|
| 1 | +# config file for ansible -- http://ansible.com/ |
| 2 | +# ============================================== |
| 3 | + |
| 4 | +# nearly all parameters can be overridden in ansible-playbook |
| 5 | +# or with command line flags. ansible will read ANSIBLE_CONFIG, |
| 6 | +# ansible.cfg in the current working directory, .ansible.cfg in |
| 7 | +# the home directory or /etc/ansible/ansible.cfg, whichever it |
| 8 | +# finds first |
| 9 | + |
| 10 | +[defaults] |
| 11 | + |
| 12 | +# some basic default values... |
| 13 | + |
| 14 | +#inventory = /etc/ansible/hosts |
| 15 | +#inventory = ./hosts |
| 16 | +inventory = inventory/ |
| 17 | +#library = /usr/share/my_modules/ |
| 18 | +# library = ./roles |
| 19 | +remote_tmp = $HOME/.ansible/tmp |
| 20 | +pattern = * |
| 21 | +forks = 25 |
| 22 | +poll_interval = 15 |
| 23 | +sudo_user = root |
| 24 | +#ask_sudo_pass = True |
| 25 | +#ask_pass = True |
| 26 | +transport = smart |
| 27 | +#remote_port = 22 |
| 28 | +module_lang = C |
| 29 | + |
| 30 | + |
| 31 | +# plays will gather facts by default, which contain information about |
| 32 | +# the remote system. |
| 33 | +# |
| 34 | +# smart - gather by default, but don't regather if already gathered |
| 35 | +# implicit - gather by default, turn off with gather_facts: False |
| 36 | +# explicit - do not gather by default, must say gather_facts: True |
| 37 | +#gathering = implicit |
| 38 | + |
| 39 | +#caching config |
| 40 | +gathering = smart |
| 41 | +fact_caching = jsonfile |
| 42 | +fact_caching_connection = ./logs/factcache |
| 43 | +fact_caching_timeout = 86400 |
| 44 | +# seconds |
| 45 | + |
| 46 | +# additional paths to search for roles in, colon separated |
| 47 | +roles_path = ./roles:/etc/ansible/roles |
| 48 | + |
| 49 | +# uncomment this to disable SSH key host checking |
| 50 | +#host_key_checking = False |
| 51 | + |
| 52 | +# change this for alternative sudo implementations |
| 53 | +sudo_exe = sudo |
| 54 | + |
| 55 | +# what flags to pass to sudo |
| 56 | +#sudo_flags = -H |
| 57 | + |
| 58 | +# SSH timeout |
| 59 | +timeout = 10 |
| 60 | + |
| 61 | +# default user to use for playbooks if user is not specified |
| 62 | +# (/usr/bin/ansible will use current user as default) |
| 63 | +#remote_user = root |
| 64 | + |
| 65 | +# logging is off by default unless this path is defined |
| 66 | +# if so defined, consider logrotate |
| 67 | +#log_path = /var/log/ansible/main.log |
| 68 | +log_path = ./main.log |
| 69 | + |
| 70 | +# default module name for /usr/bin/ansible |
| 71 | +#module_name = command |
| 72 | + |
| 73 | +# use this shell for commands executed under sudo |
| 74 | +# you may need to change this to bin/bash in rare instances |
| 75 | +# if sudo is constrained |
| 76 | +#executable = /bin/sh |
| 77 | + |
| 78 | +# if inventory variables overlap, does the higher precedence one win |
| 79 | +# or are hash values merged together? The default is 'replace' but |
| 80 | +# this can also be set to 'merge'. |
| 81 | +#hash_behaviour = replace |
| 82 | + |
| 83 | +# list any Jinja2 extensions to enable here: |
| 84 | +#jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n |
| 85 | + |
| 86 | +# if set, always use this private key file for authentication, same as |
| 87 | +# if passing --private-key to ansible or ansible-playbook |
| 88 | +#private_key_file = /path/to/file |
| 89 | + |
| 90 | +# format of string {{ ansible_managed }} available within Jinja2 |
| 91 | +# templates indicates to users editing templates files will be replaced. |
| 92 | +# replacing {file}, {host} and {uid} and strftime codes with proper values. |
| 93 | +ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host} |
| 94 | + |
| 95 | +# by default, ansible-playbook will display "Skipping [host]" if it determines a task |
| 96 | +# should not be run on a host. Set this to "False" if you don't want to see these "Skipping" |
| 97 | +# messages. NOTE: the task header will still be shown regardless of whether or not the |
| 98 | +# task is skipped. |
| 99 | +#display_skipped_hosts = True |
| 100 | + |
| 101 | +# by default (as of 1.3), Ansible will raise errors when attempting to dereference |
| 102 | +# Jinja2 variables that are not set in templates or action lines. Uncomment this line |
| 103 | +# to revert the behavior to pre-1.3. |
| 104 | +#error_on_undefined_vars = False |
| 105 | + |
| 106 | +# by default (as of 1.6), Ansible may display warnings based on the configuration of the |
| 107 | +# system running ansible itself. This may include warnings about 3rd party packages or |
| 108 | +# other conditions that should be resolved if possible. |
| 109 | +# to disable these warnings, set the following value to False: |
| 110 | +#system_warnings = True |
| 111 | + |
| 112 | +# by default (as of 1.4), Ansible may display deprecation warnings for language |
| 113 | +# features that should no longer be used and will be removed in future versions. |
| 114 | +# to disable these warnings, set the following value to False: |
| 115 | +deprecation_warnings = False |
| 116 | + |
| 117 | +# (as of 1.8), Ansible can optionally warn when usage of the shell and |
| 118 | +# command module appear to be simplified by using a default Ansible module |
| 119 | +# instead. These warnings can be silenced by adjusting the following |
| 120 | +# setting or adding warn=yes or warn=no to the end of the command line |
| 121 | +# parameter string. This will for example suggest using the git module |
| 122 | +# instead of shelling out to the git command. |
| 123 | +# command_warnings = False |
| 124 | + |
| 125 | + |
| 126 | +# set plugin path directories here, separate with colons |
| 127 | +action_plugins = /usr/share/ansible_plugins/action_plugins |
| 128 | +callback_plugins = /usr/share/ansible_plugins/callback_plugins |
| 129 | +connection_plugins = /usr/share/ansible_plugins/connection_plugins |
| 130 | +lookup_plugins = /usr/share/ansible_plugins/lookup_plugins |
| 131 | +vars_plugins = /usr/share/ansible_plugins/vars_plugins |
| 132 | +filter_plugins = ./filter_plugins |
| 133 | + |
| 134 | +# by default callbacks are not loaded for /bin/ansible, enable this if you |
| 135 | +# want, for example, a notification or logging callback to also apply to |
| 136 | +# /bin/ansible runs |
| 137 | +#bin_ansible_callbacks = False |
| 138 | + |
| 139 | + |
| 140 | +# don't like cows? that's unfortunate. |
| 141 | +# set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1 |
| 142 | +nocows = 1 |
| 143 | + |
| 144 | +# don't like colors either? |
| 145 | +# set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1 |
| 146 | +#nocolor = 1 |
| 147 | + |
| 148 | +# the CA certificate path used for validating SSL certs. This path |
| 149 | +# should exist on the controlling node, not the target nodes |
| 150 | +# common locations: |
| 151 | +# RHEL/CentOS: /etc/pki/tls/certs/ca-bundle.crt |
| 152 | +# Fedora : /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem |
| 153 | +# Ubuntu : /usr/share/ca-certificates/cacert.org/cacert.org.crt |
| 154 | +#ca_file_path = |
| 155 | + |
| 156 | +# the http user-agent string to use when fetching urls. Some web server |
| 157 | +# operators block the default urllib user agent as it is frequently used |
| 158 | +# by malicious attacks/scripts, so we set it to something unique to |
| 159 | +# avoid issues. |
| 160 | +#http_user_agent = ansible-agent |
| 161 | + |
| 162 | +# if set to a persistent type (not 'memory', for example 'redis') fact values |
| 163 | +# from previous runs in Ansible will be stored. This may be useful when |
| 164 | +# wanting to use, for example, IP information from one group of servers |
| 165 | +# without having to talk to them in the same playbook run to get their |
| 166 | +# current IP information. |
| 167 | +# fact_caching = memory |
| 168 | + |
| 169 | + |
| 170 | +# retry files |
| 171 | +#retry_files_enabled = False |
| 172 | +retry_files_save_path = ~/.ansible-retry |
| 173 | + |
| 174 | +# Auto accept new hostkeys |
| 175 | +#host_key_checking = False |
| 176 | + |
| 177 | + |
| 178 | +[privilege_escalation] |
| 179 | +#become=True |
| 180 | +become_method='sudo' |
| 181 | +become_user='root' |
| 182 | +#become_ask_pass=False |
| 183 | + |
| 184 | +[paramiko_connection] |
| 185 | + |
| 186 | +# uncomment this line to cause the paramiko connection plugin to not record new host |
| 187 | +# keys encountered. Increases performance on new host additions. Setting works independently of the |
| 188 | +# host key checking setting above. |
| 189 | +#record_host_keys=False |
| 190 | + |
| 191 | +# by default, Ansible requests a pseudo-terminal for commands executed under sudo. Uncomment this |
| 192 | +# line to disable this behaviour. |
| 193 | +#pty=False |
| 194 | + |
| 195 | +[ssh_connection] |
| 196 | + |
| 197 | +# ssh arguments to use |
| 198 | +# Leaving off ControlPersist will result in poor performance, so use |
| 199 | +# paramiko on older platforms rather than removing it |
| 200 | +#ssh_args = -o ControlMaster=auto -o ControlPersist=60s |
| 201 | + |
| 202 | +# The path to use for the ControlPath sockets. This defaults to |
| 203 | +# "%(directory)s/ansible-ssh-%%h-%%p-%%r", however on some systems with |
| 204 | +# very long hostnames or very long path names (caused by long user names or |
| 205 | +# deeply nested home directories) this can exceed the character limit on |
| 206 | +# file socket names (108 characters for most platforms). In that case, you |
| 207 | +# may wish to shorten the string below. |
| 208 | +# |
| 209 | +# Example: |
| 210 | +# control_path = %(directory)s/%%h-%%r |
| 211 | +#control_path = %(directory)s/ansible-ssh-%%h-%%p-%%r |
| 212 | + |
| 213 | +# Enabling pipelining reduces the number of SSH operations required to |
| 214 | +# execute a module on the remote server. This can result in a significant |
| 215 | +# performance improvement when enabled, however when using "sudo:" you must |
| 216 | +# first disable 'requiretty' in /etc/sudoers |
| 217 | +# |
| 218 | +# By default, this option is disabled to preserve compatibility with |
| 219 | +# sudoers configurations that have requiretty (the default on many distros). |
| 220 | +# |
| 221 | +pipelining = True |
| 222 | + |
| 223 | +# if True, make ansible use scp if the connection type is ssh |
| 224 | +# (default is sftp) |
| 225 | +#scp_if_ssh = True |
| 226 | + |
| 227 | + |
| 228 | +# Adding PreferredAuthentications=publickey to the ssh_args line |
| 229 | +ssh_args = -o ControlMaster=auto -o ControlPersist=18000 -o PreferredAuthentications=publickey |
| 230 | + |
| 231 | + |
| 232 | +[accelerate] |
| 233 | +accelerate_port = 5099 |
| 234 | +accelerate_timeout = 30 |
| 235 | +accelerate_connect_timeout = 5.0 |
| 236 | + |
| 237 | +# The daemon timeout is measured in minutes. This time is measured |
| 238 | +# from the last activity to the accelerate daemon. |
| 239 | +accelerate_daemon_timeout = 30 |
| 240 | + |
| 241 | +# If set to yes, accelerate_multi_key will allow multiple |
| 242 | +# private keys to be uploaded to it, though each user must |
| 243 | +# have access to the system via SSH to add a new key. The default |
| 244 | +# is "no". |
| 245 | +#accelerate_multi_key = yes |
| 246 | + |
| 247 | +[selinux] |
| 248 | +# file systems that require special treatment when dealing with security context |
| 249 | +# the default behaviour that copies the existing context or uses the user default |
| 250 | +# needs to be changed to use the file system dependant context. |
| 251 | +#special_context_filesystems=nfs,vboxsf,fuse |
0 commit comments