0

Below is the test.conf where i wish to add a block before the line closing tags i.e. before the line which starts with </VirtualHost>

cat test.conf

#
##<VirtualHost _default_:443>
<VirtualHost *:443>
#ProxyPreserveHost On
</VirtualHost>

Below is my playbook to add the block:

cat /tmp/test.yml

---
- name: "Play 1"
  hosts: localhost
  tasks:

    - name: Debug
      blockinfile:
        path: "/tmp/test.conf"
        marker: "#"
        state: present
        block: |
            <FilesMatch "^.*\.(css|html?|js|pdf|txt|xml|xsl|gif|ico|jpe?g|png)$">
             Require all granted
            </FilesMatch>
        insertbefore: '^[^#]*</VirtualHost>'

I checked my test.conf and regex ^[^#]*<\/VirtualHost> on online python editor https://regex101.com and it gets the correct line matched. Online regex tester and debugger: PHP, PCRE, Python, Golang and JavaScript Online regex tester, debugger with highlighting for PHP, PCRE, Python, Golang and JavaScript. regex101.com

The file gets changed and the block gets inserted however in the wrong place as you can see below:

TASK [Debug] ************************************************************************************************************************************************
changed: [localhost]

PLAY RECAP **************************************************************************************************************************************************
localhost                  : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

cat /tmp/test.conf

#
<FilesMatch "^.*\.(css|html?|js|pdf|txt|xml|xsl|gif|ico|jpe?g|png)$">
 Require all granted
</FilesMatch>
#
##<VirtualHost _default_:443>
<VirtualHost *:443>
#ProxyPreserveHost On
</VirtualHost>

Can you please suggest what is wrong with my playbook and how to get this to work ?

Ashar
  • 2,942
  • 10
  • 58
  • 122

1 Answers1

1

It's because ansible specifies in the fine manual that marker: is exactly what it says -- the way it knows where the managed blocks begin and end. Since you chose to use text that is found throughout your file but is unrelated to the managed block sections, ansible just shrugged its shoulders and gave GIGO.

They even have a dedicated warning about leaving out the magic {mark} template param from marker::

Using a custom marker without the {mark} variable may result in the block being repeatedly inserted on subsequent playbook runs.

If you change your marker: to even something like marker: "#*#*#*" it will start to work ... or at least will work once.

mdaniel
  • 31,240
  • 5
  • 55
  • 58
  • I changed `marker: false` to make it work however, it is not behaving idempotent and everytime i run the block gets added before the closing tag. Any solution would be appreciated. – Ashar Feb 06 '20 at 06:55
  • 1
    I thought I made it clear two things: first, don't use `marker: false` what would that even mean?! and second, you will want to **do as they say** and use a marker stanza containing `{mark}` so ansible can identify the block and run idempotently. I don't understand why you are even specifying `marker:` at all, since their default is already starting with a character that is a line comment in your configuration file – mdaniel Feb 06 '20 at 07:07
  • so what i understood is that there is no way to have idempotancy without having `BEGIN` and `END` i.e. `{mark}` in the `marker` attribute. Please affirm if the understanding is correct or if you could share an example where we do not have mark `BEGIN END` yet it is idempotent ? – Ashar Feb 06 '20 at 07:51