2014-01-04 19:31:44 +01:00
# (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
2012-02-29 01:08:09 +01:00
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
2015-05-04 04:47:26 +02:00
# Make coding more python3-ish
2015-10-20 03:36:19 +02:00
from __future__ import ( absolute_import , division , print_function )
2015-05-04 04:47:26 +02:00
__metaclass__ = type
2012-03-05 22:06:02 +01:00
import os
2016-04-06 08:48:37 +02:00
import tempfile
2015-07-06 23:12:10 +02:00
from string import ascii_letters , digits
2015-05-04 04:47:26 +02:00
2015-10-16 02:55:23 +02:00
from ansible . compat . six import string_types
from ansible . compat . six . moves import configparser
2015-07-04 16:23:30 +02:00
from ansible . errors import AnsibleOptionsError
2016-09-19 20:37:57 +02:00
from ansible . module_utils . _text import to_text
from ansible . parsing . quoting import unquote
2016-08-05 01:35:36 +02:00
from ansible . utils . path import makedirs_safe
2015-07-04 16:23:30 +02:00
2016-08-04 17:32:26 +02:00
BOOL_TRUE = frozenset ( [ " true " , " t " , " y " , " 1 " , " yes " , " on " ] )
2013-07-03 22:47:20 +02:00
def mk_boolean ( value ) :
2016-11-22 21:50:24 +01:00
ret = value
if not isinstance ( value , bool ) :
if value is None :
ret = False
ret = ( str ( value ) . lower ( ) in BOOL_TRUE )
return ret
2013-07-03 22:47:20 +02:00
2016-06-03 15:46:51 +02:00
def shell_expand ( path , expand_relative_paths = False ) :
2015-09-01 20:47:07 +02:00
'''
shell_expand is needed as os . path . expanduser does not work
when path is None , which is the default for ANSIBLE_PRIVATE_KEY_FILE
'''
if path :
path = os . path . expanduser ( os . path . expandvars ( path ) )
2016-06-03 15:46:51 +02:00
if expand_relative_paths and not path . startswith ( ' / ' ) :
# paths are always 'relative' to the config?
if ' CONFIG_FILE ' in globals ( ) :
CFGDIR = os . path . dirname ( CONFIG_FILE )
path = os . path . join ( CFGDIR , path )
path = os . path . abspath ( path )
2015-09-01 20:47:07 +02:00
return path
2016-10-06 19:27:03 +02:00
def get_config ( p , section , key , env_var , default , value_type = None , expand_relative_paths = False ) :
2016-12-05 22:02:54 +01:00
''' return a configuration variable with casting
: arg p : A ConfigParser object to look for the configuration in
: arg section : A section of the ini config that should be examined for this section .
: arg key : The config key to get this config from
: arg env_var : An Environment variable to check for the config var . If
this is set to None then no environment variable will be used .
: arg default : A default value to assign to the config var if nothing else sets it .
: kwarg value_type : The type of the value . This can be any of the following strings :
: boolean : sets the value to a True or False value
: integer : Sets the value to an integer or raises a ValueType error
: float : Sets the value to a float or raises a ValueType error
: list : Treats the value as a comma separated list . Split the value
and return it as a python list .
: none : Sets the value to None
: path : Expands any environment variables and tilde ' s in the value.
: tmp_path : Create a unique temporary directory inside of the dirctory
specified by value and return its path .
: pathlist : Treat the value as a typical PATH string . ( On POSIX , this
means colon separated strings . ) Split the value and then expand
each part for environment variables and tildes .
: kwarg expand_relative_paths : for pathlist and path types , if this is set
to True then also change any relative paths into absolute paths . The
default is False .
'''
2013-07-03 22:47:20 +02:00
value = _get_config ( p , section , key , env_var , default )
2016-10-06 19:27:03 +02:00
if value_type == ' boolean ' :
2015-05-04 04:47:26 +02:00
value = mk_boolean ( value )
2016-10-06 19:27:03 +02:00
elif value :
if value_type == ' integer ' :
2015-05-04 04:47:26 +02:00
value = int ( value )
2016-10-06 19:27:03 +02:00
elif value_type == ' float ' :
2015-05-04 04:47:26 +02:00
value = float ( value )
2016-10-06 19:27:03 +02:00
elif value_type == ' list ' :
2015-07-06 23:12:10 +02:00
if isinstance ( value , string_types ) :
2015-05-04 04:47:26 +02:00
value = [ x . strip ( ) for x in value . split ( ' , ' ) ]
2016-10-06 19:27:03 +02:00
elif value_type == ' none ' :
2015-05-08 16:12:36 +02:00
if value == " None " :
value = None
2016-10-06 19:27:03 +02:00
elif value_type == ' path ' :
