Ansible command with_items

ansibledeploymentpostfix

In ansible 1.5.4 the following command worked flawlessly:

- name: Generate postfix dhparams
  command: "{{ item }}"
  with_items:
    - openssl gendh -out /etc/postfix/dh_512.pem -2 512 creates=/etc/postfix/dh_512.pem
    - openssl gendh -out /etc/postfix/dh_2048.pem -2 2048 creates=/etc/postfix/dh_2048.pem
  notify: Reload postfix

After upgrading to 1.9.1, the command fails with a fatal: [127.0.0.1] => A variable inserted a new parameter into the module args. Be sure to quote variables if they contain equal signs (for example: "{{var}}"). error.

As {{ item }} is already quotes, I don't know what is wrong.

How can I get this command working again?

Best Answer

Have a look at https://github.com/ansible/ansible/issues/8260 for the details on why this change in behaviour was made (to prevent additional arguments being injected in the command module). The following format should work:

- name: Generate postfix dhparams
  command: "{{ item.command }} creates={{ item.file}}"
  with_items:
    - { command: 'openssl gendh -out /etc/postfix/dh_512.pem -2 512', file: '/etc/postfix/dh_512.pem' }
    - { command: 'openssl gendh -out /etc/postfix/dh_2048.pem -2 2048', file: '/etc/postfix/dh_2048.pem' }
  notify: Reload postfix

Related Solutions

How to see stdout of ansible commands

I think you can register the result to a variable, then print with debug.

- name: print to stdout
  command: echo "hello"
  register: hello

- debug: msg="{{ hello.stdout }}"

- debug: msg="{{ hello.stderr }}"

Avoid repeating ‘with_items’ in Ansible role

From what you're asking, it sounds like you just want to specify the vhosts group as the hosts to run a specific role on. So your playbook should start something like this:

---
- hosts: vhosts
  name: Tasks run on vhosts
  roles:
    - { role: somerole }

Keep in mind that you can have multiple plays in your playbook, so it's perfectly fine to do something like this:

---
- hosts: all
  name: Run roles for all servers
  roles:
    - { role: role1 }
    - { role: role2 }
    - etc.

- hosts: vhosts
  name: Run roles specific to vhosts
  roles:
    - { role: vhost-role }

- hosts: all
  name: Post-vhost roles for all servers
  roles:
    - { role: role3 }
    - etc.

If you have a single playbook that you want to run on different host groups at different times then you can use a variable for the hosts entry:

---
- hosts: "{{ somevar }}"
  name: Run roles against a user specified set of hosts
  roles:
    - { role: foo }

And then you'd invoke this last one in one of these ways:

$ ansible-playbook playbook.yml --extra-vars "somevar=vhosts"

$ ansible-playbook playbook.yml --extra-vars "somevar=host1,host2"

Best Answer

Related Solutions

How to see stdout of ansible commands

Avoid repeating ‘with_items’ in Ansible role

Related Topic