askadm
/
ansible.azure.automation
1
0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
Ansible repository with playbooks to manage azure objects
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
7 Révisions
1 Branche
185 KiB
 
 
 
Aborescence: 61afb7f682
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '61afb7f682'
${ noResults }
ansible.azure.automation/ansible.cfg

514 lignes
21 KiB
Brut Annotations Historique 

  1. # config file for ansible -- https://ansible.com/

  2. # ===============================================

  3. 

  4. # nearly all parameters can be overridden in ansible-playbook

  5. # or with command line flags. ansible will read ANSIBLE_CONFIG,

  6. # ansible.cfg in the current working directory, .ansible.cfg in

  7. # the home directory or /etc/ansible/ansible.cfg, whichever it

  8. # finds first

  9. 

  10. [defaults]

  11. 

  12. # some basic default values...

  13. 

  14. inventory      = ./inventory

  15. #interpreter_python = /usr/bin/python3

  16. #library        = /usr/share/my_modules/

  17. #module_utils   = /usr/share/my_module_utils/

  18. remote_tmp     = ~/.ansible/tmp

  19. local_tmp      = ./.ansible/tmp

  20. #plugin_filters_cfg = /etc/ansible/plugin_filters.yml

  21. forks          = 5

  22. # This is the default group of hosts to talk to in a playbook

  23. # if no “hosts:” stanza is supplied.

  24. # The default is to talk to all hosts.

  25. pattern        = localhost

  26. #poll_interval  = 15

  27. #sudo_user      = root

  28. #ask_sudo_pass = True

  29. #ask_pass      = True

  30. #transport      = smart

  31. #remote_port    = 22

  32. #module_lang    = C

  33. #module_set_locale = False

  34. 

  35. # plays will gather facts by default, which contain information about

  36. # the remote system.

  37. #

  38. # smart - gather by default, but don't regather if already gathered

  39. # implicit - gather by default, turn off with gather_facts: False

  40. # explicit - do not gather by default, must say gather_facts: True

  41. #gathering = implicit

  42. gathering = smart

  43. 

  44. # This only affects the gathering done by a play's gather_facts directive,

  45. # by default gathering retrieves all facts subsets

  46. # all - gather all subsets

  47. # network - gather min and network facts

  48. # hardware - gather hardware facts (longest facts to retrieve)

  49. # virtual - gather min and virtual facts

  50. # facter - import facts from facter

  51. # ohai - import facts from ohai

  52. # You can combine them using comma (ex: network,virtual)

  53. # You can negate them using ! (ex: !hardware,!facter,!ohai)

  54. # A minimal set of facts is always gathered.

  55. #gather_subset = all

  56. gather_subset = network,virtual

  57. 

  58. # some hardware related facts are collected

  59. # with a maximum timeout of 10 seconds. This

  60. # option lets you increase or decrease that

  61. # timeout to something more suitable for the

  62. # environment.

  63. # gather_timeout = 10

  64. 

  65. # Ansible facts are available inside the ansible_facts.* dictionary

  66. # namespace. This setting maintains the behaviour which was the default prior

  67. # to 2.5, duplicating these variables into the main namespace, each with a

  68. # prefix of 'ansible_'.

  69. # This variable is set to True by default for backwards compatibility. It

  70. # will be changed to a default of 'False' in a future release.

  71. # ansible_facts.

  72. # inject_facts_as_vars = True

  73. inject_facts_as_vars = False

  74. 

  75. # additional paths to search for roles in, colon separated

  76. roles_path    = ./roles

  77. 

  78. # uncomment this to disable SSH key host checking

  79. #host_key_checking = False

  80. 

  81. # change the default callback, you can only have one 'stdout' type  enabled at a time.

  82. #stdout_callback = skippy

  83. 

  84. 

  85. ## Ansible ships with some plugins that require whitelisting,

  86. ## this is done to avoid running all of a type by default.

  87. ## These setting lists those that you want enabled for your system.

  88. ## Custom plugins should not need this unless plugin author specifies it.

  89. 

  90. # enable callback plugins, they can output to stdout but cannot be 'stdout' type.

  91. #callback_whitelist = timer, mail

  92. callback_whitelist = timer

  93. 

  94. # Determine whether includes in tasks and handlers are "static" by

  95. # default. As of 2.0, includes are dynamic by default. Setting these

  96. # values to True will make includes behave more like they did in the

  97. # 1.x versions.

  98. #task_includes_static = False

  99. #handler_includes_static = False

  100. 

  101. # Controls if a missing handler for a notification event is an error or a warning

  102. #error_on_missing_handler = True

  103. 

  104. # change this for alternative sudo implementations

  105. #sudo_exe = sudo

  106. 

  107. # What flags to pass to sudo

  108. # WARNING: leaving out the defaults might create unexpected behaviours

  109. #sudo_flags = -H -S -n

  110. 

  111. # SSH timeout

  112. #timeout = 10

  113. 

  114. # default user to use for playbooks if user is not specified

  115. # (/usr/bin/ansible will use current user as default)

  116. #remote_user = root

  117. 

  118. # logging is off by default unless this path is defined

  119. # if so defined, consider logrotate

  120. #log_path = /var/log/ansible.log

  121. 

  122. # default module name for /usr/bin/ansible

  123. #module_name = command

  124. 

  125. # use this shell for commands executed under sudo

  126. # you may need to change this to bin/bash in rare instances

  127. # if sudo is constrained

  128. #executable = /bin/sh

  129. 

  130. # if inventory variables overlap, does the higher precedence one win

  131. # or are hash values merged together?  The default is 'replace' but

  132. # this can also be set to 'merge'.

  133. #hash_behaviour = replace

  134. 

  135. # by default, variables from roles will be visible in the global variable

  136. # scope. To prevent this, the following option can be enabled, and only

  137. # tasks and handlers within the role will see the variables there

  138. #private_role_vars = yes

  139. 

  140. # list any Jinja2 extensions to enable here:

  141. #jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n

  142. 

  143. # if set, always use this private key file for authentication, same as

  144. # if passing --private-key to ansible or ansible-playbook

  145. #private_key_file = /path/to/file

  146. 

  147. # If set, configures the path to the Vault password file as an alternative to

  148. # specifying --vault-password-file on the command line.

  149. #vault_password_file = /path/to/vault_password_file

  150. 

  151. # format of string {{ ansible_managed }} available within Jinja2

  152. # templates indicates to users editing templates files will be replaced.

  153. # replacing {file}, {host} and {uid} and strftime codes with proper values.

  154. #ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host}

  155. # {file}, {host}, {uid}, and the timestamp can all interfere with idempotence

  156. # in some situations so the default is a static string:

  157. #ansible_managed = Ansible managed

  158. 

  159. # by default, ansible-playbook will display "Skipping [host]" if it determines a task

  160. # should not be run on a host.  Set this to "False" if you don't want to see these "Skipping"

  161. # messages. NOTE: the task header will still be shown regardless of whether or not the

  162. # task is skipped.

  163. #display_skipped_hosts = True

  164. 

  165. # by default, if a task in a playbook does not include a name: field then

  166. # ansible-playbook will construct a header that includes the task's action but

  167. # not the task's args.  This is a security feature because ansible cannot know

  168. # if the *module* considers an argument to be no_log at the time that the

  169. # header is printed.  If your environment doesn't have a problem securing

  170. # stdout from ansible-playbook (or you have manually specified no_log in your

  171. # playbook on all of the tasks where you have secret information) then you can

  172. # safely set this to True to get more informative messages.

  173. #display_args_to_stdout = False

  174. 

  175. # by default (as of 1.3), Ansible will raise errors when attempting to dereference

  176. # Jinja2 variables that are not set in templates or action lines. Uncomment this line

  177. # to revert the behavior to pre-1.3.

  178. #error_on_undefined_vars = False

  179. 

  180. # by default (as of 1.6), Ansible may display warnings based on the configuration of the

  181. # system running ansible itself. This may include warnings about 3rd party packages or

  182. # other conditions that should be resolved if possible.

  183. # to disable these warnings, set the following value to False:

  184. #system_warnings = True

  185. 

  186. # by default (as of 1.4), Ansible may display deprecation warnings for language

  187. # features that should no longer be used and will be removed in future versions.

  188. # to disable these warnings, set the following value to False:

  189. #deprecation_warnings = True

  190. 

  191. # (as of 1.8), Ansible can optionally warn when usage of the shell and

  192. # command module appear to be simplified by using a default Ansible module

  193. # instead.  These warnings can be silenced by adjusting the following

  194. # setting or adding warn=yes or warn=no to the end of the command line

  195. # parameter string.  This will for example suggest using the git module

  196. # instead of shelling out to the git command.

  197. # command_warnings = False

  198. 

  199. 

