Ansible Guide: Manage Files using Ansible
On this page
- What we will do?
- Copy file using 'copy' and 'templates' module in Ansible
- Download a File using Fetch Module in Ansible
- Edit Files with Ansible
- 1. Insert Multiple Lines to File using 'blockinfile'
- 2. Insert Multiple Lines using the Marker Options
- 3. Delete/Remove Multiple lines block surroundings inside the markers
- 4. Insert a new line to file
- 5. Remove the Line from the file using the lineinfile module
- 6. Replace Pattern Strings with Regular Expression and Replace Module
- 7. Uncomment Configurations
- 8. Comment on the Line of Configuration
- Set Attributes of Files using file module in Ansible
- Reference
In this guide, I'll show you how to manage files using ansible modules. You will learn how to copy, edit, insert, download and replace files using Ansible.
What we will do?
- Copy file using 'copy' and 'templates' module
- Download file using 'fetch' module
- Edit file using 'blockinfile', 'lineinfile', and 'replace' modules
- Manage file Attributes
Copy file using 'copy' and 'templates' module in Ansible
Ansible provides some modules to copying file from local directory to the remote target machines, it's the 'copy' and 'template' module.
The difference between the 'copy' and 'template' module is that the copy module will copy the file from 'files' directory and the 'template' will copy the Jinja2 template from 'templates' directory on Ansible playbooks.
The 'copy' module is good for copying persistent file such as certificates, while the 'template' is more useful for reusable configurations such as virtual host configuration etc.
1. Copy file from Local to Remote Target Machine
Copy the 'sources.list' configuration on the local 'files' directory to the remote machine '/etc/apt/sources.list'. When there is configuration, it will be replaced and backup based on the timestamps.
- name: Copy from Local to Remote Target Machine with 'copy'
copy:
src: sources.list
dest: /etc/apt/sources.list
backup: yes
2. Copy File on Remote Machine to another Directory
Copy the sudoers configuration '/etc/sudoers.d/hakase' on the remote machine to the other directory '/home/hakase/hakase-suoers.txt'. It's can be done with the 'remote_src' option.
- name: Copy file from one directory to other on the Remote Machine
copy:
src: /etc/sudoers.d/hakase
dest: /home/hakase/hakase-sudoers.txt
remote_src: yes
3. Copy File and Change the permission and owner the File
Copy the bash file on the 'files' directory to the remote server machine and make the default file permission '0755' and owner of the file is 'hakase'.
- name: Copy file and set up the permission and owner of the file
copy:
src: simple.sh
dest: /home/hakase/simple.sh
owner: hakase
group: hakase
mode: 0755
4. Copy file with Template module
Copy the Jinja2 template configuration for nginx virtual host from the 'templates' directory to the '/etc/sites-enabled/' directory on the remote machine. With the Jinja2 template, we can create variables for our configuration and make it more reusable.
- name: Copy file using 'template' module
template:
src: default.j2
dest: /etc/nginx/sites-enabled/
backup: yes
owner: root
group: root
mode: 0644
Download a File using Fetch Module in Ansible
In order to download a file from the remote machine to our local ansible node, we can use the ansible module called 'fetch'.
1. Download From a Remote Machine to Local
Download the nginx configuration file 'nginx.conf' from the remote server to the local ansible-node directory '/home/hakase/backup' for creating a backup. And the default fetch module will include the directory structures.
- name: Download file from Remote Machine to Local ansible-node directory
become: yes
fetch:
src: /etc/nginx/nginx.conf
dest: /home/hakase/backup/
2. Download From Remote to Local without Directory structures
Download from the Remote Machine to Local ansible-node without directory structures by adding the 'flat' option.
- name: Download file from Remote Machine to Local ansible node without directory structures
become: yes
fetch:
src: /etc/nginx/nginx.conf
dest: /home/hakase/backup/
flat: yes
Edit Files with Ansible
Now we're going to edit files using Ansible modules. There are some modules that you must know for editing files using the Ansible, such as blockinfile, lineinfile, and replace.
The blockinfile will insert/remove multiple lines to the file. The lineinfile is for the single line, and the replace module can be used to replace string.
1. Insert Multiple Lines to File using 'blockinfile'
Add multiple lines configuration to the ssh configuration 'sshd_config' using the 'blockinfile' module. And the default setup will insert the new configuration to the bottom of lines.
- name: Insert multiple lines and Backup
blockinfile:
path: /etc/ssh/sshd_config
backup: yes
block: |
ClientAliveInterval 360
ClientAliveCountMax 0
2. Insert Multiple Lines using the Marker Options
Or if you want to insert to the specific line, you can use the marker option and follow by 'insertafter' or 'insertbefore' and Regex, or you can use both.
The playbook below will insert new additional configuration to the 'sshd_config' file. The additional configuration will be added before the 'UserPAM' line surrounding by the default marker '# BEGIN ANSIBLE MANAGED BLOCK'.
- name: Insert after regex, backup, and validate
blockinfile:
path: /etc/ssh/sshd_config
backup: yes
marker: "# {mark} ANSIBLE MANAGED BLOCK "
insertbefore: '^UsePAM '
block: |
AllowUsers hakase vagrant
PermitEmptyPasswords no
PermitRootLogin no
validate: '/usr/sbin/sshd -T -f %s'
3. Delete/Remove Multiple lines block surroundings inside the markers
Remove the block of lines surroundings by the ansible marker '# BEGIN ANSIBLE MANAGED BLOCK'.
- name: Remote text block surrounding by markers
blockinfile:
path: /etc/ssh/sshd_config
marker: "# {mark} ANSIBLE MANAGED BLOCK"
content: ""
backup: yes
4. Insert a new line to file
Insert new line configuration 'PasswordAuthentication no' under the line regex '#PermitEmptyPasswords' to the ssh configuration '/etc/ssh/sshd_config'.
- name: Insert New Line under the Regex configuration
lineinfile:
path: /etc/ssh/sshd_config
backup: yes
regexp: '^PasswordAuthentication '
insertafter: '^#PermitEmptyPasswords '
line: 'PasswordAuthentication no'
validate: '/usr/sbin/sshd -T -f %s'
5. Remove the Line from the file using the lineinfile module
In order to remove/delete a line from the file, you can use the 'state: absent' option and follow by the Regular expression of the line such as below.
- name: Remove a line from the file
lineinfile:
path: /etc/ssh/sshd_config
state: absent
regexp: '^PasswordAuthentication'
6. Replace Pattern Strings with Regular Expression and Replace Module
Now we're going to replace a string using the 'replace' module. The replace module required the regular expression as backend-reference to replace kind of strings.
Change the name of the host on the '/etc/hosts' file using replace the module.
- name: Replace the default
replace:
path: /etc/hosts
regexp: '(\s+)node\.provision\.labs(\s+.*)?$'
replace: '\1box.hakase.labs\2'
backup: yes
7. Uncomment Configurations
The replace module can be used to uncomment the configuration on the Linux system. Simple, we can remove the comment string '#' at the beginning of line using the replace module.
Uncomment the 'server_tokens' line configuration on the '/etc/nginx/nginx.conf' file.
- name: Uncomment configuration
replace:
path: /etc/nginx/nginx.conf
regexp: '#(\s+)server_tokens'
replace: 'server_tokens'
backup: yes
8. Comment on the Line of Configuration
Below is to comment the line configuration by adding the '#' to the beginning of the line.
- name: Comment Line configuration
replace:
path: /etc/nginx/nginx.conf
regexp: '(\s+)gzip on'
replace: '\n\t#gzip on'
backup: yes
Set Attributes of Files using file module in Ansible
The file module can be used to set attributes of files itself, such as change owner, group and permission, create a symlink, create a new directory and delete a symlink, file or directory.
1. Create Symlink of File
Create a symlink file on the remote host for the nginx virtual host configuration called 'vhost' to the '/etc/nginx/sites-enabled/' directory.
- name: Create Symlink of file
file:
src: /etc/nginx/sites-available/vhost
dest: /etc/nginx/sites-enabled/vhost
owner: root
group: root
state: link
2. Create a New Directory using file module
In order to create a new directory using the file module, we need to use the state option with the value 'directory' such as below.
- name: Create a New Directory using file
file:
path: /etc/nginx/ssl
state: directory
owner: root
group: root
mode: 0755
