0

so i have this line in my configuration.yml(ansible task)

- name: inserting password into database.php
  lineinfile: dest=/vagrant/htdocs/app/config/database.php insertbefore="^\s*'pgsql' => array" regexp="^\s*'password'" line="                     'password'  => '',"

And i am trying to replace this:

   'sqlite' => array(
        'driver'   => 'sqlite',
        'database' => __DIR__.'/../database/production.sqlite',
        'prefix'   => '',
    ),
    'mysql' => array(
        'driver'    => 'mysql',
        'host'      => 'localhost',
        'database'  => 'echoit',
        'username'  => 'root',
        'password'  => 'vp45tudsdt',
        'charset'   => 'utf8',
        'collation' => 'utf8_unicode_ci',
        'prefix'    => '',
        'port'      => 8889
    ),

    'pgsql' => array(
        'driver'   => 'pgsql',
        'host'     => 'localhost',
        'database' => 'forge',
        'username' => 'forge',
        'password' => '',
        'charset'  => 'utf8',
        'prefix'   => '',
        'schema'   => 'public',
    ),

When i try to grep the regex:

 grep "^\s*'pgsql' => array" ./htdocs/app/config/database.default.php


 'pgsql' => array(

And when i grep the other one:

 grep "^\s*'password'" ./htdocs/app/config/database.php


                'password'  => 'xxxxxxx',
                'password' => '',
             'password'  => '',

So my regular expressions match exactly the things i expect, but then this beforeline just doesn't work as i thouth it would, the ansible documentation on this functionality led me to believe that it would take the last match BEFORE 'pgsql' => array but it just keeps replacing the very last path, in this case 'password' => '',

DenLilleMand
  • 3,732
  • 5
  • 25
  • 34

2 Answers2

2

insertafter and insertbefore are used to determine where to place new line if regexp is not found, it is not limiting the search area.
As per documentation:

regexp – The regular expression to look for in every line of the file.

Konstantin Suvorov
  • 65,183
  • 9
  • 162
  • 193
1

Best practice: use template module:

Content of dbconn.php.j2:

<?php

// {{ ansible_managed }}

$DBHost = 'localhost';
$DBName = '{{ db.dbname }}';
$DBLogin = '{{ db_user.name }}';
$DBPassword = '{{ db_user.password }}';

?>

Params 'db', 'dbuser' are stored in host_vars and group_vars, password - in ansible vault.

Task in playbook:

- name: template config files
  template:
    src="sites_params/{{ sitename }}/templates/include/dbconn.php.j2"
    dest="/www/{{ sitename }}/www/include/dbconn.php"
    owner=apache
    group=apache
    mode=0644
    setype=httpd_sys_content_t

PS If you using git, exclude your config files such as dbconn from git, just put sample config (without passwords, salt etc) file into your project.

A K
  • 714
  • 17
  • 39
  • Okay, thanks, i will look into it :) the reason why i refrained from that was that i would have to litter my configuration files with ansible things, but maybe that is just the way to do it. – DenLilleMand Aug 26 '16 at 11:42