| [defaults] |
| # some basic default values... |
| #inventory = /etc/ansible/hosts # 主机清单 |
| #library = /usr/share/my_modules/ # 库文件地址 |
| #module_utils = /usr/share/my_module_utils/ |
| #remote_tmp = ~/.ansible/tmp # 远程主机临时文件存放目录 |
| #local_tmp = ~/.ansible/tmp # 本地临时文件存放目录 |
| #plugin_filters_cfg = /etc/ansible/plugin_filters.yml |
| #forks = 5 # 并发数 |
| #poll_interval = 15 |
| #sudo_user = root |
| #ask_sudo_pass = True |
| #ask_pass = True |
| #transport = smart
|
| #remote_port = 22 |
| #module_lang = C |
| #module_set_locale = False |
| # plays will gather facts by default, which contain information about |
| # the remote system. |
| # |
| # smart - gather by default, but don't regather if already gathered |
| # implicit - gather by default, turn off with gather_facts: False |
| # explicit - do not gather by default, must say gather_facts: True |
| #gathering = implicit |
| # This only affects the gathering done by a play's gather_facts directive, |
| # by default gathering retrieves all facts subsets |
| # all - gather all subsets |
| # network - gather min and network facts |
| # hardware - gather hardware facts (longest facts to retrieve) |
| # virtual - gather min and virtual facts |
| # facter - import facts from facter |
| # ohai - import facts from ohai |
| # You can combine them using comma (ex: network,virtual) |
| # You can negate them using ! (ex: !hardware,!facter,!ohai) |
| # A minimal set of facts is always gathered. |
| #gather_subset = all |
| # some hardware related facts are collected |
| # with a maximum timeout of 10 seconds. This |
| # option lets you increase or decrease that |
| # timeout to something more suitable for the |
| # environment. |
| # gather_timeout = 10 |
| # Ansible facts are available inside the ansible_facts.* dictionary
|
| # namespace. This setting maintains the behaviour which was the default prior |
| # to 2.5, duplicating these variables into the main namespace, each with a |
| # prefix of 'ansible_'. |
| # This variable is set to True by default for backwards compatibility. It |
| # will be changed to a default of 'False' in a future release. |
| # ansible_facts. |
| # inject_facts_as_vars = True |
| # additional paths to search for roles in, colon separated |
| #roles_path = /etc/ansible/roles |
| # uncomment this to disable SSH key host checking |
| #host_key_checking = False |
| # change the default callback, you can only have one 'stdout' type enabled at a time. |
| #stdout_callback = skippy |
| ## Ansible ships with some plugins that require whitelisting, |
| ## this is done to avoid running all of a type by default. |
| ## These setting lists those that you want enabled for your system. |
| ## Custom plugins should not need this unless plugin author specifies it. |
| # enable callback plugins, they can output to stdout but cannot be 'stdout' type. |
| #callback_whitelist = timer, mail |
| # Determine whether includes in tasks and handlers are "static" by |
| # default. As of 2.0, includes are dynamic by default. Setting these |
| # values to True will make includes behave more like they did in the |
| # 1.x versions. |
| #task_includes_static = False |
| #handler_includes_static = False |
| # Controls if a missing handler for a notification event is an error or a warning |
| #error_on_missing_handler = True |
| # change this for alternative sudo implementations |
| #sudo_exe = sudo
|
| # What flags to pass to sudo |
| # WARNING: leaving out the defaults might create unexpected behaviours |
| #sudo_flags = -H -S -n |
| # SSH timeout |
| #timeout = 10 |
| # default user to use for playbooks if user is not specified |
| # (/usr/bin/ansible will use current user as default) |
| #remote_user = root |
| # logging is off by default unless this path is defined |
| # if so defined, consider logrotate |
| #log_path = /var/log/ansible.log |
| # default module name for /usr/bin/ansible |
| #module_name = command |
| # use this shell for commands executed under sudo |
| # you may need to change this to bin/bash in rare instances |
| # if sudo is constrained |
| #executable = /bin/sh |
| # if inventory variables overlap, does the higher precedence one win |
| # or are hash values merged together? The default is 'replace' but |
| # this can also be set to 'merge'. |
| #hash_behaviour = replace |
| # by default, variables from roles will be visible in the global variable |
| # scope. To prevent this, the following option can be enabled, and only |
| # tasks and handlers within the role will see the variables there |
| #private_role_vars = yes |
| # list any Jinja2 extensions to enable here: |
| #jinja2_extensions = jinja2.ext.do,jinja2.ext.i18n |
| # if set, always use this private key file for authentication, same as |
| # if passing --private-key to ansible or ansible-playbook |