2016-12-05 22:02:54 +01:00
value = shell_expand ( value , expand_relative_paths = expand_relative_paths )
2016-10-06 19:27:03 +02:00
elif value_type == ' tmppath ' :
2016-04-06 08:48:37 +02:00
value = shell_expand ( value )
if not os . path . exists ( value ) :
2016-08-05 01:35:36 +02:00
makedirs_safe ( value , 0o700 )
2016-07-06 19:02:20 +02:00
prefix = ' ansible-local- %s ' % os . getpid ( )
value = tempfile . mkdtemp ( prefix = prefix , dir = value )
2016-10-06 19:27:03 +02:00
elif value_type == ' pathlist ' :
2016-03-30 16:16:09 +02:00
if isinstance ( value , string_types ) :
2016-06-03 15:46:51 +02:00
value = [ shell_expand ( x , expand_relative_paths = expand_relative_paths ) \
for x in value . split ( os . pathsep ) ]
2016-10-06 19:27:03 +02:00
2015-09-01 20:48:59 +02:00
elif isinstance ( value , string_types ) :
value = unquote ( value )
2016-10-06 19:27:03 +02:00
return to_text ( value , errors = ' surrogate_or_strict ' , nonstring = ' passthru ' )
2013-07-03 22:47:20 +02:00
2013-12-12 17:48:02 +01:00
def _get_config ( p , section , key , env_var , default ) :
2013-07-03 22:47:20 +02:00
''' helper function for get_config '''
2012-10-17 00:40:01 +02:00
if env_var is not None :
2012-10-18 04:34:59 +02:00
value = os . environ . get ( env_var , None )
if value is not None :
return value
2012-08-14 01:17:14 +02:00
if p is not None :
try :
2016-10-02 23:55:55 +02:00
# TODO: Once we branch Ansible-2.2, change to the following in devel
#return to_text(p.get(section, key, raw=True), errors='surrogate_or_strict')
2013-09-18 21:03:40 +02:00
return p . get ( section , key , raw = True )
2012-08-14 01:17:14 +02:00
except :
return default
2012-10-19 02:27:39 +02:00
return default
2012-04-14 01:06:11 +02:00
2016-10-06 19:27:03 +02:00
2012-08-14 01:17:14 +02:00
def load_config_file ( ) :
2014-02-14 21:34:58 +01:00
''' Load Config File order(first found is used): ENV, CWD, HOME, /etc/ansible '''
2015-05-04 04:47:26 +02:00
p = configparser . ConfigParser ( )
2014-02-14 21:34:58 +01:00
path0 = os . getenv ( " ANSIBLE_CONFIG " , None )
if path0 is not None :
path0 = os . path . expanduser ( path0 )
2015-07-30 04:28:30 +02:00
if os . path . isdir ( path0 ) :
path0 + = " /ansible.cfg "
2016-09-06 04:46:47 +02:00
try :
path1 = os . getcwd ( ) + " /ansible.cfg "
except OSError :
path1 = None
2014-02-14 21:34:58 +01:00
path2 = os . path . expanduser ( " ~/.ansible.cfg " )
2012-09-10 16:57:32 +02:00
path3 = " /etc/ansible/ansible.cfg "
2014-02-14 21:34:58 +01:00
for path in [ path0 , path1 , path2 , path3 ] :
if path is not None and os . path . exists ( path ) :
2014-08-29 16:43:30 +02:00
try :
p . read ( path )
2015-05-04 04:47:26 +02:00
except configparser . Error as e :
2015-07-04 16:23:30 +02:00
raise AnsibleOptionsError ( " Error reading config file: \n {0} " . format ( e ) )
return p , path
2015-07-05 18:50:36 +02:00
return None , ' '
2012-08-14 01:17:14 +02:00
2016-10-06 19:27:03 +02:00
2015-07-04 16:23:30 +02:00
p , CONFIG_FILE = load_config_file ( )
2012-08-14 01:17:14 +02:00
2013-10-31 18:05:52 +01:00
# check all of these extensions when looking for yaml files for things like
2014-03-07 03:47:49 +01:00
# group variables -- really anything we can load
YAML_FILENAME_EXTENSIONS = [ " " , " .yml " , " .yaml " , " .json " ]
2013-10-31 18:05:52 +01:00
2015-10-15 16:32:55 +02:00
# the default whitelist for cow stencils
DEFAULT_COW_WHITELIST = [ ' bud-frogs ' , ' bunny ' , ' cheese ' , ' daemon ' , ' default ' , ' dragon ' , ' elephant-in-snake ' , ' elephant ' ,
' eyes ' , ' hellokitty ' , ' kitty ' , ' luke-koala ' , ' meow ' , ' milk ' , ' moofasa ' , ' moose ' , ' ren ' , ' sheep ' ,
' small ' , ' stegosaurus ' , ' stimpy ' , ' supermilker ' , ' three-eyes ' , ' turkey ' , ' turtle ' , ' tux ' , ' udder ' ,
' vader-koala ' , ' vader ' , ' www ' , ]
2012-08-14 01:17:14 +02:00
# sections in config file
DEFAULTS = ' defaults '
2015-12-09 17:28:54 +01:00
# FIXME: add deprecation warning when these get set
2016-10-06 21:30:20 +02:00
#### DEPRECATED VARS ####
2015-12-09 17:28:54 +01:00
# use more sanely named 'inventory'
2016-10-06 19:27:03 +02:00
DEPRECATED_HOST_LIST = get_config ( p , DEFAULTS , ' hostfile ' , ' ANSIBLE_HOSTS ' , ' /etc/ansible/hosts ' , value_type = ' path ' )
2015-12-09 17:28:54 +01:00
# this is not used since 0.5 but people might still have in config
DEFAULT_PATTERN = get_config ( p , DEFAULTS , ' pattern ' , None , None )
