jmarya/knowledge
jmarya/knowledge
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

init

Browse source
This commit is contained in:
JMARyA 2023-12-04 11:02:23 +01:00
commit c5cd492449
Signed by: jmarya
GPG key ID: 901B2ADDF27C2263
475 changed files with 27928 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

126
technology/tools/Ansible/modules/Ansible Modules.md Normal file
View file

@ -0,0 +1,126 @@
# Ansible Modules
#wip #todo
#todo -> explain modules, sort modules by usage cat
## Builtin
- [ansible.builtin.assert](ansible.builtin.assert.md)
- [ansible.builtin.blockinfile](ansible.builtin.blockinfile.md)
- [ansible.builtin.copy](ansible.builtin.copy.md)
- [ansible.builtin.cron](ansible.builtin.cron.md)
- [ansible.builtin.debug](ansible.builtin.debug.md)
- [ansible.builtin.fail](ansible.builtin.fail.md)
- [ansible.builtin.fetch](ansible.builtin.fetch.md)
- [ansible.builtin.package](ansible.builtin.package.md)
- [ansible.builtin.pause](ansible.builtin.pause.md)
- [ansible.builtin.replace](ansible.builtin.replace.md)
- [ansible.builtin.shell](ansible.builtin.shell.md)
- [ansible.builtin.systemd_service](ansible.builtin.systemd_service.md)
- [ansible.builtin.tempfile](ansible.builtin.tempfile.md)
- [ansible.builtin.template](ansible.builtin.template.md)
- [ansible.builtin.uri](ansible.builtin.uri.md)
- [ansible.builtin.user](ansible.builtin.user.md)
- [ansible.builtin.wait_for](ansible.builtin.wait_for.md)
- [ansible.builtin.lineinfile](ansible.builtin.lineinfile.md)
---
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/iptables_module.html#ansible-collections-ansible-builtin-iptables-module
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/file_module.html#ansible-collections-ansible-builtin-file-module
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/get_url_module.html#ansible-collections-ansible-builtin-get-url-module
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/git_module.html#ansible-collections-ansible-builtin-git-module
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/group_module.html#ansible-collections-ansible-builtin-group-module
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/hostname_module.html#ansible-collections-ansible-builtin-hostname-module
- https://docs.ansible.com/ansible/latest/collections/ansible/builtin/stat_module.html#ansible-collections-ansible-builtin-stat-module
---
- https://docs.ansible.com/ansible/latest/collections/ansible/posix/authorized_key_module.html#ansible-collections-ansible-posix-authorized-key-module
- https://docs.ansible.com/ansible/latest/collections/ansible/posix/mount_module.html#ansible-collections-ansible-posix-mount-module
- https://docs.ansible.com/ansible/latest/collections/ansible/posix/patch_module.html#ansible-collections-ansible-posix-patch-module
- https://docs.ansible.com/ansible/latest/collections/ansible/posix/synchronize_module.html#ansible-collections-ansible-posix-synchronize-module
- https://docs.ansible.com/ansible/latest/collections/ansible/posix/sysctl_module.html#ansible-collections-ansible-posix-sysctl-module
---
- https://docs.ansible.com/ansible/latest/collections/community/crypto/luks_device_module.html#ansible-collections-community-crypto-luks-device-module
- https://docs.ansible.com/ansible/latest/collections/community/crypto/get_certificate_module.html#ansible-collections-community-crypto-get-certificate-module
- https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_cert_module.html#ansible-collections-community-crypto-openssh-cert-module
- https://docs.ansible.com/ansible/latest/collections/community/crypto/openssh_keypair_module.html#ansible-collections-community-crypto-openssh-keypair-module
---
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_compose_module.html#ansible-collections-community-docker-docker-compose-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_volume_info_module.html#ansible-collections-community-docker-docker-volume-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_volume_module.html#ansible-collections-community-docker-docker-volume-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_swarm_service_info_module.html#ansible-collections-community-docker-docker-swarm-service-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_swarm_service_module.html#ansible-collections-community-docker-docker-swarm-service-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_swarm_info_module.html#ansible-collections-community-docker-docker-swarm-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_prune_module.html#ansible-collections-community-docker-docker-prune-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_node_info_module.html#ansible-collections-community-docker-docker-node-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_node_module.html#ansible-collections-community-docker-docker-node-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_network_info_module.html#ansible-collections-community-docker-docker-network-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_network_module.html#ansible-collections-community-docker-docker-network-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_login_module.html#ansible-collections-community-docker-docker-login-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_image_load_module.html#ansible-collections-community-docker-docker-image-load-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_image_info_module.html#ansible-collections-community-docker-docker-image-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_image_module.html#ansible-collections-community-docker-docker-image-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_info_module.html#ansible-collections-community-docker-docker-container-info-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_exec_module.html#ansible-collections-community-docker-docker-container-exec-module
- https://docs.ansible.com/ansible/latest/collections/community/docker/docker_container_module.html#ansible-collections-community-docker-docker-container-module
---
- https://docs.ansible.com/ansible/latest/collections/community/general/zpool_facts_module.html#ansible-collections-community-general-zpool-facts-module
- https://docs.ansible.com/ansible/latest/collections/community/general/zfs_facts_module.html#ansible-collections-community-general-zfs-facts-module
- https://docs.ansible.com/ansible/latest/collections/community/general/zfs_module.html#ansible-collections-community-general-zfs-module
- https://docs.ansible.com/ansible/latest/collections/community/general/wakeonlan_module.html#ansible-collections-community-general-wakeonlan-module
- https://docs.ansible.com/ansible/latest/collections/community/general/ufw_module.html#ansible-collections-community-general-ufw-module
- https://docs.ansible.com/ansible/latest/collections/community/general/timezone_module.html#ansible-collections-community-general-timezone-module
- https://docs.ansible.com/ansible/latest/collections/community/general/sysrc_module.html#ansible-collections-community-general-sysrc-module
- https://docs.ansible.com/ansible/latest/collections/community/general/ssh_config_module.html#ansible-collections-community-general-ssh-config-module
- https://docs.ansible.com/ansible/latest/collections/community/general/pacman_module.html#ansible-collections-community-general-pacman-module
- https://docs.ansible.com/ansible/latest/collections/community/general/nmcli_module.html#ansible-collections-community-general-nmcli-module
- https://docs.ansible.com/ansible/latest/collections/community/general/mqtt_module.html#ansible-collections-community-general-mqtt-module
- https://docs.ansible.com/ansible/latest/collections/community/general/matrix_module.html#ansible-collections-community-general-matrix-module
- https://docs.ansible.com/ansible/latest/collections/community/general/mail_module.html#ansible-collections-community-general-mail-module
- https://docs.ansible.com/ansible/latest/collections/community/general/kernel_blacklist_module.html#ansible-collections-community-general-kernel-blacklist-module
- https://docs.ansible.com/ansible/latest/collections/community/general/ini_file_module.html#ansible-collections-community-general-ini-file-module
- https://docs.ansible.com/ansible/latest/collections/community/general/htpasswd_module.html#ansible-collections-community-general-htpasswd-module
- https://docs.ansible.com/ansible/latest/collections/community/general/git_config_module.html#ansible-collections-community-general-git-config-module
- https://docs.ansible.com/ansible/latest/collections/community/general/flatpak_module.html#ansible-collections-community-general-flatpak-module
- https://docs.ansible.com/ansible/latest/collections/community/general/filesystem_module.html#ansible-collections-community-general-filesystem-module
- https://docs.ansible.com/ansible/latest/collections/community/general/crypttab_module.html#ansible-collections-community-general-crypttab-module
- https://docs.ansible.com/ansible/latest/collections/community/general/btrfs_subvolume_module.html#ansible-collections-community-general-btrfs-subvolume-module
- https://docs.ansible.com/ansible/latest/collections/community/general/btrfs_info_module.html#ansible-collections-community-general-btrfs-info-module
- https://docs.ansible.com/ansible/latest/collections/community/general/archive_module.html#ansible-collections-community-general-archive-module
- https://docs.ansible.com/ansible/latest/collections/community/general/apk_module.html#ansible-collections-community-general-apk-module
---
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_volume_info_module.html#ansible-collections-containers-podman-podman-volume-info-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_volume_module.html#ansible-collections-containers-podman-podman-volume-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_save_module.html#ansible-collections-containers-podman-podman-save-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_prune_module.html#ansible-collections-containers-podman-podman-prune-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_network_info_module.html#ansible-collections-containers-podman-podman-network-info-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_network_module.html#ansible-collections-containers-podman-podman-network-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_logout_module.html#ansible-collections-containers-podman-podman-logout-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_login_info_module.html#ansible-collections-containers-podman-podman-login-info-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_login_module.html#ansible-collections-containers-podman-podman-login-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_load_module.html#ansible-collections-containers-podman-podman-load-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_import_module.html#ansible-collections-containers-podman-podman-import-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_image_info_module.html#ansible-collections-containers-podman-podman-image-info-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_image_module.html#ansible-collections-containers-podman-podman-image-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_export_module.html#ansible-collections-containers-podman-podman-export-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_containers_module.html#ansible-collections-containers-podman-podman-containers-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_container_info_module.html#ansible-collections-containers-podman-podman-container-info-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_container_module.html#ansible-collections-containers-podman-podman-container-module
- https://docs.ansible.com/ansible/latest/collections/containers/podman/podman_generate_systemd_module.html#ansible-collections-containers-podman-podman-generate-systemd-module
---
- https://docs.ansible.com/ansible/latest/collections/community/libvirt/virt_module.html#ansible-collections-community-libvirt-virt-module
- https://docs.ansible.com/ansible/latest/collections/community/libvirt/virt_net_module.html#ansible-collections-community-libvirt-virt-net-module
- https://docs.ansible.com/ansible/latest/collections/community/libvirt/virt_pool_module.html#ansible-collections-community-libvirt-virt-pool-module

