common plugins and filters
https://git.unixadm.org/phil/ansible-collection-common
enables or disables a given dnf module
| Parameter | Choices/Defaults | Description |
|---|---|---|
name(str) required |
the module name | |
profiles(str) |
the module's profiles | |
state(str) |
present absent |
enabled (present) or disabled (absent) |
stream(str) |
the module's version stream |
this module sets or removes a dnf versionlock
| Parameter | Choices/Defaults | Description |
|---|---|---|
name(str) required |
package name(s) | |
state(str) |
present absent |
set ("present)" or remove ("absent") a versionlock |
version(str) |
force locked version to given string (V-R or E:V-R) |
---
- name: "set versionlock to currently installed version"
unixadm.common.dnf_versionlock:
name: bash
- name: "set versionlock to a specific version"
unixadm.common.dnf_versionlock:
name: bash
version: 4.2.46-34.el7
- name: "remove versionlocks"
unixadm.common.dnf_versionlock:
name:
- bash
- tcsh
- zsh
state: absentThis module searches given directories for certificate and key files and returns the certificate data as well as the corresponding key file path.
| Parameter | Choices/Defaults | Description |
|---|---|---|
cert_path(path) |
['/etc/pki/tls/certs'] | directory/directories to look for certificate files |
key_path(path) |
['/etc/pki/tls/private'] | directory/directories to look for key files |
skip_combined(bool) |
True | ignore combined certificate/key files |
skip_expired(bool) |
True | ignore expired certificates |
skip_invalid_chain(bool) |
True | ignore certificate files containing invalid chain |
subject(str) |
filter by subject |
---
- name: "get all valid certificates for this host"
unixadm.common.findcerts:
subject: '{{ansible_fqdn}}'
skip_combined: false
register: t_certs| Key | Returned | Description |
|---|---|---|
certs(list) |
Success | list of dicts of matching certificates |
This module builds a floppy image containing the kickstart file
| Parameter | Choices/Defaults | Description |
|---|---|---|
ks(str) |
the kickstart as a text | |
ks_file(path) |
the path to a file that should be used as kickstart | |
path(path) required |
the path where the floppy image will be generated |
This module adds or removes ip routes
| Parameter | Choices/Defaults | Description |
|---|---|---|
gateway(str) |
the gateway for reaching the network | |
interface(str) required |
the interface name | |
network(str) required |
the network to route can be specified as 'address' (for routing a single address) or either as 'network/prefix' or as 'network/netmask'. |
|
state(str) |
present absent |
add/remove route |
- name: "add interface route with gateway"
unixadm.common.iproute:
interface: eth1
network: '172.16.255.0/24'
gateway: '192.168.1.1'
- name: "remove interface route"
unixadm.common.iproute:
interface: eth1
network: '172.16.128.0/24'
state: absentsend signal to a process or a pid or get the pid of a process
| Parameter | Choices/Defaults | Description |
|---|---|---|
full(bool) |
False | match pattern against full command line |
pattern(str) |
pattern of the process name, must not be used together with pid= | |
pid(int) |
pid of the process, must not be used together with name= | |
signal(str) |
signal to send to the process (signal names are allowed) |
---
- name: "send sigterm to smokeping.fcgi"
unixadm.common.kill:
pattern: smokeping.fcgi
signal: term| Key | Returned | Description |
|---|---|---|
pids(list) |
Success | list of pids |
This module generates the network-manager config from a given dict. Please note that all slave devices (bond, bridge, ..) are set to "autoconnect false". Use "autoconnect-slaves 1" to automatically start the slave devices together with the master device.
| Parameter | Choices/Defaults | Description |
|---|---|---|
apply(bool) |
False | apply changes by reloading NetworkManager and restarting the connections |
config(dict) required |
Config dict with the interface name as key. Keys starting with an underscore are ignored. The interface name decides the network device type, e.g. + starting with 'br' or 'rawbr' is a bridge + starting with 'bond' is a bond + starting with 'sit' is a sit (simple internet transition) tunnel + starting with 'gre' is a gre tunnel + starting with 'ipip' is an ipip tunnel + starting with 'wg' is a wireguard interface + starting with 'lo_' is a virtual (dummy) interface + containing a dot is a vlan interface + eth, enp.. whatever is an ethernet interface The dict's value is the interface configuration + ipv4 - dict + + address - list of address/prefix tuples or 'auto' + + gateway - gateway address + + route - host- or interface routes + + etc., see nm-config(5) for more options + ipv6 - dict + + address - list of address/prefix tuples or 'auto' or 'ignore' + + gateway - gateway address + + route - host- or interface routes + + privacy - boolean, enable privacy extensions + + etc., see nm-config(5) for more options + mac - mac address, defaults to mac address taken from ansible facts + rewrite_mac - rewrite this interface's mac address to this value + onboot - boolean, start interface on boot + interfaces - list of slave interfaces (bond and bridge only) + ethtool - ethtool options (ethernet only) + etc., see nm-config(5) for more options |
|
path(path) |
/etc/NetworkManager/system-connections | path to the NetworkManager connection files |
- name: "generate network config"
unixadm.common.network_manager:
config:
eth0:
name: 'dialup'
ipv4:
address: ['auto']
ignore_auto_dns: false
ipv6:
address: ['auto']
privacy: true
ignore_auto_dns: false
_this_key_is_ignored: foo
mac: '00:11:22:33:44:55'
rewrite_mac: '00:22:44:66:88:aa'
ethtool:
ring_rx: 4096
ring_tx: 4096
bond0:
ipv4:
address:
- '10.0.0.1/24'
route:
- '10.1.3.0/24;10.0.0.254'
ipv6:
address:
- 'fc00::1/64'
- 'fc00::2'
- 'fc00::3'
interfaces:
- eth1
- eth2
mode: 4
lacp_rate: 1
miimon: 100
xmit_hash_policy: 2
br0:
ipv4:
address: ['10.1.0.1/24']
interfaces:
- eth3
- eth4
lo_:mysub:
ipv4:
address: ['10.2.0.1/32']
bond1:
interfaces:
- eth4
- eth5
br1:
interfaces:
- bond1
br1.1337:
ipv4:
address: ['10.3.0.1/24']
dad_timeout: 200
sit1:
ipv6:
address: ['fc01::1/64']
remote: '192.0.2.1'
wg0:
ipv4:
address: ['10.4.0.1/30']
ipv6:
address: ['fc04::1/64']
listen_port: 12345
privatekey: '6N7Sm8oWwWMNO6KS4bX95Ew/PAuI3mnjwzG0Ii7d9m0='
peers:
'gQBdyfAPzI+YTG6jXh9N130JHQcVY68OjphlpvNKD1E=':
endpoint: '10.100.1.2:12345'
psk: 'Iy+0sqf8ZksfG1TRwsOKAlcYdtc7DZZtGDVHyyv1tao='
persistent_keepalive: 30
allowed_ips:
- '10.4.0.2/32'
- 'fc04::/64'
apply: trueThis module manages interface routes for network-script-based systems.
