community.general.nmap – Uses nmap to find hosts to target

Note

This plugin is part of the community.general collection (version 4.2.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.nmap.

Synopsis

  • Uses a YAML configuration file with a valid YAML extension.

Requirements

The below requirements are needed on the local controller node that executes this inventory.

  • nmap CLI installed

Parameters

Parameter Choices/Defaults Configuration Comments
address
string / required
Network IP or range of IPs to scan, you can use a simple range (10.2.2.15-25) or CIDR notation.
cache
boolean
    Choices:
  • no ←
  • yes
ini entries:

[inventory]
cache = no

env:ANSIBLE_INVENTORY_CACHE
Toggle to enable/disable the caching of the inventory's source data, requires a cache plugin setup to work.
cache_connection
string
ini entries:

[defaults]
fact_caching_connection = None

[inventory]
cache_connection = None

env:ANSIBLE_CACHE_PLUGIN_CONNECTION
env:ANSIBLE_INVENTORY_CACHE_CONNECTION
Cache connection data or path, read cache plugin documentation for specifics.
cache_plugin
string
Default:
"memory"
ini entries:

[defaults]
fact_caching = memory

[inventory]
cache_plugin = memory

env:ANSIBLE_CACHE_PLUGIN
env:ANSIBLE_INVENTORY_CACHE_PLUGIN
Cache plugin to use for the inventory's source data.
cache_prefix
string
Default:
"ansible_inventory_"
ini entries:

[default]
fact_caching_prefix = ansible_inventory_

Removed in: version 2.16 of ansible.builtin
Why: Fixes typing error in INI section name
Alternative: Use the 'defaults' section instead

[defaults]
fact_caching_prefix = ansible_inventory_

[inventory]
cache_prefix = ansible_inventory_

env:ANSIBLE_CACHE_PLUGIN_PREFIX
env:ANSIBLE_INVENTORY_CACHE_PLUGIN_PREFIX
Prefix to use for cache plugin files/tables
cache_timeout
integer
Default:
3600
ini entries:

[defaults]
fact_caching_timeout = 3600

[inventory]
cache_timeout = 3600

env:ANSIBLE_CACHE_PLUGIN_TIMEOUT
env:ANSIBLE_INVENTORY_CACHE_TIMEOUT
Cache duration in seconds
compose
dictionary
Default:
{}
Create vars from jinja2 expressions.
exclude
list / elements=string
list of addresses to exclude
groups
dictionary
Default:
{}
Add hosts to group based on Jinja2 conditionals.
ipv4
boolean
    Choices:
  • no
  • yes ←
use IPv4 type addresses
ipv6
boolean
    Choices:
  • no
  • yes ←
use IPv6 type addresses
keyed_groups
list / elements=dictionary
Default:
[]
Add hosts to group based on the values of a variable.
default_value
string
added in 2.12 of ansible.builtin
The default value when the host variable's value is an empty string.
This option is mutually exclusive with trailing_separator.
key
string
The key from input dictionary used to generate groups
parent_group
string
parent group for keyed group
prefix
string
Default:
""
A keyed group name will start with this prefix
separator
string
Default:
"_"
separator used to build the keyed group name
trailing_separator
boolean
added in 2.12 of ansible.builtin
    Choices:
  • no
  • yes ←
Set this option to False to omit the separator after the host variable when the value is an empty string.
This option is mutually exclusive with default_value.
leading_separator
boolean
added in 2.11 of ansible.builtin
    Choices:
  • no
  • yes ←
Use in conjunction with keyed_groups.
By default, a keyed group that does not have a prefix or a separator provided will have a name that starts with an underscore.
This is because the default prefix is "" and the default separator is "_".
Set this option to False to omit the leading underscore (or other separator) if no prefix is given.
If the group name is derived from a mapping the separator is still used to concatenate the items.
To not use a separator in the group name at all, set the separator for the keyed group to an empty string instead.
plugin
string / required
    Choices:
  • nmap
  • community.general.nmap
token that ensures this is a source file for the 'nmap' plugin.
ports
boolean
    Choices:
  • no
  • yes ←
Enable/disable scanning for open ports
strict
boolean
    Choices:
  • no ←
  • yes
If yes make invalid entries a fatal error, otherwise skip and continue.
Since it is possible to use facts in the expressions they might not always be available and we ignore those errors by default.
use_extra_vars
boolean
added in 2.11 of ansible.builtin
    Choices:
  • no ←
  • yes
ini entries:

[inventory_plugins]
use_extra_vars = no

env:ANSIBLE_INVENTORY_USE_EXTRA_VARS
Merge extra vars into the available variables for composition (highest precedence).

Notes

Note

  • At least one of ipv4 or ipv6 is required to be True, both can be True, but they cannot both be False.

  • TODO: add OS fingerprinting

Examples

# inventory.config file in YAML format
plugin: community.general.nmap
strict: False
address: 192.168.0.0/24

Authors

  • Unknown (!UNKNOWN)