2016-09-29 23:14:02 +02:00
# If --tags or --skip-tags is given multiple times on the CLI and this is
# True, merge the lists of tags together. If False, let the last argument
# overwrite any previous ones. Behaviour is overwrite through 2.2. 2.3
# overwrites but prints deprecation. 2.4 the default is to merge.
2016-10-06 19:27:03 +02:00
MERGE_MULTIPLE_CLI_TAGS = get_config ( p , DEFAULTS , ' merge_multiple_cli_tags ' , ' ANSIBLE_MERGE_MULTIPLE_CLI_TAGS ' , False , value_type = ' boolean ' )
2015-08-18 09:27:39 +02:00
2015-12-09 17:28:54 +01:00
#### GENERALLY CONFIGURABLE THINGS ####
2016-10-06 19:27:03 +02:00
DEFAULT_DEBUG = get_config ( p , DEFAULTS , ' debug ' , ' ANSIBLE_DEBUG ' , False , value_type = ' boolean ' )
DEFAULT_HOST_LIST = get_config ( p , DEFAULTS , ' inventory ' , ' ANSIBLE_INVENTORY ' , DEPRECATED_HOST_LIST , value_type = ' path ' )
DEFAULT_MODULE_PATH = get_config ( p , DEFAULTS , ' library ' , ' ANSIBLE_LIBRARY ' , None , value_type = ' pathlist ' )
DEFAULT_ROLES_PATH = get_config ( p , DEFAULTS , ' roles_path ' , ' ANSIBLE_ROLES_PATH ' , ' /etc/ansible/roles ' , value_type = ' pathlist ' , expand_relative_paths = True )
2016-11-21 16:31:50 +01:00
DEFAULT_REMOTE_TMP = get_config ( p , DEFAULTS , ' remote_tmp ' , ' ANSIBLE_REMOTE_TEMP ' , ' ~/.ansible/tmp ' )
DEFAULT_LOCAL_TMP = get_config ( p , DEFAULTS , ' local_tmp ' , ' ANSIBLE_LOCAL_TEMP ' , ' ~/.ansible/tmp ' , value_type = ' tmppath ' )
2012-08-14 01:17:14 +02:00
DEFAULT_MODULE_NAME = get_config ( p , DEFAULTS , ' module_name ' , None , ' command ' )
2016-10-06 19:27:03 +02:00
DEFAULT_FORKS = get_config ( p , DEFAULTS , ' forks ' , ' ANSIBLE_FORKS ' , 5 , value_type = ' integer ' )
2012-08-14 01:17:14 +02:00
DEFAULT_MODULE_ARGS = get_config ( p , DEFAULTS , ' module_args ' , ' ANSIBLE_MODULE_ARGS ' , ' ' )
2015-12-02 17:55:10 +01:00
DEFAULT_MODULE_LANG = get_config ( p , DEFAULTS , ' module_lang ' , ' ANSIBLE_MODULE_LANG ' , os . getenv ( ' LANG ' , ' en_US.UTF-8 ' ) )
2016-10-06 19:27:03 +02:00
DEFAULT_MODULE_SET_LOCALE = get_config ( p , DEFAULTS , ' module_set_locale ' , ' ANSIBLE_MODULE_SET_LOCALE ' , False , value_type = ' boolean ' )
2016-04-05 20:06:17 +02:00
DEFAULT_MODULE_COMPRESSION = get_config ( p , DEFAULTS , ' module_compression ' , None , ' ZIP_DEFLATED ' )
2016-10-06 19:27:03 +02:00
DEFAULT_TIMEOUT = get_config ( p , DEFAULTS , ' timeout ' , ' ANSIBLE_TIMEOUT ' , 10 , value_type = ' integer ' )
DEFAULT_POLL_INTERVAL = get_config ( p , DEFAULTS , ' poll_interval ' , ' ANSIBLE_POLL_INTERVAL ' , 15 , value_type = ' integer ' )
2015-10-24 05:15:45 +02:00
DEFAULT_REMOTE_USER = get_config ( p , DEFAULTS , ' remote_user ' , ' ANSIBLE_REMOTE_USER ' , None )
2016-10-06 19:27:03 +02:00
DEFAULT_ASK_PASS = get_config ( p , DEFAULTS , ' ask_pass ' , ' ANSIBLE_ASK_PASS ' , False , value_type = ' boolean ' )
DEFAULT_PRIVATE_KEY_FILE = get_config ( p , DEFAULTS , ' private_key_file ' , ' ANSIBLE_PRIVATE_KEY_FILE ' , None , value_type = ' path ' )
DEFAULT_REMOTE_PORT = get_config ( p , DEFAULTS , ' remote_port ' , ' ANSIBLE_REMOTE_PORT ' , None , value_type = ' integer ' )
DEFAULT_ASK_VAULT_PASS = get_config ( p , DEFAULTS , ' ask_vault_pass ' , ' ANSIBLE_ASK_VAULT_PASS ' , False , value_type = ' boolean ' )
DEFAULT_VAULT_PASSWORD_FILE = get_config ( p , DEFAULTS , ' vault_password_file ' , ' ANSIBLE_VAULT_PASSWORD_FILE ' , None , value_type = ' path ' )
2013-07-04 22:47:17 +02:00
DEFAULT_TRANSPORT = get_config ( p , DEFAULTS , ' transport ' , ' ANSIBLE_TRANSPORT ' , ' smart ' )
2016-09-29 23:44:54 +02:00
DEFAULT_SCP_IF_SSH = get_config ( p , ' ssh_connection ' , ' scp_if_ssh ' , ' ANSIBLE_SCP_IF_SSH ' , ' smart ' )
2016-10-06 19:27:03 +02:00
DEFAULT_SFTP_BATCH_MODE = get_config ( p , ' ssh_connection ' , ' sftp_batch_mode ' , ' ANSIBLE_SFTP_BATCH_MODE ' , True , value_type = ' boolean ' )
2016-10-18 22:16:27 +02:00
DEFAULT_MANAGED_STR = get_config ( p , DEFAULTS , ' ansible_managed ' , None , ' Ansible managed ' )
2012-11-10 07:13:00 +01:00
DEFAULT_SYSLOG_FACILITY = get_config ( p , DEFAULTS , ' syslog_facility ' , ' ANSIBLE_SYSLOG_FACILITY ' , ' LOG_USER ' )
2016-10-06 19:27:03 +02:00
