read somewhere that using the
>> ansible_default_ipv4 fact, wasn't always reliable.  So is there a better
>> way to grab the primary IP other than what I did below?
>>
>> - name:  PreTask | Configure proxy
>>   set_fact:
>> _zabbix_proxy: "{{zabbix_http_proxy}}"
>>   when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] |
>> select('match', '^10.[0-9]+')
>>
>> Thanks for the help!!
>>
>> --John
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAPAjob_VTLnFFUannftz9cgMbdGj7etHN8TtmA%2B%2B7M7aA7L8qg%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAPAjob_VTLnFFUannftz9cgMbdGj7etHN8TtmA%2B%2B7M7aA7L8qg%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
> --
> Sent from a mobile device - please excuse the brevity, spelling and
> punctuation.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAL8fbwMpKBNdfM1FtH4-FemVx_FW1hNk03uwXeLW%2Bv5esTiGcQ%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAL8fbwMpKBNdfM1FtH4-FemVx_FW1hNk03uwXeLW%2Bv5esTiGcQ%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob922AxOR0_mS-G230o33_i6HD9bhPDxxjEN3Sg%2BKtKLzQ%40mail.gmail.com.

[ansible-project] Determining the primary IP address

[John Petro]

Good afternoon.
  I have this snippet of code, that sets a proxy variable if the default
ipv4 IP address is in 10 net space.  I had read somewhere that using the
ansible_default_ipv4 fact, wasn't always reliable.  So is there a better
way to grab the primary IP other than what I did below?

- name:  PreTask | Configure proxy
  set_fact:
_zabbix_proxy: "{{zabbix_http_proxy}}"
  when: hostvars[inventory_hostname]['ansible_default_ipv4']['address'] |
select('match', '^10.[0-9]+')

Thanks for the help!!

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_VTLnFFUannftz9cgMbdGj7etHN8TtmA%2B%2B7M7aA7L8qg%40mail.gmail.com.

Re: [ansible-project] Playbook Variable and Jinja 2 -- Namespace Problem?

[John-Paul Pagano]

Do you recommend upgrading to Jinja2 3.x for my version of Ansible?

On Wednesday, October 20, 2021 at 6:55:39 PM UTC-4 caud...@gmail.com wrote:

> I thought we were on Jinja 3?
>
> On Wed, Oct 20, 2021, 6:48 PM Clint Denham  wrote:
>
>> Can you post a little of update_results?
>>
>> Sometimes with this error you just need to include the list reference. 0 
>> being the first list. 
>>
>> update_results.0.updstes[k]
>>
>> Once we get the entire update_results we can see for sure.
>>
>> On Wed, Oct 20, 2021, 12:25 PM John-Paul Pagano  
>> wrote:
>>
>>>  ansible-playbook [core 2.11.5]
>>>   python version = 3.9.7 (default, Sep  3 2021, 12:45:31) [Clang 12.0.0 
>>> (clang-1200.0.32.29)]
>>>   jinja version = 2.11.3
>>>
>>> Hi,
>>>
>>> I'm trying to write a play that will connect to a managed Windows node, 
>>> gather a list of Windows Updates that are available to be installed on it, 
>>> and output that list to stdout. Below is what I've cobbled together, but it 
>>> doesn't fully work. While the list is dumped as expected to the local file 
>>> "win_updates.log", it is not also copied to stdout. The error I get is 
>>> "msg": "The task includes an option with an undefined variable. The error 
>>> was: list object has no element".
>>>
>>> It appears that the 'k' variable in the for loop in the Jinja 2 routine 
>>> is unset, presumably because the "update_results" variable in the play 
>>> isn't available to it. Can you help me understand what I'm doing wrong?
>>>
>>> Thanks!
>>>
>>> - name: List all updates that might be installed
>>>   hosts: all
>>>
>>>   tasks:
>>>
>>> - name: Find possible updates
>>> become: true
>>> become_method: runas
>>> become_user: SYSTEM
>>> win_updates:
>>>   category_names: '*'
>>>   state: searched
>>>   log_path: C:/Users/MY_USER/win_updates.log
>>> register: update_results
>>>
>>>   - debug:
>>>   msg: |
>>> {% for k in update_results.updates %}
>>> {{ update_results.updates[k].title }}
>>> {% endfor %}
>>>
>>> -- 
>>> You received this message because you are subscribed to the Google 
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send 
>>> an email to ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit 
>>> https://groups.google.com/d/msgid/ansible-project/c4d495a1-cac5-4c84-9f66-67280941f14dn%40googlegroups.com
>>>  
>>> <https://groups.google.com/d/msgid/ansible-project/c4d495a1-cac5-4c84-9f66-67280941f14dn%40googlegroups.com?utm_medium=email_source=footer>
>>> .
>>>
>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>>
> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/CAA92%3DYNs4WG%2BGoMtfNdC-qWhuR_vvL--XOA3jfA%3DiF1ZsMy%2BqA%40mail.gmail.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/CAA92%3DYNs4WG%2BGoMtfNdC-qWhuR_vvL--XOA3jfA%3DiF1ZsMy%2BqA%40mail.gmail.com?utm_medium=email_source=footer>
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/37cee535-8b41-42cc-bb65-021ed3d4a6b2n%40googlegroups.com.

Re: [ansible-project] Playbook Variable and Jinja 2 -- Namespace Problem?

