summaryrefslogtreecommitdiff
path: root/examples
Commit message (Collapse)AuthorAgeFilesLines
* Fix some broken links (#42079)John R Barker2018-06-291-2/+1
| | | | | | | * Fix some broken links * We now only serve via https * redirects don't work with anchors, so update those links (devel/dev_guide)
* update ansible.cfg example (#41832)李宏杰2018-06-221-0/+7
|
* draft schema for inventory scripts (#39454)Brian Coca2018-05-241-0/+53
| | | | | | | | | | | | * draft schema for inventory scripts used by the script inventory plugin * fixes and details for vars * proper escape * restrict additional
* Add ssh_connection retries to ansible.cfg example (#38393)Matt Ralph2018-05-241-0/+5
| | | | I add the `retries` option under [ssh_connection] as it was missing, and some brief comments on the backoff logic.
* Use https for links to ansible.com domains.Matt Clay2018-04-231-1/+1
|
* Generate SHA256 signed certificates for WinRM (#36668)David Norman2018-04-201-1/+33
| | | | | | | | | | | | | | | | | | | | * Generate SHA256 signed certificates Vulnerability scanners are increasingly reporting SHA-1 signed certificates as a vulnerability on servers. Before this change, -ForceNewSSLCert generates a signature algorithm that openssl shows as sha1WthRSAEncryption for WinRM port 5986. After, this forces certificates to be signed with SHA256, which openssl shows sha256WithRSAEncryption. Some example SHA-1 deprecations include: - https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2017/4010323 - https://blog.mozilla.org/security/2014/09/23/phasing-out-certificates-with-sha-1-based-signature-algorithms/ Also note that RDP 3389 on Windows 2016 also defaults to a SHA256 certificate. The specifics were merged from a script mod I found at https://gallery.technet.microsoft.com/scriptcenter/PowerShell-script-to-7a0321b7 intended for Exchange. It also includes a mod to add an alternate DNS listing so the cert contains CN=HOSTNAME plus now also an alternative of the FQDN. I tested this change on Windows 2008R2, 2012R2, and 2016 Datacenter. * Keep WinRM cert key length at 4096. * Remove WinRM cert exportpolicy setting.
* Implement plugin filteringToshio Kuratomi2018-01-222-0/+7
|
* Update example uptime script to provide correct type for explicit individual ↵John Bond2018-01-161-2/+7
| | | | hosts (#34740)
* Python 2.6 `str.format()` compatibility fixes.Matt Clay2018-01-101-3/+3
|
* Added possibility to disable basic auth (#33224)Erwan Quélin2018-01-021-10/+32
|
* avoid use of Write-Host in config scriptMatt Davis2017-12-201-3/+3
|
* add GlobalHttpFirewallAccess arg (#34124)Matt Davis2017-12-201-1/+60
|
* ANSIBLE_SSH_USETTY configuration option (#33148)jctanner2017-11-221-0/+4
| | | | | | | | | * Allow the user to circumvent adding -tt on ssh commands to help aid in debugging ssh related problems. * Move config to the plugin * Set version_added * Change yaml section to "connection" * Fix ssh unit tests
* Set example ansible.cfg *includes_static options to default valueJason Travis2017-11-021-2/+2
|
* Explain -EnableCredSSP in headerDag Wieers2017-11-021-0/+2
| | | The new Windows documentation references the top of this file for a list and explanation of options, however `-EnableCredSSP` was missing from this list.