| Parameter | Choices/Defaults | Description |
|---|---|---|
apply(bool) |
True | apply route changes deprecated as of version 0.2.13, will be removed with 0.3.0. please use 'unixadm.common.iproute' instead. |
gateway(str) |
the gateway for reaching the network | |
interface(str) required |
the interface name | |
network(str) required |
the network to route can be specified as 'address' (for routing a single address) or either as 'network/prefix' or as 'network/netmask'. |
|
state(str) |
present absent |
add/remove route |
- name: "add interface route"
unixadm.common.network_route:
interface: eth1
network: '172.16.255.0/24'
gateway: '192.168.1.1'
- name: "remove interface route but do not apply changes"
unixadm.common.network_route:
interface: eth1
network: '172.16.255.0/24'
gateway: '192.168.1.1'
apply: false
state: absentthis module generates the network-scripts config from a given dict
| Parameter | Choices/Defaults | Description |
|---|---|---|
compatibility(str) |
NetworkManager network-scripts |
network manager compatibility |
config(dict) required |
config dict with the interface name as key. The interface name decides the network device type, e.g + starting with 'br' or 'rawbr' is a bridge + starting with 'bond' is a bond + starting with 'sit' is a sit (simple internet transition) tunnel + starting with 'wg' is a wireguard interface + containing a dot is a vlan interface + containing a colon is a virtual interface + eth, enp.. whatever is an ethernet interface the dict's value is the interface configuration + name - nickname, defaults to the interface name + ipv4 - address/prefix or list of addresses/prefixes or 'dhcp' + ipv6 - address/prefix or 'dhcpv6' or 'auto' for router advertisement + ipv6_privacy - boolean, enable privacy extensions + ipv6_pd - boolean, use prefix delegation + ipv6_secondaries - list of secondary ipv6 addresses + gateway - the interface's default ipv4 gateway + gateway6 - the interface's default ipv6 gateway + mac - mac address, defaults to mac address taken from ansible facts + rewrite_mac - rewrite this interface's mac address to this value + onboot - boolean, start interface on boot + peerdns - enable or disable peer dns (dhcp/dhcpv6 only) + slaves - list of slave interfaces (bond only) + bonding_opts - bonding options, defaults to "mode=0" (bond only) + interfaces - list of bridge members (bridge only) + ethtool_opts - ethtool options (ethernet only) + arpcheck - boolean, check using arping if ip address is already taken + peer - tunnel peer address (sit only) + scope - address scope (ethernet only) |
- name: "generate network config"
unixadm.common.network_scripts:
config:
'eth0':
name: 'dialup'
ipv4: 'dhcp'
ipv6: 'dhcpv6'
ipv6_privacy: true
ipv6_pd: true
peerdns: false
mac: '00:11:22:33:44:55'
rewrite_mac: '00:22:44:66:88:aa'
'bond0':
ipv4: '10.0.0.1/24'
ipv6: 'fc00::1/64'
ipv6_secondaries:
- 'fc00::2'
- 'fc00::3'
slaves:
- eth1
- eth2
'br0':
ipv4:
- '10.1.0.1/24'
- '10.1.0.11/24'
interfaces:
- eth3
- eth4
'lo:mysub':
ipv4: '10.2.0.1/32'
'bond1':
slaves:
- eth4
- eth5
'br1':
slaves:
- bond1
'br1.1337':
ipv4: '10.3.0.1/24'
arpcheck: false
'sit1':
ipv6: 'fc01::1/64'
peer: '192.0.2.1'
'wg0':
ipv4: '10.4.0.1/30'
ipv6: 'fc04::1/64'
listen_port: 12345
privatekey: '6N7Sm8oWwWMNO6KS4bX95Ew/PAuI3mnjwzG0Ii7d9m0='
psk: 'Iy+0sqf8ZksfG1TRwsOKAlcYdtc7DZZtGDVHyyv1tao='
peer: 'gQBdyfAPzI+YTG6jXh9N130JHQcVY68OjphlpvNKD1E='
peer_endpoint: '10.100.1.2:12345'
keepalive: 30
allowed_ips:
- '10.4.0.2/32'
- 'fc04::/64'
register: t_network_config
- name: "restart network"
service: name=network state=restarted
when: t_network_config is changedThis module adds, updates or deletes sasl users
| Parameter | Choices/Defaults | Description |
|---|---|---|
format(str) |
bdb gdbm |
database format |
name(str) required |
username to be added or removed | |
password(str) |
the user's password | |
path(str) |
/etc/sasl2/sasldb2 | filename of the database |
realm(str) |
the host's fqdn | realm |
state(str) |
present absent |
add/update (present) or remove (absent) user |
- name: "add user to /etc/sasldb2 with a given realm"
unixadm.common.sasldb:
name: myusername
password: "supersecretpassword"
realm: '{{inventory_hostname}}'
owner: cyrus
group: mail
mode: 0640
- name: "remove user from /path/to/sasldb"
unixadm.common.sasldb:
path: /path/to/sasldb
name: myusername
state: absentThis module adds, modifies or removes a user or a group to, in or from /etc/subuid or /etc/subgid.