[John-Paul Pagano]

Sorry, i probably should have done that. Here's the output from a managed 
node that was left behind on patches for the purpose of testing.

ok: [MY_IP] => {
"update_results.updates": [
{
"categories": [
"Definition Updates",
"Microsoft Defender Antivirus"
],
"downloaded": true,
"id": "971038cc-9d05-4a4c-9c53-51110f6b525a",
"installed": true,
"kb": [
"2267602"
],
"title": "Security Intelligence Update for Microsoft Defender 
Antivirus - KB2267602 (Version 1.351.755.0)"
},
{
"categories": [
"Update Rollups",
"Windows Server 2016",
"Windows Server 2019"
],
"downloaded": true,
"id": "3af26db7-4c87-4c6e-ba44-5fa00913995e",
"installed": true,
"kb": [
"890830"
],
"title": "Windows Malicious Software Removal Tool x64 - v5.94 
(KB890830)"
},
{
"categories": [
"Security Updates",
"Windows Server 2016"
],
"downloaded": true,
"id": "ff623435-c638-4c25-a907-843fa16c22b3",
"installed": true,
"kb": [
"5006669"
],
"title": "2021-10 Cumulative Update for Windows Server 2016 for 
x64-based Systems (KB5006669)"
},
{
"categories": [
"Feature Packs",
"Silverlight"
],
"downloaded": true,
"id": "ca3bb521-a8ea-4e26-a563-2ad6e3108b9a",
"installed": true,
"kb": [
"4481252"
],
"title": "Microsoft Silverlight (KB4481252)"
},
{
"categories": [
"Definition Updates",
"Microsoft Defender Antivirus"
],
"downloaded": true,
"id": "f6a66dbc-2311-4ee0-ad24-2392dbf48641",
"installed": true,
"kb": [
"2267602"
],
"title": "Security Intelligence Update for Microsoft Defender 
Antivirus - KB2267602 (Version 1.351.759.0)"
},
{
"categories": [
"Security Updates",
"Windows Server 2016"
],
"downloaded": true,
"id": "73f45b23-8537-455d-83fd-840e7e93b835",
"installed": true,
"kb": [
"5005698"
],
"title": "2021-09 Servicing Stack Update for Windows Server 
2016 for x64-based Systems (KB5005698)"
}
]
}

On Wednesday, October 20, 2021 at 6:48:22 PM UTC-4 clint...@gmail.com wrote:

> Can you post a little of update_results?
>
> Sometimes with this error you just need to include the list reference. 0 
> being the first list. 
>
> update_results.0.updstes[k]
>
> Once we get the entire update_results we can see for sure.
>
> On Wed, Oct 20, 2021, 12:25 PM John-Paul Pagano  wrote:
>
>>  ansible-playbook [core 2.11.5]
>>   python version = 3.9.7 (default, Sep  3 2021, 12:45:31) [Clang 12.0.0 
>> (clang-1200.0.32.29)]
>>   jinja version = 2.11.3
>>
>> Hi,
>>
>> I'm trying to write a play that will connect to a managed Windows node, 
>> gather a list of Windows Updates that are available to be installed on it, 
>> and output that list to stdout. Below is what I've cobbled together, but it 
>> doesn't fully work. While the list is dumped as expected to the local file 
>> "win_updates.log", it is not also copied to stdout. The error I get is 
>> "msg": "The task includes an option with an undefined variable. The error 
>> was: list object has no element".
>>
>> It appears that the 'k' variable in the for loop in the Jinja 2 routine 
>> is unset, presumably because the "update_results" variable in the play 
>> isn't available to it. Can you help me understand what I'm doing wrong?
>>
>> Thanks!
>>
>> - name: List al

[ansible-project] Playbook Variable and Jinja 2 -- Namespace Problem?

[John-Paul Pagano]

 ansible-playbook [core 2.11.5]
  python version = 3.9.7 (default, Sep  3 2021, 12:45:31) [Clang 12.0.0 
(clang-1200.0.32.29)]
  jinja version = 2.11.3

Hi,

I'm trying to write a play that will connect to a managed Windows node, 
gather a list of Windows Updates that are available to be installed on it, 
and output that list to stdout. Below is what I've cobbled together, but it 
doesn't fully work. While the list is dumped as expected to the local file 
"win_updates.log", it is not also copied to stdout. The error I get is 
"msg": "The task includes an option with an undefined variable. The error 
was: list object has no element".

It appears that the 'k' variable in the for loop in the Jinja 2 routine is 
unset, presumably because the "update_results" variable in the play isn't 
available to it. Can you help me understand what I'm doing wrong?

Thanks!

- name: List all updates that might be installed
  hosts: all

  tasks:

- name: Find possible updates
become: true
become_method: runas
become_user: SYSTEM
win_updates:
  category_names: '*'
  state: searched
  log_path: C:/Users/MY_USER/win_updates.log
register: update_results

  - debug:
  msg: |
{% for k in update_results.updates %}
{{ update_results.updates[k].title }}
{% endfor %}

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/c4d495a1-cac5-4c84-9f66-67280941f14dn%40googlegroups.com.

Re: [ansible-project] Re: Ansible Galaxy down?

[John Dough]

Location based possibly?

Galaxy is working again for me now, hopefully for you too.