42
technology/tools/Ansible/modules/ansible.builtin.assert.md Normal file
View file

@ -0,0 +1,42 @@
# ansible.builtin.assert
This module asserts that given expressions are true with an optional custom message
## Parameters
| Parameter | Type | Description |
| ----------- | --------------------------------- | ---------------------------------------------------------------------------------------- |
| **fail_msg** | string | The customized message used for a failing assertion |
| **quiet** | boolean | Set this to `true` to avoid verbose output |
| **success_msg** | string | The customized message used for a successful assertion |
| **that** | list / elements=string / required | A list of string expressions of the same form that can be passed to the when statement |
## Examples
```yaml
- ansible.builtin.assert: { that: "ansible_os_family != 'RedHat'" }
- ansible.builtin.assert:
that:
- "'foo' in some_command_result.stdout"
- number_of_the_counting == 3
- name: After version 2.7 both 'msg' and 'fail_msg' can customize failing assertion message
ansible.builtin.assert:
that:
- my_param <= 100
- my_param >= 0
fail_msg: "'my_param' must be between 0 and 100"
success_msg: "'my_param' is between 0 and 100"
- name: Please use 'msg' when ansible version is smaller than 2.7
ansible.builtin.assert:
that:
- my_param <= 100
- my_param >= 0
msg: "'my_param' must be between 0 and 100"
- name: Use quiet to avoid verbose output
ansible.builtin.assert:
that:
- my_param <= 100
- my_param >= 0
quiet: true
```

81
technology/tools/Ansible/modules/ansible.builtin.blockinfile.md Normal file
View file

@ -0,0 +1,81 @@
# ansible.builtin.blockinfile
This module will insert/update/remove a block of multi-line text surrounded by customizable marker lines
## Parameter
| Parameter | Type | Default | Description |
| ---------------- | --------------- | -------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
| **backup** | boolean | false | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
| **block** | string | "" | The text to insert inside the marker lines. If it is missing or an empty string, the block will be removed as if state were specified to absent. |
| **create** | boolean | false | Create a new file if it does not exist. |
| **group** | string | - | Name of the group that should own the filesystem object, as would be fed to chown. When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| **insertafter** | string | "EOF" | If specified and no begin/ending marker lines are found, the block will be inserted after the last match of specified regular expression. A special value is available; EOF for inserting the block at the end of the file. If specified regular expression has no matches, EOF will be used instead. The presence of the multiline flag (?m) in the regular expression controls whether the match is done line by line or with multiple lines. This behaviour was added in ansible-core 2.14. |
| **insertbefore** | string | - | If specified and no begin/ending marker lines are found, the block will be inserted before the last match of specified regular expression.  A special value is available; BOF for inserting the block at the beginning of the file.  If specified regular expression has no matches, the block will be inserted at the end of the file.  The presence of the multiline flag (?m) in the regular expression controls whether the match is done line by line or with multiple lines. This behaviour was added in ansible-core 2.14. |
| **marker** | string | "# {mark} ANSIBLE MANAGED BLOCK" | The marker line template.  {mark} will be replaced with the values in marker_begin (default=”BEGIN”) and marker_end (default=”END”).  Using a custom marker without the {mark} variable may result in the block being repeatedly inserted on subsequent playbook runs.  Multi-line markers are not supported and will result in the block being repeatedly inserted on subsequent playbook runs.  A newline is automatically appended by the module to marker_begin and marker_end. |
| **marker_begin** | string | "BEGIN" | This will be inserted at `{mark}` in the opening ansible block marker. |
| **marker_end** | string | "END" | This will be inserted at `{mark}` in the closing ansible block marker. |
| **mode** | any | - | The permissions the resulting filesystem object should have. For those used to _/usr/bin/chmod_ remember that modes are actually octal numbers. You must give Ansible enough information to parse them correctly. For consistent results, quote octal numbers (for example, `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number. Adding a leading zero (for example, `0755`) works sometimes, but can fail in loops and some other circumstances. Giving Ansible a number without following either of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). If `mode` is not specified and the destination filesystem object **does not** exist, the default `umask` on the system will be used when setting the mode for the newly created filesystem object. If `mode` is not specified and the destination filesystem object **does** exist, the mode of the existing filesystem object will be used. |
| **owner** | string | - | Name of the user that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.  Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| **path** | path / required | - | The file to modify. |
| **state** | string | "present" | Whether the block should be there or not. **Choices:** (`"absent"`, `"present"`) |
| **validate** | string | - | The validation command to run before copying the updated file into the final destination.  A temporary file path is used to validate, passed in through %s which must be present as in the examples below.  Also, the command is passed securely so [shell](../../../applications/cli/Shell.md) features such as expansion and pipes will not work. |
## Examples
```yaml
# Before Ansible 2.3, option 'dest' or 'name' was used instead of 'path'
- name: Insert/Update "Match User" configuration block in /etc/ssh/sshd_config
ansible.builtin.blockinfile:
path: /etc/ssh/sshd_config
block: |
Match User ansible-agent
PasswordAuthentication no
- name: Insert/Update eth0 configuration stanza in /etc/network/interfaces
(it might be better to copy files into /etc/network/interfaces.d/)
ansible.builtin.blockinfile:
path: /etc/network/interfaces
block: |
iface eth0 inet static
address 192.0.2.23
netmask 255.255.255.0
- name: Insert/Update configuration using a local file and validate it
ansible.builtin.blockinfile:
block: "{{ lookup('ansible.builtin.file', './local/sshd_config') }}"
path: /etc/ssh/sshd_config
backup: yes
validate: /usr/sbin/sshd -T -f %s
- name: Insert/Update HTML surrounded by custom markers after <body> line
ansible.builtin.blockinfile:
path: /var/www/html/index.html
marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
insertafter: "<body>"
block: |
<h1>Welcome to {{ ansible_hostname }}</h1>
<p>Last updated on {{ ansible_date_time.iso8601 }}</p>
- name: Remove HTML as well as surrounding markers
ansible.builtin.blockinfile:
path: /var/www/html/index.html
marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
block: ""
- name: Add mappings to /etc/hosts
ansible.builtin.blockinfile:
path: /etc/hosts
block: |
{{ item.ip }} {{ item.name }}
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.name }}"
loop:
- { name: host1, ip: 10.10.1.10 }
- { name: host2, ip: 10.10.1.11 }
- { name: host3, ip: 10.10.1.12 }
- name: Search with a multiline search flags regex and if found insert after
blockinfile:
path: listener.ora
block: "{{ listener_line | indent(width=8, first=True) }}"
insertafter: '(?m)SID_LIST_LISTENER_DG =\n.*\(SID_LIST ='
marker: " <!-- {mark} ANSIBLE MANAGED BLOCK -->"
```

100
technology/tools/Ansible/modules/ansible.builtin.copy.md Normal file
View file

