1

I have a list of items in my playbook.

x_ssl_certs:
  - 'host1.domain.tld'
  - 'host2.domain.tld'
  - 'host3.domain.tld'
  - 'anotherhost.domain.tld'

Each of it has it's own SSL files, like host1.domain.tld.key host1.domain.tld.crt host1.domain.tld.fullchain ... and so on. Now I using this playbook to send out this files:

- name: Copy the {{ item }} key files
  copy:
    src: "{{ item }}/{{ item }}.key"
    dest: '/etc/ssl/{{ item }}.key'
    owner: 'root'
    group: 'root'
    mode: '0644'
  loop: "{{ x_ssl_certs }}"

- name: Copy the {{ item }} crt files
  copy:
    src: "{{ item }}/{{ item }}.crt"
    dest: '/etc/ssl/{{ item }}.crt'
    owner: 'root'
    group: 'root'
    mode: '0644'
  loop: "{{ x_ssl_certs }}"

- name: Copy the {{ item }} fullchain files
  copy:
    src: "{{ item }}/{{ item }}.fullchain"
    dest: '/etc/ssl/{{ item }}.fullchain'
    owner: 'root'
    group: 'root'
    mode: '0644'
  loop: "{{ x_ssl_certs }}"

and so on, 1 task for every file. I would like to integrate this into one or two task, so it should lookup the x_ssl_certs list and send out each file which belongs to them. This files are the same naming convention for each item in the list.

This should be a loop in the loop, nested loop, or something like that, but based on the documentation it is not exactly clear for me how to make that.

Improve this question

1 Answer 1

Reset to default
3

Use with_nested. For example,

    - debug:
        msg: "Copy {{ item.0 }}.{{ item.1 }}"
      with_nested:
        - "{{ x_ssl_certs }}"
        - [key, crt, fullchain]

gives

  msg: Copy host1.domain.tld.key
  msg: Copy host1.domain.tld.crt
  msg: Copy host1.domain.tld.fullchain
  msg: Copy host2.domain.tld.key
  msg: Copy host2.domain.tld.crt
  msg: Copy host2.domain.tld.fullchain
  msg: Copy host3.domain.tld.key
  msg: Copy host3.domain.tld.crt
  msg: Copy host3.domain.tld.fullchain
  msg: Copy anotherhost.domain.tld.key
  msg: Copy anotherhost.domain.tld.crt
  msg: Copy anotherhost.domain.tld.fullchain
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you, I think now I understand the logic of with_nested. Based on the documentation I have translated with_nested to the new loop instead, it looks like this in this case: loop: "{{ x_ssl_certs|product(['key', 'pem', 'fullchain'])|list }}"
Right. The only difference is that nested is a lookup plugin and product is a filter. The results are the same.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.