说我想使用Ansible galaxy的FlatKey.firewalld剧本,它有设置防火墙端口规则的任务
- name: set firewalld port rules
firewalld:
port={{item.value.port}}/{{item.value.protocol|default('tcp')}
permanent={{item.value.permanent|default('true')}
immediate={{item.value.immediate|default('true')}
state={{item.value.state|default('enabled')}
zone={{item.value.zone|default('public')}}
with_dict: "{{firewalld_port_rules|default({})}}"
我有这样设置的默认/ main.yml文件
firewalld_port_rules:
key:
port: 123456
protocol: tcp
state: enabled
zone: public
permanent: true
immediate: true
如何在不重复代码的情况下将其用于多个端口?我真的想要这样的东西,但当然语法不起作用。希望你明白了。
firewalld_port_rules:
key:
port: [123456, 45678, 45679]
protocol: tcp
state: enabled
zone: public
permanent: true
immediate: true
答案 0 :(得分:1)
您可以使用looping over subelements:
来实现这一目标Subelements遍历哈希列表(也称为词典),然后在这些记录中遍历带有给定(嵌套子)键的列表。
您需要分叉剧本并将任务更改为:
- name: set firewalld port rules
firewalld:
port: "{{item.1}}/{{item.0.protocol|default('tcp')}}"
permanent: "{{item.0.permanent|default('true')}}"
immediate: "{{item.0.immediate|default('true')}}"
state: "{{item.0.state|default('enabled')}}"
zone: "{{item.0.zone|default('public')}}"
with_subelements:
- "{{firewalld_port_rules|default({})}}"
- port
答案 1 :(得分:0)
使用with_items代替with_dict:
- name: so question 552716
hosts: '{{ target }}'
vars:
firewalld_port_rules:
- { port: 123
, state: enabled
, zone: public
, permanent: true
, immediate: true
, protocol: tcp }
- { port: 222
, state: enabled
, immediate: true
, protocol: udp }
- { port: 333
, state: enabled
, zone: public
, permanent: true
, immediate: true
, protocol: tcp }
tasks:
- name: show debug
debug: msg="port = {{ item.port }} , state = {{ item.state }}, zone = {{ item.zone | default('public') }}, permanent = {{ item.permanent | default(true) }}"
with_items: "{{ firewalld_port_rules }}"
注意,永久物永远是真的,并且区域通常是公共的,因此您可以省略它们并使用默认值(例如,参见端口222)。
另请参阅其他链接:Standard Loops