On Wednesday, 20 October 2021 at 10:55:23 UTC+1 rpel...@redhat.com wrote:

> Strange because I really can't access the website (I did several refresh). 
>
> Is there a twitter account or something else we can follow update on 
> Ansible Galaxy status?
>
> On Wed, Oct 20, 2021 at 11:36 AM John Dough  wrote:
>
>> I can access the website, but ansible-builder has been failing for me all 
>> morning
>>
>> ERROR! Error when getting the collection info for community.general from 
>> default (https://galaxy.ansible.com/api/) (HTTP Code: 530, Message:  
>> Code: Unknown)
>> STEP 9: FROM quay.io/ansible/ansible-builder:latest AS builder
>> STEP 10: COPY --from=galaxy /usr/share/ansible /usr/share/ansible
>> Error: error building at STEP "RUN ansible-galaxy collection install 
>> $ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path 
>> /usr/share/ansible/collections": error while running runtime: exit status 1
>> On Wednesday, 20 October 2021 at 10:30:23 UTC+1 rpel...@redhat.com wrote:
>>
>>> Hi,
>>>
>>> It seems Ansible Galaxy is down (at least for me): 
>>> https://galaxy.ansible.com/
>>>
>>>  Error 1016 Ray ID: 6a1137627e9ed463 • 2021-10-20 09:28:30 UTC
>>> Origin DNS error
>>> What happened?
>>>
>>> You've requested a page on a website (galaxy.ansible.com) that is on 
>>> the Cloudflare network. Cloudflare is currently unable to resolve your 
>>> requested domain (galaxy.ansible.com).
>>> What can I do?
>>>
>>> If you are a visitor of this website:
>>> Please try again in a few minutes.
>>>
>>> If you are the owner of this website:
>>> Check your DNS settings. If you are using a CNAME origin record, make 
>>> sure it is valid and resolvable. Additional troubleshooting information 
>>> here.
>>>
>>> Is there a way to track the issue and be notified when it's up again?
>>>
>>> -- 
>> You received this message because you are subscribed to the Google Groups 
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an 
>> email to ansible-proje...@googlegroups.com.
>> To view this discussion on the web visit 
>> https://groups.google.com/d/msgid/ansible-project/afae3fc3-f2e2-48ff-941d-415d6a04c219n%40googlegroups.com
>>  
>> <https://groups.google.com/d/msgid/ansible-project/afae3fc3-f2e2-48ff-941d-415d6a04c219n%40googlegroups.com?utm_medium=email_source=footer>
>> .
>>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3f4b184e-4c0b-4a54-8ac2-52068db9e05en%40googlegroups.com.

[ansible-project] Re: Ansible Galaxy down?

[John Dough]

I can access the website, but ansible-builder has been failing for me all 
morning

ERROR! Error when getting the collection info for community.general from 
default (https://galaxy.ansible.com/api/) (HTTP Code: 530, Message:  Code: 
Unknown)
STEP 9: FROM quay.io/ansible/ansible-builder:latest AS builder
STEP 10: COPY --from=galaxy /usr/share/ansible /usr/share/ansible
Error: error building at STEP "RUN ansible-galaxy collection install 
$ANSIBLE_GALAXY_CLI_COLLECTION_OPTS -r requirements.yml --collections-path 
/usr/share/ansible/collections": error while running runtime: exit status 1
On Wednesday, 20 October 2021 at 10:30:23 UTC+1 rpel...@redhat.com wrote:

> Hi,
>
> It seems Ansible Galaxy is down (at least for me): 
> https://galaxy.ansible.com/
>
>  Error 1016 Ray ID: 6a1137627e9ed463 • 2021-10-20 09:28:30 UTC
> Origin DNS error
> What happened?
>
> You've requested a page on a website (galaxy.ansible.com) that is on the 
> Cloudflare network. Cloudflare is currently unable to resolve your 
> requested domain (galaxy.ansible.com).
> What can I do?
>
> If you are a visitor of this website:
> Please try again in a few minutes.
>
> If you are the owner of this website:
> Check your DNS settings. If you are using a CNAME origin record, make sure 
> it is valid and resolvable. Additional troubleshooting information here.
>
> Is there a way to track the issue and be notified when it's up again?
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/afae3fc3-f2e2-48ff-941d-415d6a04c219n%40googlegroups.com.

[ansible-project] Re: Identifier for host managed by ansible

[John Dough]

For a lot of host level information, there is ansible_facts: 
https://docs.ansible.com/ansible/latest/user_guide/playbooks_vars_facts.html

For ad hoc variables which you want to define you can inventory vars at 
various levels

On Thursday, 7 October 2021 at 21:17:22 UTC+1 Simon Gao wrote:

> Hi,
>
> Is there known or common way to add an identifier on the hosts managed by 
> ansible?
>
> Like indentifying os distribution in /etc/redhat-release or 
> /etc/os-release etc, we would like to add some identifying mark on the 
> hosts managed by ansible.
>
> For SaltStack, we can easily tell by checking salt configuration or 
> salt-minion process.  How do people identify the hosts managed via ansible?
>
> Simon
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/4efb3e19-e703-4f8e-b0aa-d6ea43e7bee7n%40googlegroups.com.

Re: [ansible-project] Ansible IDE with syntax help

[John Petro]

I have used it before I knew about the Ansible extension, and it supports
YAML right out of the box, so that might help.  Also, I use an extension
called Indent Rainbow which has been REALLY helpful in debugging
indentation errors.

On Wed, Oct 6, 2021 at 4:52 PM simon clarke  wrote:

> will the RedHat Ansible extension assist with syntax and indentation
> errors?
>
> On Wednesday, October 6, 2021 at 9:49:34 PM UTC+1 simon clarke wrote:
>
>> Thanks for the advice Pat much appreciated
>>
>>
>> On Wednesday, October 6, 2021 at 6:25:17 PM UTC+1
>> pat@networktocode.com wrote:
>>
>>> During Ansiblefest 2021, multiple presenters said they were now using
>>> Microsoft Virtual Studio Code (VSCODE available at no cost on Win10, Mac, &
>>> Linux) with the no-cost RedHat Ansible extension. Of course that is one of
>>> many options but VSCODE has been well received by many.
>>>
>>> On Wed, Oct 6, 2021 at 11:44 AM simon clarke  wrote:
>>>
 Hi,

 I wondered if someone could advise me what the best IDE to use for
 Ansible is?