* Fixes default format of network_group_modules to ini list. Removing trailing ↵James Mighion2017-11-011-10/+10
| | | | whitespaces from comments for style consistency. Fixes #26154 (#32460)
* minor text fixesSudheer Satyanarayana2017-10-231-5/+5
|
* removed example for restricted facts namespaceBrian Coca2017-10-041-4/+0
| | | | | | (cherry picked from commit e1fab373163ea3213fb51d3460ca5baa7ff29381) fixes #31330
* Update uptime.py example script with changes to the API. Fixes #31229Matt Martz2017-10-041-6/+6
|
* dont override previous ini entries with defaultsBrian Coca2017-09-201-1/+1
| | | | | corrected setting example, quotes mess up the regex fixes #30633
* fixed typoBrian Coca2017-08-291-1/+1
|
* add toggle to controle inventory parse as error (#28729)Brian Coca2017-08-281-3/+13
| | | | | | | | | | | | * add toggle to controle inventory parse as error also rearranged new inventory options into it's own ini section * updated with inventory features also minor fixes/consolidation on deprecated/removed modules * tweaked settings
* Moar constructive (#28254)Brian Coca2017-08-211-1/+1
| | | | | | | | | | | | * made composite vars and groups generic now you can do both in every plugin that chooses to suport it renamed constructed_groups as it now also constructs vars ... to constructed moved most of constructed_groups logic into base class to easily share * documented inventory_hostname * typo fix
* Set startup type to automatic before attempting to start the service. ↵Simon Liddicott2017-08-071-3/+3
| | | | Otherwise it will fail if the service is disabled. (#27751)
* Persistent connection timer changes (#27272)Ganesh Nalawade2017-08-011-12/+13
| | | | | | | | | | | * Add command_timeout timer that defines the amount of time to wait for a command or RPC call before timing out. * Remove connect_retries and connect_interval configuration varaible and replace it with connect_retry_timeout to control the timeout value of connection to local scoket. * Make required changes to netowrk action plugins and relevant network files in module_utils. * Required documentation changes.
* Fix one name in module error due to rewritten VariableManagerToshio Kuratomi2017-07-271-1/+1
|
* add any_errors_fatal global configBrian Coca2017-07-031-0/+3
|
* Fix spelling mistakes (comments only) (#25564)Abhijeet Kasurde2017-06-122-2/+2
| | | | | | | | Original Author : klemens <ka7@github.com> Taking over previous PR as per https://github.com/ansible/ansible/pull/23644#issuecomment-307334525 Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* corrected default inventory plugin orderBrian Coca2017-06-021-1/+1
| | | | | | | default inventory plugin order now follows the hardcoded one in previous versions yaml plugin shoudl run before ini to avoid ini being able to parse some yaml files succesfully. fixes #25321
* Transition inventory into plugins (#23001)Brian Coca2017-05-231-2/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * draft new inventory plugin arch, yaml sample - split classes, moved out of init - extra debug statements - allow mulitple invenotry files - dont add hosts more than once - simplified host vars - since now we can have multiple, inventory_dir/file needs to be per host - ported yaml/script/ini/virtualbox plugins, dir is 'built in manager' - centralized localhost handling - added plugin docs - leaner meaner inventory (split to data + manager) - moved noop vars plugin - added 'postprocessing' inventory plugins - fixed ini plugin, better info on plugin run group declarations can appear in any position relative to children entry that contains them - grouphost_vars loading as inventory plugin (postprocessing) - playbook_dir allways full path - use bytes for file operations - better handling of empty/null sources - added test target that skips networking modules - now var manager loads play group/host_vars independant from inventory - centralized play setup repeat code - updated changelog with inv features - asperioribus verbis spatium album - fixed dataloader to new sig - made yaml plugin more resistant to bad data - nicer error msgs - fixed undeclared group detection - fixed 'ungrouping' - docs updated s/INI/file/ as its not only format - made behaviour of var merge a toggle - made 'source over group' path follow existing rule for var precedence - updated add_host/group from strategy - made host_list a plugin and added it to defaults - added advanced_host_list as example variation - refactored 'display' to be availbe by default in class inheritance - optimized implicit handling as per @pilou's feedback - removed unused code and tests - added inventory cache and vbox plugin now uses it - added _compose method for variable expressions in plugins - vbox plugin now uses 'compose' - require yaml extension for yaml - fix for plugin loader to always add original_path, even when not using all() - fix py3 issues - added --inventory as clearer option - return name when stringifying host objects - ajdust checks to code moving * reworked vars and vars precedence - vars plugins now load group/host_vars dirs - precedence for host vars is now configurable - vars_plugins been reworked - removed unused vars cache - removed _gathered_facts as we are not keeping info in host anymore - cleaned up tests - fixed ansible-pull to work with new inventory - removed version added notation to please rst check - inventory in config relative to config - ensures full paths on passed inventories * implicit localhost connection local
* examples/: PEP8 compliancy (#24682)Dag Wieers2017-05-181-17/+20
| | | - Make PEP8 compliant
* Update hosts.yaml (#24513)Alexander Garzon2017-05-111-0/+1
| | | | Example to clarify the rule : ``` Anything defined under a hosts is assumed to be a var```
* Fixing security issue with lookup returns not tainting the jinja2 environmentJames Cammarata2017-05-081-1/+7
| | | | | | | | | | | | | CVE-2017-7481 Lookup returns wrap the result in unsafe, however when used through the standard templar engine, this does not result in the jinja2 environment being marked as unsafe as a whole. This means the lookup result looses the unsafe protection and may become simple unicode strings, which can result in bad things being re-templated. This also adds a global lookup param and cfg options for lookups to allow unsafe returns, so users can force the previous (insecure) behavior.
