Re: [ansible-project] What is the best approach to creating a inlude_vars file for my requirement

[Shifa Shaikh]

Dick Hi, 

My requirement is not about configuring a webserver. 

It is to maintain a check on a set of files. If the file changes by 
checksum or permissions I wish to trigger an alert. 

Thus, my ansible will stat the file and then compare the checksum and mode 
that was previously stored in the include_vars file. 

If they match we are good else we will trigger an alert. 

Thus, I want to understand if my approach/format of storing mode and 
checksum information for all files on all servers good? if not please 
propose how should i design the include_vars files so I could read the 
checksum and mode of a file on a  particular IP. 

On Sunday, January 26, 2020 at 4:25:25 AM UTC+5:30, Dick Visser wrote:
>
> Hi 
>
> The information you've provided seems to contain several cases of 
> wheel reinvention. 
> Rather than helping you do that, please explain what you are REALLY 
> looking to achieve. 
> The file names in your example suggest: "configuring a web server". 
> In which case, a few template tasks and a handler might be all you need. 
>
> Dick 
>
>
> On Sat, 25 Jan 2020 at 00:10, Shifa Shaikh  > wrote: 
> > 
> > I use the stat module to read multiple files statistics from each remote 
> server. 
> > 
> > Thus, I'm able to get the file mode and checksum value of say 3 files on 
> host1 and 2 files on host2. 
> > 
> > I wish to know what is a good way to create/construct an include_vars 
> file so that I can easily read back each file's mode and checksum for any 
> given server? 
> > 
> > I thought of constructing a myvars.yaml as below: 
> > 
> > --- 
> > host1: 
> >name: /tmp/conf/httpd.conf 
> >checksum: 79783482382789273 
> >mode: 0744 
> >name: /tmp/conf/extra/httpd.conf 
> >checksum: 112312382789273 
> >mode: 0754 
> > 
> > 
> > 
> > host2: 
> > 
> >name: /tmp/conf/httpd.conf 
> >checksum: 89662ff9273 
> >mode: 0774 
> >name: /tmp/conf/extra/httpd.conf 
> >checksum: 82094810498 
> >mode: 0754 
> > 
> > 
> > I can construct the myvars.yaml as I like but the challenge is how can I 
> read the values of the individual file name on a given hots? 
> > 
> > Any suggestions for construct myvars.yaml differently and reading 
> individual file details in a playbook will be of great help. 
> > 
> > Thank you !! 
> > 
> > -- 
> > You received this message because you are subscribed to the Google 
> Groups "Ansible Project" group. 
> > To unsubscribe from this group and stop receiving emails from it, send 
> an email to ansible...@googlegroups.com . 
> > To view this discussion on the web visit 
> https://groups.google.com/d/msgid/ansible-project/fd96dabf-6ed9-4924-84b5-d855d15f05ff%40googlegroups.com.
>  
>
>
>
>
> -- 
> Dick Visser 
> Trust & Identity Service Operations Manager 
> GÉANT 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/41899b75-4a2a-486d-a30c-5ddc798a7880%40googlegroups.com.

Re: [ansible-project] Basic beginner question

[Waqar Khan]

Brilliant - thank you 

On Sunday, January 26, 2020 at 1:15:40 PM UTC, Kai Stian Olstad wrote:
>
> On 26.01.2020 13:50, Waqar Khan wrote: 
> > Starting out with ansible and trying to configure sshd config. Here is 
> > what 
> > I have, it works but is there a better way to do with for future 
> > reference. 
> > e.g. if I have many different distributions it looks like a lot of 
> > copying. 
> > Can I combine the 2 tasks? 
> > 
> > - name: sshd Amazon 
> > lineinfile: 
> > state: present 
> > path: /etc/ssh/sshd_config 
> > regexp: "^AllowUsers" 
> > line: AllowUsers ec2-user 
> > when: ansible_distribution == 'Amazon' 
> > notify: 
> > - restart sshd 
> > 
> > - name: sshd Centos 
> > lineinfile: 
> > state: present 
> > path: /etc/ssh/sshd_config 
> > regexp: "^AllowUsers" 
> > line: AllowUsers centos 
> > when: ansible_distribution == 'Centos' 
> > notify: 
> > - restart sshd 
>
> You can create a variable that contains the information 
>
> allowusers: 
>Amazon: ec2-user 
>Centos: centos 
>
> And then you only need one task 
> - name: sshd_config 
>lineinfile: 
>  path: /etc/ssh/sshd_config 
>  regexp: "^AllowUsers" 
>  line: AllowUsers {{ allowusers[ansible_distribution] }} 
>notify: restart sshd 
>
>
> -- 
> Kai Stian Olstad 
>