 I want to be able to use a plugin for syntax/indentation help

 I am a begineer so appologies if this is a basic question and
 appreciate any help

 Simon

 --
 You received this message because you are subscribed to the Google
 Groups "Ansible Project" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to ansible-proje...@googlegroups.com.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/ansible-project/662f52fd-6821-4f53-ae6e-3b4f3d915d8dn%40googlegroups.com
 
 .

>>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/11d8ceac-4c46-44fa-baaf-17bd4ebadfc4n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob8S9%3DcKgrLiu-bdvOXZ1TOJ0izBbMjE34shnzHWxv-ong%40mail.gmail.com.

Re: [ansible-project] How to connect ansible on Linux to Windows server using Windows Management Instrumentation (WMI)

[John Veliss]

Sounds like you want to connect a linux server to a windows share, try
looking up Linux connect to smb of cifs share

On Fri, Sep 17, 2021 at 7:49 AM Mohtashim S  wrote:

> I have a shared Windows drive where a few files are kept.
>
> I have ansible running on Linux which need to connect to the Windows
> server and download those files.
>
> As per the organization policy WINRM is not allowed and the suggestion of
> using Windows Management Instrumentation (WMI) to connect from Linux
> ansible to Windows was given.
>
> I'm not aware nor did I find any document despite searching on google for
> the steps to connect from Ansible(Linux) to remote Windows server using WMI.
>
> Once connected I will try to manage to download the files. However, i need
> help with the connectivity part.
>
> Can you please guide me with the steps or any alternate if possible.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/bfb604b1-3cda-4e60-8418-6acad3f2c64an%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAP-ZCbkSFgckHRG1GV71cVEE5RdHWq95_mEOTgTEUoqHRawcZA%40mail.gmail.com.

Re: [ansible-project] package_facts module

[John Veliss]

Thanks Vladimir, I'll check them out.

On Thu, Sep 30, 2021 at 4:30 AM Vladimir Botka  wrote:

> On Wed, 29 Sep 2021 21:38:58 +1000
> John Veliss  wrote:
>
> > If I want to learn how to do this, what should I be learning,
> > python variables?
> > Can someone please explain what these lines actually mean?
>
> > >
> > > - debug:
> > > msg: |
> > >   {% for l in packages %}
> > >   {% for p in packages[l] %}
> > >   {{ p.name }} {{ p.version }}
> > >   {% endfor %}
> > >   {% endfor %}
>
> Start with Ansible introduction to YAML
>
> https://docs.ansible.com/ansible/latest/reference_appendices/YAMLSyntax.html
>
> and Jinja
> https://jinja.palletsprojects.com/en/latest/
>
> YAML specification explains the details
> https://yaml.org/spec/1.2/spec.html
>
>
> --
> Vladimir Botka
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAP-ZCbkoN98PpYGeG34MQTwirq%2B97Beub3pL_JQHOp%3DFyLKnBg%40mail.gmail.com.

Re: [ansible-project] package_facts module

[John Veliss]

Thanks Vladimir and Dick.

You guys are too clever.

If I want to learn how to do this, what should I be learning, python
variables?

Can someone please explain what these lines actually mean?

Also, how can I get the output to display a package on seperate lines as mu
output is like below.

  "msg": "kbd-misc 1.15.5\npth 2.0.7\niputils 20160308\nrhn-check
2.0.2\nperl-parent 0.225\nnumactl-libs 2.0.12\nrsyslog 8.24.0\ngdbm
1.10\ngpgme 1.3.2\ngrub2 2.02\nkatello-host-tools 3.5.4\nbzip2-libs
1.0.6\npython-setuptools 0.9.8\nunzip 6.0\nlibdb-utils
5.3.21\niwl2030-firmware 18.168.6.1\nlibcom_err 1.42.9\nalsa-firmware
1.0.28\nselinux-policy 3.13.1\nbasesystem 10.0\nperl-Text-ParseWords
3.29\nredhat-support-tool 0.12.2\ndevice-mapper-persistent-data
0.8.5\ncryptsetup-libs 2.0.3\nlibselinux-utils 2.5\nperl-Scalar-List-Utils
1.27\nparted 3.1\npygobject2 2.28.6\nmozjs17 17.0.0\npython-firewall
0.6.3\npython-ipaddr 2.1.11\nlibxslt 1.1.28\nplymouth 0.8.9\nlibunistring
0.9.3\nkeyutils-libs 1.5.8\nperl-Encode 2.51\nlibgpg-error 1.12\nlvm2-libs
2.02.187\ngawk 4.0.2\naic94xx-firmware 30\nxmlsec1-openssl 1.2.20\njansson
2.10\ne2fsprogs-libs 1.42.9\npython-backports-ssl_match_hostname
3.5.0.1\nsubscription-manager-rhsm 1.24.48\niprutils 2.4.17.1\nfile-libs
5.11\npython-libs 2.7.5\ngrub2-tools 2.02\nlibxcb 1.13\npython-lxml
3.2.1\nlibnetfilter_conntrack 1.0.6\nperl 5.16.3\ntzdata
2021a\nyum-metadata-parser 1.1.4\niwl3160-firmware 25.30.13.0\npython-gudev
147.2\nqrencode-libs 3.4.1\ndbus-python 1.1.1\npython-dateutil 1.5\nsetup
2.8.71\nkernel-tools-libs 3.10.0\nlibtasn1 4.10\nyum-rhn-plugin
2.0.1\nethtool 4.8\nsqlite 3.7.17\ntar 1.26\nsudo 1.8.23\nrhnsd
5.0.13\nfreetype 2.8\nlogrotate 3.8.6\nbind-license 9.11.4\nacl
2.2.51\npython-decorator 3.4.0\nalsa-lib 1.1.8\nlibdnet
1.12\ndejavu-sans-fonts 2.33\nebtables 2.0.10\nperl-constant
1.27\nyum-utils 1.1.31\npyliblzma 0.5.3\nncurses-libs 5.9\npolkit
0.112\nperl-Pod-Usage 1.63\npostfix 2.10.1\npciutils 3.5.1\npython-kitchen
1.1.1\ngpg-pubkey 2fa658e0\ngpg-pubkey fd431d51\nopenssh-clients
7.4p1\nlibuser 0.60\nperl-libs 5.16.3\nlibX11 1.6.7\nlz4 1.8.3\nkbd
1.15.5\nkexec-tools 2.0.15\npython-hwdata 1.7.3\nperl-Time-HiRes
1.9725\ngeoipupdate 2.5.0\nsystemd 219\nperl-File-Temp 0.23.01\ncoreutils
8.22\nlvm2 2.02.187\npython-slip-dbus 0.4.0\nlibacl
2.2.51\ndracut-config-rescue 033\nNetworkManager-config-server
1.18.8\nlibnl3 3.2.28\npolicycoreutils 2.5\nredhat-release-server
7.9\nredhat-logos 70.7.0


