diff options
Diffstat (limited to 'ansible-config-list.txt')
| -rw-r--r-- | ansible-config-list.txt | 2697 |
1 files changed, 2697 insertions, 0 deletions
diff --git a/ansible-config-list.txt b/ansible-config-list.txt new file mode 100644 index 0000000..e2220b4 --- /dev/null +++ b/ansible-config-list.txt @@ -0,0 +1,2697 @@ +ACTION_WARNINGS: + default: true + description: + - By default Ansible will issue a warning when received from a task action (module + or action plugin) + - These warnings can be silenced by adjusting this setting to False. + env: + - name: ANSIBLE_ACTION_WARNINGS + ini: + - key: action_warnings + section: defaults + name: Toggle action warnings + type: boolean + version_added: '2.5' +AGNOSTIC_BECOME_PROMPT: + default: true + description: Display an agnostic become prompt instead of displaying a prompt containing + the command line supplied become method + env: + - name: ANSIBLE_AGNOSTIC_BECOME_PROMPT + ini: + - key: agnostic_become_prompt + section: privilege_escalation + name: Display an agnostic become prompt + type: boolean + version_added: '2.5' + yaml: + key: privilege_escalation.agnostic_become_prompt +ANSIBLE_CONNECTION_PATH: + default: null + description: + - Specify where to look for the ansible-connection script. This location will be + checked before searching $PATH. + - If null, ansible will start with the same directory as the ansible script. + env: + - name: ANSIBLE_CONNECTION_PATH + ini: + - key: ansible_connection_path + section: persistent_connection + name: Path of ansible-connection script + type: path + version_added: '2.8' + yaml: + key: persistent_connection.ansible_connection_path +ANSIBLE_COW_ACCEPTLIST: + default: + - bud-frogs + - bunny + - cheese + - daemon + - default + - dragon + - elephant-in-snake + - elephant + - eyes + - hellokitty + - kitty + - luke-koala + - meow + - milk + - moofasa + - moose + - ren + - sheep + - small + - stegosaurus + - stimpy + - supermilker + - three-eyes + - turkey + - turtle + - tux + - udder + - vader-koala + - vader + - www + description: Accept list of cowsay templates that are 'safe' to use, set to empty + list if you want to enable all installed templates. + env: + - name: ANSIBLE_COW_ACCEPTLIST + version_added: '2.11' + ini: + - key: cowsay_enabled_stencils + section: defaults + version_added: '2.11' + name: Cowsay filter acceptance list + type: list +ANSIBLE_COW_PATH: + default: null + description: Specify a custom cowsay path or swap in your cowsay implementation + of choice + env: + - name: ANSIBLE_COW_PATH + ini: + - key: cowpath + section: defaults + name: Set path to cowsay command + type: string + yaml: + key: display.cowpath +ANSIBLE_COW_SELECTION: + default: default + description: This allows you to chose a specific cowsay stencil for the banners + or use 'random' to cycle through them. + env: + - name: ANSIBLE_COW_SELECTION + ini: + - key: cow_selection + section: defaults + name: Cowsay filter selection +ANSIBLE_FORCE_COLOR: + default: false + description: This option forces color mode even when running without a TTY or the + "nocolor" setting is True. + env: + - name: ANSIBLE_FORCE_COLOR + ini: + - key: force_color + section: defaults + name: Force color output + type: boolean + yaml: + key: display.force_color +ANSIBLE_HOME: + default: ~/.ansible + description: + - The default root path for Ansible config files on the controller. + env: + - name: ANSIBLE_HOME + ini: + - key: home + section: defaults + name: The Ansible home path + type: path + version_added: '2.14' +ANSIBLE_NOCOLOR: + default: false + description: This setting allows suppressing colorizing output, which is used to + give a better indication of failure and status information. + env: + - name: ANSIBLE_NOCOLOR + - name: NO_COLOR + version_added: '2.11' + ini: + - key: nocolor + section: defaults + name: Suppress color output + type: boolean + yaml: + key: display.nocolor +ANSIBLE_NOCOWS: + default: false + description: If you have cowsay installed but want to avoid the 'cows' (why????), + use this. + env: + - name: ANSIBLE_NOCOWS + ini: + - key: nocows + section: defaults + name: Suppress cowsay output + type: boolean + yaml: + key: display.i_am_no_fun +ANSIBLE_PIPELINING: + default: false + description: + - This is a global option, each connection plugin can override either by having + more specific options or not supporting pipelining at all. + - Pipelining, if supported by the connection plugin, reduces the number of network + operations required to execute a module on the remote server, by executing many + Ansible modules without actual file transfer. + - It can result in a very significant performance improvement when enabled. + - However this conflicts with privilege escalation (become). For example, when using + 'sudo:' operations you must first disable 'requiretty' in /etc/sudoers on all + managed hosts, which is why it is disabled by default. + - This setting will be disabled if ``ANSIBLE_KEEP_REMOTE_FILES`` is enabled. + env: + - name: ANSIBLE_PIPELINING + ini: + - key: pipelining + section: defaults + - key: pipelining + section: connection + name: Connection pipelining + type: boolean +ANY_ERRORS_FATAL: + default: false + description: Sets the default value for the any_errors_fatal keyword, if True, Task + failures will be considered fatal errors. + env: + - name: ANSIBLE_ANY_ERRORS_FATAL + ini: + - key: any_errors_fatal + section: defaults + name: Make Task failures fatal + type: boolean + version_added: '2.4' + yaml: + key: errors.any_task_errors_fatal +BECOME_ALLOW_SAME_USER: + default: false + description: + - This setting controls if become is skipped when remote user and become user are + the same. I.E root sudo to root. + - If executable, it will be run and the resulting stdout will be used as the password. + env: + - name: ANSIBLE_BECOME_ALLOW_SAME_USER + ini: + - key: become_allow_same_user + section: privilege_escalation + name: Allow becoming the same user + type: boolean + yaml: + key: privilege_escalation.become_allow_same_user +BECOME_PASSWORD_FILE: + default: null + description: + - The password file to use for the become plugin. --become-password-file. + - If executable, it will be run and the resulting stdout will be used as the password. + env: + - name: ANSIBLE_BECOME_PASSWORD_FILE + ini: + - key: become_password_file + section: defaults + name: Become password file + type: path + version_added: '2.12' +BECOME_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/become:/usr/share/ansible/plugins/become" + }}' + description: Colon separated paths in which Ansible will search for Become Plugins. + env: + - name: ANSIBLE_BECOME_PLUGINS + ini: + - key: become_plugins + section: defaults + name: Become plugins path + type: pathspec + version_added: '2.8' +CACHE_PLUGIN: + default: memory + description: Chooses which cache plugin to use, the default 'memory' is ephemeral. + env: + - name: ANSIBLE_CACHE_PLUGIN + ini: + - key: fact_caching + section: defaults + name: Persistent Cache plugin + yaml: + key: facts.cache.plugin +CACHE_PLUGIN_CONNECTION: + default: null + description: Defines connection or path information for the cache plugin + env: + - name: ANSIBLE_CACHE_PLUGIN_CONNECTION + ini: + - key: fact_caching_connection + section: defaults + name: Cache Plugin URI + yaml: + key: facts.cache.uri +CACHE_PLUGIN_PREFIX: + default: ansible_facts + description: Prefix to use for cache plugin files/tables + env: + - name: ANSIBLE_CACHE_PLUGIN_PREFIX + ini: + - key: fact_caching_prefix + section: defaults + name: Cache Plugin table prefix + yaml: + key: facts.cache.prefix +CACHE_PLUGIN_TIMEOUT: + default: 86400 + description: Expiration timeout for the cache plugin data + env: + - name: ANSIBLE_CACHE_PLUGIN_TIMEOUT + ini: + - key: fact_caching_timeout + section: defaults + name: Cache Plugin expiration timeout + type: integer + yaml: + key: facts.cache.timeout +CALLBACKS_ENABLED: + default: [] + description: + - List of enabled callbacks, not all callbacks need enabling, but many of those + shipped with Ansible do as we don't want them activated by default. + env: + - name: ANSIBLE_CALLBACKS_ENABLED + version_added: '2.11' + ini: + - key: callbacks_enabled + section: defaults + version_added: '2.11' + name: Enable callback plugins that require it. + type: list +COLLECTIONS_ON_ANSIBLE_VERSION_MISMATCH: + choices: + error: issue a 'fatal' error and stop the play + ignore: just continue silently + warning: issue a warning but continue + default: warning + description: + - When a collection is loaded that does not support the running Ansible version + (with the collection metadata key `requires_ansible`). + env: + - name: ANSIBLE_COLLECTIONS_ON_ANSIBLE_VERSION_MISMATCH + ini: + - key: collections_on_ansible_version_mismatch + section: defaults + name: Defines behavior when loading a collection that does not support the current + Ansible version +COLLECTIONS_PATHS: + default: '{{ ANSIBLE_HOME ~ "/collections:/usr/share/ansible/collections" }}' + description: 'Colon separated paths in which Ansible will search for collections + content. Collections must be in nested *subdirectories*, not directly in these + directories. For example, if ``COLLECTIONS_PATHS`` includes ``''{{ ANSIBLE_HOME + ~ "/collections" }}''``, and you want to add ``my.collection`` to that directory, + it must be saved as ``''{{ ANSIBLE_HOME} ~ "/collections/ansible_collections/my/collection" + }}''``. + + ' + env: + - name: ANSIBLE_COLLECTIONS_PATHS + - name: ANSIBLE_COLLECTIONS_PATH + version_added: '2.10' + ini: + - key: collections_paths + section: defaults + - key: collections_path + section: defaults + version_added: '2.10' + name: ordered list of root paths for loading installed Ansible collections content + type: pathspec +COLLECTIONS_SCAN_SYS_PATH: + default: true + description: A boolean to enable or disable scanning the sys.path for installed + collections + env: + - name: ANSIBLE_COLLECTIONS_SCAN_SYS_PATH + ini: + - key: collections_scan_sys_path + section: defaults + name: Scan PYTHONPATH for installed collections + type: boolean +COLOR_CHANGED: + choices: &id001 + - black + - bright gray + - blue + - white + - green + - bright blue + - cyan + - bright green + - red + - bright cyan + - purple + - bright red + - yellow + - bright purple + - dark gray + - bright yellow + - magenta + - bright magenta + - normal + default: yellow + description: Defines the color to use on 'Changed' task status + env: + - name: ANSIBLE_COLOR_CHANGED + ini: + - key: changed + section: colors + name: Color for 'changed' task status +COLOR_CONSOLE_PROMPT: + choices: *id001 + default: white + description: Defines the default color to use for ansible-console + env: + - name: ANSIBLE_COLOR_CONSOLE_PROMPT + ini: + - key: console_prompt + section: colors + name: Color for ansible-console's prompt task status + version_added: '2.7' +COLOR_DEBUG: + choices: *id001 + default: dark gray + description: Defines the color to use when emitting debug messages + env: + - name: ANSIBLE_COLOR_DEBUG + ini: + - key: debug + section: colors + name: Color for debug statements +COLOR_DEPRECATE: + choices: *id001 + default: purple + description: Defines the color to use when emitting deprecation messages + env: + - name: ANSIBLE_COLOR_DEPRECATE + ini: + - key: deprecate + section: colors + name: Color for deprecation messages +COLOR_DIFF_ADD: + choices: *id001 + default: green + description: Defines the color to use when showing added lines in diffs + env: + - name: ANSIBLE_COLOR_DIFF_ADD + ini: + - key: diff_add + section: colors + name: Color for diff added display + yaml: + key: display.colors.diff.add +COLOR_DIFF_LINES: + choices: *id001 + default: cyan + description: Defines the color to use when showing diffs + env: + - name: ANSIBLE_COLOR_DIFF_LINES + ini: + - key: diff_lines + section: colors + name: Color for diff lines display +COLOR_DIFF_REMOVE: + choices: *id001 + default: red + description: Defines the color to use when showing removed lines in diffs + env: + - name: ANSIBLE_COLOR_DIFF_REMOVE + ini: + - key: diff_remove + section: colors + name: Color for diff removed display +COLOR_ERROR: + choices: *id001 + default: red + description: Defines the color to use when emitting error messages + env: + - name: ANSIBLE_COLOR_ERROR + ini: + - key: error + section: colors + name: Color for error messages + yaml: + key: colors.error +COLOR_HIGHLIGHT: + choices: *id001 + default: white + description: Defines the color to use for highlighting + env: + - name: ANSIBLE_COLOR_HIGHLIGHT + ini: + - key: highlight + section: colors + name: Color for highlighting +COLOR_OK: + choices: *id001 + default: green + description: Defines the color to use when showing 'OK' task status + env: + - name: ANSIBLE_COLOR_OK + ini: + - key: ok + section: colors + name: Color for 'ok' task status +COLOR_SKIP: + choices: *id001 + default: cyan + description: Defines the color to use when showing 'Skipped' task status + env: + - name: ANSIBLE_COLOR_SKIP + ini: + - key: skip + section: colors + name: Color for 'skip' task status +COLOR_UNREACHABLE: + choices: *id001 + default: bright red + description: Defines the color to use on 'Unreachable' status + env: + - name: ANSIBLE_COLOR_UNREACHABLE + ini: + - key: unreachable + section: colors + name: Color for 'unreachable' host state +COLOR_VERBOSE: + choices: *id001 + default: blue + description: Defines the color to use when emitting verbose messages. i.e those + that show with '-v's. + env: + - name: ANSIBLE_COLOR_VERBOSE + ini: + - key: verbose + section: colors + name: Color for verbose messages +COLOR_WARN: + choices: *id001 + default: bright purple + description: Defines the color to use when emitting warning messages + env: + - name: ANSIBLE_COLOR_WARN + ini: + - key: warn + section: colors + name: Color for warning messages +CONFIG_FILE: + default: null + type: path +CONNECTION_FACTS_MODULES: + default: + arista.eos.eos: arista.eos.eos_facts + asa: ansible.legacy.asa_facts + cisco.asa.asa: cisco.asa.asa_facts + cisco.ios.ios: cisco.ios.ios_facts + cisco.iosxr.iosxr: cisco.iosxr.iosxr_facts + cisco.nxos.nxos: cisco.nxos.nxos_facts + community.network.ironware: community.network.ironware_facts + eos: ansible.legacy.eos_facts + exos: ansible.legacy.exos_facts + extreme.exos.exos: extreme.exos.exos_facts + extreme.slxos.slxos: extreme.slxos.slxos_facts + extreme.voss.voss: extreme.voss.voss_facts + frr: ansible.legacy.frr_facts + frr.frr.frr: frr.frr.frr_facts + ios: ansible.legacy.ios_facts + iosxr: ansible.legacy.iosxr_facts + ironware: ansible.legacy.ironware_facts + junipernetworks.junos.junos: junipernetworks.junos.junos_facts + junos: ansible.legacy.junos_facts + nxos: ansible.legacy.nxos_facts + slxos: ansible.legacy.slxos_facts + voss: ansible.legacy.voss_facts + vyos: ansible.legacy.vyos_facts + vyos.vyos.vyos: vyos.vyos.vyos_facts + description: Which modules to run during a play's fact gathering stage based on + connection + name: Map of connections to fact modules + type: dict +CONNECTION_PASSWORD_FILE: + default: null + description: The password file to use for the connection plugin. --connection-password-file. + env: + - name: ANSIBLE_CONNECTION_PASSWORD_FILE + ini: + - key: connection_password_file + section: defaults + name: Connection password file + type: path + version_added: '2.12' +COVERAGE_REMOTE_OUTPUT: + description: + - Sets the output directory on the remote host to generate coverage reports to. + - Currently only used for remote coverage on PowerShell modules. + - This is for internal use only. + env: + - name: _ANSIBLE_COVERAGE_REMOTE_OUTPUT + name: Sets the output directory and filename prefix to generate coverage run info. + type: str + vars: + - name: _ansible_coverage_remote_output + version_added: '2.9' +COVERAGE_REMOTE_PATHS: + default: '*' + description: + - A list of paths for files on the Ansible controller to run coverage for when executing + on the remote host. + - Only files that match the path glob will have its coverage collected. + - Multiple path globs can be specified and are separated by ``:``. + - Currently only used for remote coverage on PowerShell modules. + - This is for internal use only. + env: + - name: _ANSIBLE_COVERAGE_REMOTE_PATH_FILTER + name: Sets the list of paths to run coverage for. + type: str + version_added: '2.9' +DEFAULT_ACTION_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/action:/usr/share/ansible/plugins/action" + }}' + description: Colon separated paths in which Ansible will search for Action Plugins. + env: + - name: ANSIBLE_ACTION_PLUGINS + ini: + - key: action_plugins + section: defaults + name: Action plugins path + type: pathspec + yaml: + key: plugins.action.path +DEFAULT_ALLOW_UNSAFE_LOOKUPS: + default: false + description: + - When enabled, this option allows lookup plugins (whether used in variables as + ``{{lookup('foo')}}`` or as a loop as with_foo) to return data that is not marked + 'unsafe'. + - By default, such data is marked as unsafe to prevent the templating engine from + evaluating any jinja2 templating language, as this could represent a security + risk. This option is provided to allow for backward compatibility, however users + should first consider adding allow_unsafe=True to any lookups which may be expected + to contain data which may be run through the templating engine late + env: [] + ini: + - key: allow_unsafe_lookups + section: defaults + name: Allow unsafe lookups + type: boolean + version_added: 2.2.3 +DEFAULT_ASK_PASS: + default: false + description: + - This controls whether an Ansible playbook should prompt for a login password. + If using SSH keys for authentication, you probably do not need to change this + setting. + env: + - name: ANSIBLE_ASK_PASS + ini: + - key: ask_pass + section: defaults + name: Ask for the login password + type: boolean + yaml: + key: defaults.ask_pass +DEFAULT_ASK_VAULT_PASS: + default: false + description: + - This controls whether an Ansible playbook should prompt for a vault password. + env: + - name: ANSIBLE_ASK_VAULT_PASS + ini: + - key: ask_vault_pass + section: defaults + name: Ask for the vault password(s) + type: boolean +DEFAULT_BECOME: + default: false + description: Toggles the use of privilege