The debops exec command
The debops exec command will run the ansible command
inside of the DebOps project directory with its context - environment variables
defined in the configuration, unlocked
ansible/secret/ directory and
ansible.cfg configuration file used by the project, which
points to the Ansible inventory.
Execute an Ansible module against the Ansible inventory. The
ansible.builtin.command module is used by default, a different module can
be specified with the
The debops exec command will automatically unlock and lock the
ansible/secret/ directory as needed, to give the Ansible
module access to secrets.
The options below need to be specified before any Ansible arguments to take effect.
Display the help and usage information
Path to the project directory to work on. If it's not specified, the script will use the current directory.
-V <view>, --view <view>
Specify the name of the "infrastructure view" to use for running Ansible commands. If not specified, the default view will be used automatically. Using this option overrides the automatic view detection performed by DebOps based on the current working directory.
Emit an ASCII "bell" at the end of the ansible command execution to notify the user. This might be useful during longer module runs.
Do not execute ansible command; instead print out all the environment variables and the command itself to stdout.
Increase output verbosity. More letters means higher verbosity.
Mark the end of the debops exec options. Any of the options after this mark will be passed to the ansible command as-is.
You can specify all arguments supported by the ansible command to augment the execution, for example
--become, and so on. See ansible --help for more details.
Send a ping to all hosts in the Ansible inventory:
debops exec all -m ping
Check what UNIX account is used to run Ansible commands using a specific "infrastructure view":
debops exec -V deployment hostname -a 'whoami'
Perform a full upgrade of a Debian host using APT:
debops exec hostname -m apt -a 'upgrade=full' -b
Reboot all webservers with molly-guard(8) protection, user will be notified at the end of Ansible execution:
debops exec -E webservers -b -m reboot -a 'search_paths=/lib/molly-guard'