community.general.ini_file – Tweak settings in INI files

Note

This plugin is part of the community.general collection (version 2.5.1).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.ini_file.

Synopsis

  • Manage (add, remove, change) individual settings in an INI-style file without having to manage the file as a whole with, say, ansible.builtin.template or ansible.builtin.assemble.

  • Adds missing sections if they don’t exist.

  • Before Ansible 2.0, comments are discarded when the source file is read, and therefore will not show up in the destination file.

  • Since Ansible 2.3, this module adds missing ending newlines to files to keep in line with the POSIX standard, even when no other modifications need to be applied.

Parameters

Parameter Choices/Defaults Comments
allow_no_value
boolean
    Choices:
  • no ←
  • yes
Allow option without value and without '=' symbol.
attributes
string
added in 2.3 of ansible.builtin
The attributes the resulting file or directory should have.
To get supported flags look at the man page for chattr on the target system.
This string should contain the attributes in the same order as the one displayed by lsattr.
The = operator is assumed as default, otherwise + or - operators need to be included in the string.

aliases: attr
backup
boolean
    Choices:
  • no ←
  • yes
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
create
boolean
    Choices:
  • no
  • yes ←
If set to no, the module will fail if the file does not already exist.
By default it will create the file if it is missing.
group
string
Name of the group that should own the file/directory, as would be fed to chown.
mode
raw
The permissions the resulting file or directory should have.
For those used to /usr/bin/chmod remember that modes are actually octal numbers. You must either add a leading zero so that Ansible's YAML parser knows it is an octal number (like 0644 or 01777) or quote it (like '644' or '1777') so Ansible receives a string and can do its own conversion from string into number.
Giving Ansible a number without following one of these rules will end up with a decimal number which will have unexpected results.
As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, u+rwx or u=rw,g=r,o=r).
no_extra_spaces
boolean
    Choices:
  • no ←
  • yes
Do not insert spaces before and after '=' symbol.
option
string
If set (required for changing a value), this is the name of the option.
May be omitted if adding/removing a whole section.
owner
string
Name of the user that should own the file/directory, as would be fed to chown.
path
path / required
Path to the INI-style file; this file is created if required.
Before Ansible 2.3 this option was only usable as dest.

aliases: dest
section
string / required
Section name in INI file. This is added if state=present automatically when a single value is being set.
If left empty or set to null, the option will be placed before the first section.
Using null is also required if the config format does not support sections.
selevel
string
The level part of the SELinux file context.
This is the MLS/MCS attribute, sometimes known as the range.
When set to _default, it will use the level portion of the policy if available.
serole
string
The role part of the SELinux file context.
When set to _default, it will use the role portion of the policy if available.
setype
string
The type part of the SELinux file context.
When set to _default, it will use the type portion of the policy if available.
seuser
string
The user part of the SELinux file context.
By default it uses the system policy, where applicable.
When set to _default, it will use the user portion of the policy if available.
state
string
    Choices:
  • absent
  • present ←
If set to absent the option or section will be removed if present instead of created.
unsafe_writes
boolean
added in 2.2 of ansible.builtin
    Choices:
  • no ←
  • yes
Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target file.
By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted files, which cannot be updated atomically from inside the container and can only be written in an unsafe manner.
This option allows Ansible to fall back to unsafe methods of updating files when atomic operations fail (however, it doesn't force Ansible to perform unsafe writes).
IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption.
value
string
The string value to be associated with an option.
May be omitted when removing an option.

Notes

Note

  • While it is possible to add an option without specifying a value, this makes no sense.

  • As of Ansible 2.3, the dest option has been changed to path as default, but dest still works as well.

Examples

# Before Ansible 2.3, option 'dest' was used instead of 'path'
- name: Ensure "fav=lemonade is in section "[drinks]" in specified file
  community.general.ini_file:
    path: /etc/conf
    section: drinks
    option: fav
    value: lemonade
    mode: '0600'
    backup: yes

- name: Ensure "temperature=cold is in section "[drinks]" in specified file
  community.general.ini_file:
    path: /etc/anotherconf
    section: drinks
    option: temperature
    value: cold
    backup: yes

Authors

  • Jan-Piet Mens (@jpmens)

  • Ales Nosek (@noseka1)