有时需要批量修改文件,比如 /etc/rc.local 等, 可以使用blockinfile 或者 lineinfile
blockinfile
blockinfile 会在文件中插入一段内容,插入时会根据marker 写入/更新到指定的块中,可以指定需要插入的位置
关键参数:
- path/dest/destfile/name :指定需要修改的文件
- block/content: 需要添加/修改的内容
- marker:标记内容,默认
# BEGIN ANSIBLE MANAGED BLOCK,例如:#{mark} test for fun, mark 会被替换为 BEGIN/END - insertafter:插入指定内容之后, 默认插入到结尾
- insertbefore: 插入指定内容之前
注意:
- 如果marker 相同会更新内容,如果多次写入,注意区分marker
- 如果指定了marker,insertbefore/after 会不生效,仍修改该标记中的内容
ansible-doc blockinfile:
> BLOCKINFILE (/usr/lib/python2.7/site-packages/ansible/modules/files/blockinfile.py)
This module will insert/update/remove a block of multi-line text surrounded by customizable marker lines.
OPTIONS (= is mandatory):
- attributes
Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the target
system. This string should contain the attributes in the same order as the one displayed by `lsattr'.
(Aliases: attr)[Default: None]
version_added: 2.3
- backup
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it
incorrectly.
[Default: no]
type: bool
- block
The text to insert inside the marker lines. If it's missing or an empty string, the block will be removed as if `state'
were specified to `absent'.
(Aliases: content)[Default: ]
- create
Create a new file if it doesn't exist.
[Default: no]
type: bool
- group
Name of the group that should own the file/directory, as would be fed to `chown'.
[Default: None]
- insertafter
If specified, the block will be inserted after the last match of specified regular expression. A special value is
available; `EOF' for inserting the block at the end of the file. If specified regular expression has no matches, `EOF'
will be used instead.
(Choices: EOF, *regex*)[Default: EOF]
- insertbefore
If specified, the block will be inserted before the last match of specified regular expression. A special value is
available; `BOF' for inserting the block at the beginning of the file. If specified regular expression has no matches,
the block will be inserted at the end of the file.
(Choices: BOF, *regex*)[Default: (null)]
- marker
The marker line template. "{mark}" will be replaced with the values in marker_begin (default="BEGIN") and marker_end
(default="END").
[Default: # {mark} ANSIBLE MANAGED BLOCK]
- marker_begin
This will be inserted at {mark} in the opening ansible block marker.
[Default: BEGIN]
version_added: 2.5
- marker_end
This will be inserted at {mark} in the closing ansible block marker.
[Default: END]
version_added: 2.5
- mode
Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually octal numbers
(like `0644' or `01777'). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode
may be specified as a symbolic mode (for example, `u+rwx' or `u=rw,g=r,o=r').
[Default: None]
- owner
Name of the user that should own the file/directory, as would be fed to `chown'.
[Default: None]
= path
The file to modify.
Before 2.3 this option was only usable as `dest', `destfile' and `name'.
(Aliases: dest, destfile, name)
- selevel
Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'. `_default' feature
works as for `seuser'.
[Default: s0]
- serole
Role part of SELinux file context, `_default' feature works as for `seuser'.
[Default: None]
- setype
Type part of SELinux file context, `_default' feature works as for `seuser'.
[Default: None]
- seuser
User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it will use the
`user' portion of the policy if available.
[Default: None]
- state
Whether the block should be there or not.
(Choices: absent, present)[Default: present]
- unsafe_writes
Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files,
sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they
cannot be updated atomically and can only be done in an unsafe manner.
This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not
have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
[Default: False]
type: bool
version_added: 2.2
- validate
The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must
be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
[Default: None]
NOTES:
* This module supports check mode.
* When using 'with_*' loops be aware that if you do not set a unique mark the block will be overwritten on each
iteration.
* As of Ansible 2.3, the `dest' option has been changed to `path' as default, but `dest' still works as well.
* Option `follow' has been removed in version 2.5, because this module modifies the contents of the file so
`follow=no' doesn't make sense.
AUTHOR: YAEGASHI Takeshi (@yaegashi)
METADATA:
status:
- preview
supported_by: core
例子
EXAMPLES:
# Before 2.3, option 'dest' or 'name' was used instead of 'path'
- name: insert/update "Match User" configuration block in /etc/ssh/sshd_config
blockinfile:
path: /etc/ssh/sshd_config
block: |
Match User ansible-agent
PasswordAuthentication no
- name: insert/update eth0 configuration stanza in /etc/network/interfaces
(it might be better to copy files into /etc/network/interfaces.d/)
blockinfile:
path: /etc/network/interfaces
block: |
iface eth0 inet static
address 192.0.2.23
netmask 255.255.255.0
- name: insert/update configuration using a local file and validate it
blockinfile:
block: "{{ lookup('file', './local/ssh_config') }}"
dest: "/etc/ssh/ssh_config"
backup: yes
validate: "/usr/sbin/sshd -T -f %s"
- name: insert/update HTML surrounded by custom markers after line
blockinfile:
path: /var/www/html/index.html
marker: ""
insertafter: ""
content: |
Welcome to {{ ansible_hostname }}
Last updated on {{ ansible_date_time.iso8601 }}
- name: remove HTML as well as surrounding markers
blockinfile:
path: /var/www/html/index.html
marker: ""
content: ""
- name: Add mappings to /etc/hosts
blockinfile:
path: /etc/hosts
block: |
{{ item.ip }} {{ item.name }}
marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.name }}"
with_items:
- { name: host1, ip: 10.10.1.10 }
- { name: host2, ip: 10.10.1.11 }
- { name: host3, ip: 10.10.1.12 }