| parameter | required | default | choices | comments |
|---|---|---|---|---|
| backup |
no | no |
|
Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly. |
| block |
no | The text to insert inside the marker lines. If it's missing or an empty string, the block will be removed as if
state were specified to absent.aliases: content | ||
| create |
no | no |
|
Create a new file if it doesn't exist. |
| dest |
yes | The file to modify.
aliases: name, destfile | ||
| follow (added in 1.8) |
no | no |
|
This flag indicates that filesystem links, if they exist, should be followed. |
| group |
no | name of the group that should own the file/directory, as would be fed to chown | ||
| insertafter |
no | EOF |
|
If specified, the block will be inserted after the last match of specified regular expression. A special value is available; EOF for inserting the block at the end of the file. If specified regular expresion has no matches, EOF will be used instead. |
| insertbefore |
no |
|
If specified, the block will be inserted before the last match of specified regular expression. A special value is available; BOF for inserting the block at the beginning of the file. If specified regular expresion has no matches, the block will be inserted at the end of the file. | |
| marker |
no | # {mark} ANSIBLE MANAGED BLOCK | The marker line template. "{mark}" will be replaced with "BEGIN" or "END". | |
| mode |
no | mode the file or directory should be. For those used to /usr/bin/chmod remember that modes are actually octal numbers (like 0644). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode may be specified as a symbolic mode (for example, u+rwx or u=rw,g=r,o=r). | ||
| owner |
no | name of the user that should own the file/directory, as would be fed to chown | ||
| selevel |
no | s0 | level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the range. _default feature works as for seuser. | |
| serole |
no | role part of SELinux file context, _default feature works as for seuser. | ||
| setype |
no | type part of SELinux file context, _default feature works as for seuser. | ||
| seuser |
no | user part of SELinux file context. Will default to system policy, if applicable. If set to _default, it will use the user portion of the policy if available | ||
| state |
no | present |
|
Whether the block should be there or not. |
| validate |
no | None | The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work. |
Last updated on {{ansible_date_time.iso8601}}
``` ```yaml - name: remove HTML as well as surrounding markers blockinfile: dest: /var/www/html/index.html marker: "" content: "" ``` ## Requirements None. ## Role Variables None. ## Dependencies None. ## Example Playbook Complete playbook that makes SSH password authentication for specific user prohibited, then restarts sshd if needed. ```yaml --- - hosts: all remote_user: ansible-agent sudo: yes roles: - yaegashi.blockinfile tasks: - name: Prohibit SSH password authentication for $SUDO_USER blockinfile: dest: /etc/ssh/sshd_config backup: yes content: | Match User {{ansible_env.SUDO_USER}} PasswordAuthentication no notify: Restart sshd handlers: - name: Restart sshd service name: ssh state: restarted ``` ## License GPLv3+ ## Author Information [YAEGASHI Takeshi](https://github.com/yaegashi)