DEFAULT_KEEP_REMOTE_FILES = get_config ( p , DEFAULTS , ' keep_remote_files ' , ' ANSIBLE_KEEP_REMOTE_FILES ' , False , value_type = ' boolean ' )
2013-01-23 21:39:34 +01:00
DEFAULT_HASH_BEHAVIOUR = get_config ( p , DEFAULTS , ' hash_behaviour ' , ' ANSIBLE_HASH_BEHAVIOUR ' , ' replace ' )
2016-10-06 19:27:03 +02:00
DEFAULT_PRIVATE_ROLE_VARS = get_config ( p , DEFAULTS , ' private_role_vars ' , ' ANSIBLE_PRIVATE_ROLE_VARS ' , False , value_type = ' boolean ' )
2013-02-13 17:33:43 +01:00
DEFAULT_JINJA2_EXTENSIONS = get_config ( p , DEFAULTS , ' jinja2_extensions ' , ' ANSIBLE_JINJA2_EXTENSIONS ' , None )
2013-04-04 05:10:30 +02:00
DEFAULT_EXECUTABLE = get_config ( p , DEFAULTS , ' executable ' , ' ANSIBLE_EXECUTABLE ' , ' /bin/sh ' )
2014-06-24 16:56:33 +02:00
DEFAULT_GATHERING = get_config ( p , DEFAULTS , ' gathering ' , ' ANSIBLE_GATHERING ' , ' implicit ' ) . lower ( )
2016-03-12 10:22:49 +01:00
DEFAULT_GATHER_SUBSET = get_config ( p , DEFAULTS , ' gather_subset ' , ' ANSIBLE_GATHER_SUBSET ' , ' all ' ) . lower ( )
2016-10-06 19:27:03 +02:00
DEFAULT_GATHER_TIMEOUT = get_config ( p , DEFAULTS , ' gather_timeout ' , ' ANSIBLE_GATHER_TIMEOUT ' , 10 , value_type = ' integer ' )
DEFAULT_LOG_PATH = get_config ( p , DEFAULTS , ' log_path ' , ' ANSIBLE_LOG_PATH ' , ' ' , value_type = ' path ' )
DEFAULT_FORCE_HANDLERS = get_config ( p , DEFAULTS , ' force_handlers ' , ' ANSIBLE_FORCE_HANDLERS ' , False , value_type = ' boolean ' )
DEFAULT_INVENTORY_IGNORE = get_config ( p , DEFAULTS , ' inventory_ignore_extensions ' , ' ANSIBLE_INVENTORY_IGNORE ' , [ " ~ " , " .orig " , " .bak " , " .ini " , " .cfg " , " .retry " , " .pyc " , " .pyo " ] , value_type = ' list ' )
DEFAULT_VAR_COMPRESSION_LEVEL = get_config ( p , DEFAULTS , ' var_compression_level ' , ' ANSIBLE_VAR_COMPRESSION_LEVEL ' , 0 , value_type = ' integer ' )
DEFAULT_INTERNAL_POLL_INTERVAL = get_config ( p , DEFAULTS , ' internal_poll_interval ' , None , 0.001 , value_type = ' float ' )
2016-10-04 21:41:27 +02:00
ERROR_ON_MISSING_HANDLER = get_config ( p , DEFAULTS , ' error_on_missing_handler ' , ' ANSIBLE_ERROR_ON_MISSING_HANDLER ' , True , value_type = ' boolean ' )
2015-05-14 16:50:22 +02:00
2016-01-25 19:04:52 +01:00
# static includes
2016-10-06 19:27:03 +02:00
DEFAULT_TASK_INCLUDES_STATIC = get_config ( p , DEFAULTS , ' task_includes_static ' , ' ANSIBLE_TASK_INCLUDES_STATIC ' , False , value_type = ' boolean ' )
DEFAULT_HANDLER_INCLUDES_STATIC = get_config ( p , DEFAULTS , ' handler_includes_static ' , ' ANSIBLE_HANDLER_INCLUDES_STATIC ' , False , value_type = ' boolean ' )
2016-01-25 19:04:52 +01:00
2015-09-26 05:57:03 +02:00
# disclosure
2016-10-06 19:27:03 +02:00
DEFAULT_NO_LOG = get_config ( p , DEFAULTS , ' no_log ' , ' ANSIBLE_NO_LOG ' , False , value_type = ' boolean ' )
DEFAULT_NO_TARGET_SYSLOG = get_config ( p , DEFAULTS , ' no_target_syslog ' , ' ANSIBLE_NO_TARGET_SYSLOG ' , False , value_type = ' boolean ' )
ALLOW_WORLD_READABLE_TMPFILES = get_config ( p , DEFAULTS , ' allow_world_readable_tmpfiles ' , None , False , value_type = ' boolean ' )
2015-09-26 05:57:03 +02:00
2015-05-14 16:50:22 +02:00
# selinux
2016-10-06 19:27:03 +02:00
DEFAULT_SELINUX_SPECIAL_FS = get_config ( p , ' selinux ' , ' special_context_filesystems ' , None , ' fuse, nfs, vboxsf, ramfs ' , value_type = ' list ' )
DEFAULT_LIBVIRT_LXC_NOSECLABEL = get_config ( p , ' selinux ' , ' libvirt_lxc_noseclabel ' , ' LIBVIRT_LXC_NOSECLABEL ' , False , value_type = ' boolean ' )
2013-04-27 16:24:26 +02:00
2015-06-15 02:50:38 +02:00
### PRIVILEGE ESCALATION ###
# Backwards Compat
2016-10-06 19:27:03 +02:00
DEFAULT_SU = get_config ( p , DEFAULTS , ' su ' , ' ANSIBLE_SU ' , False , value_type = ' boolean ' )
2015-06-15 02:50:38 +02:00
DEFAULT_SU_USER = get_config ( p , DEFAULTS , ' su_user ' , ' ANSIBLE_SU_USER ' , ' root ' )
2015-09-02 15:29:34 +02:00
DEFAULT_SU_EXE = get_config ( p , DEFAULTS , ' su_exe ' , ' ANSIBLE_SU_EXE ' , None )
2015-09-02 17:31:39 +02:00
DEFAULT_SU_FLAGS = get_config ( p , DEFAULTS , ' su_flags ' , ' ANSIBLE_SU_FLAGS ' , None )
2016-10-06 19:27:03 +02:00
DEFAULT_ASK_SU_PASS = get_config ( p , DEFAULTS , ' ask_su_pass ' , ' ANSIBLE_ASK_SU_PASS ' , False , value_type = ' boolean ' )
DEFAULT_SUDO = get_config ( p , DEFAULTS , ' sudo ' , ' ANSIBLE_SUDO ' , False , value_type = ' boolean ' )
