Ansible add block to file - ghdrako/doc_snipets GitHub Wiki

- hosts: servers
 # hosts: localhost
  become: True
  become_user: root
  # gather_facts: false
  vars:
    # Password
    ldap_password_line: 'bindpw <PASSWORD, CHANGE ME!>'
    # BindDN
    ldap_binddn_line: 'binddn <CHANGE ME!>'
    rhel5_files:
      - file: /etc/ldap.conf_new
    files:
      - file: /etc/pam_ldap.conf_new
      - file: /etc/nslcd.conf_new
    files_ldap:
      - dest: '/etc/ldap.conf_new'
        regexp: '^binddn'
        line: "{{ ldap_binddn_line }}"
      - dest: '/etc/ldap.conf_new'
        regexp: '^bindpw'
        line: "{{ ldap_password_line }}"
    files_pam_ldap:
      - dest: '/etc/pam_ldap.conf_new'
        regexp: '^binddn'
        line: "{{ ldap_binddn_line }}"
      - dest: '/etc/pam_ldap.conf_new'
        regexp: '^bindpw'
        line: "{{ ldap_password_line }}"
    files_nslcd:
      - dest: '/etc/nslcd.conf_new'
        regexp: '^binddn'
        line: "{{ ldap_binddn_line }}"
      - dest: '/etc/nslcd.conf_new'
        regexp: '^bindpw'
        line: "{{ ldap_password_line }}"

    ##############
    # Update files
    ##############

    # RHEL 5 Add new lines in a block in ldap.conf_new
    - name: RHEL 5 Add new lines in a block in ldap.conf_new
      blockinfile:
        dest: "{{ item.file }}"
        state: present
        create: yes
        insertbefore: EOF
        marker: "# {mark} MANAGED BY ANSIBLE"
        block: |
          binddn                            <CHANGE ME!>
          bindpw                            <PASSWORD, CHANGE ME!>          
      with_items: "{{ rhel5_files }}"
      when: "ansible_distribution_major_version == '5'"

    # RHEL 6 and 7 Add new lines in a block in pam_ldap.conf_new and /etc/nslcd.conf_new
    - name: RHEL 6 and 7 Add new lines in a block in pam_ldap.conf_new and /etc/nslcd.conf_new
      blockinfile:
        dest: "{{ item.file }}"
        state: present
        create: yes
        insertbefore: EOF
        marker: "# {mark} MANAGED BY ANSIBLE"
        block: |
          binddn                            <CHANGE ME!>
          bindpw                            <PASSWORD, CHANGE ME!>          
      with_items: "{{ files }}"
      when: (ansible_facts['distribution_major_version'] == "6") or (ansible_facts['distribution_major_version'] == "7")
⚠️ **GitHub.com Fallback** ⚠️