@ -0,0 +1,100 @@
# ansible.builtin.copy
The `copy` module copies a file from the local or remote machine to a location on the remote machine.
## Parameter
| Parameter | Type | Default | Description |
| ---------------- | --------------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
| **backup** | boolean | false | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
| **checksum** | string | - | SHA1 checksum of the file being transferred.  Used to validate that the copy of the file was successful.  If this is not provided, ansible will use the local calculated checksum of the src file. |
| **content** | string | - | When used instead of src, sets the contents of a file directly to the specified value.  Works only when dest is a file. Creates the file if it does not exist.  For advanced formatting or if content contains a variable, use the ansible.builtin.template module. |
| **decrypt** | boolean | true | This option controls the autodecryption of source files using vault. |
| **dest** | path / required | - | Remote absolute path where the file should be copied to. If `src` is a directory, this must be a directory too. If `dest` is a non-existent path and if either `dest` ends with “/” or `src` is a directory, `dest` is created. If _dest_ is a relative path, the starting directory is determined by the remote host. If `src` and `dest` are files, the parent directory of `dest` is not created and the task fails if it does not already exist. |
| **follow** | boolean | false | This flag indicates that filesystem links in the destination, if they exist, should be followed. |
| **force** | boolean | true | Influence whether the remote file must always be replaced. If `true`, the remote file will be replaced when contents are different than the source. If `false`, the file will only be transferred if the destination does not exist. |
| **group** | string | - | Name of the group that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| **local_follow** | boolean | true | This flag indicates that filesystem links in the source tree, if they exist, should be followed. |
| **mode** | any | - | The permissions the resulting filesystem object should have. For those used to _/usr/bin/chmod_ remember that modes are actually octal numbers. You must give Ansible enough information to parse them correctly. For consistent results, quote octal numbers (for example, `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number. Adding a leading zero (for example, `0755`) works sometimes, but can fail in loops and some other circumstances. Giving Ansible a number without following either of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). If `mode` is not specified and the destination filesystem object **does not** exist, the default `umask` on the system will be used when setting the mode for the newly created filesystem object. If `mode` is not specified and the destination filesystem object **does** exist, the mode of the existing filesystem object will be used. |
| **owner** | string | - | Name of the user that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.  Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| **src** | path | - | Local path to a file to copy to the remote server.  This can be absolute or relative.  If path is a directory, it is copied recursively. In this case, if path ends with “/”, only inside contents of that directory are copied to destination. Otherwise, if it does not end with “/”, the directory itself with all contents is copied. This behavior is similar to the rsync command line tool. |
| **validate** | string | - | The validation command to run before copying the updated file into the final destination.  A temporary file path is used to validate, passed in through %s which must be present as in the examples below.  Also, the command is passed securely so shell features such as expansion and pipes will not work. |
## Return Values
| Value | Type | When | Description |
| --------------- | ------- | ------------------------- | --------------------------------------------- |
| **backup_file** | string | changed and if backup=yes | Name of backup file created |
| **checksum** | string | success | SHA1 checksum of the file after running copy. |
| **dest** | string | success | Destination file/path. |
| **gid** | integer | success | Group id of the file, after execution. |
| **group** | string | success | Group of the file, after execution. |
| **md5sum** | string | when supported | MD5 checksum of the file after running copy. |
| **mode** | string | success | Permissions of the target, after execution. |
| **owner** | string | success | Owner of the file, after execution. |
| **size** | integer | success | Size of the target, after execution. |
| **uid** | integer | success | Owner id of the file, after execution. |
## Examples
```yaml
- name: Copy file with owner and permissions
ansible.builtin.copy:
src: /srv/myfiles/foo.conf
dest: /etc/foo.conf
owner: foo
group: foo
mode: '0644'
- name: Copy file with owner and permission, using symbolic representation
ansible.builtin.copy:
src: /srv/myfiles/foo.conf
dest: /etc/foo.conf
owner: foo
group: foo
mode: u=rw,g=r,o=r
- name: Another symbolic mode example, adding some permissions and removing others
ansible.builtin.copy:
src: /srv/myfiles/foo.conf
dest: /etc/foo.conf
owner: foo
group: foo
mode: u+rw,g-wx,o-rwx
- name: Copy a new "ntp.conf" file into place, backing up the original if it differs from the copied version
ansible.builtin.copy:
src: /mine/ntp.conf
dest: /etc/ntp.conf
owner: root
group: root
mode: '0644'
backup: yes
- name: Copy a new "sudoers" file into place, after passing validation with visudo
ansible.builtin.copy:
src: /mine/sudoers
dest: /etc/sudoers
validate: /usr/sbin/visudo -csf %s
- name: Copy a "sudoers" file on the remote machine for editing
ansible.builtin.copy:
src: /etc/sudoers
dest: /etc/sudoers.edit
remote_src: yes
validate: /usr/sbin/visudo -csf %s
- name: Copy using inline content
ansible.builtin.copy:
content: '# This file was moved to /etc/other.conf'
dest: /etc/mine.conf
- name: If follow=yes, /path/to/file will be overwritten by contents of foo.conf
ansible.builtin.copy:
src: /etc/foo.conf
dest: /path/to/link # link to /path/to/file
follow: yes
- name: If follow=no, /path/to/link will become a file and be overwritten by contents of foo.conf
ansible.builtin.copy:
src: /etc/foo.conf
dest: /path/to/link # link to /path/to/file
follow: no
```

75
technology/tools/Ansible/modules/ansible.builtin.cron.md Normal file
View file

@ -0,0 +1,75 @@
# ansible.builtin.cron
Use this module to manage crontab entries. This module allows you to create named crontab entries, update, or delete them.
## Parameter
| Parameter | Type | Default | Description |
| ---------------- | ---------------------------------------------------------------------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **backup** | boolean | false | If set, create a backup of the crontab before it is modified. The location of the backup is returned in the `backup_file` variable by this module. |
| **cron_file** | path | - | If specified, uses this file instead of an individual users crontab. The assumption is that this file is exclusively managed by the module, do not use if the file contains multiple entries, NEVER use for /etc/crontab.  If this is a relative path, it is interpreted with respect to /etc/cron.d.  Many linux distros expect (and some require) the filename portion to consist solely of upper- and lower-case letters, digits, underscores, and hyphens.  Using this parameter requires you to specify the user as well, unless state is not present.  Either this parameter or name is required |
| **day** | string | "\*" | Day of the month the job should run (`1-31`, `*`, `*/2`, and so on). |
| **disabled** | boolean | false | If the job should be disabled (commented out) in the crontab.  Only has effect if state=present. |
| **hour** | string | "\*" | Hour when the job should run (`0-23`, `*`, `*/2`, and so on). |
| **job** | string | - | The command to execute. |
| **minute** | string | "\*" | Minute when the job should run (`0-59`, `*`, `*/2`, and so on). |
| **month** | string | "\*" | Month of the year the job should run (`1-12`, `*`, `*/2`, and so on). |
| **name** | string / required | - | Description of a crontab entry. |
| **special_time** | "annually"<br>"daily"<br>"hourly"<br>"monthly"<br>"reboot"<br>"weekly"<br>"yearly" | - | Special time specification nickname. |
| **state** | "absent"<br>"present" | "present" | Whether to ensure the job is present or absent. |
| **user** | string | - | The specific user whose crontab should be modified.  When unset, this parameter defaults to the current user. |
| **weekday** | string | "\*" | Day of the week that the job should run (`0-6` for Sunday-Saturday, `*`, and so on). |
## Examples
```yaml
- name: Ensure a job that runs at 2 and 5 exists. Creates an entry like "0 5,2 * * ls -alh > /dev/null"
ansible.builtin.cron:
name: "check dirs"
minute: "0"
hour: "5,2"
job: "ls -alh > /dev/null"
- name: 'Ensure an old job is no longer present. Removes any job that is prefixed by "#Ansible: an old job" from the crontab'
ansible.builtin.cron:
name: "an old job"
state: absent
- name: Creates an entry like "@reboot /some/job.sh"
ansible.builtin.cron:
name: "a job for reboot"
special_time: reboot
job: "/some/job.sh"
- name: Creates an entry like "PATH=/opt/bin" on top of crontab
ansible.builtin.cron:
name: PATH
env: yes
job: /opt/bin
- name: Creates an entry like "APP_HOME=/srv/app" and insert it after PATH declaration
ansible.builtin.cron:
name: APP_HOME
env: yes
job: /srv/app
insertafter: PATH
- name: Creates a cron file under /etc/cron.d
ansible.builtin.cron:
name: yum autoupdate
weekday: "2"
minute: "0"
hour: "12"
user: root
job: "YUMINTERACTIVE=0 /usr/sbin/yum-autoupdate"
cron_file: ansible_yum-autoupdate
- name: Removes a cron file from under /etc/cron.d
ansible.builtin.cron:
name: "yum autoupdate"
cron_file: ansible_yum-autoupdate
state: absent
- name: Removes "APP_HOME" environment variable from crontab
ansible.builtin.cron:
name: APP_HOME
env: yes
state: absent
```

37
technology/tools/Ansible/modules/ansible.builtin.debug.md Normal file
View file

