当前位置：首页 > news >正文

linux系统ansible的jiaja2的语法和简单剧本编写

news 2025/8/20 16:03:20

jianja2语法和简单剧本

- jinja2语法
- - Jinja default()设定
  - if语句
  - for语句
- ansiblejiaja2的使用
- - ansible目录结构：
  - tasks目录下文件内容：
  - nginx模板文件
  - ansible变量文件
  - ansible主playbook文件
  - 测试并执行：
  - 查看检测执行结果
- 剧本编写
- - 安装apache
  - 安装mysql

jinja2语法

Jinja default()设定

default()默认值的设定有助于程序的健壮性和简洁性。Jinja也支持该功能，生成Mysql配置文件中的端口定义，如果指定则PORT=3136，否则PORT=3306，改造为使用default()bind_address=ip:{{ PORT | default(3306) }}

if语句

if判断语句的语法结构，如下：
{% if条件一 %}
{% elif 条件二%}
{% elif 条件N %}
{% endif %}{% if age > 30 %}
1
{% elif age < 18 %}
2
{% else %}
3
{% endif %}

for语句

for循环的基本语法如下：
{%for 迭代变量in 可迭代对象%}
{{迭代变量}}
{%endfor%}{% for i in range(10) %}
{{ i }}
{% endfor %}

ansiblejiaja2的使用

说明：ansible使用jiaja2生成nginx一个模板多种不同配置

ansible目录结构：

# cd roles/nginx_conf/
#tree
.
├── files
├── meta
│   └── main.yml
├── tasks
│   ├── file.yml
│   └── main.yml
├── templates
│   └── nginx.conf.j2
└── vars└── main.yml

tasks目录下文件内容：

#cat tasks/file.yml 
- name: nginx.j2 template transfer example template: src=nginx.conf.j2 dest=/etc/nginx/nginx.conf.template#cat tasks/main.yml 
- include: file.yml

nginx模板文件

#cat templates/nginx.conf.j2 
{% if nginx_use_proxy %}
{% for proxy in nginx_proxies %}
upstream {{ proxy.name }}#server 127.0.0.1:{{ proxy.port }};server {{ ansible_eth0.ipv4.address }}:{{ proxy.port }};
}
{% endfor %}
{% endif%}server {listen 80;servername {{ nginx_server_name }};access_log off;error_log /etc/nginx/nginx_error.log;rewrite ^ https://$server_name$request_uri? permanent;
}server {listen 443 ssl;server_name {{ nginx_server_name }};ssl_certificate /etc/nginx/ssl/{{ nginx_ssl_cert_name }};ssl_certificate_key /etc/nginx/ssl/{{ nginx_ssl_cert_key }};root {{ nginx_web_root }};index index.html index.html;
{% if nginx_use_auth %}auth_basic  "Restricted";auth_basic_user_file /etc/nginx/{{ project_name }}.htpasswd;
{% endif %}
{% if nginx_use_proxy %}
{% for proxy in nginx_proxies %}location {{ proxy.location }} {proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-Proto http;proxy_set_header X-Url-Scheme $scheme;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header Host $http_host;proxy_set_header X-NginX-Proxy true;proxy_redirect off;proxy_pass http://{{ proxy.name }};break;
}
{% endfor %}
{% endif %}
{% if nginx_server_static %}location / {try_files $url $url/ =404;
}
{% endif %}
}

ansible变量文件

cat vars/main.yml nginx_server_name: www.testnginx.com
nginx_web_root: /data/html/
nginx_proxies:
- name: suspiciouslocation: /port: 1234
- name: suspicious-apilocation: /apiport: 4567

ansible主playbook文件

#cat nginx_test.yml 
##The first roles
- name: Nginx Proxy Server's Config Dynamic Createhosts: "10.0.90.25:10.0.90.26"remote_user: rootvars:nginx_use_proxy: truenginx_ssl_cert_name: ifa.crtnginx_ssl_cert_key: ifa.keynginx_use_auth: trueproject_name: suspiciousnginx_server_static: truegather_facts: trueroles:-  role: nginx_conf##The second roles
- name: Nginx WebServer's Config Dynamic Createhosts: 10.0.90.27remote_user: rootvars:nginx_use_proxy: falsenginx_ssl_cert_name: ifa.crtnginx_ssl_cert_key: ifa.crtnginx_use_auth: falseproject_name: suspiciousnginx_server_static: falsegather_facts: falseroles:-  role: nginx_conf

测试并执行：

#ansible-playbook nginx_test.yml --syntax-check
playbook: nginx_test.yml执行：
# ansible-playbook nginx_test.yml

查看检测执行结果

到Nginx Proxy 服务器查看配置文件

#cat nginx.conf.template 
upstream suspicious#server 127.0.0.1:1234;server 10.0.90.26:1234;
}
upstream suspicious-api#server 127.0.0.1:4567;server 10.0.90.26:4567;
}
server {listen 80;servername www.testnginx.com;access_log off;error_log /etc/nginx/nginx_error.log;rewrite ^ https://$server_name$request_uri? permanent;
}
server {listen 443 ssl;server_name www.testnginx.com;ssl_certificate /etc/nginx/ssl/ifa.crt;ssl_certificate_key /etc/nginx/ssl/ifa.key;root /data/html/;index index.html index.html;auth_basic  "Restricted";auth_basic_user_file /etc/nginx/suspicious.htpasswd;location / {proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-Proto http;proxy_set_header X-Url-Scheme $scheme;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header Host $http_host;proxy_set_header X-NginX-Proxy true;proxy_redirect off;proxy_pass http://suspicious;break;
}location /api {proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Forwarded-Proto http;proxy_set_header X-Url-Scheme $scheme;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_set_header Host $http_host;proxy_set_header X-NginX-Proxy true;proxy_redirect off;proxy_pass http://suspicious-api;break;
}location / {try_files $url $url/ =404;
}
}

到Nginx Web 服务器上查看配置文件

#cat nginx.conf.template 
server {listen 80;servername www.testnginx.com;access_log off;error_log /etc/nginx/nginx_error.log;rewrite ^ https://$server_name$request_uri? permanent;
}
server {listen 443 ssl;server_name www.testnginx.com;ssl_certificate /etc/nginx/ssl/ifa.crt;ssl_certificate_key /etc/nginx/ssl/ifa.crt;root /data/html/;index index.html index.html;
}

剧本编写

安装apache

---
- hosts: webtasks:- name: 清理环境yum: name=httpd state=absent- name: 安装apacheyum: name=httpd state=present- name: cpoy apache.confcopy: src=/etc/httpd/conf/httpd.conf dest=/etc/httpd/conf/httpd.conf backup=yestags: apache.conf                #标签notify: restart apache           #httpd.conf发生改变时，通知给相应的handlers- name: 启动httpdservice: name=httpd state=started enabled=yeshandlers:                      #触发器- name: restart apache         #与notify值相同service: name=httpd state=restarted    #发生更改执行的语句

安装mysql

---
- hosts: ipremote_user: roottasks:- name: 安装mysql源shell: rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-11.noarch.rpm- name: 安装mysqlyum: name=mysql-server disablerepo=mysql80-community enablerepo=mysql57-community state=present

查看全文

http://www.lryc.cn/news/292362.html