change permissions for all script on remote servers using ansible - linux

I am trying to update permissions on all the shell script in a particular directory on remote servers using ansible but it gives me error:
- name: update permissions
file: dest=/home/goldy/scripts/*.sh mode=a+x
This is the error I am getting:
fatal: [machineA]: FAILED! => {"changed": false, "msg": "file (/home/goldy/scripts/*.sh) is absent, cannot continue", "path": "/home/goldy/scripts/*.sh", "state": "absent"}
to retry, use: --limit #/var/lib/jenkins/workspace/copy/copy.retry
What wrong I am doing here?

you should run a task with find module to collect all .sh files on that directory, and register the results in a variable.
then run a 2nd task with the file module that will update the permissions when file's extension ends in .sh.
check sample playbook:
- hosts: localhost
gather_facts: false
vars:
tasks:
- name: parse /tmp directory
find:
paths: /tmp
patterns: '*.sh'
register: list_of_files
- debug:
var: item.path
with_items: "{{ list_of_files.files }}"
- name: change permissions
file:
path: "{{ item.path }}"
mode: a+x
with_items: "{{ list_of_files.files }}"

Related

File copy in ansible failed! =>{"msg": "'dict object' has no attribute 'files'"}

I am trying to find files with .ign extension from a directory and copy it to another directory. Tried using the 'find' and 'copy' module as follows:
- name: Find files
find:
paths: "{{ item }}"
recurse: yes
register: find_result
with_items:
- "{{ workdir }}/*.ign"
- name: Copy files
copy:
src: "{{ item.path }}"
dest: "/var/www/html/ignition/"
mode: o+r
remote_src: yes
with_items: "{{ find_result.files }}"
workdir is set as /root/openstack-upi. And I am running this as a non-root(cloud-user) user with the command--
ansible-playbook -i inventory -e #install_vars.yaml playbooks/install.yaml --become
However, after running this I get an error as below:
TASK [ocp-config : Find files] ***************************************************
ok: [ash-test-faf0-bastion-0] => (item=/root/openstack-upi/*.ign)
TASK [ocp-config : Copy files] ***********************************************
fatal: [ash-test-faf0-bastion-0]: FAILED! => {"msg": "'dict object' has no attribute 'files'"}
PLAY RECAP **********************************************************************************
ash-test-faf0-bastion-0 : ok=3 changed=0 unreachable=0 failed=1 skipped=1 rescued=0 ignored=0
Running a debug on variable find_result gives the following-
"msg": "/root/openstack-upi/*.ign was skipped as it does not seem to be a valid directory or it cannot be accessed\n"
Am I missing anything here? Can anybody tell me the exact command for the ansible-playbook for the above scenario?
The following solution will does not use the with_items option. It will recursively find all the files which ends with the extension/suffix .ign.
- name: Find files
find:
paths: "/path/to/directory"
patterns: "*.ign"
recurse: yes
register: result
- name: Print find result
debug:
msg: "{{ item.path }}"
with_items:
- "{{ result.files }}"
An explanation regarding your given find file loop
with_items:
- "{{ workdir }}/*.ign"
register: find_result
and the given error message
msg": "/root/openstack-upi/*.ign was skipped as it does not seem to be a valid directory or it cannot be accessed
It will be necessary to lookup the files matching a pattern before. This can be done with the with_fileglob lookup plugin.
with_fileglob:
- "{{ workdir }}/*.ign"
register: find_result
or better and as explained in the accepted answer here in this thread.
The error message just sayed the path and filename were skipped as .../*.ign wasn't a valid path and filename. It means it hasn't looked up any files and hasn't resolved the fileglob.

