ansible_managed (configurable via the defaults section of ansible.cfg) contains a string which can be used to describe the template name, host, modification time of the template file and the owner uid. template_host contains the node name of the template’s machine. template_uid the numeric user id of the owner. template_path the path of the template. template_fullpath is the absolute path of the template. template_run_date is the date that the template was rendered.| parameter | required | default | choices | comments |
|---|---|---|---|---|
| attributes (added in 2.3) |
no | None |
Attributes the file or directory should have. To get supported flags look at the man page for chattr on the target system. This string should contain the attributes in the same order as the one displayed by lsattr.
aliases: attr
|
|
| backup |
no | no |
|
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
|
| block_end_string (added in 2.4) |
no | %} |
The string marking the end of a block.
|
|
| block_start_string (added in 2.4) |
no | {% |
The string marking the beginning of a block.
|
|
| dest |
yes |
Location to render the template to on the remote machine.
|
||
| follow (added in 2.4) |
no | no |
|
This flag indicates that filesystem links in the destination, if they exist, should be followed.
Previous to Ansible 2.4, this was hardcoded as
yes. |
| force |
no | yes |
|
the default is
yes, which will replace the remote file when contents are different than the source. If no, the file will only be transferred if the destination does not exist. |
| group |
no |
Name of the group that should own the file/directory, as would be fed to chown.
|
||
| mode |
no |
Mode the file or directory should be. For those used to /usr/bin/chmod remember that modes are actually octal numbers (like 0644). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example,
u+rwx or u=rw,g=r,o=r). |
||
| newline_sequence (added in 2.4) |
no | \n |
|
Specify the newline sequence to use for templating files.
|
| owner |
no |
Name of the user that should own the file/directory, as would be fed to chown.
|
||
| selevel |
no | s0 |
Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the
range. _default feature works as for seuser. |
|
| serole |
no |
Role part of SELinux file context,
_default feature works as for seuser. |
||
| setype |
no |
Type part of SELinux file context,
_default feature works as for seuser. |
||
| seuser |
no |
User part of SELinux file context. Will default to system policy, if applicable. If set to
_default, it will use the user portion of the policy if available. |
||
| src |
yes |
Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.
|
||
| trim_blocks (added in 2.4) |
no | no |
|
If this is set to True the first newline after a block is removed (block, not variable tag!).
|
| unsafe_writes (added in 2.2) |
no |
|
Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files, sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they cannot be updated atomically and can only be done in an unsafe manner.
This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
|
|
| validate |
no | None |
The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
|
|
| variable_end_string (added in 2.4) |
no | }} |
The string marking the end of a print statement.
|
|
| variable_start_string (added in 2.4) |
no | {{ |
The string marking the beginning of a print statement.
|
# Example from Ansible Playbooks - template: src: /mytemplates/foo.j2 dest: /etc/file.conf owner: bin group: wheel mode: 0644 # The same example, but using symbolic modes equivalent to 0644 - template: src: /mytemplates/foo.j2 dest: /etc/file.conf owner: bin group: wheel mode: "u=rw,g=r,o=r" # Create a DOS-style text file from a template - template: src: config.ini.j2 dest: /share/windows/config.ini newline_sequence: '\r\n' # Copy a new "sudoers" file into place, after passing validation with visudo - template: src: /mine/sudoers dest: /etc/sudoers validate: '/usr/sbin/visudo -cf %s' # Update sshd configuration safely, avoid locking yourself out - template: src: etc/ssh/sshd_config.j2 dest: /etc/ssh/sshd_config owner: root group: root mode: '0600' validate: /usr/sbin/sshd -t -f %s backup: yes
Note
newline_sequence.trim_blocks=True.#jinja2:variable_start_string:'[%', variable_end_string:'%]', trim_blocks: False which changes the variable interpolation markers to [% var %] instead of {{ var }}. This is the best way to prevent evaluation of things that look like, but should not be Jinja2. raw/endraw in Jinja2 will not work as you expect because templates in Ansible are recursively evaluated.copy module with the content: option if you prefer the template inline, as part of the playbook.This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.
For more information about Red Hat’s this support of this module, please refer to this knowledge base article<https://access.redhat.com/articles/rhel-top-support-policies>
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.