In this chapter you will learn how to manage files with Ansible.
modify the content of file; upload files to the targeted servers; retrieve files from the targeted servers.
ini_file module lineinfile module copy module fetch module template module get_url module
Depending on your needs, you will have to use different Ansible modules to modify the system configuration files.
ini_file
When you want to modify an INI file eg:
[section] key=value
the easiest way is to use the ini_file module.
The module requires:
Example of use:
- name: change value on inifile community.general.ini_file: dest: /path/to/file.ini section: SECTIONNAME option: OPTIONNAME value: NEWVALUE
More information can be found at https://docs.ansible.com/ansible/latest/collections/community/general/ini_file_module.html.
lineinfile
To ensure that a line is present in a file, or when a single line in a file needs to be added or modified, use the linefile module.
linefile
In this case, the line to be modified in a file will be found using a regexp.
For example, to ensure that the line starting with SELINUX= in the /etc/selinux/config file contains the value enforcing:
SELINUX=
/etc/selinux/config
enforcing
- ansible.builtin.lineinfile: path: /etc/selinux/config regexp: '^SELINUX=' line: 'SELINUX=enforcing'
More information can be found at https://docs.ansible.com/ansible/latest/collections/ansible/builtin/lineinfile_module.html.
copy
When a file has to be copied from the Ansible server to one or more hosts, it is better to use the copy module.
Here we are copying myflile.conf from one location to another:
myflile.conf
- ansible.builtin.copy: src: /data/ansible/sources/myfile.conf dest: /etc/myfile.conf owner: root group: root mode: 0644
More information can be found at https://docs.ansible.com/ansible/latest/collections/ansible/builtin/copy_module.html.
fetch
When a file has to be copied from a remote server to the local server, it is best to use the fetch module.
This module does the opposite of the copy module:
- ansible.builtin.fetch: src: /etc/myfile.conf dest: /data/ansible/backup/myfile-{{ inventory_hostname }}.conf flat: yes
More information can be found at https://docs.ansible.com/ansible/latest/collections/ansible/builtin/fetch_module.html.
template
Ansible and its template module use the Jinja2 template system (http://jinja.pocoo.org/docs/) to generate files on target hosts.
For example:
- ansible.builtin.template: src: /data/ansible/templates/monfichier.j2 dest: /etc/myfile.conf owner: root group: root mode: 0644
It is possible to add a validation step if the targeted service allows it (for example apache with the command apachectl -t):
apachectl -t
- template: src: /data/ansible/templates/vhost.j2 dest: /etc/httpd/sites-available/vhost.conf owner: root group: root mode: 0644 validate: '/usr/sbin/apachectl -t'
More information can be found at https://docs.ansible.com/ansible/latest/collections/ansible/builtin/template_module.html.
get_url
To upload files from a web site or ftp to one or more hosts, use the get_url module:
- get_url: url: http://site.com/archive.zip dest: /tmp/archive.zip mode: 0640 checksum: sha256:f772bd36185515581aa9a2e4b38fb97940ff28764900ba708e68286121770e9a
By providing a checksum of the file, the file will not be re-downloaded if it is already present at the destination location and its checksum matches the value provided.
Next Chapter >>