@ -0,0 +1,37 @@
# ansible.builtin.debug
This module prints statements during execution and can be useful for debugging variables or expressions without necessarily halting the playbook.
## Parameter
| Parameter | Type | Default | Description |
| ------------- | ------- | -------------- | -------------------------------------------------------------------------------------------------------- |
| **msg** | string | "Hello world!" | The customized message that is printed. If omitted, prints a generic message. |
| **var** | string | - | A variable name to debug.  Mutually exclusive with the msg option. |
| **verbosity** | integer | 0 | A number that controls when the debug is run, if you set to 3 it will only run debug when -vvv or above. |
## Examples
```yaml
- name: Print the gateway for each host when defined
ansible.builtin.debug:
msg: System {{ inventory_hostname }} has gateway {{ ansible_default_ipv4.gateway }}
when: ansible_default_ipv4.gateway is defined
- name: Get uptime information
ansible.builtin.shell: /usr/bin/uptime
register: result
- name: Print return information from the previous task
ansible.builtin.debug:
var: result
verbosity: 2
- name: Display all variables/facts known for a host
ansible.builtin.debug:
var: hostvars[inventory_hostname]
verbosity: 4
- name: Prints two lines of messages, but only if there is an environment value set
ansible.builtin.debug:
msg:
- "Provisioning based on YOUR_KEY which is: {{ lookup('ansible.builtin.env', 'YOUR_KEY') }}"
- "These servers were built using the password of '{{ password_used }}'. Please retain this for later use."
```

15
technology/tools/Ansible/modules/ansible.builtin.fail.md Normal file
View file

@ -0,0 +1,15 @@
# ansible.builtin.fail
This module fails the progress with a custom message.
## Parameter
| Parameter | Type | Default | Description |
| --------- | ------ | ------------------------------- | -------------------------------------------------- |
| **msg** | string | "Failed as requested from task" | The customized message used for failing execution. |
## Examples
```yaml
- name: Example using fail and when together
ansible.builtin.fail:
msg: The system may not be provisioned according to the CMDB status.
when: cmdb_status != "to-be-staged"
```

39
technology/tools/Ansible/modules/ansible.builtin.fetch.md Normal file
View file

@ -0,0 +1,39 @@
# ansible.builtin.fetch
- Fetch files from remote nodes
- This module works like [ansible.builtin.copy](ansible.builtin.copy.md), but in reverse.
- It is used for fetching files from remote machines and storing them locally in a file tree, organized by hostname.
- Files that already exist at dest will be overwritten if they are different than the src.
## Parameter
| Parameter | Type | Default | Description |
| --------------------- | ----------------- | ------- | ---------------------------------------------------------------------------------------- |
| **dest** | string / required | - | A directory to save the file into. |
| **fail_on_missing** | boolean | true | When set to `true`, the task will fail if the remote file cannot be read for any reason. |
| **src** | string / required | - | The file on the remote system to fetch.  This must be a file, not a directory. |
| **validate_checksum** | boolean | true | Verify that the source and destination checksums match after the files are fetched. |
## Examples
```yaml
- name: Store file into /tmp/fetched/host.example.com/tmp/somefile
ansible.builtin.fetch:
src: /tmp/somefile
dest: /tmp/fetched
- name: Specifying a path directly
ansible.builtin.fetch:
src: /tmp/somefile
dest: /tmp/prefix-{{ inventory_hostname }}
flat: yes
- name: Specifying a destination path
ansible.builtin.fetch:
src: /tmp/uniquefile
dest: /tmp/special/
flat: yes
- name: Storing in a path relative to the playbook
ansible.builtin.fetch:
src: /tmp/uniquefile
dest: special/prefix-{{ inventory_hostname }}
flat: yes
```

107
technology/tools/Ansible/modules/ansible.builtin.lineinfile.md Normal file
View file

@ -0,0 +1,107 @@
# ansible.builtin.lineinfile
This module ensures a particular line is in a file, or replace an existing line using a back-referenced [regular expression](../../Regex.md).
## Parameter
| Parameter | Type | Default | Description |
| ----------------- | ------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
| **backup** | boolean | false | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
| **create** | boolean | false | Create a new file if it does not exist. |
| **firstmatch** | boolean | false | Used with `insertafter` or `insertbefore`.  If set, `insertafter` and `insertbefore` will work with the first line that matches the given [regular expression](../../Regex.md). |
| **group** | string | false | Name of the group that should own the filesystem object, as would be fed to _chown_. |
| **insertafter** | string | - | Used with `state=present`.<br><br>If specified, the line will be inserted after the last match of specified [regular expression](../../Regex.md).<br><br>If the first match is required, use(`firstmatch=yes`).<br><br>A special value is available; `EOF` for inserting the line at the end of the file.<br><br>If specified [regular expression](../../Regex.md) has no matches, `EOF` will be used instead.<br><br>If `insertbefore` is set, default value `EOF` will be ignored. |
| **insertbefore** | string | - | Used with `state=present`.<br><br>If specified, the line will be inserted before the last match of specified [regular expression](../../Regex.md).<br><br>If the first match is required, use `firstmatch=yes`.<br><br>A value is available; `BOF` for inserting the line at the beginning of the file.<br><br>If specified [regular expression](../../Regex.md) has no matches, the line will be inserted at the end of the file. |
| **line** | string | - | The line to insert/replace into the file. |
| **mode** | string | - | The permissions the resulting filesystem object should have. |
| **owner** | string | - | Name of the user that should own the filesystem object, as would be fed to _chown_. |
| **path** | path | - | The file to modify. |
| **regexp** | string | - | The [regular expression](../../Regex.md) to look for in every line of the file. |
| **search_string** | string | - | The literal string to look for in every line of the file. This does not have to match the entire line. |
| **state** | string | "present" | Whether the line should be there or not.<br><br>Choices:<br><br>- `absent`<br>- `present` |
| **validate** | string | - | The validation command to run before copying the updated file into the final destination. |
## Examples
```yaml
# NOTE: Before 2.3, option 'dest', 'destfile' or 'name' was used instead of 'path'
- name: Ensure SELinux is set to enforcing mode
ansible.builtin.lineinfile:
path: /etc/selinux/config
regexp: '^SELINUX='
line: SELINUX=enforcing
- name: Make sure group wheel is not in the sudoers configuration
ansible.builtin.lineinfile:
path: /etc/sudoers
state: absent
regexp: '^%wheel'
- name: Replace a localhost entry with our own
ansible.builtin.lineinfile:
path: /etc/hosts
regexp: '^127\.0\.0\.1'
line: 127.0.0.1 localhost
owner: root
group: root
mode: '0644'
- name: Replace a localhost entry searching for a literal string to avoid escaping
ansible.builtin.lineinfile:
path: /etc/hosts
search_string: '127.0.0.1'
line: 127.0.0.1 localhost
owner: root
group: root
mode: '0644'
- name: Ensure the default Apache port is 8080
ansible.builtin.lineinfile:
path: /etc/httpd/conf/httpd.conf
regexp: '^Listen '
insertafter: '^#Listen '
line: Listen 8080
- name: Ensure php extension matches new pattern
ansible.builtin.lineinfile:
path: /etc/httpd/conf/httpd.conf
search_string: '<FilesMatch ".php[45]?$">'
insertafter: '^\t<Location \/>\n'
line: ' <FilesMatch ".php[34]?$">'
- name: Ensure we have our own comment added to /etc/services
ansible.builtin.lineinfile:
path: /etc/services
regexp: '^# port for http'
insertbefore: '^www.*80/tcp'
line: '# port for http by default'
- name: Add a line to a file if the file does not exist, without passing regexp
ansible.builtin.lineinfile:
path: /tmp/testfile
line: 192.168.1.99 foo.lab.net foo
create: yes
# NOTE: Yaml requires escaping backslashes in double quotes but not in single quotes
- name: Ensure the JBoss memory settings are exactly as needed
ansible.builtin.lineinfile:
path: /opt/jboss-as/bin/standalone.conf
regexp: '^(.*)Xms(\d+)m(.*)$'
line: '\1Xms${xms}m\3'
backrefs: yes
# NOTE: Fully quoted because of the ': ' on the line. See the Gotchas in the YAML docs.
- name: Validate the sudoers file before saving
ansible.builtin.lineinfile:
path: /etc/sudoers
state: present
regexp: '^%ADMIN ALL='
line: '%ADMIN ALL=(ALL) NOPASSWD: ALL'
validate: /usr/sbin/visudo -cf %s
# See https://docs.python.org/3/library/re.html for further details on syntax
- name: Use backrefs with alternative group syntax to avoid conflicts with variable values
ansible.builtin.lineinfile:
path: /tmp/config
regexp: ^(host=).*
line: \g<1>{{ hostname }}
backrefs: yes
```

