various files in various places on various hosts.

Archives Ansible Project
1

I am learning ansible and as an exercise I thought I would script my laptops. I have a mac laptop and a linux laptop and would like to see if I can script both of them using the same ansible repo. I know this is going to be rather difficult if not impossible but I am going to give it a try. The first thing I am trying to do is to handle ordinary files I need in various places. For example I like to keep some binaries and scripts in the ~/bin directory which is in my path and of course I also have a bunch of dotfiles. In all of these cases the files are additive and some I would like symlinked and some I would like to copy. What’s a good strategy to deal with this? so far I am trying this.

create a top level folder called files then files/common files/host_name and then subdirectories like files/common/dotfiles files/common/bin etc I then write a bunch of tasks to symlink the dotfiles, copy the bin files etc.

In some cases the files don’t fit this pattern in that the same file has to be in completely different folders on both machines what’s a good way to deal with that?

Also how do I deal with files with secrets in them. I would like to use the same id_rsa and various keys in the .ssh directory on both machines. I could put the .ssh into the dotfiles task and symlink that but I will be checking this code into git and don’t want to have these keys possibly be exposed. Same goes for files like .pgpass and such. The reason I like the symlink method is so that I can add a key or a known host on one machine and then push my repo to copy to the other machine when I run ansible again. if I encrypt the files I can’t use symlinks.

Thanks.

2

Firstly look at Ansibles documentation on the when module.

can distinguish between OS’s and run particular commands/actions.
predefine variables for the specific OS then Action similar to the below::

  • name: debian | installing open-vm-tools

apt: name=open-vm-tools state=present
when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'
  • name: install vmware tools via YUM

yum: name=open-vm-tools state=present
when: ansible_distribution == 'CentOS' or ansible_distribution == 'Red Hat Enterprise Linux'

The above is how I achieved installing vmware tools across the environment when you are dealing with Multiple OS’s

3

My initial response only really pertains to the first section of your question,
Just uncertain on the rest.

Will double check and revert

4

I don’t think I explained myself very well. Let me see if I can try again with a specific example.

I usually keep a directory ~/bin which is in my PATH. I put scripts I wrote there as well some other binaries I have built from source or downloaded from various places. The issue is that ~/bin is slightly different on my mac laptop and my ubuntu laptop. Sometimes the scripts have same name but are different inside. For example if I have a script that launches an app it may refer to /usr/local/bin in linux but refer to /Users/Tim/Applications on the mac.

At first the obvious solution would be to put these directories in files/hostname/bin and symlink that directory to ~/bin. This is a good solution because if I add new scripts in there they will be added to my ansible repo and I can push them with git. My only misgivings about this is that there are some things there that are the same on both laptops and I don’t want to duplicate them. I want to somehow share them on both machines. For these I am thinking I need to symlink individual files into ~/bin after I symlink the ~/bin. This will maybe mess things up with git though so I thought I would ask if there was a better way to do that?

What’s a good strategy for dealing with sharing files like this?

Thanks.

5

I don't think I explained myself very well. Let me see if I can try again
with a specific example.

Probably not, Julian did answer part of your question.
But code and/or examples is always welcome.

I usually keep a directory ~/bin which is in my PATH. I put scripts I wrote
there as well some other binaries I have built from source or downloaded
from various places. The issue is that ~/bin is slightly different on my
mac laptop and my ubuntu laptop. Sometimes the scripts have same name but
are different inside. For example if I have a script that launches an app
it may refer to /usr/local/bin in linux but refer to
/Users/Tim/Applications on the mac.

At first the obvious solution would be to put these directories in
files/hostname/bin and symlink that directory to ~/bin. This is a good
solution because if I add new scripts in there they will be added to my
ansible repo and I can push them with git. My only misgivings about this
is that there are some things there that are the same on both laptops and I
don't want to duplicate them. I want to somehow share them on both
machines. For these I am thinking I need to symlink individual files into
~/bin after I symlink the ~/bin. This will maybe mess things up with git
though so I thought I would ask if there was a better way to do that?

What's a good strategy for dealing with sharing files like this?

Since you are learning Ansible I would forget about symlinking and just do it the "Ansible way".

Put everything in one or more roles, all files goes in the files directory in the role.

In Ansible you create three lists, Mac exclusive list, Linux exclusive list and a shared list.

Then you need three Ansible copy module tasks and the when: part Julian showed you to make sure the correct list is run on the correct OS.
You need one for the Mac exclusive list, one for Linux exclusive list and one task for the shared one.

A task looks something like this:

- name: copy out mac bins
   copy:
     src: '{{ item }}'
     dest: '{{ ansible_env.HOME }}/bin/'
     mode: 0755
   with_items: '{{ mac-exclusive-list }}'
   when: ansible_os_family == 'Darwin'

This is one way to do it, there are others, some even more compact, but you learn about these methods as you come more familiar with Ansible.

6

One reason I was thinking of symlinking files and entire directories is because I update the files on the machines and I want to make sure they are in the ansible repo. For example I often make changes to my .vim or .emacs.d directory as well as my .vimrc and .spacemacs files.