有時(shí)需要批量修改文件，比如 /etc/rc.local 等, 可以使用blockinfile 或者 lineinfile

blockinfile

blockinfile 會在文件中插入一段內(nèi)容，插入時(shí)會根據(jù)marker 寫入/更新到指定的塊中，可以指定需要插入的位置
關(guān)鍵參數(shù)：

1. path/dest/destfile/name ：指定需要修改的文件
2. block/content: 需要添加/修改的內(nèi)容
3. marker：標(biāo)記內(nèi)容，默認(rèn)# BEGIN ANSIBLE MANAGED BLOCK ,例如：#{mark} test for fun , mark 會被替換為 BEGIN/END
4. insertafter：插入指定內(nèi)容之后霉祸， 默認(rèn)插入到結(jié)尾
5. insertbefore: 插入指定內(nèi)容之前

注意：

1. 如果marker 相同會更新內(nèi)容，如果多次寫入，注意區(qū)分marker
2. 如果指定了marker牺六，insertbefore/after 會不生效，仍修改該標(biāo)記中的內(nèi)容

ansible-doc blockinfile:

> BLOCKINFILE    (/usr/lib/python2.7/site-packages/ansible/modules/files/blockinfile.py)

        This module will insert/update/remove a block of multi-line text surrounded by customizable marker lines.

OPTIONS (= is mandatory):

- attributes
        Attributes the file or directory should have. To get supported flags look at the man page for `chattr' on the target
        system. This string should contain the attributes in the same order as the one displayed by `lsattr'.
        (Aliases: attr)[Default: None]
        version_added: 2.3

- backup
        Create a backup file including the timestamp information so you can get the original file back if you somehow clobbered it
        incorrectly.
        [Default: no]
        type: bool

- block
        The text to insert inside the marker lines. If it's missing or an empty string, the block will be removed as if `state'
        were specified to `absent'.
        (Aliases: content)[Default: ]

- create
        Create a new file if it doesn't exist.
        [Default: no]
        type: bool

- group
        Name of the group that should own the file/directory, as would be fed to `chown'.
        [Default: None]

- insertafter
        If specified, the block will be inserted after the last match of specified regular expression. A special value is
        available; `EOF' for inserting the block at the end of the file.  If specified regular expression has no matches, `EOF'
        will be used instead.
        (Choices: EOF, *regex*)[Default: EOF]

- insertbefore
        If specified, the block will be inserted before the last match of specified regular expression. A special value is
        available; `BOF' for inserting the block at the beginning of the file.  If specified regular expression has no matches,
        the block will be inserted at the end of the file.
        (Choices: BOF, *regex*)[Default: (null)]

- marker
        The marker line template. "{mark}" will be replaced with the values in marker_begin (default="BEGIN") and marker_end
        (default="END").
        [Default: # {mark} ANSIBLE MANAGED BLOCK]

- marker_begin
        This will be inserted at {mark} in the opening ansible block marker.
        [Default: BEGIN]
        version_added: 2.5

- marker_end
        This will be inserted at {mark} in the closing ansible block marker.
        [Default: END]
        version_added: 2.5

- mode
        Mode the file or directory should be. For those used to `/usr/bin/chmod' remember that modes are actually octal numbers
        (like `0644' or `01777'). Leaving off the leading zero will likely have unexpected results. As of version 1.8, the mode
        may be specified as a symbolic mode (for example, `u+rwx' or `u=rw,g=r,o=r').
        [Default: None]

- owner
        Name of the user that should own the file/directory, as would be fed to `chown'.
        [Default: None]

= path
        The file to modify.
        Before 2.3 this option was only usable as `dest', `destfile' and `name'.
        (Aliases: dest, destfile, name)

- selevel
        Level part of the SELinux file context. This is the MLS/MCS attribute, sometimes known as the `range'. `_default' feature
        works as for `seuser'.
        [Default: s0]

- serole
        Role part of SELinux file context, `_default' feature works as for `seuser'.
        [Default: None]

- setype
        Type part of SELinux file context, `_default' feature works as for `seuser'.
        [Default: None]

- seuser
        User part of SELinux file context. Will default to system policy, if applicable. If set to `_default', it will use the
        `user' portion of the policy if available.
        [Default: None]

- state
        Whether the block should be there or not.
        (Choices: absent, present)[Default: present]

- unsafe_writes
        Normally this module uses atomic operations to prevent data corruption or inconsistent reads from the target files,
        sometimes systems are configured or just broken in ways that prevent this. One example are docker mounted files, they
        cannot be updated atomically and can only be done in an unsafe manner.
        This boolean option allows ansible to fall back to unsafe methods of updating files for those cases in which you do not
        have any other choice. Be aware that this is subject to race conditions and can lead to data corruption.
        [Default: False]
        type: bool
        version_added: 2.2

- validate
        The validation command to run before copying into place. The path to the file to validate is passed in via '%s' which must
        be present as in the example below. The command is passed securely so shell features like expansion and pipes won't work.
        [Default: None]

NOTES:
      * This module supports check mode.
      * When using 'with_*' loops be aware that if you do not set a unique mark the block will be overwritten on each
        iteration.
      * As of Ansible 2.3, the `dest' option has been changed to `path' as default, but `dest' still works as well.
      * Option `follow' has been removed in version 2.5, because this module modifies the contents of the file so
        `follow=no' doesn't make sense.

AUTHOR: YAEGASHI Takeshi (@yaegashi)
        METADATA:
          status:
          - preview
          supported_by: core

例子

EXAMPLES:
# Before 2.3, option 'dest' or 'name' was used instead of 'path'
- name: insert/update "Match User" configuration block in /etc/ssh/sshd_config
  blockinfile:
    path: /etc/ssh/sshd_config
    block: |
      Match User ansible-agent
      PasswordAuthentication no

- name: insert/update eth0 configuration stanza in /etc/network/interfaces
        (it might be better to copy files into /etc/network/interfaces.d/)
  blockinfile:
    path: /etc/network/interfaces
    block: |
      iface eth0 inet static
          address 192.0.2.23
          netmask 255.255.255.0

- name: insert/update configuration using a local file and validate it
  blockinfile:
    block: "{{ lookup('file', './local/ssh_config') }}"
    dest: "/etc/ssh/ssh_config"
    backup: yes
    validate: "/usr/sbin/sshd -T -f %s"

- name: insert/update HTML surrounded by custom markers after <body> line
  blockinfile:
    path: /var/www/html/index.html
    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
    insertafter: "<body>"
    content: |
      <h1>Welcome to {{ ansible_hostname }}</h1>
      <p>Last updated on {{ ansible_date_time.iso8601 }}</p>

- name: remove HTML as well as surrounding markers
  blockinfile:
    path: /var/www/html/index.html
    marker: "<!-- {mark} ANSIBLE MANAGED BLOCK -->"
    content: ""

- name: Add mappings to /etc/hosts
  blockinfile:
    path: /etc/hosts
    block: |
      {{ item.ip }} {{ item.name }}
    marker: "# {mark} ANSIBLE MANAGED BLOCK {{ item.name }}"
  with_items:
    - { name: host1, ip: 10.10.1.10 }
    - { name: host2, ip: 10.10.1.11 }
    - { name: host3, ip: 10.10.1.12 }