The Ansible File module is a powerful feature for managing files and directories on remote hosts. It allows you to perform various operations, such as creating, deleting, and modifying files and directories.
This guide will provide a detailed overview of the Ansible file module, including its syntax and practical examples.
Table of Contents
When to Use Ansible File Module
The file module is ideal for managing the state of files and directories. Whether you need to ensure that a directory exists, remove a file, or set permissions, the File module provides a simple and efficient way to do so. It is especially useful in automation workflows where consistent file management is crucial.
Basic Syntax
The basic syntax for using the Ansible file module is straightforward. Here’s a general template that covers different common tasks you might perform with this module:
- name: Descriptive name of the task
file:
path: /path/to/file_or_directory
state: present/absent/directory/touch/link/hard
mode: '0644'
owner: username
group: groupname
src: /path/to/source
force: yes/noHere is a brief explanation:
- path: Specifies the path to the file or directory that you want to manage.
- state: This parameter defines the desired state of the file or directory.
- mode: This sets the permissions for the file or directory. The value should be specified in octal format (e.g., ‘0644’), which means read/write for the owner, and read-only for the group and others.
- owner: This sets the ownership of the file or directory to the specified user.
- group: This sets the group ownership of the file or directory to the specified group.
- force: This parameter, when set to yes, forces the creation of the link, even if the destination already exists. It is optional and primarily used with link and hard.
Creating a Directory
You can use the state: directory option to create a new directory if it does not exist.
---
- name: Create a new directory
hosts: all
tasks:
- name: Create /tmp/data directory
ansible.builtin.file:
path: /tmp/data
state: directoryThis playbook will create /tmp/data directory if it doesn’t already exist.
Creating a File
To create an empty file, use the state: touch option. This option ensures that the file exists and creates it if it does not.
---
- name: Create a new file
hosts: all
tasks:
- name: Create an empty file at /tmp/config.txt
ansible.builtin.file:
path: /tmp/config.txt
state: touchThis playbook will create an empty file at /tmp/config.txt.
Deleting a File
You can delete files or directories by setting the state to absent. This operation will remove the specified file or directory.
---
- name: Delete a file
hosts: all
tasks:
- name: Delete /tmp/config.txt if it exists
ansible.builtin.file:
path: /tmp/config.txt
state: absentThis playbook will delete /tmp/config.txt if it exists.
Changing File Permissions
The Ansible File module allows you to set file permissions using the mode parameter. The permissions should be specified numerically (e.g., 0755).
---
- name: Set file permissions
hosts: all
tasks:
- name: Set permissions for /var/www/info.php to 0755
ansible.builtin.file:
path: /var/www/info.php
mode: '0755'This playbook sets the permissions of /var/www/info.php to 0755.
Changing File Ownership
To change the ownership of a file or directory, use the owner and group parameters. These specify the user and group ownership, respectively.
---
- name: Change file ownership
hosts: all
tasks:
- name: Change ownership of /var/www/info.php to www-data user and group
ansible.builtin.file:
path: /var/www/info.php
owner: www-data
group: www-dataThis playbook changes the ownership of /var/www/info.php to www-data user and www-data group.
Creating a Symbolic Link
The state: link option allows you to create a symbolic link. You must also specify the src parameter, which points to the link’s target.
---
- name: Create a symbolic link
hosts: all
tasks:
- name: Create a symbolic link at /usr/bin/script pointing to /usr/local/bin/script
ansible.builtin.file:
src: /usr/bin/script
dest: /usr/local/bin/script
state: linkThis playbook creates a symbolic link at /usr/bin/script pointing to /usr/local/bin/script.
Real-World Use Case: Managing Backup Files on a Database Server
Imagine you are managing a database server where regular backups are taken and stored in a specific directory. You want to ensure that backup files are properly managed:
Scenario
- Ensure the backup directory exists with correct permissions.
- Delete backup files older than 7 days.
- Create a temporary lock file before starting the backup.
- Remove the lock file after the backup process.
- Only perform these actions if backup_enabled is true.
Here is the example playbook:
---
- name: Manage database backup files
hosts: dbservers
become: yes
vars:
backup_dir: /var/backups
backup_enabled: true
lock_file: /var/backups/backup.lock
tasks:
- name: Ensure backup directory exists
file:
path: "{{ backup_dir }}"
state: directory
mode: '0750'
owner: dbuser
group: dbgroup
when: backup_enabled
- name: Find and delete backup files older than 7 days
find:
paths: "{{ backup_dir }}"
age: 7d
recurse: yes
register: old_backups
when: backup_enabled
- name: Delete old backup files
file:
path: "{{ item.path }}"
state: absent
with_items: "{{ old_backups.files }}"
when: backup_enabled
- name: Create temporary lock file before backup
file:
path: "{{ lock_file }}"
state: touch
mode: '0644'
owner: dbuser
group: dbgroup
when: backup_enabled
- name: Perform database backup (simulated)
command: /usr/local/bin/backup_database.sh
when: backup_enabled
- name: Remove temporary lock file after backup
file:
path: "{{ lock_file }}"
state: absent
when: backup_enabledThe playbook manages database backups on a server by performing several conditional tasks. It first ensures that the backup directory exists with the correct permissions. If backups are enabled, it then identifies and deletes backup files older than 7 days to free up space using the find module. A temporary lock file is created before starting the backup process to signal that a backup is in progress, and then the actual backup is performed using a script. After the backup is complete, the lock file is removed. These tasks are only executed if backups are enabled
Conclusion
Ansible file module is a versatile tool for managing files, directories, and symbolic links on remote hosts. It allows you to create, delete, and set permissions easily. Using the file module helps ensure consistency and proper file structure across your systems. With its simple syntax and powerful features, it is essential for automating infrastructure tasks efficiently.
FAQs
1. Is it possible to recursively change permissions of directories using the file module?
Yes, by using recurse: yes, you can change the permissions of a directory and its subdirectories/files.
2. Can the file module create nested directories like mkdir -p?
Yes, the file module will create parent directories if they do not exist, similar to mkdir -p..
3. Can the file module manage file timestamps?
No, the file module doesn’t directly manage timestamps. For managing specific timestamps, consider using the command module.
4. How can I ensure a file is not writable using the file module?
Set the mode parameter to remove write permissions.