On Wed, Sep 29, 2021 at 7:49 PM Vladimir Botka  wrote:

> On Wed, 29 Sep 2021 10:55:06 +0200
> Dick Visser  wrote:
>
> > try this
> >
> > - debug:
> > msg: |
> >   {% for pkg in ansible_facts.packages|dict2items %}
> >   {{ pkg.value[0].name }} {{ pkg.value[0].version }}
> >   {% endfor %}
>
> More versions of the same package might be installed. This is
> the reason why the items of the dictionary *packages* are lists. The
> code above will list only the first package from the lists. Iterate
> the lists if you want to be sure you get all packages, e.g.
>
> - debug:
> msg: |
>   {% for l in ansible_facts.packages|dict2items %}
>   {% for pkg in l.value %}
>   {{ pkg.name }} {{ pkg.version }}
>   {% endfor %}
>   {% endfor %}
>
> This can be simplified
>
> - debug:
> msg: |
>   {% for l in packages %}
>   {% for p in packages[l] %}
>   {{ p.name }} {{ p.version }}
>   {% endfor %}
>   {% endfor %}
>
> --
> Vladimir Botka
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/20210929114910.7614400b%40gmail.com
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAP-ZCbmg%2B8UpdeFpqrDssaWj%3D26p%3Dr5riBhh0yd99Q2r3hyREw%40mail.gmail.com.

[ansible-project] package_facts module

[John Veliss]

When using the  package_facts module, I would like to get a listing of the 
package name and the version.

What I have so far is the below.

- name: Collect Packages installation status
  package_facts:
manager: "auto"
  register: packages
- name: debug output
  debug:
var: ansible_facts.packages


But this seem to give me the package along with all its details

  "yum-utils": [
{
"arch": "noarch",
"epoch": null,
"name": "yum-utils",
"release": "54.el7_8",
"source": "rpm",
"version": "1.1.31"
}
],


I have also tried var: ansible_facts.packages.version

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/14022329-fda1-4e9c-86c9-550412003f0en%40googlegroups.com.

Re: [ansible-project] How do you organize ansible roles?

[John Petro]

So, this may not answer all of your questions, but hopefully it hits on a
few.  I have a git repo for the "project" directory structure, and then a
repository for each role.I then use the requirements.yml to grab the
roles I need for a particular project, and it shoves them into the roles
dir for the project.

--John

On Tue, Sep 28, 2021 at 4:03 PM holod...@int.pl  wrote:

> Hey! I'm curious about how do you organize Ansible roles. I want to share
> a few roles in the public Git repository.
> - What do you think about storing roles in the ~/ansible/roles directory?
> - Do you recommend pushing the entire ~/ansible directory together with
> playbooks and other stuff in the git repository or execute git init in the
> directories with role-related stuff like ~/ansible/roles/role1,
> ~/ansible/roles/role2, etc.?
> - If I decided to go the first way, what's the best method to share a
> single ansible role?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/kojifsvxikqamoyxhgjy%40cfgn
> <https://groups.google.com/d/msgid/ansible-project/kojifsvxikqamoyxhgjy%40cfgn?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_%2Bq6QaZe0u32WGro_jk61BBBARKH0N%3DKLE%2B2up-KpN_w%40mail.gmail.com.

Re: [ansible-project] AWX dependency on machine's Ansible

[John Petro]

I believe that the ansible that AWX uses is contained in one of the
containers, so your locally installed instance shouldn't impact it.

On Sat, Sep 11, 2021, 12:29 PM Jatin Garg  wrote:

> Hi Team,
>
> I have AWX setup on minikube cluster on Ubuntu machine. I have also got
> Ansible installed (Version2.5.1 with python2.7) on this ubuntu machine.
>
> Using this ansible, I am running some playbooks through CLI. Now, I need
> to upgrade ansible (uninstall then install the new version of Ansible with
> Python3) to execute my some playbooks.
>
> So, please let me know if does AWX use ansible which is installed on my
> ubuntu machine?
> And, if I uninstall or upgrade Ansible on my Ubuntu machine, will it
> impact AWX functionality?
>
> Please suggest.
>
> Regards,
> Jatin Garg
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/be8bfbab-1f77-4c52-973a-9ca6a83b4f34n%40googlegroups.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-YZY-OxUMuzQQYr7dCpSy0w14_%3DnMc6C%2BDx9JXThQuLQ%40mail.gmail.com.

