假设我想从 ansible 运行以下任务:
- name: dns-cloudflare | Request certificate
ansible.builtin.shell:
cmd: certbot certonly \
--dns-cloudflare \
--dns-cloudflare-credentials {{ certbot_cloudflare_credentials_file }} \
--non-interactive \
--agree-tos \
--expand \
--email {{ certbot_email }} \
--domain {{ __domains }}
args:
executable: /bin/bash
creates: "{{ certbot_directory }}/{{ item.name }}/{{ item.name }}/cert.pem"
我用这样的块构建它:
certbot_cert:
- name: test1.example.com
cn:
- test2-cn.example.com
post-hook: systemctl restart apache2
- name: test3.example.com
我想将 --post-hook 参数添加到我的 certbot 命令中,具体取决于
item.post-hook--post-hook 'systemctl restart apache2'我怎样才能实现这个目标?
我尝试了变量和过滤器,并通读了文档,但没有找到正确的方法来处理 is。对于每个可能的可选参数重复此任务多次不应该是这样。
您编写
cmd\像这样:
- hosts: localhost
gather_facts: false
vars:
certbot_cloudflare_credentials_file: creds.conf
certbot_email: [email protected]
__domains: example.com
certbot_directory: certs
certbot_cert:
- name: test1.example.com
cn:
- test2-cn.example.com
post-hook: systemctl restart apache2
- name: test3.example.com
tasks:
- name: dns-cloudflare | Request certificate
loop: "{{ certbot_cert }}"
ansible.builtin.shell:
cmd: certbot certonly
--dns-cloudflare
--dns-cloudflare-credentials "{{ certbot_cloudflare_credentials_file }}"
--non-interactive
--agree-tos
--expand
--email "{{ certbot_email }}"
--domain "{{ __domains }}"
{% if 'post-hook' in item %}
--post-hook "{{ item["post-hook"] }}"
{% endif %}
args:
executable: /bin/bash
creates: "{{ certbot_directory }}/{{ item.name }}/{{ item.name }}/cert.pem"
对于
certbot_certcertbot certonly --dns-cloudflare --dns-cloudflare-credentials creds.conf --non-interactive --agree-tos --expand --email [email protected] --domain example.com --post-hook systemctl restart apache2
对于第二行,它将运行:
certbot certonly --dns-cloudflare --dns-cloudflare-credentials creds.conf --non-interactive --agree-tos --expand --email [email protected] --domain example.com