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/d24260e5-4ad0-413e-862a-abbb1180d3d8%40googlegroups.com.

Re: [ansible-project] Basic beginner question

[Jean-Yves LENHOF]

Hi,

You probably looking for ansible_os_family which is RedHat for these 
distributions : RedHat EL, CentOS, Amazon, etc...


You should probably test the major version (between 6 and 7, there's 
service and systemctl which are kind different for example, I suppose 
you're not modifying only ssh config)


So you're when directive should be something like this :

when: ansible_os_family == 'RedHat' and 
ansible_distribution_major_version in ['6','7']


Regards,

Le 26/01/2020 à 13:50, Waqar Khan a écrit :
Starting out with ansible and trying to configure sshd config. Here is 
what I have, it works but is there a better way to do with for future 
reference. e.g. if I have many different distributions it looks like a 
lot of copying. Can I combine the 2 tasks?


- name: sshd Amazon
lineinfile:
state: present
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers ec2-user
when: ansible_distribution == 'Amazon'
notify:
- restart sshd
- name: sshd Centos
lineinfile:
state: present
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers centos
when: ansible_distribution == 'Centos'
notify:
- restart sshd
--
You received this message because you are subscribed to the Google 
Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to ansible-project+unsubscr...@googlegroups.com 
.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fc08397d-3bb8-4087-93f2-9a4d85378906%40googlegroups.com 
.


--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/7318ce4d-08ad-00da-fc54-3fd495944775%40lenhof.eu.org.

Re: [ansible-project] Basic beginner question

[Kai Stian Olstad]

On 26.01.2020 13:50, Waqar Khan wrote:
Starting out with ansible and trying to configure sshd config. Here is 
what
I have, it works but is there a better way to do with for future 
reference.
e.g. if I have many different distributions it looks like a lot of 
copying.

Can I combine the 2 tasks?

- name: sshd Amazon
lineinfile:
state: present
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers ec2-user
when: ansible_distribution == 'Amazon'
notify:
- restart sshd

- name: sshd Centos
lineinfile:
state: present
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers centos
when: ansible_distribution == 'Centos'
notify:
- restart sshd


You can create a variable that contains the information

allowusers:
  Amazon: ec2-user
  Centos: centos

And then you only need one task
- name: sshd_config
  lineinfile:
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers {{ allowusers[ansible_distribution] }}
  notify: restart sshd


--
Kai Stian Olstad

--
You received this message because you are subscribed to the Google Groups "Ansible 
Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/206997c8710d12a744224c2a681eb4a4%40olstad.com.

[ansible-project] Basic beginner question

[Waqar Khan]

Starting out with ansible and trying to configure sshd config. Here is what 
I have, it works but is there a better way to do with for future reference. 
e.g. if I have many different distributions it looks like a lot of copying. 
Can I combine the 2 tasks?

- name: sshd Amazon
lineinfile:
state: present
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers ec2-user
when: ansible_distribution == 'Amazon'
notify:
- restart sshd

- name: sshd Centos
lineinfile:
state: present
path: /etc/ssh/sshd_config
regexp: "^AllowUsers"
line: AllowUsers centos
when: ansible_distribution == 'Centos'
notify:
- restart sshd

-- 
You received this message because you are subscribed to the Google Groups 
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/ansible-project/fc08397d-3bb8-4087-93f2-9a4d85378906%40googlegroups.com.