preya, Trying to automatically/programmatically replicate #DockerCompose stacks on the same host. E.g. I have an application that requires multiple containers, and I want to replicate the WHOLE application with its own volumes, networks, subdomain, etc. Any pointers on how to do that? #Ansible? Please don't say #Kubernetes.
flohoff, Does anyone have a simple idea of using a gopass output as an #ansible vault instead of just as the password TO a vault.
So i'd like to put all variable settings e.g. a yaml into my gopass and include it instead of putting vaults into git repos.
I fail to find a (compatible) way of including variables from script output, or using an external vault application in ansible.
I already use a gopass script to fetch the vaults password, but i feel its a bit clumpsy to maintain a vault in the ansible git, and maintain the vault password in the gopass git.
@jpmens ?
flohoff, @jpmens gopass is basically a git/gpg command line based vault. Possible team password management. You can store arbitrary files in there although thought as a keepass similar password manager.
Got it to work with 10 lines of python in a vars plugin.
New customer using user logins + sudo and i am not going to type my sudo password over and over again using their ansible stuff.
My sudo password is in my gopass, and ansible may access it.
Thanks so far.
jpmens, @flohoff I'd be interested in seeing your plugin if you'll share it with me (email fine)
schenklklopfer, German Wenn ich mit #Ansible einen Ordner mit Dateien auf einen Server kopiere, warum dauert das so lange?
152 kleine Dateien und der kopiert da fast 3 Minuten...
ascherbaum, German @schenklklopfer wie genau kopierst du die Dateien?
LinuxGeek46, Ansible #2 How to create an Ansible Playbook https://www.both.org/?p=5087 #Ansible, #Playbook
jriou, Segfault when running the #Ansible apt module to remove wifi and Bluetooth related packages on my raspberry pi. But no problem using the equivalent apt commands. That's weird.
Anyway, this raspberry pi ("pilote") needs to be upgraded (Debian 10 to 12). A perfect time to install it from scratch and use Ansible.
As promised in my talk at #SCaLE, I've done a big refacto of this repository to publish it on github. Soon™ 🤞🏻
ara, A love letter to the #ansible community package: simplicity is a feature
https://ara.recordsansible.org/blog/2024/04/26/simplicity-is-a-feature/
geerlingguy, Ubuntu 24.04 Noble Numbat's here—and so is my ansible testing container for it! https://hub.docker.com/r/geerlingguy/docker-ubuntu2404-ansible #ansible #ubuntu
markstos, Today in #selfhosting, I'm investigating why I got alerted that my #backups aren't running.
The first task is determine if the backups really aren't running or whether there's a problem with monitoring/alerting.
I used #Ansible to set up #Restic to backup to #BackBlaze.
I think I'll start by checking in BackBlaze to see how fresh the backups are. 🧵
markstos, 🧵 I've got a fresh #restic backup running for the service that wasn't set up before and I'll check my metrics tomorrow.
The #Ansible role I'm using is: https://github.com/roles-ansible/ansible_role_restic
The backup completed and I see fresh metrics in AWS Cloudwatch Metrics, but not in my Dashboard I just made. Sigh.
vwbusguy, @markstos That's awesome! I'm also backing up mine with Backblaze via restic, but I'm doing mine old school with a bash script in crontab.
ansible, There's an interesting discussion happening in the #Ansible forum that we'd like you all to participate in, regarding the future of the Ansible community package (aka what you get if you pip install ansible).
Join the discussion: https://forum.ansible.com/t/future-of-the-ansible-community-package/4902
dustinrue,
me, I really wish #ansible module devs would make up their minds about how to pass stuff to it. So like the packages module? Pass it a list of packages, super easy
ansible.builtin.packages:
- foo
- bar
- baz
state: presentBut say you want to create a bunch of directories? Well, sucks for you - the file module doesn't work that way:
ansible.builtin.file:
path: "{{item}}"
owner: larted
group: luser
mode: "0755"
state: directory
with_items:
- "/haha"
- "/fuck"
- "/consistency"
And these are both BUILTIN modules. Seriously folks, make up your fucking minds. Shit like this makes being a #sysadmin pointlessly difficult.
mskoett, @me those two are doing things very differently.
Ansible.builtin.packages installs all the packages in one invocation. I.e. it's the equivalent of apt-get install foo bar baz.