escalation, allowing you to 'become' another + user after login. + env: + - name: ANSIBLE_BECOME + ini: + - key: become + section: privilege_escalation + name: Enable privilege escalation (become) + type: boolean +DEFAULT_BECOME_ASK_PASS: + default: false + description: Toggle to prompt for privilege escalation password. + env: + - name: ANSIBLE_BECOME_ASK_PASS + ini: + - key: become_ask_pass + section: privilege_escalation + name: Ask for the privilege escalation (become) password + type: boolean +DEFAULT_BECOME_EXE: + default: null + description: executable to use for privilege escalation, otherwise Ansible will + depend on PATH + env: + - name: ANSIBLE_BECOME_EXE + ini: + - key: become_exe + section: privilege_escalation + name: Choose 'become' executable +DEFAULT_BECOME_FLAGS: + default: '' + description: Flags to pass to the privilege escalation executable. + env: + - name: ANSIBLE_BECOME_FLAGS + ini: + - key: become_flags + section: privilege_escalation + name: Set 'become' executable options +DEFAULT_BECOME_METHOD: + default: sudo + description: Privilege escalation method to use when `become` is enabled. + env: + - name: ANSIBLE_BECOME_METHOD + ini: + - key: become_method + section: privilege_escalation + name: Choose privilege escalation method +DEFAULT_BECOME_USER: + default: root + description: The user your login/remote user 'becomes' when using privilege escalation, + most systems will use 'root' when no user is specified. + env: + - name: ANSIBLE_BECOME_USER + ini: + - key: become_user + section: privilege_escalation + name: Set the user you 'become' via privilege escalation + yaml: + key: become.user +DEFAULT_CACHE_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/cache:/usr/share/ansible/plugins/cache" }}' + description: Colon separated paths in which Ansible will search for Cache Plugins. + env: + - name: ANSIBLE_CACHE_PLUGINS + ini: + - key: cache_plugins + section: defaults + name: Cache Plugins Path + type: pathspec +DEFAULT_CALLBACK_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/callback:/usr/share/ansible/plugins/callback" + }}' + description: Colon separated paths in which Ansible will search for Callback Plugins. + env: + - name: ANSIBLE_CALLBACK_PLUGINS + ini: + - key: callback_plugins + section: defaults + name: Callback Plugins Path + type: pathspec + yaml: + key: plugins.callback.path +DEFAULT_CLICONF_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/cliconf:/usr/share/ansible/plugins/cliconf" + }}' + description: Colon separated paths in which Ansible will search for Cliconf Plugins. + env: + - name: ANSIBLE_CLICONF_PLUGINS + ini: + - key: cliconf_plugins + section: defaults + name: Cliconf Plugins Path + type: pathspec +DEFAULT_CONNECTION_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/connection:/usr/share/ansible/plugins/connection" + }}' + description: Colon separated paths in which Ansible will search for Connection Plugins. + env: + - name: ANSIBLE_CONNECTION_PLUGINS + ini: + - key: connection_plugins + section: defaults + name: Connection Plugins Path + type: pathspec + yaml: + key: plugins.connection.path +DEFAULT_DEBUG: + default: false + description: + - Toggles debug output in Ansible. This is *very* verbose and can hinder multiprocessing. Debug + output can also include secret information despite no_log settings being enabled, + which means debug mode should not be used in production. + env: + - name: ANSIBLE_DEBUG + ini: + - key: debug + section: defaults + name: Debug mode + type: boolean +DEFAULT_EXECUTABLE: + default: /bin/sh + description: + - This indicates the command to use to spawn a shell under for Ansible's execution + needs on a target. Users may need to change this in rare instances when shell + usage is constrained, but in most cases it may be left as is. + env: + - name: ANSIBLE_EXECUTABLE + ini: + - key: executable + section: defaults + name: Target shell executable +DEFAULT_FACT_PATH: + deprecated: + alternatives: module_defaults + collection_name: ansible.builtin + version: '2.18' + why: the module_defaults keyword is a more generic version and can apply to all + calls to the M(ansible.builtin.gather_facts) or M(ansible.builtin.setup) actions + description: + - This option allows you to globally configure a custom path for 'local_facts' for + the implied :ref:`ansible_collections.ansible.builtin.setup_module` task when + using fact gathering. + - 'If not set, it will fallback to the default from the ``ansible.builtin.setup`` + module: ``/etc/ansible/facts.d``.' + - This does **not** affect user defined tasks that use the ``ansible.builtin.setup`` + module. + - The real action being created by the implicit task is currently ``ansible.legacy.gather_facts`` + module, which then calls the configured fact modules, by default this will be + ``ansible.builtin.setup`` for POSIX systems but other platforms might have different + defaults. + env: + - name: ANSIBLE_FACT_PATH + ini: + - key: fact_path + section: defaults + name: local fact path + type: string +DEFAULT_FILTER_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/filter:/usr/share/ansible/plugins/filter" + }}' + description: Colon separated paths in which Ansible will search for Jinja2 Filter + Plugins. + env: + - name: ANSIBLE_FILTER_PLUGINS + ini: + - key: filter_plugins + section: defaults + name: Jinja2 Filter Plugins Path + type: pathspec +DEFAULT_FORCE_HANDLERS: + default: false + description: + - This option controls if notified handlers run on a host even if a failure occurs + on that host. + - When false, the handlers will not run if a failure has occurred on a host. + - This can also be set per play or on the command line. See Handlers and Failure + for more details. + env: + - name: ANSIBLE_FORCE_HANDLERS + ini: + - key: force_handlers + section: defaults + name: Force handlers to run after failure + type: boolean + version_added: 1.9.1 +DEFAULT_FORKS: + default: 5 + description: Maximum number of forks Ansible will use to execute tasks on target + hosts. + env: + - name: ANSIBLE_FORKS + ini: + - key: forks + section: defaults + name: Number of task forks + type: integer +DEFAULT_GATHERING: + choices: + explicit: facts will not be gathered unless directly requested in the play. + implicit: 'the cache plugin will be ignored and facts will be gathered per play + unless ''gather_facts: False'' is set.' + smart: each new host that has no facts discovered will be scanned, but if the + same host is addressed in multiple plays it will not be contacted again in the + run. + default: implicit + description: + - This setting controls the default policy of fact gathering (facts discovered about + remote systems). + - This option can be useful for those wishing to save fact gathering time. Both + 'smart' and 'explicit' will use the cache plugin. + env: + - name: ANSIBLE_GATHERING + ini: + - key: gathering + section: defaults + name: Gathering behaviour + version_added: '1.6' +DEFAULT_GATHER_SUBSET: + deprecated: + alternatives: module_defaults + collection_name: ansible.builtin + version: '2.18' + why: the module_defaults keyword is a more generic version and can apply to all + calls to the M(ansible.builtin.gather_facts) or M(ansible.builtin.setup) actions + description: + - Set the `gather_subset` option for the :ref:`ansible_collections.ansible.builtin.setup_module` + task in the implicit fact gathering. See the module documentation for specifics. + - It does **not** apply to user defined ``ansible.builtin.setup`` tasks. + env: + - name: ANSIBLE_GATHER_SUBSET + ini: + - key: gather_subset + section: defaults + name: Gather facts subset + type: list + version_added: '2.1' +DEFAULT_GATHER_TIMEOUT: + deprecated: + alternatives: module_defaults + collection_name: ansible.builtin + version: '2.18' + why: the module_defaults keyword is a more generic version and can apply to all + calls to the M(ansible.builtin.gather_facts) or M(ansible.builtin.setup) actions + description: + - Set the timeout in seconds for the implicit fact gathering, see the module documentation + for specifics. + - It does **not** apply to user defined :ref:`ansible_collections.ansible.builtin.setup_module` + tasks. + env: + - name: ANSIBLE_GATHER_TIMEOUT + ini: + - key: gather_timeout + section: defaults + name: Gather facts timeout + type: integer +DEFAULT_HASH_BEHAVIOUR: + choices: + merge: Any dictionary variable will be recursively merged with new definitions + across the different variable definition sources. + replace: Any variable that is defined more than once is overwritten using the + order from variable precedence rules (highest wins). + default: replace + description: + - This setting controls how duplicate definitions of dictionary variables (aka hash, + map, associative array) are handled in Ansible. + - This does not affect variables whose values are scalars (integers, strings) or + arrays. + - '**WARNING**, changing this setting is not recommended as this is fragile and + makes your content (plays, roles, collections) non portable, leading to continual + confusion and misuse. Don''t change this setting unless you think you have an + absolute need for it.' + - We recommend avoiding reusing variable names and relying on the ``combine`` filter + and ``vars`` and ``varnames`` lookups to create merged versions of the individual + variables. In our experience this is rarely really needed and a sign that too + much complexity has been introduced into the data structures and plays. + - For some uses you can also look into custom vars_plugins to merge on input, even + substituting the default ``host_group_vars`` that is in charge of parsing the + ``host_vars/`` and ``group_vars/`` directories. Most users of this setting are + only interested in inventory scope, but the setting itself affects all sources + and makes debugging even harder. + - All playbooks and roles in the official examples repos assume the default for + this setting. + - Changing the setting to ``merge`` applies across variable sources, but many sources + will internally still overwrite the variables. For example ``include_vars`` will + dedupe variables internally before updating Ansible, with 'last defined' overwriting + previous definitions in same file. + - The Ansible project recommends you **avoid ``merge`` for new projects.