2015-06-15 02:50:38 +02:00
DEFAULT_SUDO_USER = get_config ( p , DEFAULTS , ' sudo_user ' , ' ANSIBLE_SUDO_USER ' , ' root ' )
2015-09-02 15:29:34 +02:00
DEFAULT_SUDO_EXE = get_config ( p , DEFAULTS , ' sudo_exe ' , ' ANSIBLE_SUDO_EXE ' , None )
2015-10-28 07:02:43 +01:00
DEFAULT_SUDO_FLAGS = get_config ( p , DEFAULTS , ' sudo_flags ' , ' ANSIBLE_SUDO_FLAGS ' , ' -H -S -n ' )
2016-10-06 19:27:03 +02:00
DEFAULT_ASK_SUDO_PASS = get_config ( p , DEFAULTS , ' ask_sudo_pass ' , ' ANSIBLE_ASK_SUDO_PASS ' , False , value_type = ' boolean ' )
2015-06-15 02:50:38 +02:00
# Become
2016-09-13 20:32:44 +02:00
BECOME_ERROR_STRINGS = { ' sudo ' : ' Sorry, try again. ' , ' su ' : ' Authentication failure ' , ' pbrun ' : ' ' , ' pfexec ' : ' ' , ' doas ' : ' Permission denied ' , ' dzdo ' : ' ' , ' ksu ' : ' Password incorrect ' } #FIXME: deal with i18n
BECOME_MISSING_STRINGS = { ' sudo ' : ' sorry, a password is required to run sudo ' , ' su ' : ' ' , ' pbrun ' : ' ' , ' pfexec ' : ' ' , ' doas ' : ' Authorization required ' , ' dzdo ' : ' ' , ' ksu ' : ' No password given ' } #FIXME: deal with i18n
BECOME_METHODS = [ ' sudo ' , ' su ' , ' pbrun ' , ' pfexec ' , ' doas ' , ' dzdo ' , ' ksu ' ]
2016-10-06 19:27:03 +02:00
BECOME_ALLOW_SAME_USER = get_config ( p , ' privilege_escalation ' , ' become_allow_same_user ' , ' ANSIBLE_BECOME_ALLOW_SAME_USER ' , False , value_type = ' boolean ' )
2014-11-24 22:36:31 +01:00
DEFAULT_BECOME_METHOD = get_config ( p , ' privilege_escalation ' , ' become_method ' , ' ANSIBLE_BECOME_METHOD ' , ' sudo ' if DEFAULT_SUDO else ' su ' if DEFAULT_SU else ' sudo ' ) . lower ( )
2016-10-06 19:27:03 +02:00
DEFAULT_BECOME = get_config ( p , ' privilege_escalation ' , ' become ' , ' ANSIBLE_BECOME ' , False , value_type = ' boolean ' )
2015-05-04 04:47:26 +02:00
DEFAULT_BECOME_USER = get_config ( p , ' privilege_escalation ' , ' become_user ' , ' ANSIBLE_BECOME_USER ' , ' root ' )
2015-06-15 02:50:38 +02:00
DEFAULT_BECOME_EXE = get_config ( p , ' privilege_escalation ' , ' become_exe ' , ' ANSIBLE_BECOME_EXE ' , None )
DEFAULT_BECOME_FLAGS = get_config ( p , ' privilege_escalation ' , ' become_flags ' , ' ANSIBLE_BECOME_FLAGS ' , None )
2016-10-06 19:27:03 +02:00
DEFAULT_BECOME_ASK_PASS = get_config ( p , ' privilege_escalation ' , ' become_ask_pass ' , ' ANSIBLE_BECOME_ASK_PASS ' , False , value_type = ' boolean ' )
2014-11-24 22:36:31 +01:00
2015-07-07 17:59:20 +02:00
# PLUGINS
2015-11-05 03:46:47 +01:00
# Modules that can optimize with_items loops into a single call. Currently
# these modules must (1) take a "name" or "pkg" parameter that is a list. If
# the module takes both, bad things could happen.
# In the future we should probably generalize this even further
# (mapping of param: squash field)
2016-11-14 23:40:48 +01:00
DEFAULT_SQUASH_ACTIONS = get_config ( p , DEFAULTS , ' squash_actions ' , ' ANSIBLE_SQUASH_ACTIONS ' , " apk, apt, dnf, homebrew, pacman, pkgng, yum, zypper " , value_type = ' list ' )
2015-07-07 17:59:20 +02:00
# paths
2016-10-06 19:27:03 +02:00
DEFAULT_ACTION_PLUGIN_PATH = get_config ( p , DEFAULTS , ' action_plugins ' , ' ANSIBLE_ACTION_PLUGINS ' , ' ~/.ansible/plugins/action:/usr/share/ansible/plugins/action ' , value_type = ' pathlist ' )
DEFAULT_CACHE_PLUGIN_PATH = get_config ( p , DEFAULTS , ' cache_plugins ' , ' ANSIBLE_CACHE_PLUGINS ' , ' ~/.ansible/plugins/cache:/usr/share/ansible/plugins/cache ' , value_type = ' pathlist ' )
DEFAULT_CALLBACK_PLUGIN_PATH = get_config ( p , DEFAULTS , ' callback_plugins ' , ' ANSIBLE_CALLBACK_PLUGINS ' , ' ~/.ansible/plugins/callback:/usr/share/ansible/plugins/callback ' , value_type = ' pathlist ' )
DEFAULT_CONNECTION_PLUGIN_PATH = get_config ( p , DEFAULTS , ' connection_plugins ' , ' ANSIBLE_CONNECTION_PLUGINS ' , ' ~/.ansible/plugins/connection:/usr/share/ansible/plugins/connection ' , value_type = ' pathlist ' )
DEFAULT_LOOKUP_PLUGIN_PATH = get_config ( p , DEFAULTS , ' lookup_plugins ' , ' ANSIBLE_LOOKUP_PLUGINS ' , ' ~/.ansible/plugins/lookup:/usr/share/ansible/plugins/lookup ' , value_type = ' pathlist ' )
