107 lines
No EOL
11 KiB
Markdown
107 lines
No EOL
11 KiB
Markdown
# ansible.builtin.lineinfile
|
||
This module ensures a particular line is in a file, or replace an existing line using a back-referenced [regular expression](../../Regex.md).
|
||
|
||
## Parameter
|
||
| Parameter | Type | Default | Description |
|
||
| ----------------- | ------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
|
||
| **attributes** | string | - | The attributes the resulting filesystem object should have. To get supported flags look at the man page for [chattr](../../../applications/cli/system/chattr.md) on the target system. The = operator is assumed as default, otherwise + or - operators need to be included in the string. |
|
||
| **backup** | boolean | false | Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
|
||
| **create** | boolean | false | Create a new file if it does not exist. |
|
||
| **firstmatch** | boolean | false | Used with `insertafter` or `insertbefore`. If set, `insertafter` and `insertbefore` will work with the first line that matches the given [regular expression](../../Regex.md). |
|
||
| **group** | string | false | Name of the group that should own the filesystem object, as would be fed to _chown_. |
|
||
| **insertafter** | string | - | Used with `state=present`.<br><br>If specified, the line will be inserted after the last match of specified [regular expression](../../Regex.md).<br><br>If the first match is required, use(`firstmatch=yes`).<br><br>A special value is available; `EOF` for inserting the line at the end of the file.<br><br>If specified [regular expression](../../Regex.md) has no matches, `EOF` will be used instead.<br><br>If `insertbefore` is set, default value `EOF` will be ignored. |
|
||
| **insertbefore** | string | - | Used with `state=present`.<br><br>If specified, the line will be inserted before the last match of specified [regular expression](../../Regex.md).<br><br>If the first match is required, use `firstmatch=yes`.<br><br>A value is available; `BOF` for inserting the line at the beginning of the file.<br><br>If specified [regular expression](../../Regex.md) has no matches, the line will be inserted at the end of the file. |
|
||
| **line** | string | - | The line to insert/replace into the file. |
|
||
| **mode** | string | - | The permissions the resulting filesystem object should have. |
|
||
| **owner** | string | - | Name of the user that should own the filesystem object, as would be fed to _chown_. |
|
||
| **path** | path | - | The file to modify. |
|
||
| **regexp** | string | - | The [regular expression](../../Regex.md) to look for in every line of the file. |
|
||
| **search_string** | string | - | The literal string to look for in every line of the file. This does not have to match the entire line. |
|
||
| **state** | string | "present" | Whether the line should be there or not.<br><br>Choices:<br><br>- `absent`<br>- `present` |
|
||
| **validate** | string | - | The validation command to run before copying the updated file into the final destination. |
|
||
|
||
## Examples
|
||
```yaml
|
||
# NOTE: Before 2.3, option 'dest', 'destfile' or 'name' was used instead of 'path'
|
||
- name: Ensure SELinux is set to enforcing mode
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/selinux/config
|
||
regexp: '^SELINUX='
|
||
line: SELINUX=enforcing
|
||
|
||
- name: Make sure group wheel is not in the sudoers configuration
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/sudoers
|
||
state: absent
|
||
regexp: '^%wheel'
|
||
|
||
- name: Replace a localhost entry with our own
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/hosts
|
||
regexp: '^127\.0\.0\.1'
|
||
line: 127.0.0.1 localhost
|
||
owner: root
|
||
group: root
|
||
mode: '0644'
|
||
|
||
- name: Replace a localhost entry searching for a literal string to avoid escaping
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/hosts
|
||
search_string: '127.0.0.1'
|
||
line: 127.0.0.1 localhost
|
||
owner: root
|
||
group: root
|
||
mode: '0644'
|
||
|
||
- name: Ensure the default Apache port is 8080
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/httpd/conf/httpd.conf
|
||
regexp: '^Listen '
|
||
insertafter: '^#Listen '
|
||
line: Listen 8080
|
||
|
||
- name: Ensure php extension matches new pattern
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/httpd/conf/httpd.conf
|
||
search_string: '<FilesMatch ".php[45]?$">'
|
||
insertafter: '^\t<Location \/>\n'
|
||
line: ' <FilesMatch ".php[34]?$">'
|
||
|
||
- name: Ensure we have our own comment added to /etc/services
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/services
|
||
regexp: '^# port for http'
|
||
insertbefore: '^www.*80/tcp'
|
||
line: '# port for http by default'
|
||
|
||
- name: Add a line to a file if the file does not exist, without passing regexp
|
||
ansible.builtin.lineinfile:
|
||
path: /tmp/testfile
|
||
line: 192.168.1.99 foo.lab.net foo
|
||
create: yes
|
||
|
||
# NOTE: Yaml requires escaping backslashes in double quotes but not in single quotes
|
||
- name: Ensure the JBoss memory settings are exactly as needed
|
||
ansible.builtin.lineinfile:
|
||
path: /opt/jboss-as/bin/standalone.conf
|
||
regexp: '^(.*)Xms(\d+)m(.*)$'
|
||
line: '\1Xms${xms}m\3'
|
||
backrefs: yes
|
||
|
||
# NOTE: Fully quoted because of the ': ' on the line. See the Gotchas in the YAML docs.
|
||
- name: Validate the sudoers file before saving
|
||
ansible.builtin.lineinfile:
|
||
path: /etc/sudoers
|
||
state: present
|
||
regexp: '^%ADMIN ALL='
|
||
line: '%ADMIN ALL=(ALL) NOPASSWD: ALL'
|
||
validate: /usr/sbin/visudo -cf %s
|
||
|
||
# See https://docs.python.org/3/library/re.html for further details on syntax
|
||
- name: Use backrefs with alternative group syntax to avoid conflicts with variable values
|
||
ansible.builtin.lineinfile:
|
||
path: /tmp/config
|
||
regexp: ^(host=).*
|
||
line: \g<1>{{ hostname }}
|
||
backrefs: yes
|
||
``` |