Ansible: insert a single word on an existing line in a file

Question:

I have to use Ansible modules in order to edit the /etc/ssh/sshd_config file – every time I create a new user I want to append it at these two lines:

AllowUsers root osadmin <new_user>
AllowGroups root staff <new_group>

AllowUsers root osadmin

AllowGroups root staff

At this moment I’m using the shell module to execute a sed command but would like to use lineinfile, if possible

- shell: "sed -i '/^Allow/ s/$/ {{ user_name }}/' /etc/ssh/sshd_config"

1 2	- shell: "sed -i '/^Allow/ s/$/ {{ user_name }}/' /etc/ssh/sshd_config"

Any suggestions would be sincerely appreciated.

Answer:

You could do it in a single play with a newline, but I think it’s cleaner to use two lineinfile plays for this.

- hosts: '127.0.0.1'
  vars:
    usernames:
       - larry
       - curly
       - moe
    usergroups:
       - stooges
       - admins
  tasks:
    - lineinfile:
        dest: /etc/ssh/sshd_config
        regexp: '^AllowUsers'
        line: "AllowUsers {{usernames | join(' ')}}"
    - lineinfile:
        dest: /etc/ssh/sshd_config
        regexp: '^AllowGroups'
        line: "AllowGroups {{usergroups | join(' ')}}"

- hosts: '127.0.0.1'

vars:

usernames:

- larry

- curly

- moe

usergroups:

- stooges

- admins

tasks:

- lineinfile:

dest: /etc/ssh/sshd_config

regexp: '^AllowUsers'

line: "AllowUsers {{usernames | join(' ')}}"

- lineinfile:

dest: /etc/ssh/sshd_config

regexp: '^AllowGroups'

line: "AllowGroups {{usergroups | join(' ')}}"

Note that groups is a reserved word so don’t use that as a variable name.

Tags: Ansible, FAQ, Robot

Question:

Answer:

Leave a Reply Cancel reply