DEFAULT_INVENTORY_PLUGIN_PATH = get_config ( p , DEFAULTS , ' inventory_plugins ' , ' ANSIBLE_INVENTORY_PLUGINS ' , ' ~/.ansible/plugins/inventory:/usr/share/ansible/plugins/inventory ' , value_type = ' pathlist ' )
DEFAULT_VARS_PLUGIN_PATH = get_config ( p , DEFAULTS , ' vars_plugins ' , ' ANSIBLE_VARS_PLUGINS ' , ' ~/.ansible/plugins/vars:/usr/share/ansible/plugins/vars ' , value_type = ' pathlist ' )
DEFAULT_FILTER_PLUGIN_PATH = get_config ( p , DEFAULTS , ' filter_plugins ' , ' ANSIBLE_FILTER_PLUGINS ' , ' ~/.ansible/plugins/filter:/usr/share/ansible/plugins/filter ' , value_type = ' pathlist ' )
DEFAULT_TEST_PLUGIN_PATH = get_config ( p , DEFAULTS , ' test_plugins ' , ' ANSIBLE_TEST_PLUGINS ' , ' ~/.ansible/plugins/test:/usr/share/ansible/plugins/test ' , value_type = ' pathlist ' )
DEFAULT_STRATEGY_PLUGIN_PATH = get_config ( p , DEFAULTS , ' strategy_plugins ' , ' ANSIBLE_STRATEGY_PLUGINS ' , ' ~/.ansible/plugins/strategy:/usr/share/ansible/plugins/strategy ' , value_type = ' pathlist ' )
2016-11-15 21:36:53 +01:00
DEFAULT_STRATEGY = get_config ( p , DEFAULTS , ' strategy ' , ' ANSIBLE_STRATEGY ' , ' linear ' )
2015-05-04 04:47:26 +02:00
DEFAULT_STDOUT_CALLBACK = get_config ( p , DEFAULTS , ' stdout_callback ' , ' ANSIBLE_STDOUT_CALLBACK ' , ' default ' )
2015-07-07 17:59:20 +02:00
# cache
2014-08-11 17:37:30 +02:00
CACHE_PLUGIN = get_config ( p , DEFAULTS , ' fact_caching ' , ' ANSIBLE_CACHE_PLUGIN ' , ' memory ' )
2014-08-11 21:16:51 +02:00
CACHE_PLUGIN_CONNECTION = get_config ( p , DEFAULTS , ' fact_caching_connection ' , ' ANSIBLE_CACHE_PLUGIN_CONNECTION ' , None )
CACHE_PLUGIN_PREFIX = get_config ( p , DEFAULTS , ' fact_caching_prefix ' , ' ANSIBLE_CACHE_PLUGIN_PREFIX ' , ' ansible_facts ' )
2016-10-06 19:27:03 +02:00
CACHE_PLUGIN_TIMEOUT = get_config ( p , DEFAULTS , ' fact_caching_timeout ' , ' ANSIBLE_CACHE_PLUGIN_TIMEOUT ' , 24 * 60 * 60 , value_type = ' integer ' )
2014-07-03 03:02:28 +02:00
2015-06-15 02:50:38 +02:00
# Display
2016-10-06 19:27:03 +02:00
ANSIBLE_FORCE_COLOR = get_config ( p , DEFAULTS , ' force_color ' , ' ANSIBLE_FORCE_COLOR ' , None , value_type = ' boolean ' )
ANSIBLE_NOCOLOR = get_config ( p , DEFAULTS , ' nocolor ' , ' ANSIBLE_NOCOLOR ' , None , value_type = ' boolean ' )
ANSIBLE_NOCOWS = get_config ( p , DEFAULTS , ' nocows ' , ' ANSIBLE_NOCOWS ' , None , value_type = ' boolean ' )
2015-10-15 16:32:55 +02:00
ANSIBLE_COW_SELECTION = get_config ( p , DEFAULTS , ' cow_selection ' , ' ANSIBLE_COW_SELECTION ' , ' default ' )
2016-10-06 19:27:03 +02:00
ANSIBLE_COW_WHITELIST = get_config ( p , DEFAULTS , ' cow_whitelist ' , ' ANSIBLE_COW_WHITELIST ' , DEFAULT_COW_WHITELIST , value_type = ' list ' )
DISPLAY_SKIPPED_HOSTS = get_config ( p , DEFAULTS , ' display_skipped_hosts ' , ' DISPLAY_SKIPPED_HOSTS ' , True , value_type = ' boolean ' )
DEFAULT_UNDEFINED_VAR_BEHAVIOR = get_config ( p , DEFAULTS , ' error_on_undefined_vars ' , ' ANSIBLE_ERROR_ON_UNDEFINED_VARS ' , True , value_type = ' boolean ' )
HOST_KEY_CHECKING = get_config ( p , DEFAULTS , ' host_key_checking ' , ' ANSIBLE_HOST_KEY_CHECKING ' , True , value_type = ' boolean ' )
SYSTEM_WARNINGS = get_config ( p , DEFAULTS , ' system_warnings ' , ' ANSIBLE_SYSTEM_WARNINGS ' , True , value_type = ' boolean ' )
DEPRECATION_WARNINGS = get_config ( p , DEFAULTS , ' deprecation_warnings ' , ' ANSIBLE_DEPRECATION_WARNINGS ' , True , value_type = ' boolean ' )
DEFAULT_CALLABLE_WHITELIST = get_config ( p , DEFAULTS , ' callable_whitelist ' , ' ANSIBLE_CALLABLE_WHITELIST ' , [ ] , value_type = ' list ' )
COMMAND_WARNINGS = get_config ( p , DEFAULTS , ' command_warnings ' , ' ANSIBLE_COMMAND_WARNINGS ' , True , value_type = ' boolean ' )
DEFAULT_LOAD_CALLBACK_PLUGINS = get_config ( p , DEFAULTS , ' bin_ansible_callbacks ' , ' ANSIBLE_LOAD_CALLBACK_PLUGINS ' , False , value_type = ' boolean ' )
DEFAULT_CALLBACK_WHITELIST = get_config ( p , DEFAULTS , ' callback_whitelist ' , ' ANSIBLE_CALLBACK_WHITELIST ' , [ ] , value_type = ' list ' )
RETRY_FILES_ENABLED = get_config ( p , DEFAULTS , ' retry_files_enabled ' , ' ANSIBLE_RETRY_FILES_ENABLED ' , True , value_type = ' boolean ' )
RETRY_FILES_SAVE_PATH = get_config ( p , DEFAULTS , ' retry_files_save_path ' , ' ANSIBLE_RETRY_FILES_SAVE_PATH ' , None , value_type = ' path ' )