  200. # set plugin path directories here, separate with colons

  201. #action_plugins     = /usr/share/ansible/plugins/action

  202. #become_plugins     = /usr/share/ansible/plugins/become

  203. #cache_plugins      = /usr/share/ansible/plugins/cache

  204. #callback_plugins   = /usr/share/ansible/plugins/callback

  205. #connection_plugins = /usr/share/ansible/plugins/connection

  206. #lookup_plugins     = /usr/share/ansible/plugins/lookup

  207. #inventory_plugins  = /usr/share/ansible/plugins/inventory

  208. #vars_plugins       = /usr/share/ansible/plugins/vars

  209. #filter_plugins     = /usr/share/ansible/plugins/filter

  210. #test_plugins       = /usr/share/ansible/plugins/test

  211. #terminal_plugins   = /usr/share/ansible/plugins/terminal

  212. #strategy_plugins   = /usr/share/ansible/plugins/strategy

  213. 

  214. 

  215. # by default, ansible will use the 'linear' strategy but you may want to try

  216. # another one

  217. #strategy = free

  218. 

  219. # by default callbacks are not loaded for /bin/ansible, enable this if you

  220. # want, for example, a notification or logging callback to also apply to

  221. # /bin/ansible runs

  222. #bin_ansible_callbacks = False

  223. 

  224. 

  225. # don't like cows?  that's unfortunate.

  226. # set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1

  227. #nocows = 1

  228. 

  229. # set which cowsay stencil you'd like to use by default. When set to 'random',

  230. # a random stencil will be selected for each task. The selection will be filtered

  231. # against the `cow_whitelist` option below.

  232. #cow_selection = default

  233. #cow_selection = random

  234. 

  235. # when using the 'random' option for cowsay, stencils will be restricted to this list.

  236. # it should be formatted as a comma-separated list with no spaces between names.

  237. # NOTE: line continuations here are for formatting purposes only, as the INI parser

  238. #       in python does not support them.

  239. #cow_whitelist=bud-frogs,bunny,cheese,daemon,default,dragon,elephant-in-snake,elephant,eyes,\

  240. #              hellokitty,kitty,luke-koala,meow,milk,moofasa,moose,ren,sheep,small,stegosaurus,\

  241. #              stimpy,supermilker,three-eyes,turkey,turtle,tux,udder,vader-koala,vader,www

  242. 

  243. # don't like colors either?

  244. # set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1

  245. #nocolor = 1

  246. 

  247. # if set to a persistent type (not 'memory', for example 'redis') fact values

  248. # from previous runs in Ansible will be stored.  This may be useful when

  249. # wanting to use, for example, IP information from one group of servers

  250. # without having to talk to them in the same playbook run to get their

  251. # current IP information.

  252. #fact_caching = memory

  253. fact_caching = jsonfile

  254. 

  255. #This option tells Ansible where to cache facts. The value is plugin dependent.

  256. #For the jsonfile plugin, it should be a path to a local directory.

  257. #For the redis plugin, the value is a host:port:database triplet: fact_caching_connection = localhost:6379:0

  258. 

  259. fact_caching_connection=./.ansible/tmp

  260. 

  261. 

  262. # retry files

  263. # When a playbook fails a .retry file can be created that will be placed in ~/

  264. # You can enable this feature by setting retry_files_enabled to True

  265. # and you can change the location of the files by setting retry_files_save_path

  266. 

  267. #retry_files_enabled = False

  268. #retry_files_save_path = ~/.ansible-retry

  269. 

  270. # squash actions

  271. # Ansible can optimise actions that call modules with list parameters

  272. # when looping. Instead of calling the module once per with_ item, the

  273. # module is called once with all items at once. Currently this only works

  274. # under limited circumstances, and only with parameters named 'name'.

  275. #squash_actions = apk,apt,dnf,homebrew,pacman,pkgng,yum,zypper

  276. 

  277. # prevents logging of task data, off by default

  278. #no_log = False

  279. 

  280. # prevents logging of tasks, but only on the targets, data is still logged on the master/controller

  281. #no_target_syslog = False

  282. 

  283. # controls whether Ansible will raise an error or warning if a task has no

  284. # choice but to create world readable temporary files to execute a module on

  285. # the remote machine.  This option is False by default for security.  Users may

  286. # turn this on to have behaviour more like Ansible prior to 2.1.x.  See

  287. # https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user

  288. # for more secure ways to fix this than enabling this option.

  289. #allow_world_readable_tmpfiles = False

  290. 

  291. # controls the compression level of variables sent to

  292. # worker processes. At the default of 0, no compression

  293. # is used. This value must be an integer from 0 to 9.

  294. #var_compression_level = 9

  295. 

  296. # controls what compression method is used for new-style ansible modules when

  297. # they are sent to the remote system.  The compression types depend on having

  298. # support compiled into both the controller's python and the client's python.