** + - It is the intention of the Ansible developers to eventually deprecate and remove + this setting, but it is being kept as some users do heavily rely on it. New projects + should **avoid 'merge'**. + env: + - name: ANSIBLE_HASH_BEHAVIOUR + ini: + - key: hash_behaviour + section: defaults + name: Hash merge behaviour + type: string +DEFAULT_HOST_LIST: + default: /etc/ansible/hosts + description: Comma separated list of Ansible inventory sources + env: + - name: ANSIBLE_INVENTORY + expand_relative_paths: true + ini: + - key: inventory + section: defaults + name: Inventory Source + type: pathlist + yaml: + key: defaults.inventory +DEFAULT_HTTPAPI_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/httpapi:/usr/share/ansible/plugins/httpapi" + }}' + description: Colon separated paths in which Ansible will search for HttpApi Plugins. + env: + - name: ANSIBLE_HTTPAPI_PLUGINS + ini: + - key: httpapi_plugins + section: defaults + name: HttpApi Plugins Path + type: pathspec +DEFAULT_INTERNAL_POLL_INTERVAL: + default: 0.001 + description: + - This sets the interval (in seconds) of Ansible internal processes polling each + other. Lower values improve performance with large playbooks at the expense of + extra CPU load. Higher values are more suitable for Ansible usage in automation + scenarios, when UI responsiveness is not required but CPU usage might be a concern. + - The default corresponds to the value hardcoded in Ansible <= 2.1 + env: [] + ini: + - key: internal_poll_interval + section: defaults + name: Internal poll interval + type: float + version_added: '2.2' +DEFAULT_INVENTORY_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/inventory:/usr/share/ansible/plugins/inventory" + }}' + description: Colon separated paths in which Ansible will search for Inventory Plugins. + env: + - name: ANSIBLE_INVENTORY_PLUGINS + ini: + - key: inventory_plugins + section: defaults + name: Inventory Plugins Path + type: pathspec +DEFAULT_JINJA2_EXTENSIONS: + default: [] + description: + - This is a developer-specific feature that allows enabling additional Jinja2 extensions. + - See the Jinja2 documentation for details. If you do not know what these do, you + probably don't need to change this setting :) + env: + - name: ANSIBLE_JINJA2_EXTENSIONS + ini: + - key: jinja2_extensions + section: defaults + name: Enabled Jinja2 extensions +DEFAULT_JINJA2_NATIVE: + default: false + description: This option preserves variable types during template operations. + env: + - name: ANSIBLE_JINJA2_NATIVE + ini: + - key: jinja2_native + section: defaults + name: Use Jinja2's NativeEnvironment for templating + type: boolean + version_added: 2.7 + yaml: + key: jinja2_native +DEFAULT_KEEP_REMOTE_FILES: + default: false + description: + - Enables/disables the cleaning up of the temporary files Ansible used to execute + the tasks on the remote. + - If this option is enabled it will disable ``ANSIBLE_PIPELINING``. + env: + - name: ANSIBLE_KEEP_REMOTE_FILES + ini: + - key: keep_remote_files + section: defaults + name: Keep remote files + type: boolean +DEFAULT_LIBVIRT_LXC_NOSECLABEL: + default: false + description: + - This setting causes libvirt to connect to lxc containers by passing --noseclabel + to virsh. This is necessary when running on systems which do not have SELinux. + env: + - name: ANSIBLE_LIBVIRT_LXC_NOSECLABEL + ini: + - key: libvirt_lxc_noseclabel + section: selinux + name: No security label on Lxc + type: boolean + version_added: '2.1' +DEFAULT_LOAD_CALLBACK_PLUGINS: + default: false + description: + - Controls whether callback plugins are loaded when running /usr/bin/ansible. This + may be used to log activity from the command line, send notifications, and so + on. Callback plugins are always loaded for ``ansible-playbook``. + env: + - name: ANSIBLE_LOAD_CALLBACK_PLUGINS + ini: + - key: bin_ansible_callbacks + section: defaults + name: Load callbacks for adhoc + type: boolean + version_added: '1.8' +DEFAULT_LOCAL_TMP: + default: '{{ ANSIBLE_HOME ~ "/tmp" }}' + description: Temporary directory for Ansible to use on the controller. + env: + - name: ANSIBLE_LOCAL_TEMP + ini: + - key: local_tmp + section: defaults + name: Controller temporary directory + type: tmppath +DEFAULT_LOG_FILTER: + default: [] + description: List of logger names to filter out of the log file + env: + - name: ANSIBLE_LOG_FILTER + ini: + - key: log_filter + section: defaults + name: Name filters for python logger + type: list +DEFAULT_LOG_PATH: + default: null + description: File to which Ansible will log on the controller. When empty logging + is disabled. + env: + - name: ANSIBLE_LOG_PATH + ini: + - key: log_path + section: defaults + name: Ansible log file path + type: path +DEFAULT_LOOKUP_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/lookup:/usr/share/ansible/plugins/lookup" + }}' + description: Colon separated paths in which Ansible will search for Lookup Plugins. + env: + - name: ANSIBLE_LOOKUP_PLUGINS + ini: + - key: lookup_plugins + section: defaults + name: Lookup Plugins Path + type: pathspec + yaml: + key: defaults.lookup_plugins +DEFAULT_MANAGED_STR: + default: Ansible managed + description: Sets the macro for the 'ansible_managed' variable available for :ref:`ansible_collections.ansible.builtin.template_module` + and :ref:`ansible_collections.ansible.windows.win_template_module`. This is only + relevant for those two modules. + env: [] + ini: + - key: ansible_managed + section: defaults + name: Ansible managed + yaml: + key: defaults.ansible_managed +DEFAULT_MODULE_ARGS: + default: null + description: + - This sets the default arguments to pass to the ``ansible`` adhoc binary if no + ``-a`` is specified. + env: + - name: ANSIBLE_MODULE_ARGS + ini: + - key: module_args + section: defaults + name: Adhoc default arguments +DEFAULT_MODULE_COMPRESSION: + default: ZIP_DEFLATED + description: Compression scheme to use when transferring Python modules to the target. + env: [] + ini: + - key: module_compression + section: defaults + name: Python module compression +DEFAULT_MODULE_NAME: + default: command + description: Module to use with the ``ansible`` AdHoc command, if none is specified + via ``-m``. + env: [] + ini: + - key: module_name + section: defaults + name: Default adhoc module +DEFAULT_MODULE_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/modules:/usr/share/ansible/plugins/modules" + }}' + description: Colon separated paths in which Ansible will search for Modules. + env: + - name: ANSIBLE_LIBRARY + ini: + - key: library + section: defaults + name: Modules Path + type: pathspec +DEFAULT_MODULE_UTILS_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/module_utils:/usr/share/ansible/plugins/module_utils" + }}' + description: Colon separated paths in which Ansible will search for Module utils + files, which are shared by modules. + env: + - name: ANSIBLE_MODULE_UTILS + ini: + - key: module_utils + section: defaults + name: Module Utils Path + type: pathspec +DEFAULT_NETCONF_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/netconf:/usr/share/ansible/plugins/netconf" + }}' + description: Colon separated paths in which Ansible will search for Netconf Plugins. + env: + - name: ANSIBLE_NETCONF_PLUGINS + ini: + - key: netconf_plugins + section: defaults + name: Netconf Plugins Path + type: pathspec +DEFAULT_NO_LOG: + default: false + description: Toggle Ansible's display and logging of task details, mainly used to + avoid security disclosures. + env: + - name: ANSIBLE_NO_LOG + ini: + - key: no_log + section: defaults + name: No log + type: boolean +DEFAULT_NO_TARGET_SYSLOG: + default: false + description: + - Toggle Ansible logging to syslog on the target when it executes tasks. On Windows + hosts this will disable a newer style PowerShell modules from writing to the event + log. + env: + - name: ANSIBLE_NO_TARGET_SYSLOG + ini: + - key: no_target_syslog + section: defaults + name: No syslog on target + type: boolean + vars: + - name: ansible_no_target_syslog + version_added: '2.10' + yaml: + key: defaults.no_target_syslog +DEFAULT_NULL_REPRESENTATION: + default: null + description: What templating should return as a 'null' value. When not set it will + let Jinja2 decide. + env: + - name: ANSIBLE_NULL_REPRESENTATION + ini: + - key: null_representation + section: defaults + name: Represent a null + type: raw +DEFAULT_POLL_INTERVAL: + default: 15 + description: + - For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), + this is how often to check back on the status of those tasks when an explicit + poll interval is not supplied. The default is a reasonably moderate 15 seconds + which is a tradeoff between checking in frequently and providing a quick turnaround + when something may have completed. + env: + - name: ANSIBLE_POLL_INTERVAL + ini: + - key: poll_interval + section: defaults + name: Async poll interval + type: integer +DEFAULT_PRIVATE_KEY_FILE: + default: null + description: + - Option for connections using a certificate or key file to authenticate, rather + than an agent or passwords, you can set the default value here to avoid re-specifying + --private-key with every invocation. + env: + - name: ANSIBLE_PRIVATE_KEY_FILE + ini: + - key: private_key_file + section: defaults + name: Private key file + type: path +DEFAULT_PRIVATE_ROLE_VARS: + default: false + description: + - Makes role variables inaccessible from other roles. + - This was introduced as a way to reset role variables to default values if a role + is used more than once in a playbook. + env: + - name: ANSIBLE_PRIVATE_ROLE_VARS + ini: + - key: private_role_vars + section: defaults + name: Private role variables + type: boolean + yaml: + key: defaults.private_role_vars +DEFAULT_REMOTE_PORT: + default: null + description: Port to use in remote connections, when blank it will use the connection + plugin default. + env: + - name: ANSIBLE_REMOTE_PORT + ini: + - key: remote_port + section: defaults + name: Remote port + type: integer + yaml: + key: defaults.remote_port +DEFAULT_REMOTE_USER: + description: + - Sets the login user for the target machines + - When blank it uses the connection plugin's default, normally the user currently + executing Ansible. + env: + - name: ANSIBLE_REMOTE_USER + ini: + - key: remote_user + section: defaults + name: Login/Remote User +DEFAULT_ROLES_PATH: + default: '{{ ANSIBLE_HOME ~ "/roles:/usr/share/ansible/roles:/etc/ansible/roles" + }}' + description: Colon separated paths in which Ansible will search for Roles. + env: + - name: ANSIBLE_ROLES_PATH + expand_relative_paths: true + ini: + - key: roles_path + section: defaults + name: Roles path + type: pathspec + yaml: + key: defaults.roles_path +DEFAULT_SELINUX_SPECIAL_FS: + default: fuse, nfs, vboxsf, ramfs, 9p, vfat + description: + - Some filesystems do not support safe operations and/or return inconsistent errors, + this setting makes Ansible 'tolerate' those in the list w/o causing fatal errors. + - Data corruption may occur and writes are not always verified when a filesystem + is in the list. + env: + - name: ANSIBLE_SELINUX_SPECIAL_FS + version_added: '2.9' + ini: + - key: special_context_filesystems + section: selinux + name: Problematic file systems + type: list +DEFAULT_STDOUT_CALLBACK: + default: default + description: + - Set the main callback used to display Ansible output. You can only have one at + a time. + - You can have many other callbacks, but just one can be in charge of stdout. + - See :ref:`callback_plugins` for a list of available options. + env: + - name: ANSIBLE_STDOUT_CALLBACK + ini: + - key: stdout_callback + section: defaults + name: Main display callback plugin +DEFAULT_STRATEGY: + default: linear + description: Set the default strategy used for plays. + env: + - name: ANSIBLE_STRATEGY + ini: + - key: strategy + section: defaults + name: Implied strategy + version_added: '2.3' +DEFAULT_STRATEGY_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/strategy:/usr/share/ansible/plugins/strategy" + }}' + description: Colon separated paths in which Ansible will search for Strategy Plugins. + env: + - name: ANSIBLE_STRATEGY_PLUGINS + ini: + - key: strategy_plugins + section: defaults + name: Strategy Plugins Path + type: pathspec +DEFAULT_SU: + default: false + description: Toggle the use of "su" for tasks. + env: + - name: ANSIBLE_SU + ini: + - key: su + section: defaults + type: boolean + yaml: + key: defaults.su +DEFAULT_SYSLOG_FACILITY: + default: LOG_USER + description: Syslog facility to use when Ansible logs to the remote target + env: + - name: ANSIBLE_SYSLOG_FACILITY + ini: + - key: syslog_facility + section: defaults + name: syslog facility +DEFAULT_TERMINAL_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/terminal:/usr/share/ansible/plugins/terminal" + }}' + description: Colon separated paths in which Ansible will search for Terminal Plugins. + env: + - name: ANSIBLE_TERMINAL_PLUGINS + ini: + - key: terminal_plugins + section: defaults + name: Terminal Plugins Path + type: pathspec +DEFAULT_TEST_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/test:/usr/share/ansible/plugins/test" }}' + description: Colon separated paths in which Ansible will search for Jinja2 Test + Plugins. + env: + - name: ANSIBLE_TEST_PLUGINS + ini: + - key: test_plugins + section: defaults + name: Jinja2 Test Plugins Path + type: pathspec +DEFAULT_TIMEOUT: + default: 10 + description: This is the default timeout for connection plugins to use. + env: + - name: ANSIBLE_TIMEOUT + ini: + - key: timeout + section: defaults + name: Connection timeout + type: integer +DEFAULT_TRANSPORT: + default: smart + description: Default connection plugin to use, the 'smart' option will toggle between + 'ssh' and 'paramiko' depending on controller OS and ssh versions + env: + - name: ANSIBLE_TRANSPORT + ini: + - key: transport + section: defaults + name: Connection plugin +DEFAULT_UNDEFINED_VAR_BEHAVIOR: + default: true + description: + - When True, this causes ansible templating to fail steps that reference variable + names that are likely typoed. + - Otherwise, any '{{ template_expression }}' that contains undefined variables will + be rendered in a template or ansible action line exactly as written. + env: + - name: ANSIBLE_ERROR_ON_UNDEFINED_VARS + ini: + - key: error_on_undefined_vars + section: defaults + name: Jinja2 fail on undefined + type: boolean + version_added: '1.3' +DEFAULT_VARS_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/vars:/usr/share/ansible/plugins/vars" }}' + description: Colon separated paths in which Ansible will search for Vars Plugins. + env: + - name: ANSIBLE_VARS_PLUGINS + ini: + - key: vars_plugins + section: defaults + name: Vars Plugins Path + type: pathspec +DEFAULT_VAULT_ENCRYPT_IDENTITY: + description: The vault_id to use for encrypting by default. If multiple vault_ids + are provided, this specifies which to use for encryption. The --encrypt-vault-id + cli option overrides the configured value. + env: + - name: ANSIBLE_VAULT_ENCRYPT_IDENTITY + ini: + - key: vault_encrypt_identity + section: defaults + name: Vault id to use for encryption + yaml: + key: defaults.vault_encrypt_identity +DEFAULT_VAULT_IDENTITY: + default: default + description: The label to use for the default vault id label in cases where a vault + id label is not provided + env: + - name: ANSIBLE_VAULT_IDENTITY + ini: + - key: vault_identity + section: defaults + name: Vault id label + yaml: + key: defaults.vault_identity +DEFAULT_VAULT_IDENTITY_LIST: + default: [] + description: A list of vault-ids to use by default. Equivalent to multiple --vault-id + args. Vault-ids are tried in order. + env: + - name: ANSIBLE_VAULT_IDENTITY_LIST + ini: + - key: vault_identity_list + section: defaults + name: Default vault ids + type: list + yaml: + key: defaults.vault_identity_list +DEFAULT_VAULT_ID_MATCH: + default: false + description: If true, decrypting vaults with a vault id will only try the password + from the matching vault-id + env: + - name: ANSIBLE_VAULT_ID_MATCH + ini: + - key: vault_id_match + section: defaults + name: Force vault id match + yaml: + key: defaults.vault_id_match +DEFAULT_VAULT_PASSWORD_FILE: + default: null + description: + - The vault password file to use. Equivalent to --vault-password-file or --vault-id + - If executable, it will be run and the resulting stdout will be used as the password. + env: + - name: ANSIBLE_VAULT_PASSWORD_FILE + ini: + - key: vault_password_file + section: defaults + name: Vault password file + type: path + yaml: + key: defaults.vault_password_file +DEFAULT_VERBOSITY: + default: 0 + description: Sets the default verbosity, equivalent to the number of ``-v`` passed + in the command line. + env: + - name: ANSIBLE_VERBOSITY + ini: + - key: verbosity + section: defaults + name: Verbosity + type: integer +DEPRECATION_WARNINGS: + default: true + description: Toggle to control the showing of deprecation warnings + env: + - name: ANSIBLE_DEPRECATION_WARNINGS + ini: + - key: deprecation_warnings + section: defaults + name: Deprecation messages + type: boolean +DEVEL_WARNING: + default: true + description: Toggle to control showing warnings related to running devel + env: + - name: ANSIBLE_DEVEL_WARNING + ini: + - key: devel_warning + section: defaults + name: Running devel warning + type: boolean +DIFF_ALWAYS: + default: false + description: Configuration toggle to tell modules to show differences when in 'changed' + status, equivalent to ``--diff``. + env: + - name: ANSIBLE_DIFF_ALWAYS + ini: + - key: always + section: diff + name: Show differences + type: bool +DIFF_CONTEXT: + default: 3 + description: How many lines of context to show when displaying the differences between + files. + env: + - name: ANSIBLE_DIFF_CONTEXT + ini: + - key: context + section: diff + name: Difference context + type: integer +DISPLAY_ARGS_TO_STDOUT: + default: false + description: + - 'Normally ``ansible-playbook`` will print a header for each task that is run. + These headers will contain the name: field from the task if you specified one. + If you didn''t then ``ansible-playbook`` uses the task''s action to help you tell + which task is presently running. Sometimes you run many of the same action and + so you want more information about the task to differentiate it from others of + the same action. If you set this variable to True in the config then ``ansible-playbook`` + will also include the task''s arguments in the header.' + - This setting defaults to False because there is a chance that you have sensitive + values in your parameters and you do not want those to be printed. + - 'If you set this to True you should be sure that you have secured your environment''s + stdout (no one can shoulder surf your screen and you aren''t saving stdout to + an insecure file) or made sure that all of your playbooks explicitly added the + ``no_log: True`` parameter to tasks which have sensitive values See How do I keep + secret data in my playbook? for more information.' + env: + - name: ANSIBLE_DISPLAY_ARGS_TO_STDOUT + ini: + - key: display_args_to_stdout + section: defaults + name: Show task arguments + type: boolean + version_added: '2.1' +DISPLAY_SKIPPED_HOSTS: + default: true + description: Toggle to control displaying skipped task/host entries in a task in + the default callback + env: + - name: ANSIBLE_DISPLAY_SKIPPED_HOSTS + ini: + - key: display_skipped_hosts + section: defaults + name: Show skipped results + type: boolean +DOCSITE_ROOT_URL: + default: https://docs.ansible.com/ansible-core/ + description: Root docsite URL used to generate docs URLs in warning/error text; + must be an absolute URL with valid scheme and trailing slash. + ini: + - key: docsite_root_url + section: defaults + name: Root docsite URL + version_added: '2.8' +DOC_FRAGMENT_PLUGIN_PATH: + default: '{{ ANSIBLE_HOME ~ "/plugins/doc_fragments:/usr/share/ansible/plugins/doc_fragments" + }}' + description: Colon separated paths in which Ansible will search for Documentation + Fragments Plugins. + env: + - name: ANSIBLE_DOC_FRAGMENT_PLUGINS + ini: + - key: doc_fragment_plugins + section: defaults + name: documentation fragment plugins path + type: pathspec +DUPLICATE_YAML_DICT_KEY: + choices: + error: issue a 'fatal' error and stop the play + ignore: just continue silently + warn: issue a warning but continue + default: warn + description: + - By default Ansible will issue a warning when a duplicate dict key is encountered + in YAML. + - These warnings can be silenced by adjusting this setting to False. + env: + - name: ANSIBLE_DUPLICATE_YAML_DICT_KEY + ini: + - key: duplicate_dict_key + section: defaults + name: Controls ansible behaviour when finding duplicate keys in YAML. + type: string + version_added: '2.9' +EDITOR: + default: vi + descrioption: + - for the cases in which Ansible needs to return a file within an editor, this chooses + the application to use + env: + - name: ANSIBLE_EDITOR + version_added: '2.15' + - name: EDITOR + ini: + - key: editor + section: defaults + version_added: '2.15' + name: editor application touse +ENABLE_TASK_DEBUGGER: + default: false + description: + - Whether or not to enable the task debugger, this previously was done as a strategy + plugin. + - Now all strategy plugins can inherit this behavior. The debugger defaults to activating + when + - a task is failed on unreachable. Use the debugger keyword for more flexibility. + env: + - name: ANSIBLE_ENABLE_TASK_DEBUGGER + ini: + - key: enable_task_debugger + section: defaults + name: Whether to enable the task debugger + type: boolean + version_added: '2.5' +ERROR_ON_MISSING_HANDLER: + default: true + description: Toggle to allow missing handlers to become a warning instead of an + error when notifying. + env: + - name: ANSIBLE_ERROR_ON_MISSING_HANDLER + ini: + - key: error_on_missing_handler + section: defaults + name: Missing handler error + type: boolean +FACTS_MODULES: + default: + - smart + description: + - Which modules to run during a play's fact gathering stage, using the default of + 'smart' will try to figure it out based on connection type. + - If adding your own modules but you still want to use the default Ansible facts, + you will want to include 'setup' or corresponding network module to the list (if + you add 'smart', Ansible will also figure it out). + - This does not affect explicit calls to the 'setup' module, but does always affect + the 'gather_facts' action (implicit or explicit). + env: + - name: ANSIBLE_FACTS_MODULES + ini: + - key: facts_modules + section: defaults + name: Gather Facts Modules + type: list + vars: + - name: ansible_facts_modules +GALAXY_CACHE_DIR: + default: '{{ ANSIBLE_HOME ~ "/galaxy_cache" }}' + description: + - The directory that stores cached responses from a Galaxy server. + - This is only used by the ``ansible-galaxy collection install`` and ``download`` + commands. + - Cache files inside this dir will be ignored if they are world writable. + env: + - name: ANSIBLE_GALAXY_CACHE_DIR + ini: + - key: cache_dir + section: galaxy + type: path + version_added: '2.11' +GALAXY_COLLECTION_SKELETON: + description: Collection skeleton directory to use as a template for the ``init`` + action in ``ansible-galaxy collection``, same as ``--collection-skeleton``. + env: + - name: ANSIBLE_GALAXY_COLLECTION_SKELETON + ini: + - key: collection_skeleton + section: galaxy + name: Galaxy collection skeleton directory + type: path +GALAXY_COLLECTION_SKELETON_IGNORE: + default: + - ^.git$ + - ^.*/.git_keep$ + description: patterns of files to ignore inside a Galaxy collection skeleton directory + env: + - name: ANSIBLE_GALAXY_COLLECTION_SKELETON_IGNORE + ini: + - key: collection_skeleton_ignore + section: galaxy + name: Galaxy collection skeleton ignore + type: list +GALAXY_DISABLE_GPG_VERIFY: + default: false + description: + - Disable GPG signature verification during collection installation. + env: + - name: ANSIBLE_GALAXY_DISABLE_GPG_VERIFY + ini: + - key: disable_gpg_verify + section: galaxy + type: bool + version_added: '2.13' +GALAXY_DISPLAY_PROGRESS: + default: null + description: + - Some steps in ``ansible-galaxy`` display a progress wheel which can cause issues + on certain displays or when outputting the stdout to a file. + - This config option controls whether the display wheel is shown or not. + - The default is to show the display wheel if stdout has a tty. + env: + - name: ANSIBLE_GALAXY_DISPLAY_PROGRESS + ini: + - key: display_progress + section: galaxy + type: bool + version_added: '2.10' +GALAXY_GPG_KEYRING: + description: + - Configure the keyring used for GPG signature verification during collection installation + and verification. + env: + - name: ANSIBLE_GALAXY_GPG_KEYRING + ini: + - key: gpg_keyring + section: galaxy + type: path + version_added: '2.13' +GALAXY_IGNORE_CERTS: + description: + - If set to yes, ansible-galaxy will not validate TLS certificates. This can be + useful for testing against a server with a self-signed certificate. + env: + - name: ANSIBLE_GALAXY_IGNORE + ini: + - key: ignore_certs + section: galaxy + name: Galaxy validate certs + type: boolean +GALAXY_IGNORE_INVALID_SIGNATURE_STATUS_CODES: + choices: + - EXPSIG + - EXPKEYSIG + - REVKEYSIG + - BADSIG + - ERRSIG + - NO_PUBKEY + - MISSING_PASSPHRASE + - BAD_PASSPHRASE + - NODATA + - UNEXPECTED + - ERROR + - FAILURE + - BADARMOR + - KEYEXPIRED + - KEYREVOKED + - NO_SECKEY + description: + - A list of GPG status codes to ignore during GPG signature verification. See L(https://github.com/gpg/gnupg/blob/master/doc/DETAILS#general-status-codes) + for status code descriptions. + - If fewer signatures successfully verify the collection than `GALAXY_REQUIRED_VALID_SIGNATURE_COUNT`, + signature verification will fail even if all error codes are ignored. + env: + - name: ANSIBLE_GALAXY_IGNORE_SIGNATURE_STATUS_CODES + ini: + - key: ignore_signature_status_codes + section: galaxy + type: list +GALAXY_REQUIRED_VALID_SIGNATURE_COUNT: + default: 1 + description: + - The number of signatures that must be successful during GPG signature verification + while installing or verifying collections. + - This should be a positive integer or all to indicate all signatures must successfully + validate the collection. + - Prepend + to the value to fail if no valid signatures are found for the collection. + env: + - name: ANSIBLE_GALAXY_REQUIRED_VALID_SIGNATURE_COUNT + ini: + - key: required_valid_signature_count + section: galaxy + type: str +GALAXY_ROLE_SKELETON: + description: Role skeleton directory to use as a template for the ``init`` action + in ``ansible-galaxy``/``ansible-galaxy role``, same as ``--role-skeleton``. + env: + - name: ANSIBLE_GALAXY_ROLE_SKELETON + ini: + - key: role_skeleton + section: galaxy + name: Galaxy role skeleton directory + type: path +GALAXY_ROLE_SKELETON_IGNORE: + default: + - ^.git$ + - ^.*/.git_keep$ + description: patterns of files to ignore inside a Galaxy role or collection skeleton + directory + env: + - name: ANSIBLE_GALAXY_ROLE_SKELETON_IGNORE + ini: + - key: role_skeleton_ignore + section: galaxy + name: Galaxy role skeleton ignore + type: list +GALAXY_SERVER: + default: https://galaxy.ansible.com + description: URL to prepend when roles don't specify the full URI, assume they are + referencing this server as the source. + env: + - name: ANSIBLE_GALAXY_SERVER + ini: + - key: server + section: galaxy + yaml: + key: galaxy.server +GALAXY_SERVER_LIST: + description: + - A list of Galaxy servers to use when installing a collection. + - The value corresponds to the config ini header ``[galaxy_server.{{item}}]`` which + defines the server details. + - See :ref:`galaxy_server_config` for more details on how to define a Galaxy server. + - The order of servers in this list is used to as the order in which a collection + is resolved. + - Setting this config option will ignore the :ref:`galaxy_server` config option. + env: + - name: ANSIBLE_GALAXY_SERVER_LIST + ini: + - key: server_list + section: galaxy + type: list + version_added: '2.9' +GALAXY_TOKEN_PATH: + default: '{{ ANSIBLE_HOME ~ "/galaxy_token" }}' + description: Local path to galaxy access token file + env: + - name: ANSIBLE_GALAXY_TOKEN_PATH + ini: + - key: token_path + section: galaxy + type: path + version_added: '2.9' +HOST_KEY_CHECKING: + default: true + description: Set this to "False" if you want to avoid host key checking by the underlying + tools Ansible uses to connect to the host + env: + - name: ANSIBLE_HOST_KEY_CHECKING + ini: + - key: host_key_checking + section: defaults + name: Check host keys + type: boolean +HOST_PATTERN_MISMATCH: + choices: + error: issue a 'fatal' error and stop the play + ignore: just continue silently + warning: issue a warning but continue + default: warning + description: This setting changes the behaviour of mismatched host patterns, it + allows you to force a fatal error, a warning or just ignore it + env: + - name: ANSIBLE_HOST_PATTERN_MISMATCH + ini: + - key: host_pattern_mismatch + section: inventory + name: Control host pattern mismatch behaviour + version_added: '2.8' +INJECT_FACTS_AS_VARS: + default: true + description: + - Facts are available inside the `ansible_facts` variable, this setting also pushes + them as their own vars in the main namespace. + - Unlike inside the `ansible_facts` dictionary, these will have an `ansible_` prefix. + env: + - name: ANSIBLE_INJECT_FACT_VARS + ini: + - key: inject_facts_as_vars + section: defaults + type: boolean + version_added: '2.5' +INTERPRETER_PYTHON: + default: auto + description: + - Path to the Python interpreter to be used for module execution on remote targets, + or an automatic discovery mode. Supported discovery modes are ``auto`` (the default), + ``auto_silent``, ``auto_legacy``, and ``auto_legacy_silent``. All discovery modes + employ a lookup table to use the included system Python (on distributions known + to include one), falling back to a fixed ordered list of well-known Python interpreter + locations if a platform-specific default is not available. The fallback behavior + will issue a warning that the interpreter should be set explicitly (since interpreters + installed later may change which one is used). This warning behavior can be disabled + by setting ``auto_silent`` or ``auto_legacy_silent``. The value of ``auto_legacy`` + provides all the same behavior, but for backwards-compatibility with older Ansible + releases that always defaulted to ``/usr/bin/python``, will use that interpreter + if present. + env: + - name: ANSIBLE_PYTHON_INTERPRETER + ini: + - key: interpreter_python + section: defaults + name: Python interpreter path (or automatic discovery behavior) used for module + execution + vars: + - name: ansible_python_interpreter + version_added: '2.8' +INTERPRETER_PYTHON_FALLBACK: + default: + - python3.11 + - python3.10 + - python3.9 + - python3.8 + - python3.7 + - python3.6 + - python3.5 + - /usr/bin/python3 + - /usr/libexec/platform-python + - python2.7 + - /usr/bin/python + - python + name: Ordered list of Python interpreters to check for in discovery + type: list + vars: + - name: ansible_interpreter_python_fallback + version_added: '2.8' +INVALID_TASK_ATTRIBUTE_FAILED: + default: true + description: If 'false', invalid attributes for a task will result in warnings instead + of errors + env: + - name: ANSIBLE_INVALID_TASK_ATTRIBUTE_FAILED + ini: + - key: invalid_task_attribute_failed + section: defaults + name: Controls whether invalid attributes for a task result in errors instead of + warnings + type: boolean + version_added: '2.7' +INVENTORY_ANY_UNPARSED_IS_FAILED: + default: false + description: 'If ''true'', it is a fatal error when any given inventory source cannot + be successfully parsed by any available inventory plugin; otherwise, this situation + only attracts a warning. + + ' + env: + - name: ANSIBLE_INVENTORY_ANY_UNPARSED_IS_FAILED + ini: + - key: any_unparsed_is_failed + section: inventory + name: Controls whether any unparsable inventory source is a fatal error + type: boolean + version_added: '2.7' +INVENTORY_CACHE_ENABLED: + default: false + description: + - Toggle to turn on inventory caching. + - This setting has been moved to the individual inventory plugins as a plugin option + :ref:`inventory_plugins`. + - The existing configuration settings are still accepted with the inventory plugin + adding additional options from inventory configuration. + - This message will be removed in 2.16. + env: + - name: ANSIBLE_INVENTORY_CACHE + ini: + - key: cache + section: inventory + name: Inventory caching enabled + type: bool +INVENTORY_CACHE_PLUGIN: + description: + - The plugin for caching inventory. + - This setting has been moved to the individual inventory plugins as a plugin option + :ref:`inventory_plugins`. + - The existing configuration settings are still accepted with the inventory plugin + adding additional options from inventory and fact cache configuration. + - This message will be removed in 2.16. + env: + - name: ANSIBLE_INVENTORY_CACHE_PLUGIN + ini: + - key: cache_plugin + section: inventory + name: Inventory cache plugin +INVENTORY_CACHE_PLUGIN_CONNECTION: + description: + - The inventory cache connection. + - This setting has been moved to the individual inventory plugins as a plugin option + :ref:`inventory_plugins`. + - The existing configuration settings are still accepted with the inventory plugin + adding additional options from inventory and fact cache configuration. + - This message will be removed in 2.16. + env: + - name: ANSIBLE_INVENTORY_CACHE_CONNECTION + ini: + - key: cache_connection + section: inventory + name: Inventory cache plugin URI to override the defaults section +INVENTORY_CACHE_PLUGIN_PREFIX: + default: ansible_inventory_ + description: + - The table prefix for the cache plugin. + - This setting has been moved to the individual inventory plugins as a plugin option + :ref:`inventory_plugins`. + - The existing configuration settings are still accepted with the inventory plugin + adding additional options from inventory and fact cache configuration. + - This message will be removed in 2.16. + env: + - name: ANSIBLE_INVENTORY_CACHE_PLUGIN_PREFIX + ini: + - key: cache_prefix + section: inventory + name: Inventory cache plugin table prefix +INVENTORY_CACHE_TIMEOUT: + default: 3600 + description: + - Expiration timeout for the inventory cache plugin data. + - This setting has been moved to the individual inventory plugins as a plugin option + :ref:`inventory_plugins`. + - The existing configuration settings are still accepted with the inventory plugin + adding additional options from inventory and fact cache configuration. + - This message will be removed in 2.16. + env: + - name: ANSIBLE_INVENTORY_CACHE_TIMEOUT + ini: + - key: cache_timeout + section: inventory + name: Inventory cache plugin expiration timeout +INVENTORY_ENABLED: + default: + - host_list + - script + - auto + - yaml + - ini + - toml + description: List of enabled inventory plugins, it also determines the order in + which they are used. + env: + - name: ANSIBLE_INVENTORY_ENABLED + ini: + - key: enable_plugins + section: inventory + name: Active Inventory plugins + type: list +INVENTORY_EXPORT: + default: false + description: Controls if ansible-inventory will accurately