| #private_key_file = /path/to/file
|
| # If set, configures the path to the Vault password file as an alternative to |
| # specifying --vault-password-file on the command line. |
| #vault_password_file = /path/to/vault_password_file |
| # format of string {{ ansible_managed }} available within Jinja2 |
| # templates indicates to users editing templates files will be replaced. |
| # replacing {file}, {host} and {uid} and strftime codes with proper values. |
| #ansible_managed = Ansible managed: {file} modified on %Y-%m-%d %H:%M:%S by {uid} on {host} |
| # {file}, {host}, {uid}, and the timestamp can all interfere with idempotence |
| # in some situations so the default is a static string: |
| #ansible_managed = Ansible managed |
| # by default, ansible-playbook will display "Skipping [host]" if it determines a task |
| # should not be run on a host. Set this to "False" if you don't want to see these "Skipping" |
| # messages. NOTE: the task header will still be shown regardless of whether or not the |
| # task is skipped. |
| #display_skipped_hosts = True |
| # by default, if a task in a playbook does not include a name: field then |
| # ansible-playbook will construct a header that includes the task's action but |
| # not the task's args. This is a security feature because ansible cannot know |
| # if the *module* considers an argument to be no_log at the time that the |
| # header is printed. If your environment doesn't have a problem securing |
| # stdout from ansible-playbook (or you have manually specified no_log in your |
| # playbook on all of the tasks where you have secret information) then you can |
| # safely set this to True to get more informative messages. |
| #display_args_to_stdout = False |
| # by default (as of 1.3), Ansible will raise errors when attempting to dereference |
| # Jinja2 variables that are not set in templates or action lines. Uncomment this line |
| # to revert the behavior to pre-1.3. |
| #error_on_undefined_vars = False
|
| # by default (as of 1.6), Ansible may display warnings based on the configuration of the |
| # system running ansible itself. This may include warnings about 3rd party packages or |
| # other conditions that should be resolved if possible. |
| # to disable these warnings, set the following value to False: |
| #system_warnings = True |
| # by default (as of 1.4), Ansible may display deprecation warnings for language |
| # features that should no longer be used and will be removed in future versions. |
| # to disable these warnings, set the following value to False: |
| #deprecation_warnings = True |
| # (as of 1.8), Ansible can optionally warn when usage of the shell and |
| # command module appear to be simplified by using a default Ansible module |
| # instead. These warnings can be silenced by adjusting the following |
| # setting or adding warn=yes or warn=no to the end of the command line |
| # parameter string. This will for example suggest using the git module |
| # instead of shelling out to the git command. |
| # command_warnings = False |
| # set plugin path directories here, separate with colons |
| #action_plugins = /usr/share/ansible/plugins/action |
| #become_plugins = /usr/share/ansible/plugins/become |
| #cache_plugins = /usr/share/ansible/plugins/cache |
| #callback_plugins = /usr/share/ansible/plugins/callback |
| #connection_plugins = /usr/share/ansible/plugins/connection |
| #lookup_plugins = /usr/share/ansible/plugins/lookup |
| #inventory_plugins = /usr/share/ansible/plugins/inventory |
| #vars_plugins = /usr/share/ansible/plugins/vars |
| #filter_plugins = /usr/share/ansible/plugins/filter |
| #test_plugins = /usr/share/ansible/plugins/test |
| #terminal_plugins = /usr/share/ansible/plugins/terminal
|
| #strategy_plugins = /usr/share/ansible/plugins/strategy |
| # by default, ansible will use the 'linear' strategy but you may want to try |
| # another one |
| #strategy = free |
| # by default callbacks are not loaded for /bin/ansible, enable this if you |
| # want, for example, a notification or logging callback to also apply to |
| # /bin/ansible runs |
| #bin_ansible_callbacks = False |
| # don't like cows? that's unfortunate. |
| # set to 1 if you don't want cowsay support or export ANSIBLE_NOCOWS=1 |
| #nocows = 1 |
| # set which cowsay stencil you'd like to use by default. When set to 'random', |
| # a random stencil will be selected for each task. The selection will be filtered |
| # against the `cow_whitelist` option below. |
| #cow_selection = default |
| #cow_selection = random |
| # when using the 'random' option for cowsay, stencils will be restricted to this list. |
| # it should be formatted as a comma-separated list with no spaces between names. |
| # NOTE: line continuations here are for formatting purposes only, as the INI parser |
