aboutsummaryrefslogtreecommitdiff
path: root/content/blog/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'content/blog/ansible')
-rw-r--r--content/blog/ansible/ansible-vault-example.md12
-rw-r--r--content/blog/ansible/custom-fact.md16
-rw-r--r--content/blog/ansible/dump-all-vars.md8
3 files changed, 18 insertions, 18 deletions
diff --git a/content/blog/ansible/ansible-vault-example.md b/content/blog/ansible/ansible-vault-example.md
index ac68feb..cd8567a 100644
--- a/content/blog/ansible/ansible-vault-example.md
+++ b/content/blog/ansible/ansible-vault-example.md
@@ -9,31 +9,31 @@ tags:
## Editing a protected file
Here is how to edit a vault protected file :
-{{< highlight sh >}}
+```sh
ansible-vault edit hostvars/blah.yml
-{{< / highlight >}}
+```
## Using a vault entry in a task or a jinja template
It is as simple as using any variable :
-{{< highlight yaml >}}
+```yaml
- copy:
path: /etc/ssl/private.key
mode: 0400
content: '{{ ssl_key }}'
-{{< / highlight >}}
+```
## How to specify multiple lines entries
This is actually a yaml question, not a vault one but since I ask myself this frequently in this context here is how to put a multiple lines entry like a private key in vault (for a simple value, just don't use a `|`):
-{{< highlight yaml >}}
+```yaml
ssl_key : |
----- BEGIN PRIVATE KEY -----
blahblahblah
blahblahblah
----- END PRIVATE KEY -----
-{{< /highlight >}}
+```
## How to run playbooks when vault values are needed
diff --git a/content/blog/ansible/custom-fact.md b/content/blog/ansible/custom-fact.md
index 10ab6bc..48a5a2e 100644
--- a/content/blog/ansible/custom-fact.md
+++ b/content/blog/ansible/custom-fact.md
@@ -21,12 +21,12 @@ The facts will be available to ansible at `hostvars.host.ansible_local.<fact_nam
## A simple example
Here is the simplest example of a fact, let's suppose we make it `/etc/ansible/facts.d/mysql.fact` :
-{{< highlight sh >}}
+```sh
#!/bin/sh
set -eu
echo '{"password": "xxxxxx"}'
-{{< /highlight >}}
+```
This will give you the fact `hostvars.host.ansible_local.mysql.password` for this machine.
@@ -36,15 +36,15 @@ A more interesting example is something I use with small webapps. In the contain
provision a database with a user that has access to it on a mysql server. This fact ensures that on subsequent runs we will stay idempotent.
First the fact from before, only slightly modified :
-{{< highlight sh >}}
+```sh
#!/bin/sh
set -eu
echo '{"password": "{{mysql_password}}"}'
-{{< /highlight >}}
+```
This fact is deployed with the following tasks :
-{{< highlight yaml >}}
+```yaml
- name: Generate a password for mysql database connections if there is none
set_fact: mysql_password="{{ lookup('password', '/dev/null length=15 chars=ascii_letters') }}"
when: (ansible_local.mysql_client|default({})).password is undefined
@@ -75,16 +75,16 @@ This fact is deployed with the following tasks :
password: '{{ansible_local.mysql_client.password}}'
state: present
delegate_to: '{{mysql_server}}'
-{{< /highlight >}}
+```
## Caveat : a fact you deploy is not immediately available
Note that installing a fact does not make it exist before the next inventory run on the host. This can be problematic especially if you rely on facts caching to speed up ansible. Here
is how to make ansible reload facts using the setup tasks (If you paid attention you already saw me use it above).
-{{< highlight yaml >}}
+```yaml
- name: reload ansible_local
setup: filter=ansible_local
-{{< /highlight >}}
+```
## References
diff --git a/content/blog/ansible/dump-all-vars.md b/content/blog/ansible/dump-all-vars.md
index e1dea05..61914c1 100644
--- a/content/blog/ansible/dump-all-vars.md
+++ b/content/blog/ansible/dump-all-vars.md
@@ -10,16 +10,16 @@ tags:
Here is the task to use in order to achieve that :
-{{< highlight yaml >}}
+```yaml
- name: Dump all vars
action: template src=dumpall.j2 dest=ansible.all
-{{< /highlight >}}
+```
## Associated template
And here is the template to use with it :
-{{< highlight jinja >}}
+```jinja
Module Variables ("vars"):
--------------------------------
{{ vars | to_nice_json }}
@@ -39,7 +39,7 @@ GROUPS Variables ("groups"):
HOST Variables ("hostvars"):
--------------------------------
{{ hostvars | to_nice_json }}
-{{< /highlight >}}
+```
## Output