====== Ansible ======
  * http://www.ansible.com/
  * https://docs.ansible.com/
  * [[https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html|Ansible All modules]]
  * [[https://github.com/ansible/ansible-examples|ansible/ansible-examples: A few starter examples of ansible playbooks, to show features and how they work together. See http://galaxy.ansible.com for example roles from the Ansible community for deploying many popular applications.]]
  * [[https://docs.ansible.com/ansible/latest/user_guide/playbooks_best_practices.html|Best Practices — Ansible Documentation]]
  * 자동화 툴

===== Ubuntu PPA =====
  * https://launchpad.net/~ansible/+archive/ubuntu/ansible

<code sh>
sudo add-apt-repository ppa:ansible/ansible
</code>

===== AWS =====
  * https://github.com/ansible/awx : Web UI

===== become =====
  * ''become: yes'' 일 경우 ''sudo'' 로 명령을 실행한다.
  * 이때, 비밀번호를 받는 다양한 방법이 존재할 수 있는데, 일단 ''ansible-playbook''에 ''%%--ask-become-pass%%'' 옵션을 주면 최초 시작시 비밀번호를 물어본다.
  * 혹은 다음과 같이 ''ansible_become_pass'' 변수로 명령행에 지정할 수도 있다. (''user'' 생략가능) [[https://stackoverflow.com/questions/21870083/specify-sudo-password-for-ansible|Specify sudo password for Ansible]]
<code sh>
ansible-playbook playbook.yml ... --user=username \
   --extra-vars "ansible_become_pass=yourPassword"
</code>
  * 그런데,이 경우 비밀번호가 외부로 노출되므로 비밀번호를 ''read -s SUDO_PASSWORD'' 등으로 읽거나 환경변수에 지정하고서 다음과 같이 하면 명령 history 노출등에 방어가 된다.
<code sh>
ansible-playbook playbook.yml ... \
    --extra-vars="ansible_become_pass='{{ lookup('env', 'SUDO_PASSWORD') }}'"
</code>
  * [[linux:sudo|sudo]]

===== become_user =====
  * 특정 사용자로 명령 실행하기. ''ansible-playbook'' 자체를 ''root'' 로 실행한다면 ''become'' 대신 ''become_user''를 사용해야 할듯.


===== Local 실행 =====
  * [[https://gist.github.com/alces/caa3e7e5f46f9595f715f0f55eef65c1|How to run an Ansible playbook locally]]
  * 해당 playbook yml 이 Local 전용일 경우에는 다음 yml 설정으로 충분함.

<code yml>
- name: playbook name
  hosts: localhost # 혹은 127.0.0.1 로도 작동했음.
  connection: local
  tasks:
    - name: blah.. blah..
</code>
<code sh>
# 실행
ansible-playbook playbook.yml
</code>

===== File 생성 =====
  * [[https://www.mydailytutorials.com/ansible-create-files/|How to create files in Ansible - My Daily Tutorials]]
  * [[https://docs.ansible.com/ansible/latest/modules/copy_module.html|copy module]]
  * [[https://docs.ansible.com/ansible/latest/modules/file_module.html|file module]]
<code yml>
  tasks:
  - name: Ansible create file with content example
    copy:
      dest: "/Users/mdtutorials2/Documents/Ansible/remote_server.txt"
      content: "contents"
      mode: 0777
      owner: mdtutorials2
</code>

===== 환경변수 읽기 =====
  * [[https://docs.ansible.com/ansible/latest/plugins/lookup/env.html|env – read the value of environment variables — Ansible Documentation]]
<code>
- debug: msg="{{ lookup('env', 'HOME') }} is an environment variable"
</code>

===== 변수(var) 외부에 두고 include =====
  * [[https://www.toptechskills.com/ansible-tutorials-courses/ansible-include-import-variables-tutorial-examples/|How to Include Variables in Ansible + Examples | TopTechSkills.com]]
  * ''vars_files'' : 외부 yml 파일의 key/value 쌍을 변수로 읽어들인다. 기본 경로는 현재 플레이북 경로이다.
<code yml>
- name: blah blah..
  hosts: ...
  vars_files:
    - "vars.yml" # file in the same directory
  tasks: ...
</code>
  * ''vars.yml''

<code yml>
# key/value 쌍.
ubuntu_release: "{{ lookup('pipe', 'lsb_release -cs') }}"
current_user: "{{ lookup('env', 'USER') }}"
vagrant_version: 2.2.10
packer_version: 1.6.1
...
</code>

===== playbook 을 윈해 환경변수 =====
  * playbook 실행시 적용될 환경변수 지정
  * https://stackoverflow.com/questions/27733511/how-to-set-linux-environment-variables-with-ansible
<code sh>
- hosts: all
  roles:
     - php
     - nginx
  environment:
    MY_ENV_VARIABLE: whatever_value
</code>

===== 특정 Task 용 환경변수 =====
  * 다른 태스크에는 적용안됨.
<code sh>
  tasks:
    - name: Echo my_env_var
      shell: "echo $MY_ENV_VARIABLE"
      environment:
        MY_ENV_VARIABLE: whatever_value
</code>

===== shell & command =====
  * [[https://www.mydailytutorials.com/introduction-shell-command-module-ansible/|Introduction to Shell and Command Modules in Ansible - My Daily Tutorials]]
  * [[https://docs.ansible.com/ansible/latest/collections/ansible/builtin/command_module.html|ansible.builtin.command]]
    * ''command''는 명령만 실행할 뿐 셸을 띄우지 않기 때문에 환경변수 등이 주입이 안된다.
  * [[https://docs.ansible.com/ansible/latest/collections/ansible/builtin/shell_module.html|ansible.builtin.shell]]
    * 기본 ''/bin/sh'' 를 띄워 명령을 실행한다. [[linux:bash|Bash]] 등으로 강제로 바꿔야 올바로 작동하는 명령들도 있을 수 있으므로 그 때는 ''args.executable: /bin/bash''로 셸을 변경해줘야 한다.