| Parameter | Choices/Defaults | Description |
|---|---|---|
count(int) |
amount of uids/gids to reserve | |
name(str) required |
user or group name | |
operate_on(str) |
subuid subgid |
operate on either /etc/subuid or /etc/subgid |
state(str) |
present absent |
add/modify (present) or remove (absent) user or group |
- name: "add joe with 1024 uids to /etc/subuid"
unixadm.common.subguid:
name: joe
operate_on: subuid
count: 1024
- name: "remove john from /etc/subgid"
unixadm.common.subguid:
name: john
operate_on: subgid
state: absentThis module activates or deactivates a swap device
| Parameter | Choices/Defaults | Description |
|---|---|---|
dev(str) required |
device name | |
state(str) |
present absent status |
enable (present) or disable (absent) swap or show (status) swap state |
This module gets or sets values from/to sysfs
| Parameter | Choices/Defaults | Description |
|---|---|---|
key(str) required |
sysfs key to operate on | |
state(str) |
get set |
read (get) or write (set) value |
value(str) |
value to set sysfs key to |
| Key | Returned | Description |
|---|---|---|
value(str) |
Success | current value |
this module disables or enables yum/dnf repositories
| Parameter | Choices/Defaults | Description | |
|---|---|---|---|
name(str) required |
name(s) of the repositor(y | ies) | |
state(str) |
present absent |
disable ("absent") or enable ("present") given repositor(y | ies) |
this module sets or removes a yum versionlock
| Parameter | Choices/Defaults | Description |
|---|---|---|
name(str) required |
package name(s) | |
state(str) |
present absent |
set ("present)" or remove ("absent") a versionlock |
version(str) |
force locked version to given string (V-R or E:V-R) |
---
- name: "set versionlock to currently installed version"
unixadm.common.yum_versionlock:
name: bash
- name: "set versionlock to a specific version"
unixadm.common.yum_versionlock:
name: bash
version: 4.2.46-34.el7
- name: "remove versionlocks"
unixadm.common.yum_versionlock:
name:
- bash
- tcsh
- zsh
state: absentReturns an aes256/cfb encrypted string to a given plaintext and secret key.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(str) required |
The to be encrypted string. | |
_key(str) required |
The key to encrypt the string with. | |
format(str) |
base64 hex |
Output format of the encrypted data. |
iv(str) |
The initialization vector, useful to produce idempotent results. |
foo: '{{ "hello" | unixadm.common.aes_crypt("world", iv=("whee"|to_uuid)[:16]) }}'
=> "ZTFkZjRkYTUtNDIzMC01N4HhgMzC"
bar: '{{ "hello" | unixadm.common.aes_crypt("world", format="hex") }}'
=> "4d6969b4cbae4374d40e0da1822bf7b68fe77f7b25" # with a random iv| Key | Returned | Description |
|---|---|---|
_value(str) |
Success | The encrypted string. |
Decrypts an aes128/192/256 encrypted string and returns the plain text.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(str) required |
The encrypted string. | |
_key(str) required |
The key to decrypt the string with. |
foo: '{{ "ZTFkZjRkYTUtNDIzMC01N4HhgMzC" | unixadm.common.aes_decrypt("world") }}'
=> "hello"
bar: '{{ "4d6969b4cbae4374d40e0da1822bf7b68fe77f7b25" | unixadm.common.aes_decrypt("world") }}'
=> "hello"| Key | Returned | Description |
|---|---|---|
_value(string) |
Success | The decrypted string. |
Returns a bcrypt hash of a given string. Optionally, a salt, a prefix and the logarithmic work factor (number of rounds) can be specified.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(str) required |
The to be hashed string. | |
prefix(str) |
2b | Salt prefix is no salt is specified. |
rounds(int) |
12 | Rounds for salt generation. |
salt(str) |
Salt for the hash algorithm. |
foo: '{{ "input" | unixadm.common.bcrypt_hash(salt="$2a$12$0Y6OWlmF3jPiXgQCDkuLo.") }}'