DEFAULT_NULL_REPRESENTATION = get_config ( p , DEFAULTS , ' null_representation ' , ' ANSIBLE_NULL_REPRESENTATION ' , None , value_type = ' none ' )
DISPLAY_ARGS_TO_STDOUT = get_config ( p , DEFAULTS , ' display_args_to_stdout ' , ' ANSIBLE_DISPLAY_ARGS_TO_STDOUT ' , False , value_type = ' boolean ' )
MAX_FILE_SIZE_FOR_DIFF = get_config ( p , DEFAULTS , ' max_diff_size ' , ' ANSIBLE_MAX_DIFF_SIZE ' , 1024 * 1024 , value_type = ' integer ' )
2013-10-12 00:37:39 +02:00
# CONNECTION RELATED
2016-10-26 19:38:08 +02:00
USE_PERSISTENT_CONNECTIONS = get_config ( p , DEFAULTS , ' use_persistent_connections ' , ' ANSIBLE_USE_PERSISTENT_CONNECTIONS ' , False , value_type = ' boolean ' )
2016-06-10 19:17:49 +02:00
ANSIBLE_SSH_ARGS = get_config ( p , ' ssh_connection ' , ' ssh_args ' , ' ANSIBLE_SSH_ARGS ' , ' -C -o ControlMaster=auto -o ControlPersist=60s ' )
2016-10-02 23:55:55 +02:00
ANSIBLE_SSH_CONTROL_PATH = get_config ( p , ' ssh_connection ' , ' control_path ' , ' ANSIBLE_SSH_CONTROL_PATH ' , u " %(directory)s /ansible-ssh- %% h- %% p- %% r " )
2016-11-21 16:31:50 +01:00
ANSIBLE_SSH_CONTROL_PATH_DIR = get_config ( p , ' ssh_connection ' , ' control_path_dir ' , ' ANSIBLE_SSH_CONTROL_PATH_DIR ' , u ' ~/.ansible/cp ' )
2016-10-06 19:27:03 +02:00
ANSIBLE_SSH_PIPELINING = get_config ( p , ' ssh_connection ' , ' pipelining ' , ' ANSIBLE_SSH_PIPELINING ' , False , value_type = ' boolean ' )
ANSIBLE_SSH_RETRIES = get_config ( p , ' ssh_connection ' , ' retries ' , ' ANSIBLE_SSH_RETRIES ' , 0 , value_type = ' integer ' )
2016-09-07 17:41:43 +02:00
ANSIBLE_SSH_EXECUTABLE = get_config ( p , ' ssh_connection ' , ' ssh_executable ' , ' ANSIBLE_SSH_EXECUTABLE ' , ' ssh ' )
2016-10-06 19:27:03 +02:00
PARAMIKO_RECORD_HOST_KEYS = get_config ( p , ' paramiko_connection ' , ' record_host_keys ' , ' ANSIBLE_PARAMIKO_RECORD_HOST_KEYS ' , True , value_type = ' boolean ' )
2016-11-28 17:31:12 +01:00
PARAMIKO_HOST_KEY_AUTO_ADD = get_config ( p , ' paramiko_connection ' , ' host_key_auto_add ' , ' ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD ' , False , value_type = ' boolean ' )
2015-12-23 21:57:24 +01:00
PARAMIKO_PROXY_COMMAND = get_config ( p , ' paramiko_connection ' , ' proxy_command ' , ' ANSIBLE_PARAMIKO_PROXY_COMMAND ' , None )
2016-11-28 17:31:12 +01:00
PARAMIKO_LOOK_FOR_KEYS = get_config ( p , ' paramiko_connection ' , ' look_for_keys ' , ' ANSIBLE_PARAMIKO_LOOK_FOR_KEYS ' , True , value_type = ' boolean ' )
2016-10-26 19:38:08 +02:00
PERSISTENT_CONNECT_TIMEOUT = get_config ( p , ' persistent_connection ' , ' connect_timeout ' , ' ANSIBLE_PERSISTENT_CONNECT_TIMEOUT ' , 30 , value_type = ' integer ' )
2016-11-30 22:26:49 +01:00
PERSISTENT_CONNECT_RETRIES = get_config ( p , ' persistent_connection ' , ' connect_retries ' , ' ANSIBLE_PERSISTENT_CONNECT_RETRIES ' , 10 , value_type = ' integer ' )
PERSISTENT_CONNECT_INTERVAL = get_config ( p , ' persistent_connection ' , ' connect_interval ' , ' ANSIBLE_PERSISTENT_CONNECT_INTERVAL ' , 1 , value_type = ' integer ' )
2015-03-27 19:24:33 +01:00
2014-11-24 22:36:31 +01:00
# obsolete -- will be formally removed
2016-10-06 19:27:03 +02:00
ZEROMQ_PORT = get_config ( p , ' fireball_connection ' , ' zeromq_port ' , ' ANSIBLE_ZEROMQ_PORT ' , 5099 , value_type = ' integer ' )
ACCELERATE_PORT = get_config ( p , ' accelerate ' , ' accelerate_port ' , ' ACCELERATE_PORT ' , 5099 , value_type = ' integer ' )
ACCELERATE_TIMEOUT = get_config ( p , ' accelerate ' , ' accelerate_timeout ' , ' ACCELERATE_TIMEOUT ' , 30 , value_type = ' integer ' )
ACCELERATE_CONNECT_TIMEOUT = get_config ( p , ' accelerate ' , ' accelerate_connect_timeout ' , ' ACCELERATE_CONNECT_TIMEOUT ' , 1.0 , value_type = ' float ' )
ACCELERATE_DAEMON_TIMEOUT = get_config ( p , ' accelerate ' , ' accelerate_daemon_timeout ' , ' ACCELERATE_DAEMON_TIMEOUT ' , 30 , value_type = ' integer ' )
2014-02-06 09:53:43 +01:00
ACCELERATE_KEYS_DIR = get_config ( p , ' accelerate ' , ' accelerate_keys_dir ' , ' ACCELERATE_KEYS_DIR ' , ' ~/.fireball.keys ' )
ACCELERATE_KEYS_DIR_PERMS = get_config ( p , ' accelerate ' , ' accelerate_keys_dir_perms ' , ' ACCELERATE_KEYS_DIR_PERMS ' , ' 700 ' )
ACCELERATE_KEYS_FILE_PERMS = get_config ( p , ' accelerate ' , ' accelerate_keys_file_perms ' , ' ACCELERATE_KEYS_FILE_PERMS ' , ' 600 ' )
