Excluding String in Jinja2 Template

419 views

Skip to first unread message

do...@physbio-tech.net

unread,

Oct 5, 2017, 12:38:49 PM10/5/17

to Ansible Project

Over IRC Brian was very helpful last night resolving an issue.

To summarize this now works:

{% if inventory_hostname in groups.lab %}

# Lab SSH Rules

{% for host in groups.lab %}

-A INPUT -s {{ lookup('dig', host, '@dns_server')}} -p tcp -m state --state NEW -m tcp --dport 22 -m comment --comment "ssh from {{ host }}" -j ACCEPT

{% endfor %}

{% endif %}

Though I want to exclude some servers in groups.lab from being included in template. Luckily those I want to exclude contain a particular string which matches subdomain.

So could I use a regex search filter to exclude any server that contains such string?

Eg:

{% if inventory_hostname in groups.lab | regex_search('(!string)') %}

Thanks!

Doug

Douglas Duckworth

unread,

Oct 5, 2017, 1:29:48 PM10/5/17

to ansible...@googlegroups.com

Thanks to halberom on IRC!

This works:

{% for host in groups.lab if 'string' not in host %}

I am using something similar to deploy sssd.conf on our compute nodes:

[domain/LDAP]

autofs_provider = ldap

{%if 'dude' in inventory_hostname %}

ldap_autofs_search_base = ou=autofs.maps,cn=dudecluster,ou=blah,dc=domain

{%endif%}

{%if 'bro' in inventory_hostname %}

ldap_autofs_search_base = ou=autofs.maps,cn=brocluster,ou=blah,dc=domain

{%endif%}

Though I didn't know you could add an if within for loop without doing:

{% if %}

{% for %}

{% endfor %}

{% endif %}

Thanks a lot!

Doug

Thanks,

Douglas Duckworth, MSc, LFCS
HPC System Administrator

Physiology and Biophysics

Weill Cornell Medicine

E: dod...@med.cornell.edu
O: 212-746-5454
F: 212-746-8690

--
You received this message because you are subscribed to a topic in the Google Groups "Ansible Project" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/ansible-project/DmnDwwqYIIA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to ansible-project+unsubscribe@googlegroups.com.
To post to this group, send email to ansible-project@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/2f7e1e56-54a1-433c-8d53-7796deaed01c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply all

Reply to author

Forward

0 new messages