How can I reinstall java with ansible using the DNF command

I've been trying to remove some java files and reinstall them to prevent a bug on rocky linux but I have troubles doing so while using the DNF module.
My problem might be from me using the shell command "rpm -qa | grep java" to gather the files that I need to reinstall but I just can't tell.
Here's my code:
---
- name: Rocky | Java reinstall to prevent bugs
hosts: "fakeHost"
gather_facts: false
become: true
tasks:
#Ping the server
- name: Test reachability
ping:
#Check if the path exist
- name: Check java file path
stat:
path: /usr/lib/jvm/java
register: dir_name
#Report if the dir exists
- name: Report if the dir exists
debug:
msg: "The directory exists"
when:
- dir_name.stat.exists
#Load up all the java file that the machine has
- name: grep all java file
shell: "rpm -qa | grep java"
args:
warn: false #prevent false change
register: java_files
when:
- dir_name.stat.exists
#Display all the java files of the machine
- name: Show all java java_files
debug:
msg: "{{ item }}"
loop:
- "{{ java_files.stdout_lines }}"
when:
- dir_name.stat.exists
#Uninstall each java file with the DNF command
- name: Uninstall all the java files
dnf:
name: "{{ item }}"
state: absent
autoremove: no
loop:
- "{{ java_files.stdout_lines }}"
when:
- dir_name.stat.exists
#Install each java file with the DNF command
- name: Install all the java files
dnf:
name: "{{ item }}"
state: present
loop:
- "{{ java_files.stdout_lines }}"
when:
- dir_name.stat.exists

Ansible-AWX get file from remote Windows to local linux

Hello to all stack overflow community.
I'm seeking you help because I've been trying to accomplish the task of getting a file from remote Windows to local linux using Ansible-AWX and I can't get it to work. Bellow I shared the playbook and most of tests I've done but none of them worked.
I'm getting latest file in a windows directory and trying to transfer that file to local AWX either inside the docker or in the linux server where AWX is running.
Test_1: Said file was copied but when I go inside the docker nothing there. I can't find an answer and couldn't find any on Google.
Test_2: Didn't work. It says can't authenticate to linux server
Test_3: Task became idle and I have to restart the docker to be able to stop it. It gets crazy. No idea why.
Test_4: It says connection unexpectedly closed.
I didn't want to provide output to reduce noise and because I can't share the information. I removed names and ips from playbook as well.
I'm connecting to Windows server using AD.
Please, I don't know what else to do. Thanks for your help in advance.
---
- name: Get file from Windows to Linux
hosts: all # remote windows server ip
gather_facts: true
become: true
vars:
local_dest_path_test1: \var\lib\awx\public\ # Inside AWX docker
local_dest_path_test2: \\<linux_ip>\home\user_name\temp\ # Outside AWX docker in the linux server
local_dest_path_test3: /var/lib/awx/public/ # Inside AWX docker
# Source file in remote windows server
src_file: C:\temp\
tasks:
# Getting file information to be copied
- name: Get files in a folder
win_find:
paths: "{{ src_file }}"
register: found_files
- name: Get latest file
set_fact:
latest_file: "{{ found_files.files | sort(attribute='creationtime',reverse=true) | first }}"
# Test 1
- name: copy files from Windows to Linux
win_copy:
src: "{{ latest_file.path }}"
dest: "{{ local_dest_path_test1 }}"
remote_src: yes
# Test 2
- name: copy files from Windows to Linux
win_copy:
src: "{{ latest_file.path }}"
dest: "{{ local_dest_path_test2 }}"
remote_src: yes
become: yes
become_method: su
become_flags: logon_type=new_credentials logon_flags=netcredentials_only
vars:
ansible_become_user: <linux_user_name>
ansible_become_pass: <linux_user_password>
ansible_remote_tmp: <linux_remote_path>
# Test 3
- name: Fetch latest file to linux
fetch:
src: "{{ latest_file.path }}"
dest: "{{ local_dest_path_test3 }}"
flat: yes
fail_on_missing: yes
delegate_to: 127.0.0.1
# Test 4
- name: Transfer file from Windows to Linux
synchronize:
src: "{{ latest_file.path }}"
dest: "{{ local_dest_path_test3 }}"
mode: pull
delegate_to: 127.0.0.1

How to run a playbook task based on OS type in ansible?

I have written a playbook task in ansible. I am able to run the playbook on linux end.
- name: Set paths for go
blockinfile:
path: $HOME/.profile
backup: yes
state: present
block: |
export PATH=$PATH:/usr/local/go/bin
export GOPATH=$HOME/go
export FABRIC_CFG_PATH=$HOME/.fabdep/config
- name: Load Env variables
shell: source $HOME/.profile
args:
executable: /bin/bash
register: source_result
become: yes
As in linux we have .profile in home directory but in Mac there is no .profile and .bash_profile in macOS.
So I want to check if os is Mac then path should be $HOME/.bash_profile and if os is linux based then it should look for $HOME/.profile.
I have tried adding
when: ansible_distribution == 'Ubuntu' and ansible_distribution_release == 'precise'
But it does not work firstly and also it is length process. I want to get path based on os in a variable and use it.
Thanks
I found a solution this way. I added gather_facts:true at top of yaml file and it started working. I started using variable as ansible_distribution.
Thanks
An option would be to include_vars from files. See example below
- name: "OS specific vars (will overwrite /vars/main.yml)"
include_vars: "{{ item }}"
with_first_found:
- files:
- "{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml"
- "{{ ansible_distribution }}.yml"
- "{{ ansible_os_family }}.yml"
- "default.yml"
paths: "{{ playbook_dir }}/vars"
skip: true
- name: Set paths for go
blockinfile:
path: "$HOME/{{ my_profile_file }}"
[...]
In the playbooks' directory create directory vars and create files
# cat var/Ubuntu.yml
my_profile_file: ".profile"
# cat var/macOS.yml
my_profile_file: ".bash_profile"
If you have managed hosts with different OS, group them by OS in your inventory:
[Ubuntu]
ubu1
ubu2
[RHEL6]
RH6_1
[RHEL7]
RH7_1
RH7_2

Ansible password setup in user module. It didn't set properly

I'm new in ansible, I'm setting up my new instance in digitalocean for configuring new user. Basically, I have the playbook for setting up it and everythings okay when I run the playbook but when I tried to check if my password is working it didn't work.
I did the
sudo apt-get update
to if the password is working. It didn't.
---
- name: Configure Server
hosts: sample_server
gather_facts: no
remote_user: root
vars:
username: sample_user
password: sample_password
tasks:
- name: Update apt cache
apt: update_cache=yes
- name: Safe aptitude upgrade
apt: upgrade=safe
async: 600
poll: 5
- name: Add my user
user:
name: "{{ username }}"
password: "{{ password }}"
update_password: always
shell: /bin/bash
groups: sudo
append: yes
generate_ssh_key: yes
ssh_key_bits: 2048
state: present
- name: Add my workstation user's public key to the new user
authorized_key:
user: "{{ username }}"
key: "{{ lookup('file', 'certificates/id_rsa.pub') }}"
state: present
- name: Change SSH port
lineinfile:
dest: /etc/ssh/sshd_config
regexp: "^Port"
line: "Port 30000"
state: present
# notify:
# - Restart SSH
- name: Remove root SSH access
lineinfile:
dest: /etc/ssh/sshd_config
regexp: "^PermitRootLogin"
line: "PermitRootLogin no"
state: present
# notify:
# - Restart SSH
- name: Remove password SSH access
lineinfile:
dest: /etc/ssh/sshd_config
regexp: "^PasswordAuthentication"
line: "PasswordAuthentication no"
state: present
# notify:
# - Restart SSH
- name: Reboot the server
service: name=ssh state=restarted
handlers:
- name: Restart SSH
service: name=ssh state=restarted
Any idea for this. Thanks
Ansible user module takes passwords as crypted values and jinja2 filters have the capability to handle the generation of encrypted passwords. You can modify your user creation task like this:
password: "{{ password | password_hash('sha512') }}"
Hope that will help you

Resources