===== apt repository =====
  * [[https://linuxhint.com/manage_ubuntu_package_repositories_ppas_ansible/|Manage Ubuntu Package Repositories and PPAs Using Ansible – Linux Hint]]

===== 특정 태스크 지정 =====
  * ''%%--start-at-task="태스크이름"%%'' : 해당 태스크 부터 실행
  * ''%%--step%%'' : 실행여부 질문

===== retries =====
  * ''register'', ''until'', ''delay'' 와 함께 사용.
  * 현재의 ''retries'' 는 ''until''이 없으면 작동하지 않는다. ''until''에서 명백하게 성공 조건을 명시해야한다.
  * [[https://github.com/ansible/ansible/issues/20802|"retries" without "until": retry until success · Issue #20802]] : 성공시 자동으로 ''retries'' 종료 해달라는 이슈. PR 이 있으며, 머지될 가능성이 있음.

===== ansible-pull =====
  * [[:git|git]] 리포지토리등에서 파일을 받아서 ansible-playbook 실행.
  * [[https://docs.ansible.com/ansible/latest/cli/ansible-pull.html|ansible-pull]]
  * [[https://medium.com/splunkuserdeveloperadministrator/using-ansible-pull-in-ansible-projects-ac04466643e8|Using Ansible Pull In Ansible Projects | by Vince Sesto | Splunk User Developer Administrator | Medium]]
  * 실행할 플레이북 파일명을 명시하지 않으면 기본적으로 저장소 최상위 디렉토리의 ''local.yml'' 파일을 실행한다.

<code sh>
ansible-pull -U https://github.com/.../xxx.git
</code>

===== include / import =====
  * [[https://docs.ansible.com/ansible/2.8/user_guide/playbooks_reuse.html|Creating Reusable Playbooks — Ansible Documentation]]
  * [[https://docs.ansible.com/ansible/2.8/user_guide/playbooks_reuse_includes.html#playbooks-reuse-includes|Including and Importing — Ansible Documentation]]
  * [[https://docs.ansible.com/ansible/2.8/modules/list_of_utilities_modules.html#utilities-modules|Utilities modules — Ansible Documentation]]
  * ''include*'' 는 동적(dynamic)이다. 일부 기능이 작동하지 않는다(''--start-at-task''같은). 실행시점 해석.
  * ''import*'' 는 정적(static)이다. 설정파일 읽을 때 해석.
  * [[https://stackoverflow.com/questions/58772082/can-i-include-multiple-tasks-in-include-tasks-from-tasks-main-yml|ansible - Can I include multiple tasks in include_tasks from tasks/main.yml? - Stack Overflow]]

===== Linux System Roles  =====
  * [[https://github.com/linux-system-roles|linux-system-roles]]
  * https://github.com/linux-system-roles

===== shell completion =====
  * https://docs.ansible.com/ansible/devel/installation_guide/intro_installation.html#shell-completion
<code sh>
sudo apt install python3-argcomplete
</code>
  * 아래 항목을 ''.bashrc'' 에 넣는다 배포판에 따라 ''register-python-argcomplete''(''3'' 제외)일 수도 있음. (전역 설정도 가능함)
<code sh>
# 필히 "" 로 감싸야한다.
eval "$(register-python-argcomplete3 ansible)"
eval "$(register-python-argcomplete3 ansible-config)"
eval "$(register-python-argcomplete3 ansible-console)"
eval "$(register-python-argcomplete3 ansible-doc)"
eval "$(register-python-argcomplete3 ansible-galaxy)"
eval "$(register-python-argcomplete3 ansible-inventory)"
eval "$(register-python-argcomplete3 ansible-playbook)"
eval "$(register-python-argcomplete3 ansible-pull)"
eval "$(register-python-argcomplete3 ansible-vault)"

</code>

===== lineinfile module =====
  * [[https://docs.ansible.com/ansible/latest/collections/ansible/builtin/lineinfile_module.html|lineinfile module]]
  * 파일 내의 줄들을 관리한다. 내용을 추가하거나, 변경하거나.
  * [[linux:sed|Linux sed]] 대체.

=====  =====
  * [[https://docs.ansible.com/ansible/latest/collections/ansible/builtin/blockinfile_module.html|blockinfile module]]
  * 파일 내의 특정 블록을 추가,사제,변경한다.
===== replace module =====
  * [[https://docs.ansible.com/ansible/latest/collections/ansible/builtin/replace_module.html|replace module]]
  * [[:regex|RegEx]]로 파일 내용 교체
===== 참조 =====
  * [[https://www.youtube.com/playlist?list=PLT98CRl2KxKEUHie1m24-wkyHpEsa4Y70|Getting started with Ansible - YouTube]] : 매우 쉽게 Ansible 설명.
  * [[http://knight76.tistory.com/1977|ansible tomcat]]
  * [[http://brownbears.tistory.com/358|Ansible이란?]]
  * [[https://skyoo2003.github.io/post/2017/11/14/ansible-module-develop|Ansible Module 개발하기 - 📚 Devlog in the SKY 📚]]
  * [[http://theeye.pe.kr/archives/2597|Ansible Playbook 정리 | 아이군의 블로그]]
  * [[https://www.ansible.com/blog/ansible-tips-and-tricks-dealing-with-unreliable-connections-and-services|Ansible Tips and Tricks: Dealing with Unreliable Connections and Services]]
  * [[https://www.lesstif.com/ansible/windows-ansible-95879887.html|Windows 에 Ansible 설치하기]]