- Ansible: Why you should use the assert module instead of failed_when
·
ansible
· As an ansible user you may be familiar with the failed_when clause of a task. Its condition should resolve to a boolean value and determines if it was successful or not. In my backup playbook I’ve a task creating a tar archive by using the command module. Later on I want to check if an actual POSIX tar archive was created:
- name: Check if a real tar archive was created command: "file /mnt/backups/mail.
- Ansible copy module: src (or content) is required
·
ansible
· In case your ansible task looks like this:
- name: Copy WebGUI TLS private key copy: src: "{{ syncthing_gui_tls_private_path }}" dest: "/home/{{ syncthing_user }}/.config/syncthing/https-key.pem" owner: "{{ syncthing_user }}" group: "{{ syncthing_group }}" remote_src: true mode: "0600" notify: Restart syncthing but produces this message:
fatal: [yourhost]: FAILED! => {“changed”: false, “msg”: “src (or content) is required”}
Don’t get crazy! I know you used the copy module thousands of times just like me.
- go-ini: Use custom seperators
·
goansible
· Go-ini is a package for parsing section based config files. For example a Grafana.ini file like this one (🖇️ 🔐) . I wanted to use it for parsing an ansible inventory file. But I got greeted with an error message:
key-value delimiter not found: dns.veloc1ty.lan The first lines of my inventory file are:
[dns-server] dns.veloc1ty.lan [archlinux] The problem is that go-ini expects the = delimiter, because normally you would parse key value pairs in each section.
- PGP: Trust keys non-interactive with ansible
·
AnsiblePGP
· Distributing PGP keys with ansible is easy, but trusting them is a bit difficult, because trusting them is an interactive process with no command switch. To go around this problem you have to use the ownertrust feature. Ownerturst is a text file which contains the fingerprint and the trust level. This file can be imported without user interaction.
First step is to distribute the key to your target machine. You can do this for example with the copy module:
- Arch: lxc-create ohne Template
·
Archlinuxlxcansible
· Normalerweise werden LXC Container mit sogenannten Templates erstellt. Das Programm lxc-create hat dieses Template genommen und daraus dann einen Container erstellt. Die Upstream Entwickler haben diese Methode aber deprecated. Zitat aus dem Arch Wiki (🖇️ 🔐) : “Containers are built using lxc-create. With the release of lxc-3.0.0-1, upstream has deprecated locally stored templates.”.
Das schöne daran war, dass man dem Template Parameter mitgeben konnte, wie zum Beispiel zu installierende Pakete und das root Passwort.