Ansible Create SubFolders Matching Pattern

I have an ansible playbook, that creates directories by passed an array of directories, owner, and permissions. Our admins are worried, someone will create directories under our O/S Volumes and cause issues with the system. Since we only have a few folders that require root, I’m researching how to whitelist specific folders that are passed in for root only. Other directories and use our internal user to directories that don’t require root.

This is what I’ve come up with, but I have concern with /vs_volue/etc instead of /etc being passed. I can’t find a starts with /etc for example. Is there a better way?

- name: Create Directories
  hosts: target_hosts
    dir_list: '{{ dir_list }}'
    permissions: {{ permissions }}
    linux_user: 'webuser'
      - "/etc"
      - "/usr"

    - name: User to root when creating folders in /etc or /usr
          linux_user: "root"
      when: dir_list|string|regex_search('{{ item }}')
        - "{{ whitelist_dir }}"

    - name: Create Directories as WebUser by Directory Array Lists by Line Feed
        path: "{{ item }}"
        mode: "{{ permissions }}"
        recurse: yes
        state: directory
        become: true
        become_user: "{{ linux_user }}"
      with_items: "{{ dir_list.split('n') }}"
      when: dir_list | search('n')

Stack Overflow Asked by Switch on November 15, 2021

1 Answers

One Answer

Try this.


- hosts: target_hosts
    default_linux_user: "webuser"
    permissions: "{{ permissions | default(0664) }}"
      - "^/etc/.*"
      - "^/usr/.*"
    - include_tasks: create_dir.yml
      loop: "{{ dir_list.split('n') }}"
         loop_var: dir


- block:
    - set_fact:
        linux_user: "{{ 'root' if dir is regex(item) else default_linux_user }}"
      when: linux_user is undefined and (not linux_user == 'root')
      loop: "{{ whitelist_dir }}"

    - debug:
        msg: "For {{ dir }} - {{ linux_user }} will be set as owner"
    - file:
        path: "{{ dir }}"
        state: directory
        mode: "{{ permissions }}"
        owner: "{{ linux_user | default(default_linux_user) }}
        recurse: yes
      become: true
      become_user: root
      become_method: sudo
    - set_fact:
        linux_user: default_linux_user   

Answered by initanmol on November 15, 2021

Add your own answers!

Related Questions

REACT vs REACT_PROJECT vs WEBPACK for storybook type?

1  Asked on July 29, 2020 by temporary_user_name


Random Background Image from Button Click

1  Asked on July 29, 2020 by charmy


Systemd-journald disk wear-out

0  Asked on July 29, 2020 by rohit


Function composition using Go syntax

1  Asked on July 28, 2020 by overexchange


Replacement to getch based code block in cpp

1  Asked on July 24, 2020 by sonu-ishaq


Combining if let statements in Rust

1  Asked on July 24, 2020 by deniz-basgoren


Ask a Question

Get help from others!

© 2021 All rights reserved.