  299. # The names should match with the python Zipfile compression types:

  300. # * ZIP_STORED (no compression. available everywhere)

  301. # * ZIP_DEFLATED (uses zlib, the default)

  302. # These values may be set per host via the ansible_module_compression inventory

  303. # variable

  304. #module_compression = 'ZIP_DEFLATED'

  305. 

  306. # This controls the cutoff point (in bytes) on --diff for files

  307. # set to 0 for unlimited (RAM may suffer!).

  308. #max_diff_size = 1048576

  309. 

  310. # This controls how ansible handles multiple --tags and --skip-tags arguments

  311. # on the CLI.  If this is True then multiple arguments are merged together.  If

  312. # it is False, then the last specified argument is used and the others are ignored.

  313. # This option will be removed in 2.8.

  314. #merge_multiple_cli_flags = True

  315. 

  316. # Controls showing custom stats at the end, off by default

  317. #show_custom_stats = True

  318. 

  319. # Controls which files to ignore when using a directory as inventory with

  320. # possibly multiple sources (both static and dynamic)

  321. inventory_ignore_extensions = ~, .orig, .bak, .ini, .cfg, .retry, .pyc, .pyo

  322. 

  323. # This family of modules use an alternative execution path optimized for network appliances

  324. # only update this setting if you know how this works, otherwise it can break module execution

  325. #network_group_modules=eos, nxos, ios, iosxr, junos, vyos

  326. 

  327. # When enabled, this option allows lookups (via variables like {{lookup('foo')}} or when used as

  328. # a loop with `with_foo`) to return data that is not marked "unsafe". This means the data may contain

  329. # jinja2 templating language which will be run through the templating engine.

  330. # ENABLING THIS COULD BE A SECURITY RISK

  331. #allow_unsafe_lookups = False

  332. 

  333. # set default errors for all plays

  334. #any_errors_fatal = False

  335. 

  336. [inventory]

  337. # enable inventory plugins, default: 'host_list', 'script', 'auto', 'yaml', 'ini', 'toml'

  338. #enable_plugins = host_list, virtualbox, yaml, constructed, aws_ec2

  339. enable_plugins = host_list, azure_rm, script

  340. 

  341. # ignore these extensions when parsing a directory as inventory source

  342. ignore_extensions = .pyc, .pyo, .swp, .bak, ~, .rpm, .md, .txt, ~, .orig, .ini, .cfg, .retry

  343. 

  344. # ignore files matching these patterns when parsing a directory as inventory source

  345. #ignore_patterns=

  346. 

  347. # If 'true' unparsed inventory sources become fatal errors, they are warnings otherwise.

  348. #unparsed_is_failed=False

  349. 

  350. [privilege_escalation]

  351. #become=True

  352. become_method=sudo

  353. become_user=root

  354. become_ask_pass=False

  355. 

  356. [paramiko_connection]

  357. 

  358. # uncomment this line to cause the paramiko connection plugin to not record new host

  359. # keys encountered.  Increases performance on new host additions.  Setting works independently of the

  360. # host key checking setting above.

  361. record_host_keys=False

  362. 

  363. # by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this

  364. # line to disable this behaviour.

  365. #pty=False

  366. 

  367. # paramiko will default to looking for SSH keys initially when trying to

  368. # authenticate to remote devices.  This is a problem for some network devices

  369. # that close the connection after a key failure.  Uncomment this line to

  370. # disable the Paramiko look for keys function

  371. #look_for_keys = False

  372. 

  373. # When using persistent connections with Paramiko, the connection runs in a

  374. # background process.  If the host doesn't already have a valid SSH key, by

  375. # default Ansible will prompt to add the host key.  This will cause connections

  376. # running in background processes to fail.  Uncomment this line to have

  377. # Paramiko automatically add host keys.

  378. host_key_auto_add = True

  379. 

  380. [ssh_connection]

  381. 

  382. # ssh arguments to use

  383. # Leaving off ControlPersist will result in poor performance, so use

  384. # paramiko on older platforms rather than removing it, -C controls compression use

  385. #ssh_args = -C -o ControlMaster=auto -o ControlPersist=60s

  386. ssh_args = -C -o ControlMaster=auto -o ControlPersist=30m

  387. 

  388. # The base directory for the ControlPath sockets.

  389. # This is the "%(directory)s" in the control_path option

  390. #

  391. # Example:

  392. # control_path_dir = /tmp/.ansible/cp

  393. control_path_dir = ./.ansible/cp

  394. 

  395. # The path to use for the ControlPath sockets. This defaults to a hashed string of the hostname,

  396. # port and username (empty string in the config). The hash mitigates a common problem users

  397. # found with long hostnames and the conventional %(directory)s/ansible-ssh-%%h-%%p-%%r format.