=> "$2a$12$0Y6OWlmF3jPiXgQCDkuLo.wFWkDOwgwagBGwGApklYMgLBae0fLH"| Key | Returned | Description |
|---|---|---|
_value(str) |
Success | The hash. |
Removes a set of keys from a dict.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(dict) required |
The dictionary. | |
_keys(str) required |
Key or list of keys to delete. |
foo: '{{ {"foo": "bar", "baz": "yatta"} | unixadm.common.delete_keys("baz") }}'
=> { "foo". "bar" }
fuh: '{{ {"foo": "bar", "baz": "yatta"} | unixadm.common.delete_keys(["foo", "baz"]) }}'
=> { }| Key | Returned | Description |
|---|---|---|
_value(dict) |
Success | The resulting dict. |
Merges a list of two elements to a key/value pair.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(list) required |
The list containing exactly two elements. |
foo: '{{["foo", "bar"|unixadm.common.dict}}'
=> {"bar": "baz"}| Key | Returned | Description |
|---|---|---|
_value(list) |
Success | The list with all elements suffixed with the given string. |
Parses a given string in ini-format into a dict.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_dicts(list) |
Additional arguments that are recognised by configparser. | |
_input(str) required |
The input string in ini-format. |
foo: '{{ "[yatta]\nbar = baz" | unixadm.common.from_ini }}'
=> { "yatta": { "bar": "baz" } }| Key | Returned | Description |
|---|---|---|
_value(dict) |
Success | The parsed dict. |
Get keys from a given dict depending on their value.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(dict) required |
The input dictionary. | |
_values(list) required |
The values to search for. |
foo: '{{ {"foo": "bar", "baz": "yatta", "zonk": "bar"} | unixadm.common.get_keys_by_value("bar") }}'
=> [ "foo", "zonk" ]| Key | Returned | Description |
|---|---|---|
_value(list) |
Success | The resulting keys. |
Performs simple arithmetic operations on a given input.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(int) required |
Int or float to perform operation on. | |
_modifier(int) required |
Modifier, int or float. | |
_operation(str) required |
+ - * / |
Operation to perform. |
result: '{{ 49 | unixadm.common.math("/", 7) }}'
=> 7.0| Key | Returned | Description |
|---|---|---|
_value(int) |
Success | The result as float or int. |
Performs simple arithmetic operations on a given input.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(int) required |
Int or float to perform operation on. | |
_modifier(int) required |
Modifier, int or float. | |
_operation(str) required |
+ - * / |
Operation to perform. |
result: '{{ 49 | unixadm.common.math("/", 7) }}'
=> 7.0| Key | Returned | Description |
|---|---|---|
_value(int) |
Success | The result as float or int. |
Extracts multiple keys from a given dict. Intented to use as 'map(attribute=key)' pendant but with multiple keys.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(dict) required |
The input dictionary. | |
_keys(list) required |
List of keys to extract. |
foo: '{{
q("filetree", "/path/to/somewhere") |
selectattr("state", "equalto", "file") |
unixadm.common.multimap(["src", "path"])
}}'
=> [ { "path": "foobar", "src": "/path/to/somewhere/foobar" }, ... ]| Key | Returned | Description |
|---|---|---|
_value(list) |
Success | The resulting list. |
Prepends each element of a list with a given string.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(list) required |
The list of strings. | |
_prefix(str) required |
The prefix. |
foo: '{{ [ "foo", "bar", "baz" ] | unixadm.common.prefix("my_") }}'
=> [ "my_foo", "my_bar", "my_baz" ]| Key | Returned | Description |
|---|---|---|
_value(list) |
Success | The list with all elements prefixed with the given string. |
Appends a given string to each element of a list.
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(list) required |
The list of strings. | |
_suffix(str) required |
The suffix. |
foo: '{{ [ "foo", "bar", "baz" ] | unixadm.common.suffix("_yay") }}'
=> [ "foo_yay", "bar_yay", "baz_yay" ]| Key | Returned | Description |
|---|---|---|
_value(list) |
Success | The list with all elements suffixed with the given string. |
Returns the first file or directory found
| Parameter | Choices/Defaults | Description |
|---|---|---|
_terms(list) required |
list of paths to examine |
---
- name: "copy either contents of directoryA or directoryB to dest"
copy:
src: '{{lookup("unixadm.common.first_exists",
["/tmp/directoryA", "/tmp/directoryB"]
)}}'
dest: /usr/local/share/foo/
recursive: true
...| Key | Returned | Description |
|---|---|---|
_raw(str) |
Success | path to item |
Returns the file's or directory's stats
| Parameter | Choices/Defaults | Description |
|---|---|---|
_terms(path) required |
path |
---
- name: "get file size"
debug:
msg: '{{myfilestats.st_size}}'
vars:
myfilestats: '{{lookup("unixadm.common.stat", "/foo/bar")}}'
...| Key | Returned | Description |
|---|---|---|
_raw(str) |
Success | stat dict |
Returns this collection's version
---
- assert:
that: "lookup('unixadm.common.version') is version_compare('0.0.1', '>=')"| Key | Returned | Description |
|---|---|---|
_raw(str) |
Success | version string |
show groups with their prio and depth
| Parameter | Choices/Defaults | Description |
|---|---|---|
plugin(str) required |
debug_groups unixadm.common.debug_groups |
Name of the plugin |
---
plugin: 'unixadm.common.debug_groups'
...group hosts by pattern
| Parameter | Choices/Defaults | Description |
|---|---|---|
children(dict) |
dict of groups with corresponding children group patterns deprecated as of version 0.2.5, will be removed with 0.3.0 |
|
groupofgroups(dict) |
dict of groups with corresponding children group patterns, priorities and depths |
|
groups(dict) |
dict of groups with corresponding host patterns | |
plugin(str) required |
virtual_groups unixadm.common.virtual_groups |
Name of the plugin |
---
plugin: 'unixadm.common.virtual_groups'
groups:
mywebservers:
- '^web\d+\.'
mydbservers:
- '^mysql\d+\.'
- '^pgsql\d+\.'
myserverclass_$1_$2:
- '^server(foo|bar|baz)\.([a-z]{3})\.domain\.example$'
groupofgroups:
myservers:
patterns:
- '^mywebservers$'
- '^mydbservers$'
prio: 10
...Check if the provided pair has equal elements
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(list) |
A list with two elements |
pair_match: '{{["foo", "foo"]|select("unixadm.common.pair_eq")}}'
pair_nomatch: '{{["foo", "bar"]|select("unixadm.common.pair_eq")}}'| Key | Returned | Description |
|---|---|---|
_value(bool) |
Success | Returns True if the both elements of the given list are equal, c(False) if otherwise. |
Check if the provided pair's elements are a subset of each other
| Parameter | Choices/Defaults | Description |
|---|---|---|
_input(list) |
A list with two elements |
pair_match: '{{["foobar", "foo"]|select("unixadm.common.pair_in")}}'
pair_nomatch: '{{["foo", "bar"]|select("unixadm.common.pair_in")}}'| Key | Returned | Description |
|---|---|---|
_value(bool) |
Success | Returns True if the one element of the given list is a subset of the other, c(False) if otherwise. |
GPL-2.0-only