I'm trying to disable my default /etc/yum.repos.d/*.repo files by setting the line
enabled=1
to
enabled=0
Easy enough with Ansible's replace module. However, some *.repo files have
enabled=1
while some have
enabled = 1
that is, some have no space on each side of the = sign, while others have. What should the regex value be in this task to handle both?
- name: Disable the existing CentOS repos in /etc/yum.repos.d
replace:
dest: /etc/yum.repos.d/{{ item }}
regexp: "enabled = 1" ####### What should this be?? ########
replace: "enabled=0"
with_items:
- CentOS-Base.repo
- CentOS-fasttrack.repo
- CentOS-Vault.repo
- CentOS-CR.repo
The regexp parameter in the replace module uses Python regular expressions. All you need to do is add zero or more qualifiers (*) for whitespace (\s) between the equals sign.
- name: Disable the existing CentOS repos in /etc/yum.repos.d
replace:
dest: /etc/yum.repos.d/{{ item }}
regexp: 'enabled(\s)*=(\s)*1'
replace: "enabled=0"
with_items:
- CentOS-Base.repo
- CentOS-fasttrack.repo
- CentOS-Vault.repo
- CentOS-CR.repo
Related
I'm trying to replace a value in a config file, using the replace module.
However, I was wondering if there is an OR function or similar.
Currently, I have the following play:
- name: Replace "DebugLevel" variable-value"
become: yes
replace:
path: /etc/zabbix/zabbix_proxy.conf
regexp: '^# DebugLevel=3'
replace: 'DebugLevel=3'
This play uncomments DebugLevel=3, but when the playbook is run a second time the replace wont work because the regex does not match (value already uncommeted).
I want to always replace the value even if DebugLevel=3 already was uncommented.
This will make any manual changes made by a person to be overwritten and the Ansible playbook sets it back to original config.
By creating a new play with a regex that is using the value that is already uncommented, I can accomplish this, but is there a shorter version by using an "OR" after the first regex value or something similar?
Example of what I mean:
- name: Replace "DebugLevel" variable-value"
become: yes
replace:
path: /etc/zabbix/zabbix_proxy.conf
regexp: '^# DebugLevel=3' OR '^DebugLevel=.*'
replace: 'DebugLevel=3'
if you want to use regex the or is |
- name: Replace "DebugLevel" variable-value"
replace:
path: /etc/zabbix/zabbix_proxy.conf
regexp: '^# DebugLevel=3|^DebugLevel=.*'
replace: 'DebugLevel=3'
If the configuration file should contain every time a certain debug level you could probably declare just that the line exists independent of comment and value. To do so
- name: Replace "DebugLevel" variable-value"
lineinfile:
path: /etc/zabbix/zabbix_proxy.conf
regexp: 'DebugLevel'
line: 'DebugLevel=3'
It will make sure that the debug level is set with the given value and active.
Documentation
lineinfile module – Manage lines in text files
Data:
mydestination = $myhostname, localhost.$mydomain, localhost
Ansible snippet:
- name: Add domain name
ansible.builtin.lineinfile:
dest: /etc/postfix/main.cf
regexp: '^(mydestination =) ($myhostname.+)$'
line: '\1 jlhimpel.net, \2'
backrefs: true
Expected results:
mydestination = jlhimpel.net, $myhostname, localhost.$mydomain, localhost
Actual results: No match found
Other tries: I have tried \$ and \\$ to escape the first dollar sign
Ansible version: 2.9.18
Try this
- name: Add domain name
ansible.builtin.lineinfile:
dest: /etc/postfix/main.cf
regexp: '^\s*mydestination\s*=\s*(.*)(\$myhostname.*)$'
line: 'mydestination = jlhimpel.net, \2'
backrefs: true
Quoting from module lineinfile attribute regexp
"When modifying a line the regexp should typically match both the initial state of the line as well as its state after replacement by line to ensure idempotence."
I'd like to use Ansible's lineinfile or replace module in order to add the word splash to the cmdline in GRUB.
It should work for all the following examples:
Example 1:
Before: GRUB_CMDLINE_DEFAULT=""
After: GRUB_CMDLINE_DEFAULT="splash"
Example 2:
Before: GRUB_CMDLINE_DEFAULT="quiet"
After: GRUB_CMDLINE_DEFAULT="quiet splash"
Example 3:
Before: GRUB_CMDLINE_DEFAULT="quiet nomodeset"
After: GRUB_CMDLINE_DEFAULT="quiet nomodeset splash"
The post Ansible: insert a single word on an existing line in a file explained well how this could be done without quotes. However, I can't get it to insert the word within the quotes.
What is the required entry in the Ansible role or playbook in order to add the word splash to the cmdline as shown?
You can do this without a shell output, with 2 lineinfiles modules.
In your example you're searching for splash:
- name: check if splash is configured in the boot command
lineinfile:
backup: true
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX=".*splash'
state: absent
check_mode: true
register: grub_cmdline_check
changed_when: false
- name: insert splash if missing
lineinfile:
backrefs: true
path: /etc/default/grub
regexp: "^(GRUB_CMDLINE_LINUX=\".*)\"$"
line: '\1 splash"'
when: grub_cmdline_check.found == 0
notify: update grub
The trick is to try to remove the line if we can find splash somewhere, but doing a check only check_mode: true. If the term was found (found > 0) then we don't need to update the line. If it's not found, it means we need to insert it. We append it at the end with the backrefs.
Inspired by Adam's answer, I use this one to enable IOMMU:
- name: Enable IOMMU
ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT="((:?(?!intel_iommu=on).)*?)"$'
line: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 intel_iommu=on"'
backup: true
backrefs: true
notify: update-grub
Please note I've had to set backrefs to true in order to \1 reference to work otherwise the captured group was not replaced.