30
technology/tools/Ansible/modules/ansible.builtin.package.md Normal file
View file

@ -0,0 +1,30 @@
# ansible.builtin.package
Generic OS package manager
## Parameter
| Parameter | Type | Default | Description |
| --------- | --------------------- | ------- | ------------------------------------------------ |
| **name** | string / required | - | Package name, or package specifier with version. |
| **state** | "absent"<br>"present" | - | Whether to install, or remove a package. |
| | | | |
## Examples
```yaml
- name: Install ntpdate
ansible.builtin.package:
name: ntpdate
state: present
# This uses a variable as this changes per distribution.
- name: Remove the apache package
ansible.builtin.package:
name: "{{ apache }}"
state: absent
- name: Install the latest version of Apache and MariaDB
ansible.builtin.package:
name:
- httpd
- mariadb-server
state: latest
```

37
technology/tools/Ansible/modules/ansible.builtin.pause.md Normal file
View file

@ -0,0 +1,37 @@
# ansible.builtin.pause
Pauses playbook execution for a set amount of time, or until a prompt is acknowledged. All parameters are optional. The default behavior is to pause with a prompt.
## Parameter
| Parameter | Type | Default | Description |
| ----------- | ------- | ------- | ------------------------------------------------------------ |
| **echo** | boolean | true | Controls whether or not keyboard input is shown when typing. |
| **minutes** | integer | - | A positive number of minutes to pause for. |
| **prompt** | string | - | Optional text to use for the prompt message. |
| **seconds** | integer | - | A positive number of seconds to pause for. |
## Return Values
| Value | Type | When | Description |
| -------------- | ------ | ---------------------- | ----------------------------------- |
| **delta** | string | always | Time paused in seconds |
| **start** | string | always | Time when started pausing |
| **stop** | string | always | Time when ended pausing |
| **user_input** | string | if no waiting time set | User input from interactive console |
## Examples
```yaml
- name: Pause for 5 minutes to build app cache
ansible.builtin.pause:
minutes: 5
- name: Pause until you can verify updates to an application were successful
ansible.builtin.pause:
- name: A helpful reminder of what to look out for post-update
ansible.builtin.pause:
prompt: "Make sure org.foo.FooOverload exception is not present"
- name: Pause to get some sensitive input
ansible.builtin.pause:
prompt: "Enter a secret"
echo: no
```

88
technology/tools/Ansible/modules/ansible.builtin.replace.md Normal file
View file

@ -0,0 +1,88 @@
# ansible.builtin.replace
Replace all instances of a particular string in a file using a back-referenced regular expression.
## Parameter
| Parameter | Type | Default | Description |
| -------------- | ----------------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **after** | string | - | If specified, only content after this match will be replaced/removed. |
| **before** | string | - | If specified, only content before this match will be replaced/removed. |
| **path** | path / required | - | The file to modify. |
| **regexp** | string / required | - | The regular expression to look for in the contents of the file. |
| **replace** | string | "" | The string to replace regexp matches.  May contain backreferences that will get expanded with the regexp capture groups if the regexp matches.  If not set, matches are removed entirely. |
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
| **backup** | boolean | false | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
| **follow** | boolean | false | This flag indicates that filesystem links in the destination, if they exist, should be followed. |
| **force** | boolean | true | Influence whether the remote file must always be replaced. If `true`, the remote file will be replaced when contents are different than the source. If `false`, the file will only be transferred if the destination does not exist. |
| **group** | string | - | Name of the group that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| **mode** | any | - | The permissions the resulting filesystem object should have. For those used to _/usr/bin/chmod_ remember that modes are actually octal numbers. You must give Ansible enough information to parse them correctly. For consistent results, quote octal numbers (for example, `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number. Adding a leading zero (for example, `0755`) works sometimes, but can fail in loops and some other circumstances. Giving Ansible a number without following either of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). If `mode` is not specified and the destination filesystem object **does not** exist, the default `umask` on the system will be used when setting the mode for the newly created filesystem object. If `mode` is not specified and the destination filesystem object **does** exist, the mode of the existing filesystem object will be used. |
| **owner** | string | - | Name of the user that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.  Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| **validate** | string | - | The validation command to run before copying the updated file into the final destination.  A temporary file path is used to validate, passed in through %s which must be present as in the examples below.  Also, the command is passed securely so [shell](../../../applications/cli/Shell.md) features such as expansion and pipes will not work. |
## Examples
```yaml
- name: Replace old hostname with new hostname (requires Ansible >= 2.4)
ansible.builtin.replace:
path: /etc/hosts
regexp: '(\s+)old\.host\.name(\s+.*)?$'
replace: '\1new.host.name\2'
- name: Replace after the expression till the end of the file (requires Ansible >= 2.4)
ansible.builtin.replace:
path: /etc/apache2/sites-available/default.conf
after: 'NameVirtualHost [*]'
regexp: '^(.+)$'
replace: '# \1'
- name: Replace before the expression till the begin of the file (requires Ansible >= 2.4)
ansible.builtin.replace:
path: /etc/apache2/sites-available/default.conf
before: '# live site config'
regexp: '^(.+)$'
replace: '# \1'
# Prior to Ansible 2.7.10, using before and after in combination did the opposite of what was intended.
# see https://github.com/ansible/ansible/issues/31354 for details.
- name: Replace between the expressions (requires Ansible >= 2.4)
ansible.builtin.replace:
path: /etc/hosts
after: '<VirtualHost [*]>'
before: '</VirtualHost>'
regexp: '^(.+)$'
replace: '# \1'
- name: Supports common file attributes
ansible.builtin.replace:
path: /home/jdoe/.ssh/known_hosts
regexp: '^old\.host\.name[^\n]*\n'
owner: jdoe
group: jdoe
mode: '0644'
- name: Supports a validate command
ansible.builtin.replace:
path: /etc/apache/ports
regexp: '^(NameVirtualHost|Listen)\s+80\s*$'
replace: '\1 127.0.0.1:8080'
validate: '/usr/sbin/apache2ctl -f %s -t'
- name: Short form task (in ansible 2+) necessitates backslash-escaped sequences
ansible.builtin.replace: path=/etc/hosts regexp='\\b(localhost)(\\d*)\\b' replace='\\1\\2.localdomain\\2 \\1\\2'
- name: Long form task does not
ansible.builtin.replace:
path: /etc/hosts
regexp: '\b(localhost)(\d*)\b'
replace: '\1\2.localdomain\2 \1\2'
- name: Explicitly specifying positional matched groups in replacement
ansible.builtin.replace:
path: /etc/ssh/sshd_config
regexp: '^(ListenAddress[ ]+)[^\n]+$'
replace: '\g<1>0.0.0.0'
- name: Explicitly specifying named matched groups
ansible.builtin.replace:
path: /etc/ssh/sshd_config
regexp: '^(?P<dctv>ListenAddress[ ]+)(?P<host>[^\n]+)$'
replace: '#\g<dctv>\g<host>\n\g<dctv>0.0.0.0'
```

78
technology/tools/Ansible/modules/ansible.builtin.shell.md Normal file
View file

@ -0,0 +1,78 @@
# ansible.builtin.shell
Execute shell commands on targets.
## Parameter
| Parameter | Type | Default | Description |
| --------------------- | ------- | ------- | -------------------------------------------------------------- |
| **chdir** | path | - | Change into this directory before running the command. |
| **cmd** | string | - | The command to run followed by optional arguments. |
| **creates** | path | - | A filename, when it already exists, this step will not be run. |
| **executable** | path | - | Change the shell used to execute the command. |
| **removes** | path | - | A filename, when it does not exist, this step will not be run. |
| **stdin** | string | - | Set the stdin of the command directly to the specified value. |
| **stdin_add_newline** | boolean | true | Whether to append a newline to stdin data. |
## Return Values
| Value | Type | When | Description |
| ---------------- | ---------------------- | ------ | ------------------------------------------ |
| **cmd** | string | always | The command executed by the task. |
| **delta** | string | always | The command execution delta time. |
| **end** | string | always | The command execution end time. |
| **rc** | integer | always | The command return code (0 means success). |
| **start** | string | always | The command execution start time. |
| **stderr** | string | always | The command standard error. |
| **stderr_lines** | list / elements=string | always | The command standard error split in lines. |
| **stdout** | string | always | The command standard output. |
| **stdout_lines** | list / elements=string | always | The command standard output split in lines. |
## Examples
```yaml
- name: Execute the command in remote shell; stdout goes to the specified file on the remote
ansible.builtin.shell: somescript.sh >> somelog.txt
- name: Change the working directory to somedir/ before executing the command
ansible.builtin.shell: somescript.sh >> somelog.txt
args:
chdir: somedir/
# You can also use the 'args' form to provide the options.
- name: This command will change the working directory to somedir/ and will only run when somedir/somelog.txt doesn't exist
ansible.builtin.shell: somescript.sh >> somelog.txt
args:
chdir: somedir/
creates: somelog.txt
# You can also use the 'cmd' parameter instead of free form format.
- name: This command will change the working directory to somedir/
ansible.builtin.shell:
cmd: ls -l | grep log
chdir: somedir/
- name: Run a command that uses non-posix shell-isms (in this example /bin/sh doesn't handle redirection and wildcards together but bash does)
ansible.builtin.shell: cat < /tmp/*txt
args:
executable: /bin/bash
- name: Run a command using a templated variable (always use quote filter to avoid injection)
ansible.builtin.shell: cat {{ myfile|quote }}
# You can use shell to run other executables to perform actions inline
- name: Run expect to wait for a successful PXE boot via out-of-band CIMC
ansible.builtin.shell: |
set timeout 300
spawn ssh admin@{{ cimc_host }}
expect "password:"
send "{{ cimc_password }}\n"
expect "\n{{ cimc_name }}"
send "connect host\n"
expect "pxeboot.n12"
send "\n"
exit 0
args:
executable: /usr/bin/expect
delegate_to: localhost
```