Re: [ansible-project] Permission Denied error

[John Petro]

Are you able to ssh from the control node to the client as that user? If
so, does it fail, or are you able to log in.  If you are able to log in,
then you might have a problem with your ansible command syntax.
Personally, when I run a playbook, I have to specify the user ( -u ) and I
also have to tell ansible-playbook to ask for the password (--ask-pass )

So, for me, an execution would look something like this:   ansible-playbook
playbook.yml -u username --ask-pass

Of course, I am just guessing at this right now, since I am not sure I have
seen how you are calling the playbook, etc.   Adding the verbose options (
- ) would also be helpful in figuring out what is going on as well.

good luck!!

--John

On Thu, Sep 2, 2021 at 7:55 AM aman kumar chagti 
wrote:

> when I try to run the playbook on a remote VM using password-based
> authentication, I'm getting the following error:
>
> *fatal: [X.X.X.X]: UNREACHABLE! => {"changed": false, "msg": "Failed to
> connect to the host via ssh: x...@X.X.X.X: Permission denied
> (publickey,password).", "unreachable": true}*user and password are
> present in the inventory file.
> but when I try to connect to the VM manually by SSH and using that same
> password: I'm able to log it. Can anyone figure the solution?
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/622ba01f-b89b-49f0-91e2-319f6daee852n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/622ba01f-b89b-49f0-91e2-319f6daee852n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob98%2ByPKLsyX4pE_-_hm7U1gZF2Zz6LMZ3QYvWkrRR1ofw%40mail.gmail.com.

Re: [ansible-project] question about tags

[John Petro]

oh, that is cool.  I didn't know about that one.  Thanks, I will check it
out.

--John

On Mon, Jul 19, 2021 at 3:48 PM Doug Hunley 
wrote:

> You could inspect ansible_run_tags and see if those three tags are not in
> it.
>
> On Mon, Jul 19, 2021 at 3:44 PM John Petro  wrote:
>
>> I have a bit of a problem, and was wondering if anyone has ever done
>> something like this.  I have a playbook I am working on, where it updates
>> firewalld rules for some kubernetes clusters we have.  Rather than have a
>> playbook per cluster, we elected to use tags, one for prod, one for
>> nonprod, and one for beta.
>>
>> What I am trying to do, is have task, that if it isn't one of the three
>> mentioned tags ( Prod, Non-Prod, Beta) then it executes, basically
>> outputting a debug message that the only accepted tags are those three.  Is
>> there a way to say something like "If tags !=[Prod,Non-Prod,Beta] then
>> output text"?
>>
>> I was fairly sure that at some point I saw that there was a way to do
>> that, and I can't seem to find the example anymore so any help anyone can
>> offer wold be greatly appreciated.
>>
>> --John
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAMiM3L3uLqzCzrrtoOwhs8e2_sk2wUmXt%3DSrPjJEnWy%2BHN%2B%2B7w%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAMiM3L3uLqzCzrrtoOwhs8e2_sk2wUmXt%3DSrPjJEnWy%2BHN%2B%2B7w%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob80eSNVG5d3XG3vmFKr5LtPE%2B4k0pH8mAHqye3eZyefPw%40mail.gmail.com.

[ansible-project] question about tags

[John Petro]

I have a bit of a problem, and was wondering if anyone has ever done
something like this.  I have a playbook I am working on, where it updates
firewalld rules for some kubernetes clusters we have.  Rather than have a
playbook per cluster, we elected to use tags, one for prod, one for
nonprod, and one for beta.

What I am trying to do, is have task, that if it isn't one of the three
mentioned tags ( Prod, Non-Prod, Beta) then it executes, basically
outputting a debug message that the only accepted tags are those three.  Is
there a way to say something like "If tags !=[Prod,Non-Prod,Beta] then
output text"?

I was fairly sure that at some point I saw that there was a way to do that,
and I can't seem to find the example anymore so any help anyone can offer
wold be greatly appreciated.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_d_GP-4z6E5LvcU3z78ezrXB_P%3DsDgg2WEUrtdEpa95A%40mail.gmail.com.

[ansible-project] how to display sub variables using debug module

[John Veliss]

I am using the win.find module along with the debug module to list files.

  tasks:
  - name: Find ALDM zip files
ansible.windows.win_find:
  paths: c:\temp
  recurse: no
  patterns: "*.zip"
register: files_to_copy
  - debug:
  msg: "{{files_to_copy}}"


This is what I get

 "msg": {
"changed": false,
"examined": 13,
"failed": false,
"files": [
{
"attributes": "Archive",
"checksum": "2ac51252d04aa02addeda5a86270da2a925b13fc",
"creationtime": 1624860215.3043969,
"exists": true,
"extension": ".zip",
"filename": "xsapagos-xxstestwin-2106280603.zip",
"hlnk_targets": [],
"isarchive": true,
"isdir": false,
"ishidden": false,
"isjunction": false,
"islnk": false,
"isreadonly": false,
"isreg": true,
"isshared": false,
"lastaccesstime": 1624860215.6950212,
"lastwritetime": 1624860215.6950212,
"lnk_source": null,
"lnk_target": null,
"nlink": 1,
"owner": "BUILTIN\\Administrators",
"path": "C:\\temp\\ xsapagos-xxstestwin-2106280603.zip  ",
"sharename": null,
"size": 24556
},

How can I use debug to output just the filename

as I have tried the below 

- debug:
  msg: "{{files_to_copy.files.filename}}"

But I get --> {"msg": "The task includes an option with an undefined 
variable. The error was: 'dict object' has no attribute 'filename'\n\nThe 
error appears to be in 

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/269eeeb1-1421-4e5f-896a-9562d67a9dafn%40googlegroups.com.