  398. # In those cases, a "too long for Unix domain socket" ssh error would occur.

  399. #

  400. # Example:

  401. # control_path = %(directory)s/%%h-%%r

  402. #control_path =

  403. 

  404. # Enabling pipelining reduces the number of SSH operations required to

  405. # execute a module on the remote server. This can result in a significant

  406. # performance improvement when enabled, however when using "sudo:" you must

  407. # first disable 'requiretty' in /etc/sudoers

  408. #

  409. # By default, this option is disabled to preserve compatibility with

  410. # sudoers configurations that have requiretty (the default on many distros).

  411. #

  412. pipelining = False

  413. #pipelining = True

  414. 

  415. # Control the mechanism for transferring files (old)

  416. #   * smart = try sftp and then try scp [default]

  417. #   * True = use scp only

  418. #   * False = use sftp only

  419. #scp_if_ssh = smart

  420. 

  421. # Control the mechanism for transferring files (new)

  422. # If set, this will override the scp_if_ssh option

  423. #   * sftp  = use sftp to transfer files

  424. #   * scp   = use scp to transfer files

  425. #   * piped = use 'dd' over SSH to transfer files

  426. #   * smart = try sftp, scp, and piped, in that order [default]

  427. #transfer_method = smart

  428. transfer_method = piped

  429. 

  430. # if False, sftp will not use batch mode to transfer files. This may cause some

  431. # types of file transfer failures impossible to catch however, and should

  432. # only be disabled if your sftp version has problems with batch mode

  433. #sftp_batch_mode = False

  434. 

  435. # The -tt argument is passed to ssh when pipelining is not enabled because sudo 

  436. # requires a tty by default. 

  437. usetty = True

  438. 

  439. # Number of times to retry an SSH connection to a host, in case of UNREACHABLE.

  440. # For each retry attempt, there is an exponential backoff,

  441. # so after the first attempt there is 1s wait, then 2s, 4s etc. up to 30s (max).

  442. #retries = 3

  443. 

  444. [persistent_connection]

  445. 

  446. # Configures the persistent connection timeout value in seconds.  This value is

  447. # how long the persistent connection will remain idle before it is destroyed.

  448. # If the connection doesn't receive a request before the timeout value

  449. # expires, the connection is shutdown. The default value is 30 seconds.

  450. connect_timeout = 30

  451. 

  452. # The command timeout value defines the amount of time to wait for a command

  453. # or RPC call before timing out. The value for the command timeout must

  454. # be less than the value of the persistent connection idle timeout (connect_timeout)

  455. # The default value is 30 second.

  456. command_timeout = 15

  457. 

  458. # Configures the persistent connection retry timeout.  This value configures the

  459. # the retry timeout that ansible-connection will wait to connect

  460. # to the local domain socket. This value must be larger than the

  461. # ssh timeout (timeout) and less than persistent connection idle timeout (connect_timeout).

  462. # The default value is 15 seconds.

  463. connect_retry_timeout = 15

  464. 

  465. [accelerate]

  466. accelerate_port = 5099

  467. accelerate_timeout = 30

  468. accelerate_connect_timeout = 5.0

  469. 

  470. # The daemon timeout is measured in minutes. This time is measured

  471. # from the last activity to the accelerate daemon.

  472. accelerate_daemon_timeout = 30

  473. 

  474. # If set to yes, accelerate_multi_key will allow multiple

  475. # private keys to be uploaded to it, though each user must

  476. # have access to the system via SSH to add a new key. The default

  477. # is "no".

  478. accelerate_multi_key = yes

  479. 

  480. [selinux]

  481. # file systems that require special treatment when dealing with security context

  482. # the default behaviour that copies the existing context or uses the user default

  483. # needs to be changed to use the file system dependent context.

  484. #special_context_filesystems=nfs,vboxsf,fuse,ramfs,9p

  485. 

  486. # Set this to yes to allow libvirt_lxc connections to work without SELinux.

  487. #libvirt_lxc_noseclabel = yes

  488. 

  489. [colors]

  490. #highlight = white

  491. #verbose = blue

  492. verbose = bright green

  493. #warn = bright purple

  494. warn = bright blue

  495. #error = red

  496. #debug = dark gray

  497. #deprecate = purple

  498. deprecate = blue

  499. #skip = cyan

  500. #unreachable = red

  501. #ok = green

  502. #changed = yellow

  503. #diff_add = green

  504. #diff_remove = red

  505. #diff_lines = cyan

  506. 

  507. 

  508. [diff]

  509. # Always print diff when running ( same as always running with -D/--diff )

  510. # always = no

  511. 

  512. # Set how many context lines to show in diff

  513. # context = 3