70
technology/tools/Ansible/modules/ansible.builtin.systemd_service.md Normal file
View file

@ -0,0 +1,70 @@
# ansible.builtin.systemd_service
Controls [systemd](../../../linux/Systemd.md) units (services, timers, and so on) on remote hosts.
## Parameter
| Parameter | Type | Default | Description |
| ----------------- | --------------------------------------------------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **daemon_reload** | boolean | false | Run daemon-reload before doing any other operations, to make sure systemd has read any changes. |
| **enabled** | boolean | - | Whether the unit should start on boot. **At least one of state and enabled are required.** |
| **force** | boolean | - | Whether to override existing symlinks. |
| **masked** | boolean | - | Whether the unit should be masked or not, a masked unit is impossible to start. |
| **name** | string | - | Name of the unit. This parameter takes the name of exactly one unit to work with. When no extension is given, it is implied to a `.service` as systemd. |
| **scope** | "system"<br>"user"<br>"global" | "system" | Run systemctl within a given service manager scope, either as the default system scope `system`, the current users scope `user`, or the scope of all users `global`. For systemd to work with user, the executing user must have its own instance of dbus started and accessible (systemd requirement). |
| **state** | "reloaded"<br>"restarted"<br>"started"<br>"stopped" | - | `started`/`stopped` are idempotent actions that will not run commands unless necessary. `restarted` will always bounce the unit. `reloaded` will always reload. |
## Return Values
| Value | Type | When | Description |
| ---------- | ---------- | ------- | --------------------------------------------------------------------- |
| **status** | dictionary | success | A dictionary with the key=value pairs returned from `systemctl show`. |
## Examples
```yaml
- name: Make sure a service unit is running
ansible.builtin.systemd:
state: started
name: httpd
- name: Stop service cron on debian, if running
ansible.builtin.systemd:
name: cron
state: stopped
- name: Restart service cron on centos, in all cases, also issue daemon-reload to pick up config changes
ansible.builtin.systemd:
state: restarted
daemon_reload: true
name: crond
- name: Reload service httpd, in all cases
ansible.builtin.systemd:
name: httpd.service
state: reloaded
- name: Enable service httpd and ensure it is not masked
ansible.builtin.systemd:
name: httpd
enabled: true
masked: no
- name: Enable a timer unit for dnf-automatic
ansible.builtin.systemd:
name: dnf-automatic.timer
state: started
enabled: true
- name: Just force systemd to reread configs (2.4 and above)
ansible.builtin.systemd:
daemon_reload: true
- name: Just force systemd to re-execute itself (2.8 and above)
ansible.builtin.systemd:
daemon_reexec: true
- name: Run a user service when XDG_RUNTIME_DIR is not set on remote login
ansible.builtin.systemd:
name: myservice
state: started
scope: user
environment:
XDG_RUNTIME_DIR: "/run/user/{{ myuid }}"
```

35
technology/tools/Ansible/modules/ansible.builtin.tempfile.md Normal file
View file

@ -0,0 +1,35 @@
# ansible.builtin.tempfile
The `tempfile` module creates temporary files and directories.
## Parameter
| Parameter | Type | Default | Description |
| ---------- | --------------------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------- |
| **path** | path | - | Location where temporary file or directory should be created.  If path is not specified, the default system temporary directory will be used. |
| **prefix** | string | "ansible." | Prefix of file/directory name created by module. |
| **state** | "directory"<br>"file" | "file" | Whether to create file or directory. |
| **suffix** | string | "" | Suffix of file/directory name created by module. |
## Return Values
| Value | Type | When | Description |
| -------- | ------ | ------- | ---------------------------------- |
| **path** | string | success | Path to created file or directory. |
## Examples
```yaml
- name: Create temporary build directory
ansible.builtin.tempfile:
state: directory
suffix: build
- name: Create temporary file
ansible.builtin.tempfile:
state: file
suffix: temp
register: tempfile_1
- name: Use the registered var and the file module to remove the temporary file
ansible.builtin.file:
path: "{{ tempfile_1.path }}"
state: absent
when: tempfile_1.path is defined
```

66
technology/tools/Ansible/modules/ansible.builtin.template.md Normal file
View file

@ -0,0 +1,66 @@
# ansible.builtin.template
Template a file out to a target host using Jinja Template Engine.
## Parameter
| Parameter | Type | Default | Description |
| -------------- | --------------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **dest** | path / required | - | Location to render the template to on the remote machine. |
| **src** | path / required | - | Path of a Jinja2 formatted template on the Ansible controller.  This can be a relative or an absolute path. |
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
| **backup** | boolean | false | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
| **follow** | boolean | false | This flag indicates that filesystem links in the destination, if they exist, should be followed. |
| **force** | boolean | true | Influence whether the remote file must always be replaced. If `true`, the remote file will be replaced when contents are different than the source. If `false`, the file will only be transferred if the destination does not exist. |
| **group** | string | - | Name of the group that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
| **mode** | any | - | The permissions the resulting filesystem object should have. For those used to _/usr/bin/chmod_ remember that modes are actually octal numbers. You must give Ansible enough information to parse them correctly. For consistent results, quote octal numbers (for example, `'644'` or `'1777'`) so Ansible receives a string and can do its own conversion from string into number. Adding a leading zero (for example, `0755`) works sometimes, but can fail in loops and some other circumstances. Giving Ansible a number without following either of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, `u+rwx` or `u=rw,g=r,o=r`). If `mode` is not specified and the destination filesystem object **does not** exist, the default `umask` on the system will be used when setting the mode for the newly created filesystem object. If `mode` is not specified and the destination filesystem object **does** exist, the mode of the existing filesystem object will be used. |
| **owner** | string | - | Name of the user that should own the filesystem object, as would be fed to chown.  When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership.  Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
| **validate** | string | - | The validation command to run before copying the updated file into the final destination.  A temporary file path is used to validate, passed in through %s which must be present as in the examples below.  Also, the command is passed securely so shell features such as expansion and pipes will not work. |
## Examples
```yaml
- name: Template a file to /etc/file.conf
ansible.builtin.template:
src: /mytemplates/foo.j2
dest: /etc/file.conf
owner: bin
group: wheel
mode: '0644'
- name: Template a file, using symbolic modes (equivalent to 0644)
ansible.builtin.template:
src: /mytemplates/foo.j2
dest: /etc/file.conf
owner: bin
group: wheel
mode: u=rw,g=r,o=r
- name: Copy a version of named.conf that is dependent on the OS. setype obtained by doing ls -Z /etc/named.conf on original file
ansible.builtin.template:
src: named.conf_{{ ansible_os_family }}.j2
dest: /etc/named.conf
group: named
setype: named_conf_t
mode: 0640
- name: Create a DOS-style text file from a template
ansible.builtin.template:
src: config.ini.j2
dest: /share/windows/config.ini
newline_sequence: '\r\n'
- name: Copy a new sudoers file into place, after passing validation with visudo
ansible.builtin.template:
src: /mine/sudoers
dest: /etc/sudoers
validate: /usr/sbin/visudo -cf %s
- name: Update sshd configuration safely, avoid locking yourself out
ansible.builtin.template:
src: etc/ssh/sshd_config.j2
dest: /etc/ssh/sshd_config
owner: root
group: root
mode: '0600'
validate: /usr/sbin/sshd -t -f %s
backup: yes
```

