diff options
Diffstat (limited to 'content/blog/ansible')
-rw-r--r-- | content/blog/ansible/ansible-vault-example.md | 12 | ||||
-rw-r--r-- | content/blog/ansible/custom-fact.md | 16 | ||||
-rw-r--r-- | content/blog/ansible/dump-all-vars.md | 8 |
3 files changed, 18 insertions, 18 deletions
diff --git a/content/blog/ansible/ansible-vault-example.md b/content/blog/ansible/ansible-vault-example.md index ac68feb..cd8567a 100644 --- a/content/blog/ansible/ansible-vault-example.md +++ b/content/blog/ansible/ansible-vault-example.md @@ -9,31 +9,31 @@ tags: ## Editing a protected file Here is how to edit a vault protected file : -{{< highlight sh >}} +```sh ansible-vault edit hostvars/blah.yml -{{< / highlight >}} +``` ## Using a vault entry in a task or a jinja template It is as simple as using any variable : -{{< highlight yaml >}} +```yaml - copy: path: /etc/ssl/private.key mode: 0400 content: '{{ ssl_key }}' -{{< / highlight >}} +``` ## How to specify multiple lines entries This is actually a yaml question, not a vault one but since I ask myself this frequently in this context here is how to put a multiple lines entry like a private key in vault (for a simple value, just don't use a `|`): -{{< highlight yaml >}} +```yaml ssl_key : | ----- BEGIN PRIVATE KEY ----- blahblahblah blahblahblah ----- END PRIVATE KEY ----- -{{< /highlight >}} +``` ## How to run playbooks when vault values are needed diff --git a/content/blog/ansible/custom-fact.md b/content/blog/ansible/custom-fact.md index 10ab6bc..48a5a2e 100644 --- a/content/blog/ansible/custom-fact.md +++ b/content/blog/ansible/custom-fact.md @@ -21,12 +21,12 @@ The facts will be available to ansible at `hostvars.host.ansible_local.<fact_nam ## A simple example Here is the simplest example of a fact, let's suppose we make it `/etc/ansible/facts.d/mysql.fact` : -{{< highlight sh >}} +```sh #!/bin/sh set -eu echo '{"password": "xxxxxx"}' -{{< /highlight >}} +``` This will give you the fact `hostvars.host.ansible_local.mysql.password` for this machine. @@ -36,15 +36,15 @@ A more interesting example is something I use with small webapps. In the contain provision a database with a user that has access to it on a mysql server. This fact ensures that on subsequent runs we will stay idempotent. First the fact from before, only slightly modified : -{{< highlight sh >}} +```sh #!/bin/sh set -eu echo '{"password": "{{mysql_password}}"}' -{{< /highlight >}} +``` This fact is deployed with the following tasks : -{{< highlight yaml >}} +```yaml - name: Generate a password for mysql database connections if there is none set_fact: mysql_password="{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}" when: (ansible_local.mysql_client|default({})).password is undefined @@ -75,16 +75,16 @@ This fact is deployed with the following tasks : password: '{{ansible_local.mysql_client.password}}' state: present delegate_to: '{{mysql_server}}' -{{< /highlight >}} +``` ## Caveat : a fact you deploy is not immediately available Note that installing a fact does not make it exist before the next inventory run on the host. This can be problematic especially if you rely on facts caching to speed up ansible. Here is how to make ansible reload facts using the setup tasks (If you paid attention you already saw me use it above). -{{< highlight yaml >}} +```yaml - name: reload ansible_local setup: filter=ansible_local -{{< /highlight >}} +``` ## References diff --git a/content/blog/ansible/dump-all-vars.md b/content/blog/ansible/dump-all-vars.md index e1dea05..61914c1 100644 --- a/content/blog/ansible/dump-all-vars.md +++ b/content/blog/ansible/dump-all-vars.md @@ -10,16 +10,16 @@ tags: Here is the task to use in order to achieve that : -{{< highlight yaml >}} +```yaml - name: Dump all vars action: template src=dumpall.j2 dest=ansible.all -{{< /highlight >}} +``` ## Associated template And here is the template to use with it : -{{< highlight jinja >}} +```jinja Module Variables ("vars"): -------------------------------- {{ vars | to_nice_json }} @@ -39,7 +39,7 @@ GROUPS Variables ("groups"): HOST Variables ("hostvars"): -------------------------------- {{ hostvars | to_nice_json }} -{{< /highlight >}} +``` ## Output |