Karan Sharma

Ansible Snippets

5 minutes (1165 words)

🔗Assert a list of variables

---
- name: assert if all template variables are present
  assert:
    that:
      - "{{item}} is defined"
      - "{{item}} | length > 0"
    quiet: false
  with_items:
    - my_var
    - another_var
  no_log: true

🔗Execute a task before executing a role

- hosts: "my_server"
  become: yes
  # Assert if variables are present.
  pre_tasks:
    - import_tasks: ../tasks/assert.yml
  roles:
    - role: nginx

🔗Wait for apt-get lock before installing packages

# https://github.com/ansible/ansible/issues/51663#issuecomment-752286191
# A common issue, particularly during early boot or at specific clock times
# is that apt will be locked by another process, perhaps trying to autoupdate
# or just a race condition on a thread. This work-around (which can also be
# applied to any of the above statements) ensures that if there is a lock file
# engaged, which is trapped by the `msg` value, triggers a repeat until the
# lock file is released.
- name: Install OS dependencies
  apt:
    name: "{{ consul_os_packages }}"
    state: present
  register: apt_action
  retries: 100
  until: apt_action is success or ('Failed to lock apt for exclusive operation' not in apt_action.msg and '/var/lib/dpkg/lock' not in apt_action.msg)

🔗Donwload and run a project from an external source

The following playbook downloads a GitHub release, templates a config file and starts a systemd-service

  - name: Register working directory
    set_fact:
      http_script_bin_dir: "/home/{{ansible_ssh_user}}/services/http-script-executor"
      http_script_config_dir: /etc/http-script-executor

  - name: Create project directory
    ansible.builtin.file:
      path: "{{http_script_bin_dir}}"
      state: directory
      mode: '0755'
      owner: "{{ansible_ssh_user}}"
      group: "{{ansible_ssh_user}}"

  - name: Create config directory
    ansible.builtin.file:
      path: "{{http_script_config_dir}}"
      state: directory
      mode: '0755'
      owner: "{{ansible_ssh_user}}"
      group: "{{ansible_ssh_user}}"

  - name: Download latest release
    get_url:
      url: "https://github.com/iamd3vil/http-script-executor/releases/download/v0.1.0/http-script-executor_0.1.0_Linux_x86_64.tar.gz"
      dest: "{{http_script_bin_dir}}/http-script-executor.tar.xz"
      force: yes
      owner: "{{ansible_ssh_user}}"
      group: "{{ansible_ssh_user}}"

  - name: Unarchive the binary
    ansible.builtin.unarchive:
      src: "{{http_script_bin_dir}}/http-script-executor.tar.xz"
      dest: "{{http_script_bin_dir}}"
      remote_src: yes
      owner: "{{ansible_ssh_user}}"
      group: "{{ansible_ssh_user}}"

  - name: Copy config file.
    template:
      src: ./templates/http_script_executor/config.toml.j2
      dest: "{{http_script_config_dir}}/config.toml"
      owner: "{{ansible_ssh_user}}"
      group: "{{ansible_ssh_user}}"
    register: output

  - name: Copy binary to PATH
    ansible.builtin.copy:
      src: "{{http_script_bin_dir}}/http-script-executor"
      dest: "/usr/local/bin/http-script-executor"
      remote_src: yes
      owner: "{{ansible_ssh_user}}"
      group: "{{ansible_ssh_user}}"
      mode: +x
    register: output


  - name: Cleanup project folder
    file:
      state: absent
      path: "{{http_script_bin_dir}}"

  - name: Add systemd script for program
    template:
      src: ./templates/http_script_executor/http-script-executor.service.j2
      dest: "/etc/systemd/system/http-script-executor.service"
      owner: root
      group: root
      mode: 0644
    register: systemd_unit

  - name: Reload systemd
    systemd:
      daemon_reload: true
    when: systemd_unit is changed

  - name: Start service
    service:
      name: http-script-executor
      state: started
      enabled: yes

  - name: Restart service
    service:
      name: http-script-executor
      state: restarted
    when: output.changed

🔗Systemd example

[Unit]
Description= A simple HTTP server which executes scripts
After=network.target

[Service]
ExecStart=/usr/local/bin/http-script-executor --config=/etc/http-script-executor/config.toml
User={{ansible_ssh_user}}
Group={{ansible_ssh_user}}

[Install]
WantedBy=multi-user.target

Tags: #Ansible