How to insert a block of lines in my httpd.conf using Ansible?

Question

I am trying to add a block of lines in my httpd.conf file.

Here is how my httpd.conf file looks like before

NameVirtualHost *:80
<VirtualHost *:80>
        Header edit* Location ^http://* https://

        AllowEncodedSlashes On
        #Properly process encoded slash character for Dispatchers
        AllowEncodedSlashes NoDecode

        <Directory />
                <IfModule disp_apache2.c>
                        ModMimeUsePathInfo On
                        SetHandler dispatcher-handler
                </IfModule>

                Options FollowSymLinks
                AllowOverride None

                # Insert filter
                SetOutputFilter DEFLATE

                # Don't compress images
                SetEnvIfNoCase Request_URI \
                \.(?:gif|jpe?g|png)$ no-gzip dont-vary

                # Make sure proxies don't deliver the wrong content
                Header append Vary User-Agent env=!dont-vary
                # BIGBEAR-1328 prevent clickjacking
                Header always append X-Frame-Options SAMEORIGIN
                SetEnvIf X-Forwarded-Proto "https" HTTPS=on
                Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS

        </Directory>
</VirtualHost>

This is how i expect my final file to look like

After Execution:

NameVirtualHost *:80
<VirtualHost *:80>
        RewriteEngine on
        RewriteCond %{HTTP:X-Forwarded-Proto} !https
        RewriteCond %{REQUEST_URI} !^/dispatcher/invalidate.cache
        RewriteRule !/eagle/check https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
        LogLevel info rewrite:info
        Header edit* Location ^http://* https://

        AllowEncodedSlashes On
        #Properly process encoded slash character for Dispatchers
        AllowEncodedSlashes NoDecode

        <Directory />
                <IfModule disp_apache2.c>
                        ModMimeUsePathInfo On
                        SetHandler dispatcher-handler
                </IfModule>

                Options FollowSymLinks
                AllowOverride None

                # Insert filter
                SetOutputFilter DEFLATE

                # Don't compress images
                SetEnvIfNoCase Request_URI \
                \.(?:gif|jpe?g|png)$ no-gzip dont-vary

                # Make sure proxies don't deliver the wrong content
                Header append Vary User-Agent env=!dont-vary
                # BIGBEAR-1328 prevent clickjacking
                Header always append X-Frame-Options SAMEORIGIN
                SetEnvIf X-Forwarded-Proto "https" HTTPS=on
                Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS

        </Directory>
</VirtualHost>

Here is the sample playbook that i used.

- name: Add section in the conf file
  blockinfile:
    path: /tmp/apache-conf.txt
    block: |
      RewriteEngine on
      RewriteCond %{HTTP:X-Forwarded-Proto} !https
      RewriteCond %{REQUEST_URI} !^/dispatcher/invalidate.cache
      RewriteRule !/eagle/check https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
      LogLevel info rewrite:info
      insertafter: <VirtualHost *:80>
  tags: test

But when i run my playbook, the file is not modified as expected.

Here is what happens to the file. Blocks are added after the closing brackets of virtual hosts.

New File after playbook execution

NameVirtualHost *:80
<VirtualHost *:80>
        Header edit* Location ^http://* https://

        AllowEncodedSlashes On
        #Properly process encoded slash character for Dispatchers
        AllowEncodedSlashes NoDecode

        <Directory />
                <IfModule disp_apache2.c>
                        ModMimeUsePathInfo On
                        SetHandler dispatcher-handler
                </IfModule>

                Options FollowSymLinks
                AllowOverride None

                # Insert filter
                SetOutputFilter DEFLATE

                # Don't compress images
                SetEnvIfNoCase Request_URI \
                \.(?:gif|jpe?g|png)$ no-gzip dont-vary

                # Make sure proxies don't deliver the wrong content
                Header append Vary User-Agent env=!dont-vary
                # BIGBEAR-1328 prevent clickjacking
                Header always append X-Frame-Options SAMEORIGIN
                SetEnvIf X-Forwarded-Proto "https" HTTPS=on
                Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS

        </Directory>
</VirtualHost>
# BEGIN ANSIBLE MANAGED BLOCK
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{REQUEST_URI} !^/dispatcher/invalidate.cache
RewriteRule !/eagle/check https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
LogLevel info rewrite:info
insertafter: <VirtualHost *:80>
# END ANSIBLE MANAGED BLOCK

Now how do I use the regex correctly to accomplish what I want, i.e. to insert the lines immediately after <VirtualHost *:80> and a tab appended before each line of the block.

Answer 1

Firstly, your indentation is broken - insertafter should be a parameter to the blockinfile.

Secondly, you need to escape * with a backslash.

Thirdly, add the indentation as a number after block: |, e.g. block: |8 -- this is however broken in current version of Ansible.

- name: Add section in the conf file
  blockinfile:
    path: /tmp/apache-conf.txt
    block: |
      RewriteEngine on
      RewriteCond %{HTTP:X-Forwarded-Proto} !https
      RewriteCond %{REQUEST_URI} !^/dispatcher/invalidate.cache
      RewriteRule !/eagle/check https://%{SERVER_NAME}%{REQUEST_URI} [L,R]
      LogLevel info rewrite:info
    insertafter: <VirtualHost \*:80>
  tags: test

Finally, looking at the config file, I see no compelling reason not to use template module.