[ansible-project] use binascii.unhexlify() in Jinja2 template

HI! I'm using stat task to let ansible calculate the SHA-512 checksum of a file on the managed node [1] which returns hex-encoded hash values. Now I have to convert the checksum to bytes prior to base64-encoding this byte string. In Python code I would use the function binascii.unhexlify(). But

[ansible-project] reference role default variable

HI! I'd like to override a default for var_b defined in roles/role_b/defaults/main.yml with a value of var_a defined in roles/role_a/defaults/main.yml Is this possible? Can I reference role vars? Or is this rather a use-case of include_role? Ciao, Michael. -- You received this message becau

[ansible-project] .format() in Jinja2 filter

HI! I'd like to reformat a list of IPv4 addresses with a Python formatting string. '12.34.56.78' should be transformed into 'peername.ip=12.34.56.78%255.255.255.255'. In Python I'd just use 'peername.ip={0}%255.255.255.255'.format('12.34.56.78') How to express that in a Jinja2 filter? I'v

Re: [ansible-project] .format() in Jinja2 filter

Dirk, On 4/1/20 12:17 PM, Dick Visser wrote: > It looks like you just want to have a string prepended and appended to > it - I would use regex_replace for that. Ah, yes. Missed that. Many thanks. Ciao, Michael. -- You received this message because you are subscribed to the Google Groups "Ansi

Re: [ansible-project] User authentication with LDAP

On 5/20/20 9:30 PM, Johnny Medlock wrote: > I am writing to inquire some information in regards to User Permission > management with LDAP authentication. I have searched around and have > found conflicting answers. > > I currently have an Ansible AWX 2.9.5 environment stood up on a CentOS 8 > VM a

Re: [ansible-project] Re: New Ansible releases 2.9.12 and 2.8.14

On 8/24/20 12:14 PM, Anand Buddhdev wrote: > Ansible 2.9.12 has a serious bug in its cron module that has caused > several problems for people, and many bug reports about it are open? Do > you have plans to issue a new release of the 2.9 branch? I feel that you > should not wait so long with a new

Re: [ansible-project] What should be the proper way to use include_tasks in ansible 2.5

chipcha wrote: > Would it be possible to also add best practices of how to migrate > include_tasks to import_tasks with loops > After https://github.com/ansible/ansible/pull/33595 it seems that all my > include_tasks with tags are ignored I can confirm this issue using ansible-2.4.3.0-0.5.rc2.tar.

Re: [ansible-project] Dynamic Inventory using Active Directory / LDAP

aa...@klep.net wrote: > Does anyone have code that can pull a dynamic inventory from list of AD > OUs?  Want to use the windows_update module to patch our servers only in > specific OUs. > > Maybe I missed it, but I don't see Windows Active Directory inventory > here:  https://github.com/ansible/a

Re: [ansible-project] Ansible 2.5.0 Release Candidate 1 is available

mattd...@redhat.com wrote: > Hi all- we're happy to announce that Release Candidate 1 of Ansible > 2.5.0 is now available! It seems to me that tags are not working as expected: The tagged tasks are not executed. Ciao, Michael. -- You received this message because you are subscribed to the Goog

[ansible-project] 2.5.0.0: include_tasks is not executed with tags

mattd...@redhat.com wrote: > Tag support in 2.5.0 is passing all the integration tests, so I'd be > surprised if it's not working, but If you've got a reproducible issue, > please file it on Github. With ansible 2.5.0.0 this task is not executed with -t monitoring: - name: "Monitoring scripts on

[ansible-project] copy src lookup

HI! Is it possible to lookup the pathname of a local file on the ansible controller used in a copy task for src: *before* performing the copy task? Ciao, Michael. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this gro

Re: [ansible-project] ansible 2.2.1.0 and Jinja2 2.9.5

Alan Orth wrote: > Yeah, definitely issues between those two. See some issue reports on > GitHub, for example: > > https://github.com/ansible/ansible/issues/20063 Any news on that? The bug above is labeled "affects_2.3" and there's no milestone defined yet. I'm asking because the Linux distros

Re: [ansible-project] ansible 2.2.1.0 and Jinja2 2.9.5

Mirko Friedenhagen wrote: > I would always recommend to take the virtualenv approach for non-trivial > python > software. In this particular case it's not a matter of whether to use virtualenv or not or whether disk space is wasted. The real issue is the need for version pinning which eventuall

[ansible-project] use vars from include_role

HI! I want to use the following task (with ansible ansible-2.3.1.0-0.2.rc2): - name: "Install web2ldap on {{ openldap_role }}" include_role: name: web2ldap private: False vars: web_server: "apache2" web2ldap_pip_index_url: "{{ aedir_pip_index_url }}" web2ldap_pip_needs_com

