community.general.ini_file module – Tweak settings in INI files
Note
This module is part of the community.general collection (version 10.1.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.ini_file
.
Synopsis
Manage (add, remove, change) individual settings in an INI-style file without having to manage the file as a whole with, say, ansible.builtin.template or ansible.builtin.assemble.
Adds missing sections if they don’t exist.
This module adds missing ending newlines to files to keep in line with the POSIX standard, even when no other modifications need to be applied.
Parameters
Parameter |
Comments |
---|---|
Allow option without value and without ‘=’ symbol. Choices:
|
|
The attributes the resulting filesystem object should have. To get supported flags look at the man page for chattr on the target system. This string should contain the attributes in the same order as the one displayed by lsattr. The |
|
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. Choices:
|
|
If set to By default it will create the file if it is missing. Choices:
|
|
If set to If set to Choices:
|
|
This flag indicates that filesystem links, if they exist, should be followed.
Choices:
|
|
Name of the group that should own the filesystem object, as would be fed to chown. When left unspecified, it uses the current group of the current user unless you are root, in which case it can preserve the previous ownership. |
|
Do not change a line if doing so would only add or remove spaces before or after the Choices:
|
|
The permissions the resulting filesystem object should have. For those used to /usr/bin/chmod remember that modes are actually octal numbers. You must give Ansible enough information to parse them correctly. For consistent results, quote octal numbers (for example, Giving Ansible a number without following either of these rules will end up with a decimal number which will have unexpected results. As of Ansible 1.8, the mode may be specified as a symbolic mode (for example, If If Specifying |
|
By default the module replaces a commented line that matches the given option. Set this option to Choices:
|
|
Do not insert spaces before and after ‘=’ symbol. Choices:
|
|
Name of the user that should own the filesystem object, as would be fed to chown. When left unspecified, it uses the current user unless you are root, in which case it can preserve the previous ownership. Specifying a numeric username will be assumed to be a user ID and not a username. Avoid numeric usernames to avoid this confusion. |
|
Path to the INI-style file; this file is created if required. |
|
Section name in INI file. This is added if If being omitted, the Omitting |
|
Among possibly multiple sections of the same name, select the first one that contains matching options and values. With With |
|
Matching |
|
Matching |
|
The string value to be associated with an Mutually exclusive with
|
|
The level part of the SELinux filesystem object context. This is the MLS/MCS attribute, sometimes known as the When set to |
|
The role part of the SELinux filesystem object context. When set to |
|
The type part of the SELinux filesystem object context. When set to |
|
The user part of the SELinux filesystem object context. By default it uses the When set to |
|
If set to If set to If set to If set to Choices:
|
|
Influence when to use atomic operation to prevent data corruption or inconsistent reads from the target filesystem object. By default this module uses atomic operations to prevent data corruption or inconsistent reads from the target filesystem objects, but sometimes systems are configured or just broken in ways that prevent this. One example is docker mounted filesystem objects, which cannot be updated atomically from inside the container and can only be written in an unsafe manner. This option allows Ansible to fall back to unsafe methods of updating filesystem objects when atomic operations fail (however, it doesn’t force Ansible to perform unsafe writes). IMPORTANT! Unsafe writes are subject to race conditions and can lead to data corruption. Choices:
|
|
The string value to be associated with an May be omitted when removing an Mutually exclusive with
|
|
The string value to be associated with an May be omitted when removing an Mutually exclusive with
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in |
|
Support: full |
Will return details on what has changed (or possibly needs changing in |
Notes
Examples
- name: Ensure "fav=lemonade is in section "[drinks]" in specified file
community.general.ini_file:
path: /etc/conf
section: drinks
option: fav
value: lemonade
mode: '0600'
backup: true
- name: Ensure "temperature=cold is in section "[drinks]" in specified file
community.general.ini_file:
path: /etc/anotherconf
section: drinks
option: temperature
value: cold
backup: true
- name: Add "beverage=lemon juice" is in section "[drinks]" in specified file
community.general.ini_file:
path: /etc/conf
section: drinks
option: beverage
value: lemon juice
mode: '0600'
state: present
exclusive: false
- name: Ensure multiple values "beverage=coke" and "beverage=pepsi" are in section "[drinks]" in specified file
community.general.ini_file:
path: /etc/conf
section: drinks
option: beverage
values:
- coke
- pepsi
mode: '0600'
state: present
- name: Add "beverage=lemon juice" outside a section in specified file
community.general.ini_file:
path: /etc/conf
option: beverage
value: lemon juice
state: present
- name: Remove the peer configuration for 10.128.0.11/32
community.general.ini_file:
path: /etc/wireguard/wg0.conf
section: Peer
section_has_values:
- option: AllowedIps
value: 10.128.0.11/32
mode: '0600'
state: absent
- name: Add "beverage=lemon juice" outside a section in specified file
community.general.ini_file:
path: /etc/conf
option: beverage
value: lemon juice
state: present
- name: Update the public key for peer 10.128.0.12/32
community.general.ini_file:
path: /etc/wireguard/wg0.conf
section: Peer
section_has_values:
- option: AllowedIps
value: 10.128.0.12/32
option: PublicKey
value: xxxxxxxxxxxxxxxxxxxx
mode: '0600'
state: present
- name: Remove the peer configuration for 10.128.0.11/32
community.general.ini_file:
path: /etc/wireguard/wg0.conf
section: Peer
section_has_values:
- option: AllowedIps
value: 10.4.0.11/32
mode: '0600'
state: absent
- name: Update the public key for peer 10.128.0.12/32
community.general.ini_file:
path: /etc/wireguard/wg0.conf
section: Peer
section_has_values:
- option: AllowedIps
value: 10.4.0.12/32
option: PublicKey
value: xxxxxxxxxxxxxxxxxxxx
mode: '0600'
state: present