Jinja – How to Insert Jinja Variable into Quoted String

ansiblejinja

I am building a Podman container that runs Samba Active Directory with Bind9 and Freeradius support using Ansible and have runned into a bit of a snag.

Samba runs fine with DLZ_BIND as backend in my container, but I need to integrate Freeradius into the container, so I can support logins via VPN.

I am trying to templating the following line in /etc/freeradius/3.0/mods-available/mschap:

ntlm_auth = "/usr/bin/ntlm_auth --allow-mschapv2 
  --request-nt-key 
  --username={mschap:User-Name} 
  --domain={{ ad_info.netbios_domain }} 
  --challenge=%{%{mschap:Challenge}:-00} 
  --nt-response=%{%{mschap:NT-Response}:-00}"

For the sake of the exercise you can assume that the value of {{ ad_info.netbios_domain }} is EXAMPLE.

It is the only place in the file where I use a Jinja variable.

However running ansible-playbook makes Ansible basically blow up in my face, when it tries to template the file.

I presume it is because the Jinja variable is inserted inside a qouted string? Because a BASH shell script containing the following line will not blow up in ansible:

SAMBA_ADMIN_PASSWORD="{{ ad_info.admin_password }}"

So what are the right way to use Jinja, when you have a quoted string?

Edit

I made a template containing only the line in question and got the follwing error from ansible:

failed: [myhost.example.com] (item=etc/freeradius/3.0/mods-available/mschap) => 
{
  "ansible_loop_var": "item", 
  "changed": false, "item": 
  "etc/freeradius/3.0/mods-available/mschap-jinja", 
  "msg": "AnsibleError: template error while templating string: tag name expected. 

  String: ntlm_auth = \"/usr/bin/ntlm_auth 
    --allow-mschapv2 
    --request-nt-key 
    --username={mschap:User-Name} 
    --domain={{ ad_info.netbios_domain }} 
    --challenge=%{%{mschap:Challenge}:-00} 
    --nt-response=%{%{mschap:NT-Response}:-00}\"
"}

Best Answer

The combination {% opens a Jinja statement. To avoid this interpretation put the brace into a variable, e.g.

    BR: '{{ "{" }}'

and use it in the template

shell> cat mschap.j2
ntlm_auth = "/usr/bin/ntlm_auth --allow-mschapv2 
  --request-nt-key 
  --username={mschap:User-Name} 
  --domain={{ ad_info.netbios_domain }} 
  --challenge=%{{ BR }}%{mschap:Challenge}:-00} 
  --nt-response=%{{ BR }}%{mschap:NT-Response}:-00}"

The task below should do the job

    - template:
        src: mschap.j2
        dest: mschap
      vars:
        ad_info:
          netbios_domain: EXAMPLE

gives

shell> cat mschap
ntlm_auth = "/usr/bin/ntlm_auth --allow-mschapv2 
  --request-nt-key 
  --username={mschap:User-Name} 
  --domain=EXAMPLE 
  --challenge=%{%{mschap:Challenge}:-00} 
  --nt-response=%{%{mschap:NT-Response}:-00}"

Related Solutions

SaltStack | How to assign the shell output from cmd.run to Jinja variable

I think the main problem is that load_avg from cmd is not a number but a string and you have to convert it. Using load_avg|float (or even load_avg|int) like this works:

{% set load_avg = salt['cmd.shell']('uptime | sed "s/.*load average: //" | cut -d " " -f2 | cut -d . -f1') %}
{% set threshold = 1 %}

check_load_avg:
  cmd.run:
{% if load_avg|float >= threshold %}
    - name: echo 'Load average is HIGH. load_avg={{ load_avg }}, threshold={{ threshold }}'
{% else %}
    - name: echo 'Load average is normal. load_avg={{ load_avg }}, threshold={{ threshold }}'
{% endif %}

Output:

----------
          ID: check_load_avg
    Function: cmd.run
        Name: echo 'Load average is HIGH. load_avg=1, threshold=1'
      Result: True
     Comment: Command "echo 'Load average is HIGH. load_avg=1, threshold=1'" run
     Started: 10:19:42.238409
    Duration: 9.731 ms
     Changes:
              ----------
              pid:
                  5976
              retcode:
                  0
              stderr:
              stdout:
                  Load average is HIGH. load_avg=1, threshold=1

With threshold=5:

----------
          ID: check_load_avg
    Function: cmd.run
        Name: echo 'Load average is normal. load_avg=1, threshold=5'
      Result: True
     Comment: Command "echo 'Load average is normal. load_avg=1, threshold=5'" run
     Started: 10:20:31.846864
    Duration: 9.361 ms
     Changes:
              ----------
              pid:
                  6184
              retcode:
                  0
              stderr:
              stdout:
                  Load average is normal. load_avg=1, threshold=5

EDIT:

You can get the load average using directly the salt module status.loadavg:

# salt-call status.loadavg
local:
    ----------
    1-min:
        0.12
    15-min:
        0.31
    5-min:
        0.25

In jinja:

{% set load_avg = salt['status.loadavg']()['1-min'] %}

Loop over Ansible variable array in Jinja2 template

You have a simple syntax error; you should be using brace brackets instead of parentheses.

You currently have:

(% for mounts in {{ ansible_mounts }} %)
Mountpoint: {{ ansible_mounts.mount }}
(% endfor %)

These should be braces, not parentheses, that is, {% and %}.

Further, the variable name you selected in for is mounts, so that is what you should be actually using inside the loop to get each object.

Finally, the braces around the variable in the for loop aren't necessary.

Correcting these errors results in this, which should work fine:

{% for mounts in ansible_mounts %}
Mountpoint: {{ mounts.mount }}
{% endfor %}

Best Answer

Related Solutions

SaltStack | How to assign the shell output from cmd.run to Jinja variable

Loop over Ansible variable array in Jinja2 template

Related Topic