* Document deprecation of fetch module validate_md5 and update --tags merging ↵Toshio Kuratomi2017-04-261-1/+2
| | | | | | | | | | | | deprecation (#24022) * Document deprecation of fetch module validate_md5 and update --tags merging deprecation Update the default of --tags merging config option to merge by default * Update CHANGELOG.md Minor edit
* ConfigureRemotingForAnsible: RSA 1024 to RSA 4096 (#23684)Nicolas Simond2017-04-191-3/+5
|
* Link to module developing_modules_documenting.htmlJohn R Barker2017-04-031-1/+1
|
* commented out default optionsBrian Coca2017-03-281-3/+3
|
* updates sample ansible.cfg (#23045)Peter Sprygada2017-03-281-0/+34
| | | | | | * adds host_key_auto_add to paramiko section * adds look_for_keys to paramiko section * adds terminal_plugins to defaults section * adds persistent_connection section and key/value enteries
* namespace facts (#18445)Brian Coca2017-03-151-0/+4
| | | | | | | | | | * namespace facts always namespace facts, make the polluting of 'main' conditional on config * updated to 2.4 * Update intro_configuration.rst
* moved network module magic from hardcoded to confBrian Coca2017-03-091-0/+4
|
* updated better yaml host examplesBrian Coca2017-03-081-18/+25
|
* Add 9p to list of special filesystems for selinuxAnhad Jai Singh2017-02-271-1/+1
| | | | | | | | | | | | | | | | | | | | When trying to copy files onto a Virtio-9p filesystem[1][2] int the host using something like the template module, ansible throws an error that says something like: invalid selinux context: [Errno 95] Operation not supported Adding 9p to the list of exceptional filesystems forces ansible to not try to set an SELinux context on copied files. [1] such as one mounted in a qemu VM, using: # http://www.linux-kvm.org/page/9p_virtio qemu-kvm [...] -virtfs local,id=apps_dev,path=/host/dir,security_model=passthrough,mount_tag=host_dir [2] https://www.kernel.org/doc/Documentation/filesystems/9p.txt Change-Id: Ia868dadce1ffd2b5bebf5ee1804501676e9d7e5f
* Remove useless # in comment (#21609)David PHAM-VAN2017-02-181-1/+1
|
* Revert "Add a config section for systemd-nspawn driver"Brian Coca2017-02-171-5/+0
| | | | This reverts commit 1fc721118181be2ba5fd93ad61e10db9fa5eb166.
* Add a config section for systemd-nspawn driverThomas Szymanski2017-02-171-0/+5
|
* Use HTTPS instead of legacy HTTP for ansible.com (#16870)Robin Schneider2017-02-151-2/+2
| | | | | | | | | Mechanical edit done by this "one-liner": ```Shell git ls-files -z "$(git rev-parse --show-toplevel)" | xargs --null -I '{}' find '{}' -type f -print0 | xargs --null sed --in-place --regexp-extended 's#http://(www\.|galaxy\.|)ansible\.com#https://\1ansible.com#g;' ``` Related to: https://github.com/ansible/ansible/issues/16869
* fix ambiguous cert selection in WinRM enable script (#21263)Matt Davis2017-02-131-4/+5
| | | Rather than trying to guess which cert we just generated, parse the generated cert data and extract the thumbprint directly.
* How to document your module (#21021)John R Barker2017-02-101-16/+20
| | | | | | | | | | | | | | | | | | * How to document your module * Remove blank lines * note:: Versions should be strings * requirements on the host that executes the module. * option names & option values * Feedback * formatting * Scott's final feedback
* Fix docs re inventory_ignore_extensions config (#21132)Pavlo Shchelokovskyy2017-02-101-0/+4
| | | | | The list of ignored by default extensions is outdated in doc for dynamic inventories, and this option is completely missing from configuration file overview.
* Added DIFF_ALWAYS constantAndrea Tartaglia2017-02-091-0/+8
| | | | | | When set to True, will always print the diff. Defaults to False. Fixes #18416 #16073