| # in python does not support them. |
| #cow_whitelist=bud-frogs,bunny,cheese,daemon,default,dragon,elephant-in-snake,elephant,eyes,\ |
| # hellokitty,kitty,luke-koala,meow,milk,moofasa,moose,ren,sheep,small,stegosaurus,\ |
| # stimpy,supermilker,three-eyes,turkey,turtle,tux,udder,vader-koala,vader,www |
| # don't like colors either? |
| # set to 1 if you don't want colors, or export ANSIBLE_NOCOLOR=1 |
| #nocolor = 1 |
| # if set to a persistent type (not 'memory', for example 'redis') fact values |
| # from previous runs in Ansible will be stored. This may be useful when |
| # wanting to use, for example, IP information from one group of servers
|
| # without having to talk to them in the same playbook run to get their |
| # current IP information. |
| #fact_caching = memory |
| #This option tells Ansible where to cache facts. The value is plugin dependent. |
| #For the jsonfile plugin, it should be a path to a local directory. |
| #For the redis plugin, the value is a host:port:database triplet: fact_caching_connection = localhost:6379:0 |
| #fact_caching_connection=/tmp |
| # retry files |
| # When a playbook fails a .retry file can be created that will be placed in ~/ |
| # You can enable this feature by setting retry_files_enabled to True |
| # and you can change the location of the files by setting retry_files_save_path |
| #retry_files_enabled = False |
| #retry_files_save_path = ~/.ansible-retry |
| # squash actions |
| # Ansible can optimise actions that call modules with list parameters |
| # when looping. Instead of calling the module once per with_ item, the |
| # module is called once with all items at once. Currently this only works |
| # under limited circumstances, and only with parameters named 'name'. |
| #squash_actions = apk,apt,dnf,homebrew,pacman,pkgng,yum,zypper |
| # prevents logging of task data, off by default |
| #no_log = False |
| # prevents logging of tasks, but only on the targets, data is still logged on the master/controller |
| #no_target_syslog = False |
| # controls whether Ansible will raise an error or warning if a task has no |
| # choice but to create world readable temporary files to execute a module on |
| # the remote machine. This option is False by default for security. Users may |
| # turn this on to have behaviour more like Ansible prior to 2.1.x. See |
| # https://docs.ansible.com/ansible/become.html#becoming-an-unprivileged-user
|
| # for more secure ways to fix this than enabling this option. |
| #allow_world_readable_tmpfiles = False |
| # controls the compression level of variables sent to |
| # worker processes. At the default of 0, no compression |
| # is used. This value must be an integer from 0 to 9. |
| #var_compression_level = 9 |
| # controls what compression method is used for new-style ansible modules when |
| # they are sent to the remote system. The compression types depend on having |
| # support compiled into both the controller's python and the client's python. |
| # The names should match with the python Zipfile compression types: |
| # * ZIP_STORED (no compression. available everywhere) |
| # * ZIP_DEFLATED (uses zlib, the default) |
| # These values may be set per host via the ansible_module_compression inventory |
| # variable |
| #module_compression = 'ZIP_DEFLATED' |
| # This controls the cutoff point (in bytes) on --diff for files |
| # set to 0 for unlimited (RAM may suffer!). |
| #max_diff_size = 1048576 |
| # This controls how ansible handles multiple --tags and --skip-tags arguments |
| # on the CLI. If this is True then multiple arguments are merged together. If |
| # it is False, then the last specified argument is used and the others are ignored. |
| # This option will be removed in 2.8. |
| #merge_multiple_cli_flags = True |
| # Controls showing custom stats at the end, off by default |
| #show_custom_stats = True |
| # Controls which files to ignore when using a directory as inventory with |
| # possibly multiple sources (both static and dynamic) |
| #inventory_ignore_extensions = ~, .orig, .bak, .ini, .cfg, .retry, .pyc, .pyo |
| # This family of modules use an alternative execution path optimized for network appliances
|
| # only update this setting if you know how this works, otherwise it can break module execution |
| #network_group_modules=eos, nxos, ios, iosxr, junos, vyos |
| # When enabled, this option allows lookups (via variables like {{lookup('foo')}} or when used as |
| # a loop with `with_foo`) to return data that is not marked "unsafe". This means the data may contain |
| # jinja2 templating language which will be run through the templating engine. |
| # ENABLING THIS COULD BE A SECURITY RISK |
| #allow_unsafe_lookups = False |
| # set default errors for all plays |
| #any_errors_fatal = False |