Re: [ansible-project] Re: use vars from include_role

riday, May 26, 2017 at 12:14:48 AM UTC+2, Michael Ströder wrote: > > HI! > > I want to use the following task (with ansible ansible-2.3.1.0-0.2.rc2): > > - name: "Install web2ldap on {{ openldap_role }}" > include_role: >

Re: [ansible-project] Re: Ansible support

Andrew Latham wrote: > Please find in the documentation at > https://docs.ansible.com/ansible/intro_installation.html#installing-the-control-machine > the instructions for installing and updating from the various release > repositories. Unfortunately this documentation says nothing about the inco

Re: [ansible-project] Ansible 2.3.2 RC3 is available for testing

James Cammarata wrote: > Hi all, we're happy to announce that Ansible 2.3.2 RC3 is available for > testing. > [..] > The tar.gz of the release can be found here: > > http://releases.ansible.com/ansible/ansible-2.3.2.0-0.3.rc3.tar.gz File seems to be missing. $ wget http://releases.ansible.com/a

Re: [ansible-project] How to select hosts based on facts?

Cev Ing wrote: > I know that I can write an inventory group containing all Solaris servers. > But this > sounds redundant to me. Instead I want Ansible to check if the host is a > Solaris host > and if so, apply the role for Solaris systems. Maybe this helps: https://docs.ansible.com/ansible/l

[ansible-project] customs list of paths for searching templates?

HI! How can I specify a ordered custom list of paths where a template task looks for Jinja2 template files? Ciao, Michael. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, s

Re: [ansible-project] Re: customs list of paths for searching templates?

On 9/17/19 9:09 AM, Soniya panwar wrote: As i understand your query you want to use custom list of jinja2 template paths. you can use fileglob module here to match all the files of a particular pattern in a directory. This module return a list of paths. Below is the example playbook: [..]    

Re: [ansible-project] Tags not propagated to dynamically included tasks: Workaround?

On 8/24/18 4:31 PM, Kai Stian Olstad wrote: > You can also wrap the include_tasks in a block, and set the tags on the block. > > - block: > - name: My Task > include_tasks: "mytask.{{ansible_osfamily}}.yml" > tags: > - mytask-only > - always Given the volatility of inc

[ansible-project] simple IP lookup plugin

HI! Is there a simple example module how to implement an ansible (connection) plugin for looking up an IP address for establishing the SSH connection? I have a deployment where no DNS entries are present prior to initial host configuration, but I can access another (LDAP) database to query

Re: [ansible-project] simple IP lookup plugin

On 2/19/19 9:56 PM, Kai Stian Olstad wrote: > On 19.02.2019 21:31, Michael Ströder wrote: >> Is there a simple example module how to implement an ansible >> (connection) plugin for looking up an IP address for establishing >> the SSH connection?> > It probably easier to

[ansible-project] connection caching throughout a play

HI! On the ansible controller I'd like to establish an authenticated LDAP connection at the beginning of a playbook run and use this afterwards in several tasks. Up to now the ansible modules I reviewed seem to re-open all kinds of backend connections all the time using long-term credentials. Whi

[ansible-project] ansible cron with 2.8rc3

HI! I'm testing my ansible roles with ansible 2.8rc3. The roles work with ansible 2.7.10. This cron task fails with 2.8rc3 using Python 2.7.16 (see details attached at message end): - name: "Remove obsolete CRON jobs from /etc/cron.d/aedir_tools" cron: name: "{{ item }}" state: absent

Re: [ansible-project] ansible cron with 2.8rc3

On 5/11/19 7:37 PM, Kai Stian Olstad wrote: > On 11.05.2019 19:15, Kai Stian Olstad wrote: >> On 11.05.2019 18:38, Michael Ströder wrote: >>> I'm testing my ansible roles with ansible 2.8rc3. >>> The roles work with ansible 2.7.10. >>> >>> This cr

[ansible-project] where to install systemd unit files

HI! Is there any fact or similar pointing to the directory where to install systemd unit files on different Linux distros? Output of systemd-path is not helpful for this. Currently I have in a custom map: Debian: "/lib/systemd/system" (sigh!) openSUSE: "/usr/lib/systemd/system" CentOS: "/u

Re: [ansible-project] where to install systemd unit files

Kai Stian Olstad wrote: > On 10. nov. 2016 18:41, Michael Ströder wrote: >> Is there any fact or similar pointing to the directory where to install >> systemd >> unit files on different Linux distros? >> >> Output of systemd-path is not helpful for this. >&

Re: [ansible-project] Using ldap_attr to set root password works but shows failed

