Ansible - blockinfile module (edit file)

If you are not familiar with modules, check out Ansible - Getting Started with Modules.

There are a few different modules that can be used to modify a file.

  • The blockinfile module can be used to append, change, or remove a block of lines in a file. 
  • The lineinfile module can be used to append, change, or remove a line in a file. 
  • The replace module can be used to change or remove a line in a file.

AVOID TROUBLE

If the target file does not exist, invoking this playbook will return an error like the sample below.

For this reason, you will almost always want to use the create: true parameter, so that the file is created if it does not exist. Or use the stat module to determine if the file exists, and then used the when parameter to only execute the task when the file exists.

fatal: [server1.example.com]: FAILED! => {
  "ansible_facts": {
    "discovered_interpreter_python": "/usr/bin/python"
  },
  "changed": false,
  "msg": "Destination /tmp/foo.txt does not exist !",
  "rc": 257
}

 

At the bare minimum, the following is all that is needed to invoke this module. By default, the block is appended as a new line at the end of the file (EOF).

- name: append 'Hello World' to /tmp/foo.txt
  blockinfile:
    path: /tmp/foo.txt
    block: |
      Hello
      World

 

When the target file does not exist, invoking this playbook will return an error. For this reason, you probably want to first use the stat module to determine if the target file exists, and then use the file module to create the target file, or use the when parameter to skip the lineinfile module if the target file does not exist. Or, you could use the ignore_errors parameter.

TASK [append 'World' to /tmp/foo.txt] 
fatal: [server1.example.com]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python"}, "changed": false, "msg": "Destination /tmp/foo.txt does not exist !", "rc": 257}

 

If the target file exists, and the file was successfully updated, the folllowing should be displayed.

TASK [append 'Hello World' to /tmp/foo.txt]
changed: [server1.example.com]

 

foo.txt should now contain the following.

# BEGIN ANSIBLE MANAGED BLOCK
Hello
World
# END ANSIBLE MANAGED BLOCK

 


marker

Notice that # BEGIN ANSBILE MANAGED BLOCK and # END ANSIBLE MANAGED BLOCK were appended to foo.txt. These are the default marker lines. The following will produce the same exact result as above.

- name: append 'Hello World' to /tmp/foo.txt
  blockinfile:
    path: /tmp/foo.txt
    marker: "# {mark} ANSIBLE MANAGED BLOCK"
    block: |
      Hello
      World

 

You can create your own marker. 

- name: append 'Hello World' to /tmp/foo.txt
  blockinfile:
    path: /tmp/foo.txt
    marker_begin: START
    marker_end: END
    marker: "# {mark} JEREMYS MARKER"
    block: |
      Hello
      World

 

When the block parameter is empty, the marker lines and everything inside the marker lines will be removed. Notice the marker parameter is not used here. When the default marker lines are being used, the marker parameter is not needed to remove everything inside the marker lines.

- name: remove marker lines from /tmp/foo.txt
  blockinfile:
    path: /tmp/foo.txt
    block: ""

 

Or, when the state parameter is absent, everything inside the marker lines will be removed.

- name: remove marker lines from /tmp/foo.txt
  blockinfile:
    path: /tmp/foo.txt
    state: absent

 

If you have custom marker lines, then the marker parameter will need to be included.

- name: remove marker lines from /tmp/foo.txt
  blockinfile:
    path: /tmp/foo.txt
    marker: "# {mark} JEREMYS MARKER"
    block: ""

 


Optional Parameters

The blockinfile module accepts the following parameters.

  • group (e.g. group: "wheel")
  • mode (e.g. mode: "2775")
  • owner (e.g. owner: "root")
  • seuser - SELinux user (e.g. seuser: "unconfined_u")
  • serole - SELinux role (e.g. serole: "object_r")
  • setype - SELinux type (e.g. setype: "httpd_sys_content_t")
  • selevel - SELinux level (e.g. selevel: "s0")
  • validate - Validate file

 

Here is an example of how these parameters would be used.

- name: append new line EOF
  blockinfile:
    path: /etc/ssh/sshd_config
    marker: "new line"
    insertafter: EOF
    group: foo
    mode: "0644"
    owner: foo
    seuser: unconfined_u
    serole: object_r
    setype: httpd_sys_content_r
    selevel: s0
    validate: "sshd -T -f %s"

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter ee094 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |