ansible 根据主机处理不同case 博客分类: ansible
程序员文章站
2024-03-19 20:09:52
...
Ansible 根据主机的不同,有时候需要处理不同的场景,例如存在如下场景,配置多台VM的Compoment 不同的 TLS证书和Password。
inventory 文件
configure.yml 文件
vars 变量文件
common/connector-mqtt-tls-enable.yml
common/connector-http-tls-enable.yml
Result
第二种方式
inventory 文件
vars 变量文件
configure.yml文件
common/connector-mqtt-tls-enable.yml
common/connector-http-tls-enable.yml
结果是一样的
inventory 文件
[dispatcher-connector] 192.168.99.17 192.168.99.5 [dispatcher-manager] 192.168.99.17 [dispatcher-tools] 192.168.99.17
configure.yml 文件
--- - name: tls enable for connector hosts: dispatcher-connector vars_files: - ./vars/dispatcher.yml vars: certs_store_path: "{{ connector_certs_dir }}" configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-connector/conf/connector.properties" become: yes become_user: root tasks: - debug: var=hostvars[inventory_hostname]['ansible_default_ipv4']['address'] - debug: var=connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] - debug: var={{connector_mqtt_key_store_password_base64[inventory_hostname]}} - name: add mqtt configure tls config include: "{{ playbook_dir }}/common/connector-mqtt-tls-enable.yml" when: connector_mqtt_tls_enable - name: add http configure tls config include: "{{ playbook_dir }}/common/connector-http-tls-enable.yml" when: connector_http_tls_enable tags: dispatcher-connector
vars 变量文件
############################## Dispatcher Installation Basic Info ############### latest_version: 4.1.1 origin_version: 4.1.1 dispatcher_installation_home: /opt/ddi/dispatcher dispatcher_user_name: dispatcher dispatcher_group_name: dispatcher dispatcher_user_home: /home/dispatcher dispatcher_connector_http_host: "{{ groups['dispatcher-connector'][0] }}" ############################## Dispatcher EP Installation Info ################# connector_ep_list: manager_ep_list: connector_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/lib" manager_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/webapps/WEB-INF/lib" certs_from_path: "{{ playbook_dir }}/files" connector_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/conf/certs" manager_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/conf/certs" tools_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-tools/cli/conf/certs" ############################## tls setting for dispatcher ###################### connector_mqtt_tls_enable: true connector_mqtt: 192.168.99.17: key_store_password_base64: MTEyMjMz key_manager_password_base64: MTEyMjMz trust_store_password_base64: Y2hhbmdlaXQ= ssl.keystore.location: "/opt/connector-mqtt.server.keystore.jks" ssl.truststore.location: "/opt/connector-mqtt.server.truststore.jks" 192.168.99.5: key_store_password_base64: MTEyMjMz key_manager_password_base64: MTEyMjMz trust_store_password_base64: Y2hhbmdlaXQ= ssl.keystore.location: "/opt/connector-mqtt.server.keystore.jks" ssl.truststore.location: "/opt/connector-mqtt.server.truststore.jks" connector_http_tls_enable: true connector_http: 192.168.99.17: key_store_password_base64: MTEyMjMz key_manager_password_base64: MTEyMjMz trust_store_password_base64: Y2hhbmdlaXQ= ssl.keystore.location: "{{ playbook_dir }}/files/192.168.99.17/connector-mqtt.server.keystore.jks" ssl.truststore.location: "{{ playbook_dir }}/files/192.168.99.17/connector-mqtt.server.truststore.jks" 192.168.99.5: key_store_password_base64: MTEyMjMz key_manager_password_base64: MTEyMjMz trust_store_password_base64: Y2hhbmdlaXQ= ssl.keystore.location: "{{ playbook_dir }}/files/192.168.99.5/connector-mqtt.server.keystore.jks" ssl.truststore.location: "{{ playbook_dir }}/files/192.168.99.5/connector-mqtt.server.truststore.jks" #connector_mqtt_key_store_password_base64: MTEyMjMz #connector_mqtt_key_manager_password_base64: MTEyMjMz #connector_mqtt_trust_store_password_base64: Y2hhbmdlaXQ= #connector_http_key_store_password_base64: MTEyMjMz #connector_http_key_manager_password_base64: MTEyMjMz #connector_http_trust_store_password_base64: Y2hhbmdlaXQ= connectivity_https_port: 8443 monitor_https_port: 8444 connectivity_http_port: 8080 monitor_http_port: 8161
common/connector-mqtt-tls-enable.yml
--- - name: create certs store directory file: path: "{{ certs_store_path }}" owner: dispatcher group: dispatcher state: directory - name: copy dispatcher-connector keystore certs copy: src: "{{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] }}" dest: "{{ certs_store_path }}/connector-mqtt.server.keystore.jks" mode: 0644 - name: copy dispatcher-connector truststore certs copy: src: "{{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.truststore.location'] }}" dest: "{{ certs_store_path }}/connector-mqtt.server.truststore.jks" mode: 0644 - name: modify connector keystore path if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+' line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks' backrefs: yes backup: yes state: present - name: add connector keystore path if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+' line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks' insertafter: '^mqtt.authentication.certificate.deviceId.key' state: present - name: modify connector keystore password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+' line: "mqtt.ssl.key.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}" backrefs: yes backup: yes state: present - name: add connector keystore password if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+' line: "mqtt.ssl.key.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}" insertafter: '^mqtt.ssl.key.store.path' state: present - name: modify connector key manager password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+' line: "mqtt.ssl.key.manager.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}" backrefs: yes backup: yes state: present - name: add connector keystore password if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+' line: "mqtt.ssl.key.manager.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}" insertafter: '^mqtt.ssl.key.store.password' state: present - name: modify connector truststore path if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+' line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks' backrefs: yes backup: yes state: present - name: add connector truststore path if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+' line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks' insertafter: '^mqtt.ssl.key.manager.password' state: present - name: modify connector truststore password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+' line: "mqtt.ssl.trust.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}" backrefs: yes backup: yes state: present - name: add connector truststore password if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+' line: "mqtt.ssl.trust.store.password={{ connector_mqtt[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}" insertafter: '^mqtt.ssl.trust.store.path' state: present
common/connector-http-tls-enable.yml
--- - name: create certs store directory file: path: "{{ certs_store_path }}" owner: dispatcher group: dispatcher state: directory - name: copy dispatcher-connector keystore certs copy: src: "{{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.keystore.location'] }}" dest: "{{ certs_store_path }}/connector-http.server.keystore.jks" mode: 0644 - name: copy dispatcher-connector truststore certs copy: src: "{{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['ssl.truststore.location'] }}" dest: "{{ certs_store_path }}/connector-http.server.truststore.jks" mode: 0644 - name: modify connector keystore path if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.path=\s*/?\w+' line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks' backrefs: yes backup: yes state: present - name: add connector keystore path if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.path=\s*/?\w+' line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks' insertafter: '^mqtt.ssl.trust.store.password' state: present - name: modify connector keystore password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.password=\s*/?\w+' line: "http.ssl.key.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}" backrefs: yes backup: yes state: present - name: add connector keystore password for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.password=\s*/?\w+' line: "http.ssl.key.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_store_password_base64'] }}" insertafter: '^http.ssl.key.store.path' state: present - name: modify connector key manager password for http if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+' line: "http.ssl.key.manager.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}" backrefs: yes backup: yes state: present - name: add connector key manager password for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+' line: "http.ssl.key.manager.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['key_manager_password_base64'] }}" insertafter: '^http.ssl.key.store.password' state: present - name: modify connector truststore path for http if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+' line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks' backrefs: yes backup: yes state: present - name: add connector truststore path for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+' line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks' insertafter: '^http.ssl.key.manager.password' state: present - name: modify connector truststore password for http if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+' line: "http.ssl.trust.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}" backrefs: yes backup: yes state: present - name: add connector truststore password for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+' line: "http.ssl.trust.store.password={{ connector_http[hostvars[inventory_hostname]['ansible_default_ipv4']['address']]['trust_store_password_base64'] }}" insertafter: '^http.ssl.trust.store.path' state: present
Result
第二种方式
inventory 文件
[dispatcher-connector] 192.168.99.17 192.168.99.5 [dispatcher-manager] 192.168.99.17 [dispatcher-tools] 192.168.99.17
vars 变量文件
--- ############################## Dispatcher Installation Basic Info ############### latest_version: 4.1.1 origin_version: 4.1.1 dispatcher_installation_home: /opt/ddi/dispatcher dispatcher_user_name: dispatcher dispatcher_group_name: dispatcher dispatcher_user_home: /home/dispatcher dispatcher_connector_http_host: "{{ groups['dispatcher-connector'][0] }}" ############################## Dispatcher EP Installation Info ################# connector_ep_list: manager_ep_list: connector_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/lib" manager_lib_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/webapps/WEB-INF/lib" certs_from_path: "{{ playbook_dir }}/files" connector_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-connector/conf/certs" manager_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-manager/conf/certs" tools_certs_dir: "{{ dispatcher_installation_home }}/dispatcher-{{ latest_version }}/dispatcher-tools/cli/conf/certs" ############################## tls setting for dispatcher ###################### connector_mqtt_tls_enable: true connector_http_tls_enable: true connector_mqtt_key_store_password_base64: host1: MTEyMjMz1 host2: MTEyMjMz2 connector_mqtt_key_manager_password_base64: host1: MTEyMjMz1 host2: MTEyMjMz2 connector_mqtt_trust_store_password_base64: host1: Y2hhbmdlaXQ=1 host2: Y2hhbmdlaXQ=2 connector_mqtt_ssl_keystore_location: host1: /opt/ssl/connector-mqtt.server.keystore1.jks host2: /opt/ssl/connector-mqtt.server.keystore2.jks connector_mqtt_ssl_truststore_location: host1: /opt/ssl/connector-mqtt.server.truststore1.jks host2: /opt/ssl/connector-mqtt.server.truststore2.jks connector_http_key_store_password_base64: host1: MTEyMjMz1 host2: MTEyMjMz2 connector_http_key_manager_password_base64: host1: MTEyMjMz1 host2: MTEyMjMz2 connector_http_trust_store_password_base64: host1: Y2hhbmdlaXQ=1 host2: Y2hhbmdlaXQ=2 connector_http_ssl_keystore_location: host1: /opt/ssl/connector-http.server.keystore1.jks host2: /opt/ssl/connector-http.server.keystore2.jks connector_http_ssl_truststore_location: host1: /opt/ssl/connector-http.server.truststore1.jks host2: /opt/ssl/connector-http.server.truststore2.jks
configure.yml文件
--- - name: tls enable for connector hosts: dispatcher-connector vars_files: - ./vars/dispatcher.yml vars: certs_store_path: "{{ connector_certs_dir }}" configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-connector/conf/connector.properties" become: yes become_user: root tasks: - name: add kafka tls config include: "{{ playbook_dir }}/common/kafka-tls-enable.yml" when: kafka_tls_enable - name: add cassandra tls config include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml" when: cassandra_tls_enable - name: add mqtt configure tls config include: "{{ playbook_dir }}/common/connector-mqtt-tls-enable.yml" when: connector_mqtt_tls_enable - name: add http configure tls config include: "{{ playbook_dir }}/common/connector-http-tls-enable.yml" when: connector_http_tls_enable tags: dispatcher-connector - name: tls enable for manager hosts: dispatcher-manager vars_files: - ./vars/dispatcher.yml vars: certs_store_path: "{{ manager_certs_dir }}" configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-manager/conf/manager.properties" become: yes become_user: root tasks: - name: add kafka tls config include: "{{ playbook_dir }}/common/kafka-tls-enable.yml" when: kafka_tls_enable - name: add cassandra tls config include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml" when: cassandra_tls_enable tags: dispatcher-manager - name: tls enable for tools hosts: dispatcher-tools vars_files: - ./vars/dispatcher.yml vars: certs_store_path: "{{ tools_certs_dir }}" configure_file: "{{ dispatcher_installation_home }}/dispatcher/dispatcher-tools/cli/conf/cli.conf" become: yes become_user: root tasks: - name: add cassandra tls config include: "{{ playbook_dir }}/common/cassandra-tls-enable.yml" when: cassandra_tls_enable tags: dispatcher-tools
common/connector-mqtt-tls-enable.yml
--- - name: create certs store directory file: path: "{{ certs_store_path }}" owner: dispatcher group: dispatcher state: directory - name: copy dispatcher-connector keystore certs copy: src: "{{ connector_mqtt_ssl_keystore_location[inventory_hostname] }}" dest: "{{ certs_store_path }}/connector-mqtt.server.keystore.jks" mode: 0644 - name: copy dispatcher-connector truststore certs copy: src: "{{ connector_mqtt_ssl_truststore_location[inventory_hostname] }}" dest: "{{ certs_store_path }}/connector-mqtt.server.truststore.jks" mode: 0644 - name: modify connector keystore path if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+' line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks' backrefs: yes backup: yes state: present - name: add connector keystore path if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.path=\s*/?\w+' line: 'mqtt.ssl.key.store.path={{ certs_store_path }}/connector-mqtt.server.keystore.jks' insertafter: '^mqtt.authentication.certificate.deviceId.key' state: present - name: modify connector keystore password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+' line: "mqtt.ssl.key.store.password={{ connector_mqtt_key_store_password_base64[inventory_hostname] }}" backrefs: yes backup: yes state: present - name: add connector keystore password if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.store.password=\s*/?\w+' line: "mqtt.ssl.key.store.password={{ connector_mqtt_key_store_password_base64[inventory_hostname] }}" insertafter: '^mqtt.ssl.key.store.path' state: present - name: modify connector key manager password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+' line: "mqtt.ssl.key.manager.password={{ connector_mqtt_key_manager_password_base64[inventory_hostname] }}" backrefs: yes backup: yes state: present - name: add connector key manager password if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.key.manager.password=\s*/?\w+' line: "mqtt.ssl.key.manager.password={{ connector_mqtt_key_manager_password_base64[inventory_hostname] }}" insertafter: '^mqtt.ssl.key.store.password' state: present - name: modify connector truststore path if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+' line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks' backrefs: yes backup: yes state: present - name: add connector truststore path if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.path=\s*/?\w+' line: 'mqtt.ssl.trust.store.path={{ certs_store_path }}/connector-mqtt.server.truststore.jks' insertafter: '^mqtt.ssl.key.manager.password' state: present - name: modify connector truststore password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+' line: "mqtt.ssl.trust.store.password={{ connector_mqtt_trust_store_password_base64[inventory_hostname] }}" backrefs: yes backup: yes state: present - name: add connector truststore password if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*mqtt.ssl.trust.store.password=\s*/?\w+' line: "mqtt.ssl.trust.store.password={{ connector_mqtt_trust_store_password_base64[inventory_hostname] }}" insertafter: '^mqtt.ssl.trust.store.path' state: present
common/connector-http-tls-enable.yml
--- - name: create certs store directory file: path: "{{ certs_store_path }}" owner: dispatcher group: dispatcher state: directory - name: copy dispatcher-connector keystore certs copy: src: "{{ connector_http_ssl_keystore_location[inventory_hostname] }}" dest: "{{ certs_store_path }}/connector-http.server.keystore.jks" mode: 0644 - name: copy dispatcher-connector truststore certs copy: src: "{{ connector_http_ssl_truststore_location[inventory_hostname] }}" dest: "{{ certs_store_path }}/connector-http.server.truststore.jks" mode: 0644 - name: modify connector keystore path if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.path=\s*/?\w+' line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks' backrefs: yes backup: yes state: present - name: add connector keystore path if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.path=\s*/?\w+' line: 'http.ssl.key.store.path={{ certs_store_path }}/connector-http.server.keystore.jks' insertafter: '^mqtt.ssl.trust.store.password' state: present - name: modify connector keystore password if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.password=\s*/?\w+' line: "http.ssl.key.store.password={{ connector_http_key_store_password_base64[inventory_hostname] }}" backrefs: yes backup: yes state: present - name: add connector keystore password for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.store.password=\s*/?\w+' line: "http.ssl.key.store.password={{ connector_http_key_store_password_base64[inventory_hostname] }}" insertafter: '^http.ssl.key.store.path' state: present - name: modify connector key manager password for http if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+' line: "http.ssl.key.manager.password={{ connector_http_key_manager_password_base64[inventory_hostname] }}" backrefs: yes backup: yes state: present - name: add connector key manager password for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.key.manager.password=\s*/?\w+' line: "http.ssl.key.manager.password={{ connector_http_key_manager_password_base64[inventory_hostname] }}" insertafter: '^http.ssl.key.store.password' state: present - name: modify connector truststore path for http if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+' line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks' backrefs: yes backup: yes state: present - name: add connector truststore path for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.path=\s*/?\w+' line: 'http.ssl.trust.store.path={{ certs_store_path }}/connector-http.server.truststore.jks' insertafter: '^http.ssl.key.manager.password' state: present - name: modify connector truststore password for http if exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+' line: "http.ssl.trust.store.password={{ connector_http_trust_store_password_base64[inventory_hostname] }}" backrefs: yes backup: yes state: present - name: add connector truststore password for http if not exists lineinfile: path: "{{ configure_file }}" regexp: '^\s*http.ssl.trust.store.password=\s*/?\w+' line: "http.ssl.trust.store.password={{ connector_http_trust_store_password_base64[inventory_hostname] }}" insertafter: '^http.ssl.trust.store.path' state: present
结果是一样的
下一篇: 【学生】知识总结