I’m playing a lot with Ansible those days and one of the topics that does come up all the time is how do I set certain values in config files that are not plain-text or .ini style? Special mention goes to Apache configs that are neither plain-text nor XML (ugh) and tomcat (well at least it’s XML…).
Augeas is a swiss-army-knife for a sysadmin as it “understands” multiple configuration formats (lens’) and can deal with them in it’s own way.
So here’s what I needed to do: Setting up ownCloud VM on Fedora 20 I needed to edit /etc/httpd.d/conf.d/owncloud.conf file to override default restriction for localhost, in other words adding
Require all granted to the end of
<Directory "/usr/share/owncloud"> section. Perl and Python are fun but you practically need to build your own parser. Not me. Not today. So here’s how we handle things with augeas:
create command file /tmp/ocloud_aug, like so:
defvar conf /files/etc/httpd/conf.d/owncloud.conf load # Get <Directory "/usr/share/owncloud"> subtree defvar ocloud_dir $conf/Directory[arg="/usr/share/owncloud/"] touch $ocloud_dir/directive[last()+1] defvar last_stmt $ocloud_dir/directive[last()] set $last_stmt Require set $last_stmt/arg all set $last_stmt/arg granted save
Hint: before going around modifying your live system consider one of two testing methods:
- setup $AUGEAS_ROOT to whatever directory you want to play in:
# mkdir /tmp/aug # export AUGEAS_ROOT=/tmp/aug # cp -r /etc $AUGEAS_ROOT
- adding “-n” flag to augtool invocation:
# augtool -n ...
So now from:
... <Directory "/usr/share/owncloud"> ... Require local ... </Directory>
... <Directory "/usr/share/owncloud"> ... Require local ... Require all granted </Directory>
after we run:
# augtool -f /tmp/ocloud_aug
That just about solves our problem of programmatically adding configuration lines. We could also remove offending “Require local”: