-
Notifications
You must be signed in to change notification settings - Fork 2
/
ansible.cfg
237 lines (171 loc) · 6.82 KB
/
ansible.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
# Configuration file for Ansible
# Documentation: http://docs.ansible.com/ansible/intro_configuration.html
[defaults]
########################################
# Display settings
########################################
# Output display
force_color = 1
nocows = 0
display_failed_stderr = True
display_ok_hosts = False
display_skipped_hosts = False
show_custom_stats = False
stdout_callback = unixy
# if set to a persistent type (not 'memory', for example 'redis') fact values
# from previous runs in Ansible will be stored. This may be useful when
# wanting to use, for example, IP information from one group of servers
# without having to talk to them in the same playbook run to get their
# current IP information.
fact_caching = yaml
fact_caching_timeout = 86400
#This option tells Ansible where to cache facts. The value is plugin dependent.
#For the jsonfile plugin, it should be a path to a local directory.
#For the redis plugin, the value is a host:port:database triplet: fact_caching_connection = localhost:6379:0
fact_caching_connection=/tmp
# Note: http://docs.ansible.com/ansible/intro_configuration.html#ansible-managed
#ansible_managed = Ansible managed
#ansible_managed = Ansible managed
ansible_managed = Ansible managed - {file} on {host}
# Warn when ansible think it is better to use module.
# Note: http://docs.ansible.com/ansible/intro_configuration.html#id88
command_warnings = False
# Enable this to debug tasks calls
display_args_to_stdout = False
########################################
# Playbook settings
########################################
# Default strategy
# strategy = free
strategy = linear
# Make some actions faster with loops
#squash_actions = apk,apt,dnf,homebrew,package,pacman,pkgng,yum,zypper
# Set it to replace or merge
hash_behaviour = replace
#hash_behaviour = merge, but prefer use combine filter
# Polling
poll_interval = 2
internal_poll_interval=0.01
# Number of hosts processed in parallel
forks = 20
# This shouldn't be touched, but could be useful
error_on_undefined_vars = True
force_handlers = False
########################################
# Behaviour settings
########################################
# Make role variables private
retry_files_enabled = True
# Fact options
# plays will gather facts by default, which contain information about
# the remote system.
#
# smart - gather by default, but don't regather if already gathered
# implicit - gather by default, turn off with gather_facts: False
# explicit - do not gather by default, must say gather_facts: True
gathering = smart
# This only affects the gathering done by a play's gather_facts directive,
# by default gathering retrieves all facts subsets
# all - gather all subsets
# network - gather min and network facts
# hardware - gather hardware facts (longest facts to retrieve)
# virtual - gather min and virtual facts
# facter - import facts from facter
# ohai - import facts from ohai
# You can combine them using comma (ex: network,virtual)
# You can negate them using ! (ex: !hardware,!facter,!ohai)
# A minimal set of facts is always gathered.
gather_subset = !all,!ohai,!facter,hardware,virtual,network
# Ansible facts are available inside the ansible_facts.* dictionary
# namespace. This setting maintains the behaviour which was the default prior
# to 2.5, duplicating these variables into the main namespace, each with a
# prefix of 'ansible_'.
# This variable is set to True by default for backwards compatibility. It
# will be changed to a default of 'False' in a future release.
# ansible_facts.
inject_facts_as_vars = True
# Enable or disable logs :
# Note put to false in prod
no_log = True
# TODO Deprecated option
no_target_syslog = True
########################################
# Common destinations
########################################
inventory = inventory/default.ini
roles_path = roles/local:roles/profiles:roles/vendors
retry_files_save_path = tmp/retry/
log_path = tmp/ansible.log
#vault_password_file = vault/vault-password-file:config/vault_password:~/.ansible/default.vault
########################################
# Plugins paths
########################################
action_plugins = plugins/action:~/.ansible/plugins/action_plugins/:/usr/share/ansible_plugins/action_plugins
callback_plugins = plugins/callback:~/.ansible/plugins/callback_plugins/:/usr/share/ansible_plugins/callback_plugins
connection_plugins = plugins/connection:~/.ansible/plugins/connection_plugins/:/usr/share/ansible_plugins/connection_plugins
filter_plugins = plugins/filter:~/.ansible/plugins/filter_plugins/:/usr/share/ansible_plugins/filter_plugins
lookup_plugins = plugins/lookup:~/.ansible/plugins/lookup_plugins/:/usr/share/ansible_plugins/lookup_plugins
vars_plugins = plugins/vars:~/.ansible/plugins/vars_plugins/:/usr/share/ansible_plugins/vars_plugins
strategy_plugins = plugins/strategy:~/.ansible/plugins/strategy_plugins/:/usr/share/ansible_plugins/strategy_plugins
library = plugins/modules:/usr/share/ansible
########################################
# Escalation settings
########################################
# Escalation
#become = False
#become_method = su
## su, pbrun, pfexec, doas, ksu
#become_user = root
become_ask_pass = True
#become_allow_same_user = False
# Sudo settings
#sudo_exe = sudo
#sudo_flags=-H -S -n
#sudo_user = root
########################################
# SSH settings
########################################
#private_key_file = ...
host_key_checking = True
remote_port = 22
remote_user = root
timeout = 60
transport = ssh
#transport = jail,ssh,local,chroot,paramiko,...
[inventory]
cache = no
enable_plugins = host_list, advanced_host_list, script, yaml, gcp_compute, ini, auto
#enable_plugins = ini,yaml
[ssh_connection]
# Note: http://docs.ansible.com/ansible/intro_configuration.html#ssh-args
ssh_args = -v -F config/ssh_config -o ControlMaster=auto -o ControlPersist=300s -o PreferredAuthentications=publickey,password
retries = 600
# Note: when using "sudo:" operations you must first disable ‘requiretty’ in /etc/sudoers on all managed hosts
pipelining = True
# Take the second one if errors if filename lenght
control_path = tmp/%%h-%%p-%%r
#control_path = config/tmp/ssh/%%h-%%r
# Enable only on old systems
# Note: http://docs.ansible.com/ansible/playbooks_acceleration.html
scp_if_ssh = False
#[paramiko_connection]
#record_host_keys = True
#proxy_command = ssh -W "%h:%p" bastion
########################################
# Various
########################################
[selinux]
show_custom_stats = True
########################################
# Color settings: TODO DEPRECATEDS ?
########################################
[colors]
#verbose = blue
#warn = bright purple
#error = red
#debug = dark gray
#deprecate = purple
#skip = cyan
#unreachable = red
#ok = green
#changed = yellow