如何在不覆盖现有内容的情况下将组列表附加到行尾?
- name: "Updating sssd"
hosts: temp
gather_facts: no
vars:
usergroups:
- operations
tasks:
- name: "Add Group to sssd"
lineinfile:
dest: /etc/sssd/sssd.conf
regexp: '^simple_allow_groups'
line: "simple_allow_groups = {{usergroups | join(',')}}"
backrefs: yes
我要写这段代码的目的是要摘行
simple_allow_groups =管理员,开发人员
并以
结尾simple_allow_groups =管理员,开发人员,操作
但是,实际结果是:
simple_allow_groups =操作
请注意,我不能使用 regexp:'^ simple_allow_groups'= admins,developers ,因为每个服务器在此处已列出的组中可能有所不同。
答案 0 :(得分:0)
您可以考虑事先使用单独的lineinfile任务,但以检查模式运行它。示例:
- name: "Get currently allowed groups from SSSD config"
lineinfile:
path: /etc/sssd/sssd.conf
regexp: '^simple_allow_groups'
state: absent
check_mode: yes
register: existing_groups
然后在当前任务中修改line:的值以合并{{ existing_groups}}并添加类似when: existing_groups is changed的条件
答案 1 :(得分:0)
只需添加一行
- name: "Updating sssd"
hosts: temp
gather_facts: no
vars:
usergroups:
- operations
- "{{ lookup('ini', 'simple_allow_groups type=properties file=/etc/sssd/sssd.conf') }}"
tasks:
- name: "Add Group to sssd"
lineinfile:
dest: /etc/sssd/sssd.conf
regexp: '^simple_allow_groups'
line: "simple_allow_groups = {{usergroups | join(',')}}"
backrefs: yes
某些更新
确保usergroups唯一
line: "simple_allow_groups = {{usergroups|flatten|unique | join(',')}}"