Kevin Hughes wrote: > I'm using the following to set my LDAP root password: > -name:generate ldap admin password hash > command:"/usr/sbin/slappasswd -s PASSWORD" > register:slapd_admin_password_hash > tags:ldap > -name:setldap admin password > become:yes > ldap_attr: > dn:"olcDatabas

[ansible-project] cross-role notifications

HI! In the spirit of encapsulation I've implemented different roles installing different components. Now the roles also ensure that OS packages (.deb or .rpm) and specific Python modules (pip install) are installed and automagically updated. (I don't want to start a debate whether one wants au

Re: [ansible-project] cross-role notifications

Kai Stian Olstad wrote: > On 12. feb. 2017 17:56, Michael Ströder wrote: >> But some updates might also require restart of a service managed in a >> subsequently >> invoked role which does not receive the notifications. >> (In puppet I'd simply _subscrib

Re: [ansible-project] cross-role notifications

Kai Stian Olstad wrote: > On 12. feb. 2017 18:47, Michael Ströder wrote: >> Kai Stian Olstad wrote: >>> On 12. feb. 2017 17:56, Michael Ströder wrote: >>>> But some updates might also require restart of a service managed in a >>>> subsequently &g

Re: [ansible-project] cross-role notifications

Johannes Kastl wrote: > On 12.02.17 18:47 Michael Ströder wrote: >> But then a role has to know the handler names in the other role >> which somewhats contradicts the concept of modular design. > > AFAIK the role design is built so you could reuse roles in more than >

Re: [ansible-project] cross-role notifications

Kai Stian Olstad wrote: > But in Ansible 2.2 notify has a listen: feature. > > If you add listen: 'restart srv" to the handlers "restart srv1" and "restart > srv2", > then you can use notify: 'restart srv" instead and both of them will get > notified. > And if you remove role A or role B it will

[ansible-project] global default for pip extra_args?

HI! Is it possible to set a global default value for argument extra_args in pip module? Something like pip_extra_args? Ciao, Michael. -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving email

[ansible-project] Re: Ansible 2.3.0 RC1 is available for testing

James Cammarata wrote: > We are happy to announce the availability of Ansible 2.3.0 RC1! With this pre-release I get (after a couple of tasks): TASK [web2ldap : Install fcgi.py] ***

[ansible-project] ansible 2.2.1.0 and Jinja2 2.9.5

HI! When invoking ansible 2.2.1.0 with Python module Jinja2 2.9.5 installed it fails with: ERROR! Unexpected Exception: The 'jinja2<2.9' distribution was not found and is required by ansible Are there really serious interop issues with Jinja 2.9.x+? I'm asking because this blocks OS package u

[ansible-project] jinja2.ChoiceLoader

HI! I'd like to give the "user" the possibility to override arbitrary Jinja2 templates used within an ansible role without having to implement that with custom vars. Something like: http://jinja.pocoo.org/docs/2.9/api/#jinja2.ChoiceLoader Is that possible? Ciao, Michael. -- You received this

Re: [ansible-project] Ansible-2.10.0 has been released!

On 9/23/20 1:22 AM, Toshio Kuratomi wrote: > The tar.gz of the release can be found here: > > * Ansible 2.10.0 > https://pypi.python.org/packages/source/a/ansible/ansible-2.10.0.tar.gz > SHA256: 3aadd662ac3f04e46054c99cfe533a92ba33d97982f19e49f01dbe137f31d346 Any particular reason why the source

[ansible-project] ansible-galaxy and git verify-tag

HI! Is it possible to make ansible-galaxy invoke 'git verify-tag' with a locally configured GPG public key on tags specified as version: in requirements.yml? Thx in advance for any hint. Ciao, Michael. -- You received this message because you are subscribed to the Google Groups "Ansible Pr

[ansible-project] Re: ansible-galaxy and git verify-tag

On 12/22/21 17:33, Michael Ströder wrote: Is it possible to make ansible-galaxy invoke 'git verify-tag' with a locally configured GPG public key on tags specified as version: in requirements.yml? Hmm, seems there is no such thing yet: https://github.com/ansible/proposals/issues/36

Re: [ansible-project] Re: ansible-galaxy and git verify-tag

On 12/22/21 18:07, Nico Kadel-Garcia wrote: On Wed, Dec 22, 2021 at 12:00 PM 'Michael Ströder' via Ansible Project wrote: On 12/22/21 17:33, Michael Ströder wrote: Is it possible to make ansible-galaxy invoke 'git verify-tag' with a locally configured GPG public key

[ansible-project] Wording ansible packages / updates (was: Ansible 5.6.0 has been released)

On 4/7/22 07:40, 'Felix Fontein' via Ansible Project wrote: I really wish you would stop repeating this procedure on every Ansible release. If you want things to actually change, start a proper discussion in the appropriate place (https://github.com/ansible-community/community-topics/). This to

[ansible-project] Re: Wording ansible packages / updates (was: Ansible 5.6.0 has been released)

On 4/7/22 21:30, 'Felix Fontein' via Ansible Project wrote: On 4/7/22 07:40, 'Felix Fontein' via Ansible Project wrote: The *product/distribution* Ansible consists of both `ansible` and the `ansible-core` PyPi packages. The *docsite* (https://docs.ansible.com/ansible/latest/) describes both. The

Re: [ansible-project] Reading in extra files, as or into dicts?

On 4/16/22 13:52, Richard Hector wrote: On 16/04/22 22:13, Richard Hector wrote: I have created a directory 'users' alongside my inventory. It has a directory 'user_vars', intended to be used like host_vars, but for users, obviously. I've got this, but it looks horrible: == -

Re: [ansible-project] Track changes for further processing

On 5/4/22 17:57, 'Christian Schoepplein' via Ansible Project wrote: I am using a slightly adapted role taken from to manage our users on our servers. This is working fine so far but one little thing I can't get to work. I want to force newly created u

Re: [ansible-project] Can we run roles in parallel for multiple hosts?

On 6/27/22 17:17, Marc Haber wrote: On Mon, Jun 27, 2022 at 05:04:38PM +0200, dulhaver via Ansible Project wrote: There is an extension mitogen4ansible which claims to speed up playbook execution significantly. Using mitogen is a no-brainer to sped up an

Re: [ansible-project] Can we run roles in parallel for multiple hosts?

On 6/27/22 21:59, Marc Haber wrote: On Mon, Jun 27, 2022 at 05:56:01PM +0200, 'Michael Ströder' via Ansible Project wrote: 2. IIRC it's not maintained anymore and it does not work with ansible 2.10+. This might be weirdness with Debian version numbers, but my ansible installed

Re: [ansible-project] Speeding up a task

On 7/30/22 12:44, Ian Hobson wrote: I need advice on speeding up this task: - name: "restore files to {{ location }}"   ansible.builtin.copy:     src:  "/home/ian/backup/hobson42/var/www/ianhobson.com/"     dest: "{{ location }}" It copies 5022 files, totalling 109.2Mb, and even though both

Re: [ansible-project] Ansible custom module - DIY Connection to remote host

On 12/5/22 09:23, phillip.from.oz wrote: When writing Ansible custom module, how is the code (python) connect to the remote host? Is it the code of the Ansible custom module responsible for ssh to the remote host? No, for most modules. I'd recommend that you describe what you're trying to a

[ansible-project] Re: Ansible custom module - DIY Connection to remote host

On 12/5/22 23:48, phillip.from.oz wrote: This is what I'm doing: Playbook: --- - name: Connect to remote IRIS DB   hosts: localhost   tasks:     - name: using my custom module       IRIS:                     <-- New Module         name: superuser         password: secret         instance:

Re: [ansible-project] Handle MFA Setup on Linux hosts using Ansible

On 12/15/20 2:08 PM, Parth Patel wrote: > Assume we have linux servers with MFA being setup while logging in using > SSH key based authentication. TL;DR: Frankly MFA does not work well when managing a fleet of servers. I guess MFA means some kind of OTP (one-time password). If your favourite MFA

Re: [ansible-project] Correct approach to manage a config file

On 1/27/21 4:48 PM, mimmus wrote: > Now, approaching to Ansible (but question is common to any configuration > management system), I see that: > - many create a template for main config file, not respecting original > structure and preventing the adding/removal of options, during pkg upgrades > - o

Re: [ansible-project] Correct approach to manage a config file

On 1/27/21 5:38 PM, mimmus wrote: > Instead I prefer to lean on package defaults: > if an obscure default setting is removed during a package upgrade > because a new CVE is discovered, only the package mantainer can know it > and I down't want to be "flagged" as insecure because I hardcoded it in >

Re: [ansible-project] centralised authentication of linux servers and integrates with google work space

On 4/9/21 10:20 AM, Siva wrote: > Goodmorning .I am new to ansible and also to devops > My organisation wanted me to do centralised authentication of linux servers > ,Vm 's ,vcenter for any employee joins the organisation and they want to > integrate the same on the google workspace Some people w

Re: [ansible-project] centralised authentication of linux servers and integrates with google work space

on with google workspace works. FreeIPA and Æ-DIR both expose LDAP end-points to use with data suitable to be used for NSS/PAM in Linux. But this stuff is getting highly off-topic here. Ciao, Michael. > On Fri, Apr 9, 2021 at 10:37 AM Michael Ströder > wrote: > >> On 4/9/21 10:20 AM