Initial commit

2025-11-30 08:47:38 +08:00
commit 18faa0569e
47 changed files with 7969 additions and 0 deletions
--- a/skills/ansible/references/variables.md
+++ b/skills/ansible/references/variables.md
@@ -0,0 +1,246 @@
+# Ansible Variables Reference
+
+## Variable Precedence (High to Low)
+
+1. **Extra vars** (`-e "var=value"`)
+2. **Task vars** (in task)
+3. **Block vars** (in block)
+4. **Role/include vars**
+5. **set_facts / registered vars**
+6. **Play vars_files**
+7. **Play vars_prompt**
+8. **Play vars**
+9. **Host facts**
+10. **Playbook host_vars/**
+11. **Inventory host_vars/**
+12. **Playbook group_vars/**
+13. **Inventory group_vars/**
+14. **Playbook group_vars/all**
+15. **Inventory group_vars/all**
+16. **Role defaults**
+
+## Defining Variables
+
+### In Playbook
+
+```yaml
+- hosts: all
+  vars:
+    app_name: myapp
+    app_port: 8080
+
+  vars_files:
+    - vars/common.yml
+    - "vars/{{ environment }}.yml"
+```
+
+### In Tasks
+
+```yaml
+- name: Set variable
+  ansible.builtin.set_fact:
+    my_var: "value"
+
+- name: Register output
+  ansible.builtin.command: whoami
+  register: user_result
+
+- name: Use registered
+  ansible.builtin.debug:
+    msg: "User: {{ user_result.stdout }}"
+```
+
+### In Roles
+
+```yaml
+# roles/app/defaults/main.yml (low priority)
+app_port: 8080
+
+# roles/app/vars/main.yml (high priority)
+internal_setting: value
+```
+
+## Variable Types
+
+```yaml
+# String
+name: "value"
+
+# Number
+port: 8080
+
+# Boolean
+enabled: true
+
+# List
+packages:
+  - nginx
+  - python3
+
+# Dictionary
+user:
+  name: admin
+  groups:
+    - wheel
+    - docker
+```
+
+## Accessing Variables
+
+```yaml
+# Simple
+msg: "{{ my_var }}"
+
+# Dictionary
+msg: "{{ user.name }}"
+msg: "{{ user['name'] }}"
+
+# List
+msg: "{{ packages[0] }}"
+msg: "{{ packages | first }}"
+
+# Default value
+msg: "{{ my_var | default('fallback') }}"
+
+# Required (fail if undefined)
+msg: "{{ my_var }}"  # Fails if undefined
+```
+
+## Jinja2 Filters
+
+```yaml
+# Default
+value: "{{ var | default('default') }}"
+
+# Mandatory
+value: "{{ var | mandatory }}"
+
+# Type conversion
+port: "{{ port_string | int }}"
+flag: "{{ flag_string | bool }}"
+
+# String operations
+upper: "{{ name | upper }}"
+lower: "{{ name | lower }}"
+title: "{{ name | title }}"
+
+# Lists
+first: "{{ list | first }}"
+last: "{{ list | last }}"
+length: "{{ list | length }}"
+joined: "{{ list | join(',') }}"
+
+# JSON
+json_str: "{{ dict | to_json }}"
+yaml_str: "{{ dict | to_yaml }}"
+
+# Path operations
+basename: "{{ path | basename }}"
+dirname: "{{ path | dirname }}"
+```
+
+## Facts
+
+```yaml
+# Accessing facts
+os: "{{ ansible_distribution }}"
+version: "{{ ansible_distribution_version }}"
+ip: "{{ ansible_default_ipv4.address }}"
+hostname: "{{ ansible_hostname }}"
+memory_mb: "{{ ansible_memtotal_mb }}"
+cpus: "{{ ansible_processor_vcpus }}"
+```
+
+### Gathering Facts
+
+```yaml
+- hosts: all
+  gather_facts: true  # Default
+
+# Or manually
+- name: Gather facts
+  ansible.builtin.setup:
+    filter: ansible_*
+
+# Specific facts
+- name: Get network facts
+  ansible.builtin.setup:
+    gather_subset:
+      - network
+```
+
+## Environment Variables
+
+```yaml
+# Lookup
+value: "{{ lookup('env', 'MY_VAR') }}"
+
+# Set for task
+- name: Run with env
+  ansible.builtin.command: /bin/command
+  environment:
+    MY_VAR: "{{ my_value }}"
+```
+
+## Secrets/Vault
+
+```bash
+# Create encrypted file
+ansible-vault create secrets.yml
+
+# Edit encrypted file
+ansible-vault edit secrets.yml
+
+# Encrypt existing file
+ansible-vault encrypt vars.yml
+
+# Run with vault password
+ansible-playbook playbook.yml --ask-vault-pass
+ansible-playbook playbook.yml --vault-password-file ~/.vault_pass
+```
+
+## Prompt for Variables
+
+```yaml
+- hosts: all
+  vars_prompt:
+    - name: password
+      prompt: "Enter password"
+      private: true
+
+    - name: environment
+      prompt: "Which environment?"
+      default: "staging"
+```
+
+## Conditionals with Variables
+
+```yaml
+- name: Check defined
+  when: my_var is defined
+
+- name: Check undefined
+  when: my_var is not defined
+
+- name: Check truthy
+  when: my_var | bool
+
+- name: Check falsy
+  when: not my_var | bool
+
+- name: Check in list
+  when: item in my_list
+
+- name: Version comparison
+  when: version is version('2.0', '>=')
+```
+
+## Hostvars
+
+Access variables from other hosts:
+
+```yaml
+- name: Get from other host
+  ansible.builtin.debug:
+    msg: "{{ hostvars['web1']['ansible_host'] }}"
+```