How to find and replace text/IP address with Ansible

I need to find an IP address in the sshd_config file and replace with a fresh one for over 100+ VMs. How do I use Ansible to do so? Is it possible to search replace single string or IP address?

Yes, you can use the following Ansible modules:
  • replace – This module will replace all instances of a pattern within a file.
  • lineinfile – Same as replace but this is primarily useful when you want to change a single line in a file only.
How to find and replace text/IP address with Ansible

How do I replace all instances of a pattern within a file?

The syntax is as follows:

- replace:
    path: /path/to/file
    regexp: 'regular expression for search'
    replace: 'replace-word'
    backup: yes

For example, find and replace all instances of foo with bar within a file named /etc/app.conf by creating or updating your yml file:

- replace:
    path: /etc/app.conf
    regexp: 'foo'
    replace: 'bar'
    backup: yes

Another example to replace hostname server1.cyberciti.biz with server1.nixcraft.com in /etc/hosts:

- replace:
    path: /etc/hosts
    regexp: '(\s+)server1\.cyberciti\.biz(\s+.*)?$'
    replace: '\1server1.nixcraft.com\2'
    backup: yes

Finding and replacing text or IP address with Ansible

In this example, replace an IP address 202.51.1.1 with 203.55.5.5 in sshd_config and reload sshd service:

# sshd.yml
          - replace:
                  dest: /etc/ssh/sshd_config
                  regexp: '202.51.1.1'
                  replace: '203.55.5.5'
                  backup: yes
                  validate: '/usr/sbin/sshd -t'
          - service:
                  name: sshd
                  state: reloaded

Where,

  1. dest : The file to modify i.e. /etc/ssh/sshd_config
  2. regexp : The regular expression to look for in the contents of the file. See re docs for more info.
  3. replace : The string to replace regexp matches. If not set, matches are removed entirely. Backreferences can be used ambiguously like \1, or explicitly like \g<1>.
  4. validate – The validation command to run before copying into place. In other words check sshd_config for error.
  5. backup – Make sure we backup our sshd_config file including the timestamp information so you can get the original file back if you somehow clobbered it incorrectly.
  6. service – Reload the sshd service so that we can apply changes on Linux or Unix box.

Now we can run it as follows:
$ ansible-playbook -i hosts sshd.yml

Example for lineinfile module

Update ip address in /etc/hosts file:

# my.yml
- lineinfile:
    path: /etc/hosts
    regexp: '^202\.51\.1\.1'
    line: '202.55.5.5 www.cyberciti.biz'
    owner: root
    group: root
    mode: 0644
    backup: yes

Update sshd_config:

# my.yml
- lineinfile:
    path: /etc/ssh/sshd_config
    regexp: '^202\.51\.1\.1'
    line: 'Match Address 202.55.5.5'
    backup: yes
    validate: '/usr/sbin/sshd -t'
- service:
    name: sshd
    state: reloaded

Update/create your hosts file:

$ cat hosts
[cluster:vars]
ansible_user=vivek 
ansible_become=true
ansible_become_method=sudo

[cluster]
vm1
vm2
vm3
vm4
gc.vm1
gc.vm2
gc.vm3
gc.vm4
aws.vm1
aws.vm2
aws.vm3
aws.vm4

You can run it as follows:
$ ansible-playbook -i hosts my.yml

Summing up

We learned about two useful Ansible modules to find and replace text in config or any other files. See the following docs:

  1. replace module – Replace all instances of a particular string in a file using a back-referenced regular expression.
  2. lineinfile module – Ensure a particular line is in a file, or replace an existing line using a back-referenced regular expression.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 5 comments so far... add one


CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
5 comments… add one
  • 0xSheepdog Oct 26, 2017 @ 15:21

    You seem to be using some RegEx in your examples that is not clear to people who are not experienced with RegEx. Can you explain what the syntax is actually doing?

    I.E. (\s+) does what, exactly? Is it looking for server1.cyberciti.biz or Server1.cyberciti.biz ?

    • Mladen Uzelac Dec 21, 2020 @ 21:43

      \s (any blank character), + 1 or more characters.
      \. – you cannot use . since it sign for any character, so you need to “escape it” so you use escape character \
      and then you have \.

  • snipervelli Dec 6, 2017 @ 21:54

    Is it possible to give a brief example of changing the IP address, network mask, gateway of a host with replace and lineinfile.

  • snipervelli Dec 7, 2017 @ 10:54

    Thanks for the quick response. It Centos 7.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum