在 Ansible 中使用模板模块附加文件

Question

所以我有一个使用 Jinja2 模板创建日志文件的 ansible playbook。每次我运行剧本时，它都会从customers.yml 中提取客户信息并将完成的模板输出到“stunnel.conf”文件中。该模板工作正常，但我试图找到一种方法来附加以前的“stunnel.conf”，而不是使用模板模块覆盖它。我希望手动将文本添加到 'stunnel.conf' 的开头并且不被覆盖。你认为这可能吗？

Stunnel.conf

; GFAM - PBSTP
[customer-GFAM-34074]
cert = /etc/stunnel/stunnel.pem
accept = 34094
connect = 35094

; GUANFABANK - FXSIM
[customer-GUANFABANK-34051]
cert = /etc/stunnel/stunnel.pem
accept = 34095
connect = 35095

; ONEZERO2 - TRADESTREAM
[customer-ONEZERO2-39124]
cert = /etc/stunnel/stunnel.pem
accept = 34096
connect = 35096

; BTG-VELOCITY - PBSTP
[customer-BTG-VELOCITY-42533]
cert = /etc/stunnel/stunnel.pem
accept = 34097
connect = 35097

Jinja2 模板

{#CONTEXT: {{ customers }}#}
{% set currentport = 34093%}
{% for cust, config in customers.items() %}
; {{ cust }} - {{ config['type'] }}
[customer-{{ cust }}-{{ config['accept'] }}]
cert = {{ "/etc/stunnel/stunnel.pem" }}
{#accept = {{ config['accept'] }}#}
{#connect = {{ config['connect'] }}#}
accept = {{ currentport + 1 }}
connect = {{ currentport + 1001 }}
{% set currentport = currentport + 1 %}

{% endfor %}

playbook.yml

- include_vars:
    file: /home/vagrant/stunnelSimAnsPractice/roles/ns16/vars/customers.yml
    name: customers

- template:
    src: /home/vagrant/stunnelSimAnsPractice/roles/ns16/templates/stunnel.j2
    dest: /home/vagrant/stunnelSimAnsPractice/roles/ns16/output/stunnel.conf
    owner: root
    group: root

Answer 1

我建议这样做：

1. 将模板输出保存到临时文件。
2. 使用临时文件的内容附加 Stunnel.conf 文件。
3. 删除临时文件。

在剧本中它可能看起来像：

- include_vars:
    file: /home/vagrant/stunnelSimAnsPractice/roles/ns16/vars/customers.yml
    name: customers

- template:
    src: /home/vagrant/stunnelSimAnsPractice/roles/ns16/templates/stunnel.j2
    dest: /home/vagrant/stunnelSimAnsPractice/roles/ns16/output/temp.conf
    owner: root
    group: root

- name: "Append stunnel.conf with content of temporary file"
  shell: cat temp.conf >> stunnel.conf
  args:
    chdir: "/home/vagrant/stunnelSimAnsPractice/roles/ns16/output"

- name: "Delete temporary file"
  file:
    path: /home/vagrant/stunnelSimAnsPractice/roles/ns16/output/temp.conf
    state: absent

Answer 2

您可以使用 blockinfile 模块和 template 查找来管理 stunnel.conf 中的每个客户端块：

- include_vars:
    file: customers.yml
    name: customers

- blockinfile:
    dest: stunnel.conf
    block: "{{ lookup('template', 'stunnel.j2') }}"
    marker: "; {mark} ANSIBLE MANAGED BLOCK FOR {{ cust }}"

为了便于阅读，我缩短了文件路径。

这样，Ansible 将查找特定客户端的托管块（{{ cust }} 变量）并使用模板化 stunnel.j2 中的内容添加/替换。