171
technology/tools/Ansible/modules/ansible.builtin.uri.md Normal file
View file

@ -0,0 +1,171 @@
# ansible.builtin.uri
Interacts with HTTP and HTTPS web services and supports Digest, Basic and WSSE HTTP authentication mechanisms.
## Parameter
| Parameter | Type | Default | Description |
| ------------------ | -------------------------------------------------------- | ------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
| **body** | any | - | The body of the http request/response to the web service. If `body_format` is set to json it will take an already formatted JSON string or convert a data structure into JSON. |
| **body_format** | "form-urlencoded"<br>"json"<br>"raw"<br>"form-multipart" | "raw" | The serialization format of the body. When set to `json`, `form-multipart`, or `form-urlencoded`, encodes the body argument, if needed, and automatically sets the Content-Type header accordingly. |
| **creates** | path | - | A filename, when it already exists, this step will not be run. |
| **dest** | path | - | A path of where to download the file to (if desired). If dest is a directory, the basename of the file on the remote server will be used. |
| **headers** | dictionary | {} | Add custom HTTP headers to a request in the format of a YAML hash |
| **method** | string | "GET" | The HTTP method of the request or response. |
| **removes** | path | - | A filename, when it does not exist, this step will not be run. |
| **status_code** | list / elements=integer | \[200] | A list of valid, numeric, HTTP status codes that signifies success of the request. |
| **timeout** | integer | 30 | The socket level timeout in seconds |
| **url** | string / required | - | HTTP or HTTPS URL |
| **url_password** | string | - | A password for the module to use for Digest, Basic or WSSE authentication. |
| **url_username** | string | - | A username for the module to use for Digest, Basic or WSSE authentication. |
| **validate_certs** | boolean | true | If `false`, SSL certificates will not be validated. |
## Return Values
| Value | Type | When | Description |
| ------------------ | ---------- | --------------------------------------------------- | ----------------------------------------------------------------- |
| **content** | string | status not in status_code or return_content is true | The response body content. |
| **cookies** | dictionary | success | The cookie values placed in cookie jar. |
| **cookies_string** | string | success | The value for future request Cookie headers. |
| **elapsed** | integer | success | The number of seconds that elapsed while performing the download. |
| **msg** | string | always | The HTTP message from the request. |
| **path** | string | dest is defined | destination file/path |
| **redirected** | boolean | success | Whether the request was redirected. |
| **status** | integer | always | The HTTP status code from the request. |
| **url** | string | always | The actual URL used for the request. |
## Examples
```yaml
- name: Check that you can connect (GET) to a page and it returns a status 200
ansible.builtin.uri:
url: http://www.example.com
- name: Check that a page returns successfully but fail if the word AWESOME is not in the page contents
ansible.builtin.uri:
url: http://www.example.com
return_content: true
register: this
failed_when: this is failed or "'AWESOME' not in this.content"
- name: Create a JIRA issue
ansible.builtin.uri:
url: https://your.jira.example.com/rest/api/2/issue/
user: your_username
password: your_pass
method: POST
body: "{{ lookup('ansible.builtin.file','issue.json') }}"
force_basic_auth: true
status_code: 201
body_format: json
- name: Login to a form based webpage, then use the returned cookie to access the app in later tasks
ansible.builtin.uri:
url: https://your.form.based.auth.example.com/index.php
method: POST
body_format: form-urlencoded
body:
name: your_username
password: your_password
enter: Sign in
status_code: 302
register: login
- name: Login to a form based webpage using a list of tuples
ansible.builtin.uri:
url: https://your.form.based.auth.example.com/index.php
method: POST
body_format: form-urlencoded
body:
- [ name, your_username ]
- [ password, your_password ]
- [ enter, Sign in ]
status_code: 302
register: login
- name: Upload a file via multipart/form-multipart
ansible.builtin.uri:
url: https://httpbin.org/post
method: POST
body_format: form-multipart
body:
file1:
filename: /bin/true
mime_type: application/octet-stream
file2:
content: text based file content
filename: fake.txt
mime_type: text/plain
text_form_field: value
- name: Connect to website using a previously stored cookie
ansible.builtin.uri:
url: https://your.form.based.auth.example.com/dashboard.php
method: GET
return_content: true
headers:
Cookie: "{{ login.cookies_string }}"
- name: Queue build of a project in Jenkins
ansible.builtin.uri:
url: http://{{ jenkins.host }}/job/{{ jenkins.job }}/build?token={{ jenkins.token }}
user: "{{ jenkins.user }}"
password: "{{ jenkins.password }}"
method: GET
force_basic_auth: true
status_code: 201
- name: POST from contents of local file
ansible.builtin.uri:
url: https://httpbin.org/post
method: POST
src: file.json
- name: POST from contents of remote file
ansible.builtin.uri:
url: https://httpbin.org/post
method: POST
src: /path/to/my/file.json
remote_src: true
- name: Create workspaces in Log analytics Azure
ansible.builtin.uri:
url: https://www.mms.microsoft.com/Embedded/Api/ConfigDataSources/LogManagementData/Save
method: POST
body_format: json
status_code: [200, 202]
return_content: true
headers:
Content-Type: application/json
x-ms-client-workspace-path: /subscriptions/{{ sub_id }}/resourcegroups/{{ res_group }}/providers/microsoft.operationalinsights/workspaces/{{ w_spaces }}
x-ms-client-platform: ibiza
x-ms-client-auth-token: "{{ token_az }}"
body:
- name: Pause play until a URL is reachable from this host
ansible.builtin.uri:
url: "http://192.0.2.1/some/test"
follow_redirects: none
method: GET
register: _result
until: _result.status == 200
retries: 720 # 720 * 5 seconds = 1hour (60*60/5)
delay: 5 # Every 5 seconds
- name: Provide SSL/TLS ciphers as a list
uri:
url: https://example.org
ciphers:
- '@SECLEVEL=2'
- ECDH+AESGCM
- ECDH+CHACHA20
- ECDH+AES
- DHE+AES
- '!aNULL'
- '!eNULL'
- '!aDSS'
- '!SHA1'
- '!AESCCM'
- name: Provide SSL/TLS ciphers as an OpenSSL formatted cipher list
uri:
url: https://example.org
ciphers: '@SECLEVEL=2:ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES:DHE+AES:!aNULL:!eNULL:!aDSS:!SHA1:!AESCCM'
```

101
technology/tools/Ansible/modules/ansible.builtin.user.md Normal file
View file