Your example with ansible.builtin.file is using a loop construct iterating over a list of directories to create them one by one. The with_items is generic feature of Ansible and not something the file module is implementing. You could do the same when installing packages.
ascherbaum,
ansible, 📯 The Bullhorn 134
#Ansible #Community #newsletterReleases:
- Ansible 9.4.0
- AWX 24.1.0 & Operator 2.14.0
- ansible-core 2.14.15, 2.15.10 & 2.16.5
Collections:
- community.routeros 2.14.0
- community.general 8.5.0, 7.5.6 & 6.6.8
Participate:
- vote on team rep in Steering Committee
- discuss docker_compose deprecation
- review collection inclusion requests
- help with easyfix issues
- Ansible München meetup
More:
- Ansible Lightspeed update
- Steampunk doc update
shane_kerr, I'm cleaning up problems reported by ansible-lint and am down to a couple of these:
https://ansible.readthedocs.io/projects/lint/rules/no-handler/
The problem that I have is that if I follow the recommendation and convert the tasks to handlers, then the handlers will be very far away in the playbook - way down at the bottom, hundreds of lines later.
I can silence the error, but I guess it is there for a reason.
Am I crazy? Or is the idea that I should be having smaller playbooks or what?
shane_kerr, @ascherbaum Well I basically have a playbook that sets up everything on a metal server in a cluster. So installing packages, configuring email, creating swap, changing from systemd timesync to ntpd and so on. It's a lot of simple things. I guess that I can split it up, but have never had any reason to... until now, and it feels a bit arbitrary. 🤔
ascherbaum, @shane_kerr simple but many lines of code don't go well together ;-)
From your description that should be at least 5 different roles, possibly more.
thedoubl3j, AWX 24.1.0 is out and fresh off the presses! py 3.9 -> 3.11 upgrade included as well as other fixes and new metrics support in awx-operator @ansible #ansible #awx https://forum.ansible.com/t/announcing-awx-24-1-0-and-awx-operator-2-14-0/4581
zhenech, TIL: #Ansible has a nice, "new" Debian repository configuration module: deb822_repository (https://docs.ansible.com/ansible/latest/collections/ansible/builtin/deb822_repository_module.html)
It even correctly handles signed_by entries and places the keys into /etc/apt/keyrings
pikesley, And there it is, the first appearance of the #ansible, from 1974
gilesdring, @pikesley I recall need to get on with reading a load more Le Guin. Sought out (short story) Vaster Than Empires And More Slow a month or so ago and it was excellent.
zhenech, Remote Code Execution in #Ansible dynamic inventory plugins
https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/
zhenech, @jpmens Facts are fixed after CVE-2016-9587, erm, I mean, CVE-2017-7466 ;-)
(the later reported by yours truly)
zhenech, @jpmens And thanks for the "this is fucking unclear", updated the article to have the import and also use
wrap_var
which is a tiny wrapper that figures out the "right" Unsafe datatype itself.
dschier, German So, you just started with #ansible? Or maybe you want to improve in it? In the past, I wrote a couple of articles about @ansible , how you can get started and practical examples.
I hope these help you with #OpenSource #Automation. In case you miss something or want to provide feedback, please get in touch. I would love to address your topics, too.
verosk,
nebucatnetzer, After testing a PoC for a few weeks we now officially switch to a #nix based development environment based on #devenv. We’re comming from a #Vagrant based environment.
#Ansible will still do the configuration for certain parts but the LAMP stack is provided by #devenv.
Really looking forward to working on this, even though it is a little bit intimidating.
Ric, @geerlingguy is there an #ansible way to set up a static IP on a headless raspberry pi, I know I can set an IP when flashing the sd card, but then I want to set hostname and IP using nmcli, maybe from a lookup table or something, I’m probably over complicating this.
geerlingguy, @Ric needs updating but this is how I do it by MAC https://github.com/geerlingguy/pi-cluster/blob/master/tasks/networking/static-networking.yml
jriou, I found my Master's thesis from 2013 where I wrote that #Ansible wasn't mature enough to be chosen to manage our database infrastructure at my previous job. 11 years later, I gave a talk to show the exact opposite at #CfgMgmtCamp.
jriou, @ascherbaum Doctor Julien 😆
ascherbaum, @jriou da doctor is in da house.
ck, In a specific #Ansible playbook I wanted to retrieve the root partition's size in GB. Sounds easy, right?
Actually this turned out to be more complex than I anticipated.json_query filtering, type issues with arithmetic calculations and rounding were some of the hurdles I needed to jump. 🦘
May my latest #blog post be helpful to you. Happy Friday! 🍻
rfc2549,
atixag, Event-Driven Ansible is here and it opens up a whole new world of possibilities for working with #Ansible. Dive into the future with our latest article, featuring a minimal example to get you started
https://atix.de/en/blog/event-driven-ansible/