According to Ansible Configuration Settings,
Changes can be made and used in a configuration file which will be searched for in the following order:
- ANSIBLE_CONFIG (environment variable if set)
- ansible.cfg (in the current directory)
- ~/.ansible.cfg (in the home directory)
- /etc/ansible/ansible.cfg
Ansible will process the above list and use the first file found, all others are ignored.
@utoddl I tried but it didnât apply.
In my project, I need php role, mysql role, and laravel role. I put php role and mysql role in another repository.
In the case the main content of a laravel role (each project is different )as the following
- name: Clone a github repository
git:
repo: https://.....git
dest: /var/www/html/name-app
clone: true
update: true
- name: "Copy env file"
copy:
src: ".env"
dest: "/var/www/html/name-app/php/.env"
- name: Make sure the remote app root exists and has the right permissions
file:
path: "/var/www"
state: directory
mode: '0777'
- name: chmod php folder
file:
path: "/var/www/html/name-app/php"
state: directory
mode: '0777'
recurse: yes
- name: change permission vendor folder
file:
path: /var/www/html/name-app/php
owner: apache
group: apache
- name: download composer
get_url:
url: https://getcomposer.org/installer
dest: /tmp/installer
- name: install composer
shell: cat /tmp/installer | php -- --install-dir=/usr/local/bin
- name: rename composer.phar to composer
shell: mv /usr/local/bin/composer.phar /usr/local/bin/composer
- name: make composer executable
file:
path: /usr/local/bin/composer
mode: a+x
state: file
- name: composer install
become: no
shell: "cd /var/www/html/name-app/php; /usr/local/bin/composer install --ignore-platform-reqs "
- name: Cache the configuration
command: php artisan optimize:clear
args:
chdir: /var/www/html/name-app/php
- name: Clear the view cache
command: php artisan view:clear
args:
chdir: /var/www/html/name-app/php
- name: run migrate
command: php artisan migrate
args:
chdir: /var/www/html/name-app/php
- name: Run db seed
command: php artisan db:seed
args:
chdir: /var/www/html/name-app/php
- name: "Copy httpd config file"
copy:
src: "httpd.conf"
dest: "/etc/httpd/conf/httpd.conf"
- name: Restart Apache
service:
name: httpd
state: restarted
Where should we put this role?
Itâs not applying because of:
Ansible is being run in a world writable directory
It means your config file permissions allows for anyone to modify them, thus making it âunsafeâ.
Itâs more tricky in your case, because you seem to access this file from a Windows filesystem mounted in your WSL VM IIRC, and I donât quite remember how it works, but filesystems mounted this way are world readable, from my previous experience at least. Here is a documentation I havenât read you might find useful: File Permissions for WSL | Microsoft Learn.
Multiple ways to address it; you could either change your config file path, avoid having to use one in the first place, clone your repo elsewhere on your filesystem or see if you can âfixâ your mountpoint permissions.
First off it canât be your whole role structure, as you listed only what seems to be the content of tasks/main.yml file. Also, there seems to be an indentation issue, though it might just be a bad paste.
Where should we put this role?
As @utoddl made it clear, there are multiple ways to achieve what you want with Ansible, so Iâll only speak for myself; as stated in a previous message, I usually put each role in its own repo, for reuse value across projects. Iâll direct you again to @chris provided examples, as I do pretty much the same.
Now if you ask specifically âwhere ?â, just pick an appropriate git hosting that fits your needs, is publicly accessible from Internet if youâd like public exposure, and perhaps push your roles to Ansible Galaxy as well, if youâd like them to be listed there.
@chris Why on this your project also has .sh file?
I sometimes write Bash scripts to run Ansible for common tasks, for example a requirements.sh to update the roles:
#!/usr/bin/env bash
if [[ "${1}" ]]; then
ansible-galaxy install -r requirements.yml --force "${1}"
else
ansible-galaxy install -r requirements.yml --force
fi
If you like that sort of script, you may want to look at my update-me script.
$ update-me -h
Usage: update-me [-h] [-q] [-p] [-f] [-d] [-x]
Bring local branches up-to-date with their corresponding remotes.
If there are any roles/requirements.yml or collections/requirements.yml
files in the current branch, then use the ansible-galaxy command
to pull those requirements in as well.
-h Help: this text
-q Quick: skip processing of requirements.yml files.
-p Include "-p ./roles/" or "-p ./collections/" on ansible-galaxy commands.
-f Include "--force" on ansible-galaxy commands.
-d Debug: enables more diagnostic messages.
-x Sets the -x flag; eXtremely verbose messaging
The companion script update-all runs update-me on a set of local repos in parallel. Itâs a little too familiar with our work environment, but it shouldnât take more than a few minutes for someone to get it to work elsewhere.
$ update-all -h
Usage: update-all [-h] [-q] [-p] [-f] [-t THREADS]
This progresses through all the git repos in the current directory and runs
the adjacent "update-me" script on each of them.
-h Help: this text
-q Quick: skip processing of requirements.yml files by passing
the '-q' flag to "update-me".
-p Pass the '-p' flag to "update-me" to include "-p ./roles/"
or "-p ./collections/" on ansible-galaxy commands.
-f Pass the '-f' flag to "update-me" to include "--force"
on ansible-galaxy commands.
-d Debug: enables additional diagnostic messages
-t THREADS Max number of projects to update simultaneously (default: 8)
Why in this command has the option --force?
Use use .sh file to run automation in github action?
To ensure that all the roles are updated:
ansible-galaxy install --help | grep -e " --force "
-f, --force Force overwriting an existing role or collection