[colug-432] Automatically Edit Configuration File
Jim Wildman
jim at rossberry.com
Thu Nov 19 13:41:38 EST 2015
This is a classic case (IMO) of "if you have a hammer". This type of
issue is exactly why the <daemon>.d directory structure and nested config
files were created. To keep you from having to do this. Your regex'es
will break because they can not anticipate what the next admin (or you
when you are sleep deprived) will do. It is just a matter of time and
enough different admins on the box.
There is a better way. (hide in the floor til the inspection is over)
On Thu, 19 Nov 2015, Jon Miller wrote:
> Looks like that module is much like the 'lineinfile' module in that it is
> operating on a single line. My thought would be to write a custom module to
> be used by Ansible. I've written a few myself and its not hard to do
> especially if you're writing it in Python.
>
> Reason I think the custom module is the correct route to go is because you
> need to have a partial state machine in your parser to ensure you're editing
> 'Require' lines that only exist within the '<Directory />' sections. You can
> have a simple 'in_directory' boolean and then only edit 'Require' lines when
> that is true.
>
> Ansible Module Development: http://docs.ansible.com/ansible/developing_modules.html
>
>
----------------------------------------------------------------------
Jim Wildman, CISSP, RHCE jim at rossberry.com http://www.rossberry.net
"Society in every state is a blessing, but Government, even in its best
state, is a necessary evil; in its worst state, an intolerable one."
Thomas Paine
More information about the colug-432
mailing list