Reputation: 113
How can I get Ansible to execute multiple commands using with_items?
I want to configure UFW to allow connections to port 80 from a list of IP addresses, using Ansible:
tasks:
- name: Allow port 80 HTTP
action: shell ufw allow from {{item}} to any 80/tcp
with_items: allowed_ips
The list of IP addresses is stored as a hash in a YAML file, in my playbook's vars/ directory:
---
allowed_ips:
xxx.xxx.xxx.xxx
xxx.xxx.xxx.xxx
I'm using with_items to pull the IP addresses into the command but when Ansible runs the playbook it concatenates the IP addresses, inserting a space between each IP:
ufw allow from xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx to any 80/tcp
ufw doesn't accept this syntax, so I'd like to run ufw once for each IP address. How can I do that?
Upvotes: 1
Views: 4044
Answers (2)
Reputation: 9346
Ansible 1.6 has a module to manage ufw. http://docs.ansible.com/ufw_module.html It supports lists you are trying to achieve.
ufw: rule=allow src={{ item }} port=80 proto=tcp
with_items:
- 10.0.0.0/8
- 172.16.0.0/12
- 192.168.0.0/16
Alternatively, you can try https://galaxy.ansible.com which has a couple of ready to use roles for ufw, some of those also support lists of IPs.
Upvotes: 5
Reputation: 10648
Ansible behaves correctly as currently allowed_ips is not a list but a single variable. Make the variable a YAML list:
---
allowed_ips:
- xxx.xxx.xxx.xxx
- xxx.xxx.xxx.xxx
Now the action is executed as many times as there is items in the allowed_ips list.
Upvotes: 2
Related Questions
- Multiple with_items in an Ansible module block
- Apply with_items on multiple tasks
- Ansible shell and with_items
- Issues with multiple with_items in a task
- Use two with_items loops in one Task
- Running with_items inside with_items
- Multiple with_items in same task
- How to use Ansible command with items?
- Run ansible via command line using with_items
- Multiple actions for with_items