@ -0,0 +1,101 @@
# ansible.builtin.user
Manage user accounts and user attributes.
## Parameter
| Parameter | Type | Default | Description |
| ---------------------- | ----------------------- | -------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **append** | boolean | false | If `true`, add the user to the groups specified in `groups`. <br>If `false`, user will only be added to the groups specified in `groups`, removing them from all other groups. |
| **create_home** | boolean | true | Unless set to `false`, a home directory will be made for the user when the account is created or if the home directory does not exist. |
| **expires** | float | - | An expiry time for the user in epoch, it will be ignored on platforms that do not support this. Currently supported on GNU/[Linux](../../../linux/Linux.md), [FreeBSD](../../../bsd/FreeBSD.md), and DragonFlyBSD. Since Ansible 2.6 you can remove the expiry time by specifying a negative value. Currently supported on GNU/[Linux](../../../linux/Linux.md) and [FreeBSD](../../../bsd/FreeBSD.md) |
| **force** | boolean | false | This only affects `state=absent`, it forces removal of the user and associated directories on supported platforms. The behavior is the same as `userdel --force`, check the man page for `userdel` on your system for details and support. When used with `generate_ssh_key=yes` this forces an existing key to be overwritten. |
| **generate_ssh_key** | boolean | false | Whether to generate a [SSH](../../../applications/SSH.md) key for the user in question. This will **not** overwrite an existing [SSH](../../../applications/SSH.md) key unless used with `force=yes`. |
| **group** | string | - | Optionally sets the users primary group (takes a group name). |
| **groups** | list / elements=string | - | List of groups user will be added to. By default, the user is removed from all other groups. Configure `append` to modify this. When set to an empty string `''`, the user is removed from all groups except the primary group. |
| **home** | path | - | Optionally set the users home directory. |
| **move_home** | boolean | false | If set to `true` when used with `home:` , attempt to move the users old home directory to the specified directory if it isnt there already and the old home exists. |
| **name** | string / required | - | Name of the user to create, remove or modify. |
| **password** | string | - | If provided, set the users password to the provided encrypted hash ([Linux](../../../linux/Linux.md)) or plain text password ([macOS](../../../macos/macOS.md)). You can generate the encrypted hash with the `mkpasswd` command. |
| **remove** | boolean | false | This only affects `state=absent`, it attempts to remove directories associated with the user. The behavior is the same as `userdel --remove`, check the man page for details and support. |
| **shell** | string | - | Optionally set the users [shell](../../../applications/cli/Shell.md). |
| **ssh_key_bits** | integer | - | Optionally specify number of bits in [SSH](../../../applications/SSH.md) key to create.  The default value depends on ssh-keygen. |
| **ssh_key_comment** | string | "ansible-generated on $HOSTNAME" | Optionally define the comment for the [SSH](../../../applications/SSH.md) key. |
| **ssh_key_file** | path | .ssh/id_rsa | Optionally specify the [SSH](../../../applications/SSH.md) key filename.  If this is a relative filename then it will be relative to the users home directory. |
| **ssh_key_passphrase** | string | - | Set a passphrase for the [SSH](../../../applications/SSH.md) key.  If no passphrase is provided, the [SSH](../../../applications/SSH.md) key will default to having no passphrase. |
| **ssh_key_type** | string | "rsa" | Optionally specify the type of [SSH](../../../applications/SSH.md) key to generate. |
| **state** | "present"<br>"absent" | present | Whether the account should exist or not, taking action if the state is different from what is stated. |
| **system** | boolean | false | When creating an account `state=present`, setting this to `true` makes the user a system account. |
| **uid** | integer | - | Optionally sets the UID of the user. |
| **update_password** | "always"<br>"on_create" | "always" | `always` will update passwords if they differ. <br>`on_create` will only set the password for newly created users. |
## Return Values
| Value | Type | When | Description |
| ------------------- | ------- | ----------------------------------------------------------- | -------------------------------------------------------- |
| **append** | boolean | When state is `present` and the user exists | Whether or not to append the user to groups. |
| **comment** | string | When user exists | Comment section from passwd file, usually the user name. |
| **create_home** | boolean | When user does not exist and not check mode | Whether or not to create the home directory. |
| **force** | boolean | When _state_ is `absent` and user exists | Whether or not a user account was forcibly deleted. |
| **group** | integer | When user exists | Primary user group ID |
| **groups** | string | When _groups_ is not empty and _state_ is `present` | List of groups of which the user is a member. |
| **home** | string | When _state_ is `present` | Path to users home directory. |
| **move_home** | boolean | When _state_ is `present` and user exists | Whether or not to move an existing home directory. |
| **name** | string | always | User account name. |
| **remove** | boolean | When _state_ is `absent` and user exists | Whether or not to remove the user account. |
| **shell** | string | When _state_ is `present` | User login [shell](../../../applications/cli/Shell.md). |
| **ssh_fingerprint** | string | When _generate_ssh_key_ is `True` | Fingerprint of generated [SSH](../../../applications/SSH.md) key. |
| **ssh_key_file** | string | When _generate_ssh_key_ is `True` | Path to generated [SSH](../../../applications/SSH.md) private key file. |
| **ssh_public_key** | string | When _generate_ssh_key_ is `True` | Generated [SSH](../../../applications/SSH.md) public key file. |
| **stderr** | string | When stderr is returned by a command that is run | Standard error from running commands. |
| **stdout** | string | When standard output is returned by the command that is run | Standard output from running commands. |
| **uid** | integer | When _uid_ is passed to the module | User ID of the user account. |
## Examples
```yaml
- name: Add the user 'johnd' with a specific uid and a primary group of 'admin'
ansible.builtin.user:
name: johnd
comment: John Doe
uid: 1040
group: admin
- name: Add the user 'james' with a bash shell, appending the group 'admins' and 'developers' to the user's groups
ansible.builtin.user:
name: james
shell: /bin/bash
groups: admins,developers
append: yes
- name: Remove the user 'johnd'
ansible.builtin.user:
name: johnd
state: absent
remove: yes
- name: Create a 2048-bit SSH key for user jsmith in ~jsmith/.ssh/id_rsa
ansible.builtin.user:
name: jsmith
generate_ssh_key: yes
ssh_key_bits: 2048
ssh_key_file: .ssh/id_rsa
- name: Added a consultant whose account you want to expire
ansible.builtin.user:
name: james18
shell: /bin/zsh
groups: developers
expires: 1422403387
- name: Starting at Ansible 2.6, modify user, remove expiry time
ansible.builtin.user:
name: james18
expires: -1
- name: Set maximum expiration date for password
ansible.builtin.user:
name: ram19
password_expire_max: 10
- name: Set minimum expiration date for password
ansible.builtin.user:
name: pushkar15
password_expire_min: 5
```

100
technology/tools/Ansible/modules/ansible.builtin.wait_for.md Normal file
View file

@ -0,0 +1,100 @@
# ansible.builtin.wait_for
Waits for a condition before continuing
## Parameter
| Parameter | Type | Default | Description |
| ------------------- | ------- | ----------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **connect_timeout** | integer | 5 | Maximum number of seconds to wait for a connection to happen before closing and retrying. |
| **delay** | integer | 0 | Number of seconds to wait before starting to poll. |
| **host** | string | "127.0.0.1" | A resolvable hostname or IP address to wait for. |
| **msg** | string | - | This overrides the normal error message from a failure to meet the required conditions. |
| **path** | path | - | Path to a file on the filesystem that must exist before continuing. `path` and `port` are mutually exclusive parameters. |
| **port** | integer | - | Port number to poll. `path` and `port` are mutually exclusive parameters. |
| **search_regex** | string | - | Can be used to match a string in either a file or a socket connection. |
| **sleep** | integer | 1 | Number of seconds to sleep between checks. |
| **timeout** | integer | 300 | Maximum number of seconds to wait for, when used with another condition it will force an error. |
| **state** | string | "started" | Either `present`, `started`, or `stopped`, `absent`, or `drained`. <br>When checking a port `started` will ensure the port is open, `stopped` will check that it is closed, `drained` will check for active connections. <br>When checking for a file or a search string `present` or `started` will ensure that the file or string is present before continuing, `absent` will check that file is absent or removed. <br>**Choices:** (`"absent"`, `"drained"`, `"present"`, `"started"`, `"stopped"`) |
## Return Values
| Value | Type | When | Description |
| ----------- | ------- | ------ | ------------------------------------------------ |
| **elapsed** | integer | always | The number of seconds that elapsed while waiting |
## Examples
```yaml
- name: Sleep for 300 seconds and continue with play
ansible.builtin.wait_for:
timeout: 300
delegate_to: localhost
- name: Wait for port 8000 to become open on the host, don't start checking for 10 seconds
ansible.builtin.wait_for:
port: 8000
delay: 10
- name: Waits for port 8000 of any IP to close active connections, don't start checking for 10 seconds
ansible.builtin.wait_for:
host: 0.0.0.0
port: 8000
delay: 10
state: drained
- name: Wait for port 8000 of any IP to close active connections, ignoring connections for specified hosts
ansible.builtin.wait_for:
host: 0.0.0.0
port: 8000
state: drained
exclude_hosts: 10.2.1.2,10.2.1.3
- name: Wait until the file /tmp/foo is present before continuing
ansible.builtin.wait_for:
path: /tmp/foo
- name: Wait until the string "completed" is in the file /tmp/foo before continuing
ansible.builtin.wait_for:
path: /tmp/foo
search_regex: completed
- name: Wait until regex pattern matches in the file /tmp/foo and print the matched group
ansible.builtin.wait_for:
path: /tmp/foo
search_regex: completed (?P<task>\w+)
register: waitfor
- ansible.builtin.debug:
msg: Completed {{ waitfor['match_groupdict']['task'] }}
- name: Wait until the lock file is removed
ansible.builtin.wait_for:
path: /var/lock/file.lock
state: absent
- name: Wait until the process is finished and pid was destroyed
ansible.builtin.wait_for:
path: /proc/3466/status
state: absent
- name: Output customized message when failed
ansible.builtin.wait_for:
path: /tmp/foo
state: present
msg: Timeout to find file /tmp/foo
# Do not assume the inventory_hostname is resolvable and delay 10 seconds at start
- name: Wait 300 seconds for port 22 to become open and contain "OpenSSH"
ansible.builtin.wait_for:
port: 22
host: '{{ (ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}'
search_regex: OpenSSH
delay: 10
connection: local
# Same as above but you normally have ansible_connection set in inventory, which overrides 'connection'
- name: Wait 300 seconds for port 22 to become open and contain "OpenSSH"
ansible.builtin.wait_for:
port: 22
host: '{{ (ansible_ssh_host|default(ansible_host))|default(inventory_hostname) }}'
search_regex: OpenSSH
delay: 10
vars:
ansible_connection: local
```