In my project, I need php role, mysql role, and laravel role. I put php role and mysql role in another repository.
In the case the main content of a laravel role (each project is different )as the following
Ansible is being run in a world writable directory
It means your config file permissions allows for anyone to modify them, thus making it “unsafe”.
It’s more tricky in your case, because you seem to access this file from a Windows filesystem mounted in your WSL VM IIRC, and I don’t quite remember how it works, but filesystems mounted this way are world readable, from my previous experience at least. Here is a documentation I haven’t read you might find useful: File Permissions for WSL | Microsoft Learn.
Multiple ways to address it; you could either change your config file path, avoid having to use one in the first place, clone your repo elsewhere on your filesystem or see if you can “fix” your mountpoint permissions.
First off it can’t be your whole role structure, as you listed only what seems to be the content of tasks/main.yml file. Also, there seems to be an indentation issue, though it might just be a bad paste.
Where should we put this role?
As @utoddl made it clear, there are multiple ways to achieve what you want with Ansible, so I’ll only speak for myself; as stated in a previous message, I usually put each role in its own repo, for reuse value across projects. I’ll direct you again to @chrisprovided examples, as I do pretty much the same.
Now if you ask specifically ‘where ?’, just pick an appropriate git hosting that fits your needs, is publicly accessible from Internet if you’d like public exposure, and perhaps push your roles to Ansible Galaxy as well, if you’d like them to be listed there.
If you like that sort of script, you may want to look at my update-me script.
$ update-me -h
Usage: update-me [-h] [-q] [-p] [-f] [-d] [-x]
Bring local branches up-to-date with their corresponding remotes.
If there are any roles/requirements.yml or collections/requirements.yml
files in the current branch, then use the ansible-galaxy command
to pull those requirements in as well.
-h Help: this text
-q Quick: skip processing of requirements.yml files.
-p Include "-p ./roles/" or "-p ./collections/" on ansible-galaxy commands.
-f Include "--force" on ansible-galaxy commands.
-d Debug: enables more diagnostic messages.
-x Sets the -x flag; eXtremely verbose messaging
The companion script update-all runs update-me on a set of local repos in parallel. It’s a little too familiar with our work environment, but it shouldn’t take more than a few minutes for someone to get it to work elsewhere.
$ update-all -h
Usage: update-all [-h] [-q] [-p] [-f] [-t THREADS]
This progresses through all the git repos in the current directory and runs
the adjacent "update-me" script on each of them.
-h Help: this text
-q Quick: skip processing of requirements.yml files by passing
the '-q' flag to "update-me".
-p Pass the '-p' flag to "update-me" to include "-p ./roles/"
or "-p ./collections/" on ansible-galaxy commands.
-f Pass the '-f' flag to "update-me" to include "--force"
on ansible-galaxy commands.
-d Debug: enables additional diagnostic messages
-t THREADS Max number of projects to update simultaneously (default: 8)