2016-10-06 19:27:03 +02:00
ACCELERATE_MULTI_KEY = get_config ( p , ' accelerate ' , ' accelerate_multi_key ' , ' ACCELERATE_MULTI_KEY ' , False , value_type = ' boolean ' )
PARAMIKO_PTY = get_config ( p , ' paramiko_connection ' , ' pty ' , ' ANSIBLE_PARAMIKO_PTY ' , True , value_type = ' boolean ' )
2012-09-18 14:41:27 +02:00
2015-05-04 04:47:26 +02:00
# galaxy related
2015-12-09 16:51:12 +01:00
GALAXY_SERVER = get_config ( p , ' galaxy ' , ' server ' , ' ANSIBLE_GALAXY_SERVER ' , ' https://galaxy.ansible.com ' )
2016-10-06 19:27:03 +02:00
GALAXY_IGNORE_CERTS = get_config ( p , ' galaxy ' , ' ignore_certs ' , ' ANSIBLE_GALAXY_IGNORE ' , False , value_type = ' boolean ' )
2015-05-04 04:47:26 +02:00
# this can be configured to blacklist SCMS but cannot add new ones unless the code is also updated
2016-10-06 19:27:03 +02:00
GALAXY_SCMS = get_config ( p , ' galaxy ' , ' scms ' , ' ANSIBLE_GALAXY_SCMS ' , ' git, hg ' , value_type = ' list ' )
2015-05-04 04:47:26 +02:00
2016-10-06 19:27:03 +02:00
STRING_TYPE_FILTERS = get_config ( p , ' jinja2 ' , ' dont_type_filters ' , ' ANSIBLE_STRING_TYPE_FILTERS ' , [ ' string ' , ' to_json ' , ' to_nice_json ' , ' to_yaml ' , ' ppretty ' , ' json ' ] , value_type = ' list ' )
2013-06-18 19:24:30 +02:00
2015-12-29 21:41:00 +01:00
# colors
2016-03-07 11:03:53 +01:00
COLOR_HIGHLIGHT = get_config ( p , ' colors ' , ' highlight ' , ' ANSIBLE_COLOR_HIGHLIGHT ' , ' white ' )
2015-12-29 21:41:00 +01:00
COLOR_VERBOSE = get_config ( p , ' colors ' , ' verbose ' , ' ANSIBLE_COLOR_VERBOSE ' , ' blue ' )
COLOR_WARN = get_config ( p , ' colors ' , ' warn ' , ' ANSIBLE_COLOR_WARN ' , ' bright purple ' )
COLOR_ERROR = get_config ( p , ' colors ' , ' error ' , ' ANSIBLE_COLOR_ERROR ' , ' red ' )
COLOR_DEBUG = get_config ( p , ' colors ' , ' debug ' , ' ANSIBLE_COLOR_DEBUG ' , ' dark gray ' )
COLOR_DEPRECATE = get_config ( p , ' colors ' , ' deprecate ' , ' ANSIBLE_COLOR_DEPRECATE ' , ' purple ' )
COLOR_SKIP = get_config ( p , ' colors ' , ' skip ' , ' ANSIBLE_COLOR_SKIP ' , ' cyan ' )
COLOR_UNREACHABLE = get_config ( p , ' colors ' , ' unreachable ' , ' ANSIBLE_COLOR_UNREACHABLE ' , ' bright red ' )
COLOR_OK = get_config ( p , ' colors ' , ' ok ' , ' ANSIBLE_COLOR_OK ' , ' green ' )
2016-06-17 18:26:20 +02:00
COLOR_CHANGED = get_config ( p , ' colors ' , ' changed ' , ' ANSIBLE_COLOR_CHANGED ' , ' yellow ' )
2016-02-17 11:10:07 +01:00
COLOR_DIFF_ADD = get_config ( p , ' colors ' , ' diff_add ' , ' ANSIBLE_COLOR_DIFF_ADD ' , ' green ' )
COLOR_DIFF_REMOVE = get_config ( p , ' colors ' , ' diff_remove ' , ' ANSIBLE_COLOR_DIFF_REMOVE ' , ' red ' )
COLOR_DIFF_LINES = get_config ( p , ' colors ' , ' diff_lines ' , ' ANSIBLE_COLOR_DIFF_LINES ' , ' cyan ' )
2015-12-29 21:41:00 +01:00
2016-02-16 11:31:40 +01:00
# diff
2016-10-06 19:27:03 +02:00
DIFF_CONTEXT = get_config ( p , ' diff ' , ' context ' , ' ANSIBLE_DIFF_CONTEXT ' , 3 , value_type = ' integer ' )
2016-02-16 11:31:40 +01:00
2012-08-14 01:17:14 +02:00
# non-configurable things
2016-09-15 20:25:56 +02:00
MODULE_REQUIRE_ARGS = [ ' command ' , ' win_command ' , ' shell ' , ' win_shell ' , ' raw ' , ' script ' ]
MODULE_NO_JSON = [ ' command ' , ' win_command ' , ' shell ' , ' win_shell ' , ' raw ' ]
2014-11-24 22:36:31 +01:00
DEFAULT_BECOME_PASS = None
2016-09-19 20:37:57 +02:00
DEFAULT_PASSWORD_CHARS = to_text ( ascii_letters + digits + " .,:-_ " , errors = ' strict ' ) # characters included in auto-generated passwords
2012-08-14 01:17:14 +02:00
DEFAULT_SUDO_PASS = None
2012-10-26 20:49:56 +02:00
DEFAULT_REMOTE_PASS = None
2012-08-14 01:17:14 +02:00
DEFAULT_SUBSET = None
2014-01-21 02:19:03 +01:00
DEFAULT_SU_PASS = None
2014-02-11 18:03:11 +01:00
VAULT_VERSION_MIN = 1.0
VAULT_VERSION_MAX = 1.0
2015-08-12 01:18:10 +02:00
TREE_DIR = None
2015-08-19 02:02:03 +02:00
LOCALHOST = frozenset ( [ ' 127.0.0.1 ' , ' localhost ' , ' ::1 ' ] )
2016-03-05 23:39:43 +01:00
# module search
BLACKLIST_EXTS = ( ' .pyc ' , ' .swp ' , ' .bak ' , ' ~ ' , ' .rpm ' , ' .md ' , ' .txt ' )
2016-09-20 21:38:46 +02:00
IGNORE_FILES = [ " COPYING " , " CONTRIBUTING " , " LICENSE " , " README " , " VERSION " , " GUIDELINES " ]