Author: daemon

I’m playing a lot with Ansible those days and one of the topics that does come up all the time is how do I set certain values in config files that are not plain-text or .ini style? Special mention goes to Apache configs that are neither plain-text nor XML (ugh) and tomcat (well at least it’s XML…).

Augeas is a swiss-army-knife for a sysadmin as it “understands” multiple configuration formats (lens’) and can deal with them in it’s own way.

So here’s what I needed to do: Setting up ownCloud VM on Fedora 20 I needed to edit /etc/httpd.d/conf.d/owncloud.conf file to override default restriction for localhost, in other words adding Require all granted to the end of <Directory "/usr/share/owncloud"> section. Perl and Python are fun but you practically need to build your own parser. Not me. Not today. So here’s how we handle things with augeas:

create command file /tmp/ocloud_aug, like so:

defvar conf /files/etc/httpd/conf.d/owncloud.conf
load

# Get <Directory "/usr/share/owncloud"> subtree
defvar ocloud_dir $conf/Directory[arg="/usr/share/owncloud/"]

touch $ocloud_dir/directive[last()+1]
defvar last_stmt $ocloud_dir/directive[last()]
set $last_stmt Require
set $last_stmt/arg[1] all
set $last_stmt/arg[2] granted
save

Hint: before going around modifying your live system consider one of two testing methods:

• setup $AUGEAS_ROOT to whatever directory you want to play in:

  # mkdir /tmp/aug
  # export AUGEAS_ROOT=/tmp/aug
  # cp -r /etc $AUGEAS_ROOT

• adding “-n” flag to augtool invocation:

  # augtool -n ...

So now from:

...
<Directory "/usr/share/owncloud">
...
      Require local
...
</Directory>

we get

...
<Directory "/usr/share/owncloud">
...
      Require local
...
Require all granted
</Directory>

after we run:

# augtool -f /tmp/ocloud_aug

That just about solves our problem of programmatically adding configuration lines. We could also remove offending “Require local”:

rm $ocloud_dir/*/*[self::directive="Require"][arg='local']