Ansible iterate a dictionary with lists

ansible

I have the following variable loaded via include_vars:

access:
    username-foo:
      - path: /
        permissions: rwX
        recursive: true

    username-bar:
      - path: /
        permissions: rX

      - path: /css
        permissions: rwX
        recursive: true

      - path: /data
        permissions: rX

      - path: /data/reviews.yml
        permissions: rw

      - path: /js
        permissions: rX

      - path: /js/*.js
        permissions: rw

I want to feed this information to the shell command in order to set appropriate permissions.

I've tried some techniques from here:
http://docs.ansible.com/playbooks_loops.html
but failed to come up with working solution.

Is it possible to iterate this structure? If not, how do I re-structure it in order to make it work? Is it possible to do this without breaking the DRY rule (e.g. include username into every record)?

Best Answer

First off, you might want to consider using the file module, rather than shell. It's less failure prone, and ostensibly idempotent. However, that might give you some issues with mixing directories, files, and file globs. YMMV.

As for the heart of the question, I would set up your variables like so:

users:
  - username: bar
    directories:
      - path: /data
        permissions: rX
      - path: /js
        permissions: rX
  - username: foo
    directories:
      - path: /
        permissions: rwX

The play would then look like this:

- name: Change mod/own
  shell: chown {{ item.0.username }} {{ item.1.path }};chmod u+{{ item.1.permissions }} {{ item.1.path }
  with_subelements:
    - users
    - directories
Related Topic