Idempotency works fine as well.
EDIT: Please note this snippet only works with an Intel CPU and might to be updated to fit your platform.
A possible solution is the definition of two entries as follows:
- name: "Checking GRUB cmdline"
shell: "grep 'GRUB_CMDLINE_LINUX_DEFAULT=.*splash.*' /etc/default/grub"
register: grub_cfg_grep
changed_when: false
failed_when: false
- name: "Configuring GRUB cmdline"
replace:
path: '/etc/default/grub'
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT="((\w.?)*)"$'
replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 splash"'
when: '"splash" not in grub_cfg_grep'
Explanation: We first check if the splash keyword is present in the required line using grep. Since grep gives a negative return code when a string is not found, we suppress the errors using failed_when: false. The output of grep is saved to the grub_cfg_grep variable.
Next, we bind the replace module to the condition that the keyword splash is in the standard output of grep. The regular expression takes the old content in the quotes and adds the splash keyword behind it.
Note: In the case of an empty string before the execution, the result reads " splash" (with a space in front) but it is still a valid cmdline.
The difficulty is this line in the replace module page: "It is up to the user to maintain idempotence by ensuring that the same pattern would never match any replacements made."https://docs.ansible.com/ansible/latest/modules/replace_module.html#id4 It's easy to insert the item but actually quite tricky to make it idempotent, so the target file doesn't grow every time you run the task.
I found a way to do it in one shot with the replace module. You should be able to adapt this. My task checks the GRUB_CMDLINE_LINUX_DEFAULT line for "vt.default_red" and inserts some colour codes if not found.
My method was to copy-and-paste various nearly-there examples into the regex tester website and fiddle until it worked. I still don't grok the result, but it worked in my tests at https://www.regextester.com/ and it works in my playbook.
One problem I had was that Ansible's regex implementation apparently doesn't support conditionals, which gave me odd errors for a while.
- name: colours | configured grub command
replace:
path: /etc/default/grub
regexp: '^GRUB_CMDLINE_LINUX_DEFAULT="((:?(?!vt\.default_red).)*?)"$'
replace: 'GRUB_CMDLINE_LINUX_DEFAULT="\1 vt.default_red=0xee,..."'
The regex matches the literal string ("GRUB_CMDLINE_LINUX_DEFAULT=" and a double quote mark) at the start and the double quote mark at the end. Deconstructing the rest...
( - open capture group #1 (creates backref #1)
(:? - open a non-capturing group (not sure what the question mark is here)
(?! - negative lookahead (ie. don't match if the following string comes next)
vt\.default_red - the string to look for, literal dot is escaped
) - close negative lookahead
.) - match a single char (why?) and close the non-capturing group
* - try to match the non-capturing group zero or more times
? - ... lazily (ie. get the smallest possible match)
) - close capture group #1
What about doing this in Ansible, use perl to address your need.
- name: Change items in the file
ansible.builtin.command:
command: perl -i pe 's/DEFAULT="/DEFAULT="splash"/'
Another way of looking at it. This is an old conversation, but it is still relevant.
I cannot find a way to much a literal (a dot) in Ansible's regex_replace filter. Here is the task:
- name: Display database name
debug:
msg: "{{ vhost | regex_replace('(.+\.)(.+)$', \\1) }}"
tags: [debug]
My intention is to match and replace the whole URL like test.staging.domain.com with its first part (test in the example).
Ansible would report the following error:
debug:
msg: "{{ vhost | regex_replace('(.+\.)(.+)$', \\1) }}"
^ here
We could be wrong, but this one looks like it might be an issue with
missing quotes. Always quote template expression brackets when they
start a value.
How can I match literals in Ansible regexp_replace filter?
it's actually possible to escape literals with double backlashes:
- name: Create database name and username
set_fact:
db_name: "{{ vhost | regex_replace('([^\\.]*)\\.(.+)$', '\\1') }}_stg"
The regexp above works correctly. The first capturing group extracts the first part of the URL until the first dot, the whole regex captures the whole URL. Passing test.staging.domain.com through it would produce just test.
I was trying to do the same thing, ended up doing it like this:
- name: Set hostname (minus the domain)
debug: msg={{ inventory_hostname | regex_replace('^([^.]*).*', '\\1') }}
*edit, found a nicer way:
- name: Set hostname (minus the domain)
debug: msg={{ inventory_hostname.split('.')[0] }}
There could be something whacky about escaping characters, but there's an escape-less way to code a literal dot:
[.]
So your regex could be written
(.+[.])(.+)$
Most characters lose their special meaning when in a character class, and the dot is one of them.
Simple question.
I'm trying to match "UseDns", "usedns" and other variations.
- name: Disable DNS checking on login (huge speedup)
sudo: true
lineinfile:
dest: "/etc/ssh/sshd_config"
regexp: "^[# \t]*[Uu][Ss][Ee][Dd][Nn][Ss] "
# how does one specify case insensitive regexp in lineinfile?
line: "UseDNS no"
state: "present"
create: true
insertafter: EOF
notify:
- sshd restart
Ansible uses Python re module. You can use inline modifiers, such as (?ism) in your pattern. Use the i for case-insensitive matching:
regexp: "(?i)^[# \t]*usedns "
Inline modifiers apply to the part of the regular experssion to the right of the modifier, and can be disabled with a - e.g. (?-i). This can be applied to implement case-insensitivity to only a part of a regular expression.
For example, the regex (?i)use(?-i)DNS should match useDNS and UseDNS, but not useDns or USEdns.