[ansible-project] Re: WSL2 Molecule testing Windows playbooks

[John Menke]

Still searching for any current reference on this.  Does anyone have WSL2 
working with ansible testing Windows deployments?

On Tuesday, June 8, 2021 at 11:08:46 AM UTC-4 John Menke wrote:

> I am new to Molecule and I have finally got the docker driver running from 
> within WSL2.  This covers the Linux hosts I have but we also have Windows 
> hosts that I need to test for.  
>
> is Vagrant the best option for this?   Should I install vagrant in WSL2 
> and then try to use the vagrant driver?
>
> -john
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/29dcde94-1940-4b67-a0f9-5380282343a6n%40googlegroups.com.

[ansible-project] Documenting Playbooks

[John Petro]

All,
  we are in the process of switching from another product to ansible at
work.  So we are working on our "how we want to operate" type stuff, to
fill in gaps we currently have.  So, we are documenting roles in a README
with each role, which makes sense, so that you have all the options, etc
right here.  So my question, is do any of you document your playbooks?  If
so how are you organizing that inside a project structure.

--John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob_waEnTqQhz1YkO9v_CDaoBZuy2FSrU-K2wPxgDTRuB0A%40mail.gmail.com.

Re: [ansible-project] **Urgent Need ur suggestion expect module

[John Petro]

I did some poking, and one solution I saw, was to uninstall the RHEL
installed version of pexpect, then install the version maintained in
EPEL.The other option I saw, was to run expect directly using the
command or shell module.

I have not tried either of these, but hopefully it points you in the right
direction.

--John

On Fri, Jun 11, 2021 at 5:15 AM Abdulrazzaq shaik <
shaikabdulrazza...@gmail.com> wrote:

> Hi All
>
>
>
> Am trying to use expect module in the ansible, where am getting error to
> have pexpect 3.3 version
>
>
>
> As I have tried to install am able to get pexpect 2.3 version, how to
> install 3.3 as per ansible docs it must be pexpect 3.3
>
>
>
> Below is installed tried to update same it showing as update to date.
>
>
>
>- Upgrade pexpect package version to 3.3
>- Where can I get pexpect 3.3 ?
>- How to install pexpect 3.3 ?
>
>
>
> Redhat linux 7
>
>
>
>
> Regards
>
> Razzaq
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CA%2B5G-C8i-fkDJND%2Bgk%3DvmrVhu0Kr%3D%3Dt5e4XsOkkvu%3Dwuk7MPCA%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CA%2B5G-C8i-fkDJND%2Bgk%3DvmrVhu0Kr%3D%3Dt5e4XsOkkvu%3Dwuk7MPCA%40mail.gmail.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob9KGFxsYxptZ_qdjLTSjZxyjdHQ1WDwFMFVYX3MNYDKxw%40mail.gmail.com.

[ansible-project] Execute python module from ansible?

[John Menke]

in python i can do 
python -m  packagename.modulename 

I am trying this from ansible script and its not finding python

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/9e1bef5c-deda-4a04-b624-17575c3f7efan%40googlegroups.com.

[ansible-project] WSL2 Molecule testing Windows playbooks

[John Menke]

I am new to Molecule and I have finally got the docker driver running from 
within WSL2.  This covers the Linux hosts I have but we also have Windows 
hosts that I need to test for.  

is Vagrant the best option for this?   Should I install vagrant in WSL2 and 
then try to use the vagrant driver?

-john

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/bf2f2bec-3569-40ea-91b5-4784d4a3ef2dn%40googlegroups.com.

Re: [ansible-project] Running python3 script from ansible

[John Menke]

Thanks Brian!

On Monday, June 7, 2021 at 7:45:19 PM UTC-4 Brian Coca wrote:

> Yes,
>
> Simplest way is using the 'script' action and make sure the shebang on
> the script points to the python3 you want.
>
> -- 
> --
> Brian Coca
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/e2d5b803-bd97-49dd-a3a2-f005d013646dn%40googlegroups.com.

[ansible-project] Running python3 script from ansible

[John Menke]

I have a python3 script that i want to run from a playbook that is using 
the python2 interpreter.  Is this possible?  

-john

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/6ee0996b-92e8-47ce-9b9a-71929f2ad87an%40googlegroups.com.

[ansible-project] ansible become user failing due to shell execution restrictions

[John Petro]

I am running into an interesting issue, and wondered if anyone has hit the
same thing as I have.  We have our sudo configs locked down pretty tight,
and don't allow users to do execute a shell directly using sudo.  So,
basically, things like sudo /bin/sh are not permitted.  I found a 5 year
old stacktrace article with a workaround, and I am not particularly fond of
the suggestion, which was to make a copy of /bin/sh as a different
filename, then tell ansible to use that via the ansible config.  (
https://stackoverflow.com/questions/33529850/ansible-have-sudo-but-no-root)

Has anyone seen this before, and if so, I am curious as to what your
workaround was.

--john

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob91%3DqAwxMYzRi56%2B%2Bwo83JYB-bijMyc%3D-v8U_y6g3ck8A%40mail.gmail.com.

[ansible-project] I want edit an openshift router-default deployment with ansible

[John Macioci]

<https://stackoverflow.com/posts/66968526/timeline>

I'm attempting to edit a router-default deployment with ansible. I want to 
change a section in the router-default from:

topologyKey: kubernetes.io/hostname --> topologyKey: 
failure-domain.beta.kubernetes.io/zone

I can successfully perform an oc edit on deployment.apps/router-default in 
the openshift-ingress namespace, but I can't perform the same task with 
ansible.

