I’m playing a lot with Ansible those days and one of the topics that does come up all the time is how do I set certain values in config files that are not plain-text or .ini style? Special mention goes to Apache configs that are neither plain-text nor XML (ugh) and tomcat (well at least it’s XML…).
Augeas is a swiss-army-knife for a sysadmin as it “understands” multiple configuration formats (lens’) and can deal with them in it’s own way.
So here’s what I needed to do: Setting up ownCloud VM on Fedora 20 I needed to edit /etc/httpd.d/conf.d/owncloud.conf file to override default restriction for localhost, in other words adding Require all granted to the end of <Directory "/usr/share/owncloud"> section. Perl and Python are fun but you practically need to build your own parser. Not me. Not today. So here’s how we handle things with augeas:
create command file /tmp/ocloud_aug, like so:
defvar conf /files/etc/httpd/conf.d/owncloud.conf load # Get <Directory "/usr/share/owncloud"> subtree defvar ocloud_dir $conf/Directory[arg="/usr/share/owncloud/"] touch $ocloud_dir/directive[last()+1] defvar last_stmt $ocloud_dir/directive[last()] set $last_stmt Require set $last_stmt/arg[1] all set $last_stmt/arg[2] granted save
Hint: before going around modifying your live system consider one of two testing methods:
- setup $AUGEAS_ROOT to whatever directory you want to play in:
# mkdir /tmp/aug # export AUGEAS_ROOT=/tmp/aug # cp -r /etc $AUGEAS_ROOT
- adding “-n” flag to augtool invocation:
# augtool -n ...
So now from:
...
<Directory "/usr/share/owncloud">
...
Require local
...
</Directory>
we get
...
<Directory "/usr/share/owncloud">
...
Require local
...
Require all granted
</Directory>
after we run:
# augtool -f /tmp/ocloud_aug
That just about solves our problem of programmatically adding configuration lines. We could also remove offending “Require local”:
rm $ocloud_dir/*/*[self::directive="Require"][arg='local']
Since you’re mentioning Ansible, have you checked the Ansible Augeas module at https://github.com/paluh/ansible-augeas ?
I certainly did. However it has it’s limitations and quirks. I am in a process of implementing my own using some ideas and findings from it though https://github.com/droopy4096/ansible-owncloud/library with the thought of maybe combining the two and asking original author for merge. Maybe that’ll get it included upstream. For the sample playbook check out https://github.com/droopy4096/ansible-owncloud/blob/master/augeas.yml