From fa8d2b668550259e6f78d16fc209c4da1a20b842 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Fri, 12 Feb 2016 15:25:31 +0100 Subject: Upgrade playbooks to Ansible 2.0. --- ansible.cfg | 116 ++++++++++++++---------------------------------------------- 1 file changed, 27 insertions(+), 89 deletions(-) (limited to 'ansible.cfg') diff --git a/ansible.cfg b/ansible.cfg index 3810727..2de77ef 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -3,105 +3,43 @@ # ansible will read ~/.ansible.cfg or /etc/ansible/ansible.cfg, whichever it finds first [defaults] - -# location of inventory file, eliminates need to specify -i - -#hostfile = ./stage_vms - -# location of ansible library, eliminates need to specify --module-path - -library = ./lib/modules:/usr/share/ansible - -# default module name used in /usr/bin/ansible when -m is not specified - -module_name = command - -# home directory where temp files are stored on remote systems. Should -# almost always contain $HOME or be a directory writeable by all users - -remote_tmp = $HOME/.ansible/tmp - -# the default pattern for ansible-playbooks ("hosts:") - -pattern = * - -# the default number of forks (parallelism) to be used. Usually you -# can crank this up. - -forks = 5 - -# the timeout used by various connection types. Usually this corresponds -# to an SSH timeout - -timeout = 10 - -# when using --poll or "poll:" in an ansible playbook, and not specifying -# an explicit poll interval, use this interval - -poll_interval = 15 - -# when specifying --sudo to /usr/bin/ansible or "sudo:" in a playbook, -# and not specifying "--sudo-user" or "sudo_user" respectively, sudo -# to this user account - -sudo = True -#sudo_user = root - -# what flags to pass to sudo -sudo_flags = -H LC_ALL=C - -# the following forces ansible to always ask for the sudo password (instead of having -# to add -K to the commandline). Or you can use the environment variable (ANSIBLE_ASK_SUDO_PASS) - -ask_sudo_pass = True - -# the following forces ansible to always ask for the ssh-password (-k) -# can also be set by the environment variable ANSIBLE_ASK_PASS - -#ask_pass = True - -# connection to use when -c is not specified - -transport = ssh - -# remote SSH port to be used when --port or "port:" or an equivalent inventory -# variable is not specified. - -remote_port = 22 - -# if set, always run /usr/bin/ansible commands as this user, and assume this value -# if "user:" is not set in a playbook. If not set, use the current Unix user -# as the default - -#remote_user = root - -# if set, always use this private key file for authentication, same as if passing -# --private-key to ansible or ansible-playbook - -#private_key_file=/path/to/file - -# format of string $ansible_managed available within Jinja2 templates, replacing -# {file}, {host} and {uid} with template filename, host and owner respectively. -# The resulting string is passed through strftime(3) so it may contain any -# time-formatting specifiers. -# -# Example: ansible_managed = DONT TOUCH {file}: call {uid} at {host} for changes +library = ./lib/modules:/usr/share/ansible +remote_tmp = $HOME/.ansible/tmp +forks = 5 +poll_interval = 15 +transport = ssh +remote_port = 22 +module_lang = C +timeout = 10 + +# format of string {{ ansible_managed }} available within Jinja2 +# templates indicates to users editing templates files will be replaced. +# replacing {file}, {host} and {uid} and strftime codes with proper values. ansible_managed = Ansible Managed: modified on %Y-%m-%d %H:%M:%S by {uid}@{host} # additional plugin paths for non-core plugins - action_plugins = ./lib/action_plugins callback_plugins = ./lib/callback_plugins connection_plugins = ./lib/connection_plugins lookup_plugins = ./lib/lookup_plugins vars_plugins = ./lib/vars_plugins -[ssh_connection] +# retry files +# When a playbook fails by default a .retry file will be created in ~/ +# You can disable this feature by setting retry_files_enabled to False +# and you can change the location of the files by setting retry_files_save_path +retry_files_enabled = False +#retry_files_save_path = ~/.ansible-retry + -# if uncommented, sets the ansible ssh arguments to the following. Leaving off ControlPersist -# will result in poor performance, so use transport=paramiko on older platforms rather than -# removing it +[privilege_escalation] +become=True +become_method=sudo +#become_user=root +become_ask_pass=True -control_path = /run/shm/ansible-ssh-%%C + +[ssh_connection] +control_path = ~/.ssh/S.ansible-%%C ssh_args = -oHashKnownHosts=no -oUserKnownHostsFile=./certs/ssh_known_hosts -oStrictHostKeyChecking=yes -oControlMaster=auto -oControlPersist=60s pipelining = True -- cgit v1.2.3