When I run the ansible playbook, it says it successfully changed the 2 
fields. When I run ansible with -vvv it shows the before and after as being 
changed. However, when I look at the router deployment using oc edit, the 
change is not applied.

John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/5cd46aed-9d78-40b7-a239-7a9bbcffd23cn%40googlegroups.com.

[ansible-project] windows command via playbook

[John Veliss]

Can anyone tell me how I would execute the below command via a playbook

wuauclt /resetauthorization /detectnow
Wuauclt /reportnow

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/3af252c2-d050-43e3-b2a9-e4141f3f49abn%40googlegroups.com.

[ansible-project] run powershell command via ansible playbook

[John Veliss]

Can anyone tell me how I would add the below powershell command into a 
playbook

PowerShell.exe (New-Object -ComObject 
Microsoft.Update.AutoUpdate).DetectNow()

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/02ddbac9-54d5-4b68-8381-286b0d901f71n%40googlegroups.com.

[ansible-project] ansible.community: linode_v4 module updates to support nodebalancers?

[John Stoffel]

Hi there,
Is anyone working on extending the ansible.community linode_v4: module to 
support more than just simple linode creation?  Or do I need to keep using

command:
  cmd:  linode-cli 

to do all my work?  I tried using the uri: module instead to call the 
Linode API directly, but that was painful for me as a newbie Ansible user.  

My big stumbling block now is creating a Linode nodebalancer where I need 
to do:

1. create nodebalancer
2. create nodebalancer config
 with_items:  80, 443
3. add two seperate nodes to each config.

Since this is a double loop, I think I need to do something silly like 
multiple include_tasks:  loops, which just gets ugly fast.  

How do people do nested layers of devices in Ansible efficiently and 
clearly without having to use multiple tasks files?  

Thanks,
John

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/b6d5e10a-8f97-4204-bdf7-b7a7f4bd6955n%40googlegroups.com.

Re: [ansible-project] Ansible Organization - When to split out projects

[John Petro]

Interesting...   I hadn't thought about the versioning thing.  Most of the
stuff we are doing, is either package installs, or basic server
administrative operational type tasks.  We are just getting started using
ansible ( I have been using it for my fleet of Pi's for about 2 ish years
now ), so I don't have a good handle on how many roles we are going to
have.  I would like us to implement some sort of testing environment, using
molecule or some other method as part of this, so hopefully any versioning
issues we hope we can catch in test, but I know that won't be 100%
effective.  I definitely keep going back and forth between a single repo
for all the roles, or a repo per role.

Thanks for the insight, I appreciate it!!

--John

On Thu, Jan 28, 2021 at 9:17 AM William McKenzie 
wrote:

> One repo per role is the general advice, but it does depend a bit. We
> built a body of over 200 roles at my last job, and over time we found that
> managing a 'package' of know good versions got very unwieldy, and people
> had trouble managing their requirements.yml. Our first solution was to
> build a 'bundle' of roles. So, the devops central team published a package
> of all 200+ roles once per PI, and projects just unzipped the whole thing
> into their build folders as part of CI/CD pipeline. In my new job, I'm
> taking a different approach and using a mono-repo of all the roles and it
> seems to be working well. It has a lot to do with who will use the roles.
> In our case, we have a ton of devs who dont have the time or inclination to
> keep track of versions, or deug issues. They just want a bundle that has
> been tested and is know to work.
>
> On Tuesday, January 26, 2021 at 1:21:04 PM UTC-6 jcp...@johnpetro.com
> wrote:
>
>> Thanks!!  There's definitely a lot to think about here for sure.  I
>> appreciate the information!!
>>
>> --John
>>
>> On Mon, Jan 25, 2021 at 5:19 PM Jean-Yves LENHOF 
>> wrote:
>>
>>>
>>> Le 25/01/2021 à 16:03, John Petro a écrit :
>>> > Good morning,
>>> >I am working on setting up an ansible repository, for work.  We are
>>> > going to be using AWX eventually ( sooner rather than later ).  What I
>>> > am wondering, is how people decided to split up their ansible project
>>> > directories. My first thought was to just have a single project with
>>> > all of our playbooks in that but I am starting to question whether
>>> > that is the correct path or not.
>>>
>>> Not so obvious to answer !
>>>
>>>
>>> >
>>> > Along with that, when it comes to source control, are you storing your
>>> > roles in a separate repo per role, or all in one repo.  For myself
>>> > personally ( homelab ), I have a single project, and all of my roles
>>> > have their own repo, but I am not sure how that scales to a larger
>>> > organization.
>>>
>>> One role per repo with version tags !
>>>
>>> Like this you can use version in your requirements file and decide which
>>> version is working for you in your context. Periodically you need to
>>> update versions and make some adjustments to code after testings !
>>>
>>> The more a role is going to be used by different people, the more you
>>> will need a concensus about changes and decide what change can be done
>>> in in a minor and in a major release version !
>>>
>>> Regards,
>>>
>>> JYL
>>>
>>> --
>>> You received this message because you are subscribed to the Google
>>> Groups "Ansible Project" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to ansible-proje...@googlegroups.com.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/ansible-project/b8e10d84-4a41-dc3c-52c8-99433327c2a6%40lenhof.eu.org
>>> .
>>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/7d172c6b-9253-4937-98e2-c8520455e027n%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/7d172c6b-9253-4937-98e2-c8520455e027n%40googlegroups.com?utm_medium=email_source=footer>
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/CAPAjob-eH0g3DbudZKAuD0HqCFm45t7ZRYTXSU41fPrLY3QJow%40mail.gmail.com.