lineinfile help (file doesn't exist)

[Matthew R]

Hi everyone,

I'm still a bit new to Ansible. I really like it, but it can be a little flummoxing at times for a beginner ;).

For example, I am probably going about this the wrong way, but consider these lines from a playbook:

- name: Configure MTA to Local Only -- CIS 3.16
  lineinfile: dest=/etc/postfix/main.cf
    regexp='^(?i)inet_interfaces.*'
    line='inet_interfaces = localhost'
    state=present

This produces the following output:

TASK: [cis | Configure MTA to Local Only -- CIS 3.16] *************************
failed: [devct67.umaryland.edu] => {"failed": true, "item": "", "rc": 257}
msg: Destination /etc/postfix/main.cf does not exist !

OK. So, not all of my machines have postfix on them. But if they do, I want to run this 'lineinfile' command.

I have considered almost every "when" option I can think of, but most of them fail because it's a negative test. For example, I wrote a plugin that returns all packages on a system in a dictionary. So I had a line like:

when: "packages['postfix'] == True"

produces:

TASK: [cis | Configure MTA to Local Only -- CIS 3.16] *************************
fatal: [devct67.umaryland.edu] => error while evaluating conditional: umb_packages['postfix'] == True

That fails, however, when postfix isn't installed, which is exactly what I'm trying to find out.

So- what are my options? How should I be doing this?

[Walid]

you can add one extra pre-task before hand to check if the file/service exist then run handlers ( or other tasks with a registered variable e.g. when)

--
You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/3dfe815e-cd8f-4a4d-9c2b-7ed1dbd17df8%40googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Mark Phillips]

Yup, just to echo Walid, I do a similar thing. Check for file/directory, save in register, react in following task.

An example being initialising Postgres databases...

- name: Check for default database
 stat: path={{ postgres.datadir }}/PG_VERSION
 register: pgv
 
- name: Initialise database (if doesn't already exist)
 command: /sbin/service postgresql-9.3 initdb
 when: pgv.stat.exists != true

HTH

[Aaron Hunter]

I addition to conditional checks mentioned, you might also consider using roles to handle this case. You could create a role that installs and configures postfix and then assign it to only those servers which need it. I prefer roles to conditional checks when possible.

--Aaron

[Walid]

It looks that Matthew playbook is a CIS benchmark, I am interested in such benchmarks, and checks. to second Aaron, I too use roles with a combination of group variables to handle different nodes configuration

On 1 March 2014 01:59, Aaron Hunter <aaron....@gmail.com> wrote:

I addition to conditional checks mentioned, you might also consider using roles to handle this case. You could create a role that installs and configures postfix and then assign it to only those servers which need it. I prefer roles to conditional checks when possible.

--Aaron

--

You received this message because you are subscribed to the Google Groups "Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ansible-proje...@googlegroups.com.
To post to this group, send email to ansible...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/d195f3d5-6629-4710-afdc-47490a2b0661%40googlegroups.com.