<p dir="ltr">We just replace the entire file in our roles instead of editing in place. The reasoning is that if a user removes any text in the file before or after the desired lineinfile or replaced lines you still end up with a broken config but the task still succeeds.</p>
<p dir="ltr">This allows Ansible to provide a strong self healing capability.</p>
<div class="gmail_quote">On Nov 18, 2015 10:25 PM, <<a href="mailto:jep200404@columbus.rr.com">jep200404@columbus.rr.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">How would you automate the editing of a configuration file as<br>
described below?<br>
<br>
I am automating the configuration of a system with Ansible.<br>
For /etc/httpd/conf/httpd.conf, I need to make sure that the<br>
<Directory /> section has a "Require all granted" line instead<br>
of a "Require all denied" line. "Require all" lines in other<br>
sections need to be left alone.<br>
<br>
original /etc/httpd/conf/httpd.conf<br>
<br>
...<br>
<Directory /><br>
AllowOverride none<br>
Require all denied<br>
</Directory><br>
...<br>
<Files ".ht*"><br>
Require all denied<br>
</Files><br>
...<br>
<br>
desired /etc/httpd/conf/httpd.conf<br>
<br>
...<br>
<Directory /><br>
AllowOverride none<br>
Require all granted<br>
</Directory><br>
...<br>
<Files ".ht*"><br>
Require all denied<br>
</Files><br>
...<br>
<br>
I can write an awk script or probably even a sed script to do it,<br>
but it is desirable to edit with a Ansible module instead of an<br>
external shell command, because of the way Ansible modules<br>
understand when something has really changed or not.<br>
<br>
I don't see how to use the lineinfile module in this situation,<br>
because it will only change the last line to match a regex.<br>
Matching "Require all" would change the line in the <Files ".ht*">,<br>
section instead of in the <Directory /> section.<br>
<br>
It would be easy to just replace the whole file with a new one from<br>
Ansible, but that is also not preferred because when some new<br>
version of httpd.conf arrives, the wholesale replacement would<br>
clobber other changes in the configuration file.<br>
_______________________________________________<br>
colug-432 mailing list<br>
<a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
<a href="http://lists.colug.net/mailman/listinfo/colug-432" rel="noreferrer" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
</blockquote></div>