reflect Ansible's view + into inventory or its optimized for exporting. + env: + - name: ANSIBLE_INVENTORY_EXPORT + ini: + - key: export + section: inventory + name: Set ansible-inventory into export mode + type: bool +INVENTORY_IGNORE_EXTS: + default: '{{(REJECT_EXTS + (''.orig'', ''.ini'', ''.cfg'', ''.retry''))}}' + description: List of extensions to ignore when using a directory as an inventory + source + env: + - name: ANSIBLE_INVENTORY_IGNORE + ini: + - key: inventory_ignore_extensions + section: defaults + - key: ignore_extensions + section: inventory + name: Inventory ignore extensions + type: list +INVENTORY_IGNORE_PATTERNS: + default: [] + description: List of patterns to ignore when using a directory as an inventory source + env: + - name: ANSIBLE_INVENTORY_IGNORE_REGEX + ini: + - key: inventory_ignore_patterns + section: defaults + - key: ignore_patterns + section: inventory + name: Inventory ignore patterns + type: list +INVENTORY_UNPARSED_IS_FAILED: + default: false + description: 'If ''true'' it is a fatal error if every single potential inventory + source fails to parse, otherwise this situation will only attract a warning. + + ' + env: + - name: ANSIBLE_INVENTORY_UNPARSED_FAILED + ini: + - key: unparsed_is_failed + section: inventory + name: Unparsed Inventory failure + type: bool +INVENTORY_UNPARSED_WARNING: + default: true + description: + - By default Ansible will issue a warning when no inventory was loaded and notes + that it will use an implicit localhost-only inventory. + - These warnings can be silenced by adjusting this setting to False. + env: + - name: ANSIBLE_INVENTORY_UNPARSED_WARNING + ini: + - key: inventory_unparsed_warning + section: inventory + name: Warning when no inventory files can be parsed, resulting in an implicit inventory + with only localhost + type: boolean + version_added: '2.14' +JINJA2_NATIVE_WARNING: + default: true + description: Toggle to control showing warnings related to running a Jinja version + older than required for jinja2_native + env: + - deprecated: + collection_name: ansible.builtin + version: '2.17' + why: This option is no longer used in the Ansible Core code base. + name: ANSIBLE_JINJA2_NATIVE_WARNING + ini: + - key: jinja2_native_warning + section: defaults + name: Running older than required Jinja version for jinja2_native warning + type: boolean +LOCALHOST_WARNING: + default: true + description: + - By default Ansible will issue a warning when there are no hosts in the inventory. + - These warnings can be silenced by adjusting this setting to False. + env: + - name: ANSIBLE_LOCALHOST_WARNING + ini: + - key: localhost_warning + section: defaults + name: Warning when using implicit inventory with only localhost + type: boolean + version_added: '2.6' +MAX_FILE_SIZE_FOR_DIFF: + default: 104448 + description: Maximum size of files to be considered for diff display + env: + - name: ANSIBLE_MAX_DIFF_SIZE + ini: + - key: max_diff_size + section: defaults + name: Diff maximum file size + type: int +MODULE_IGNORE_EXTS: + default: '{{(REJECT_EXTS + (''.yaml'', ''.yml'', ''.ini''))}}' + description: + - List of extensions to ignore when looking for modules to load + - This is for rejecting script and binary module fallback extensions + env: + - name: ANSIBLE_MODULE_IGNORE_EXTS + ini: + - key: module_ignore_exts + section: defaults + name: Module ignore extensions + type: list +MODULE_STRICT_UTF8_RESPONSE: + default: true + description: + - Enables whether module responses are evaluated for containing non UTF-8 data + - Disabling this may result in unexpected behavior + - Only ansible-core should evaluate this configuration + env: + - name: ANSIBLE_MODULE_STRICT_UTF8_RESPONSE + ini: + - key: module_strict_utf8_response + section: defaults + name: Module strict UTF-8 response + type: bool +NETCONF_SSH_CONFIG: + default: null + description: This variable is used to enable bastion/jump host with netconf connection. + If set to True the bastion/jump host ssh settings should be present in ~/.ssh/config + file, alternatively it can be set to custom ssh configuration file path to read + the bastion/jump host settings. + env: + - name: ANSIBLE_NETCONF_SSH_CONFIG + ini: + - key: ssh_config + section: netconf_connection + yaml: + key: netconf_connection.ssh_config +NETWORK_GROUP_MODULES: + default: + - eos + - nxos + - ios + - iosxr + - junos + - enos + - ce + - vyos + - sros + - dellos9 + - dellos10 + - dellos6 + - asa + - aruba + - aireos + - bigip + - ironware + - onyx + - netconf + - exos + - voss + - slxos + description: 'TODO: write it' + env: + - name: ANSIBLE_NETWORK_GROUP_MODULES + ini: + - key: network_group_modules + section: defaults + name: Network module families + type: list + yaml: + key: defaults.network_group_modules +OLD_PLUGIN_CACHE_CLEARING: + default: false + description: Previously Ansible would only clear some of the plugin loading caches + when loading new roles, this led to some behaviours in which a plugin loaded in + previous plays would be unexpectedly 'sticky'. This setting allows to return to + that behaviour. + env: + - name: ANSIBLE_OLD_PLUGIN_CACHE_CLEAR + ini: + - key: old_plugin_cache_clear + section: defaults + type: boolean + version_added: '2.8' +PAGER: + default: less + descrioption: + - for the cases in which Ansible needs to return output in pageable fashion, this + chooses the application to use + env: + - name: ANSIBLE_PAGER + version_added: '2.15' + - name: PAGER + ini: + - key: pager + section: defaults + version_added: '2.15' + name: pager application to use +PARAMIKO_HOST_KEY_AUTO_ADD: + default: false + description: 'TODO: write it' + env: + - name: ANSIBLE_PARAMIKO_HOST_KEY_AUTO_ADD + ini: + - key: host_key_auto_add + section: paramiko_connection + type: boolean +PARAMIKO_LOOK_FOR_KEYS: + default: true + description: 'TODO: write it' + env: + - name: ANSIBLE_PARAMIKO_LOOK_FOR_KEYS + ini: + - key: look_for_keys + section: paramiko_connection + name: look for keys + type: boolean +PERSISTENT_COMMAND_TIMEOUT: + default: 30 + description: This controls the amount of time to wait for response from remote device + before timing out persistent connection. + env: + - name: ANSIBLE_PERSISTENT_COMMAND_TIMEOUT + ini: + - key: command_timeout + section: persistent_connection + name: Persistence command timeout + type: int +PERSISTENT_CONNECT_RETRY_TIMEOUT: + default: 15 + description: This controls the retry timeout for persistent connection to connect + to the local domain socket. + env: + - name: ANSIBLE_PERSISTENT_CONNECT_RETRY_TIMEOUT + ini: + - key: connect_retry_timeout + section: persistent_connection + name: Persistence connection retry timeout + type: integer +PERSISTENT_CONNECT_TIMEOUT: + default: 30 + description: This controls how long the persistent connection will remain idle before + it is destroyed. + env: + - name: ANSIBLE_PERSISTENT_CONNECT_TIMEOUT + ini: + - key: connect_timeout + section: persistent_connection + name: Persistence timeout + type: integer +PERSISTENT_CONTROL_PATH_DIR: + default: '{{ ANSIBLE_HOME ~ "/pc" }}' + description: Path to socket to be used by the connection persistence system. + env: + - name: ANSIBLE_PERSISTENT_CONTROL_PATH_DIR + ini: + - key: control_path_dir + section: persistent_connection + name: Persistence socket path + type: path +PLAYBOOK_DIR: + description: + - A number of non-playbook CLIs have a ``--playbook-dir`` argument; this sets the + default value for it. + env: + - name: ANSIBLE_PLAYBOOK_DIR + ini: + - key: playbook_dir + section: defaults + name: playbook dir override for non-playbook CLIs (ala --playbook-dir) + type: path + version_added: '2.9' +PLAYBOOK_VARS_ROOT: + choices: + all: examines from the first parent to the current playbook. + bottom: follows the 2.4.0 behavior of using the current playbook to find the root + directory. + top: follows the traditional behavior of using the top playbook in the chain to + find the root directory. + default: top + description: + - This sets which playbook dirs will be used as a root to process vars plugins, + which includes finding host_vars/group_vars + env: + - name: ANSIBLE_PLAYBOOK_VARS_ROOT + ini: + - key: playbook_vars_root + section: defaults + name: playbook vars files root + version_added: 2.4.1 +PLUGIN_FILTERS_CFG: + default: null + description: + - A path to configuration for filtering which plugins installed on the system are + allowed to be used. + - See :ref:`plugin_filtering_config` for details of the filter file's format. + - ' The default is /etc/ansible/plugin_filters.yml' + ini: + - key: plugin_filters_cfg + section: defaults + name: Config file for limiting valid plugins + type: path + version_added: 2.5.0 +PYTHON_MODULE_RLIMIT_NOFILE: + default: 0 + description: + - Attempts to set RLIMIT_NOFILE soft limit to the specified value when executing + Python modules (can speed up subprocess usage on Python 2.x. See https://bugs.python.org/issue11284). + The value will be limited by the existing hard limit. Default value of 0 does + not attempt to adjust existing system-defined limits. + env: + - name: ANSIBLE_PYTHON_MODULE_RLIMIT_NOFILE + ini: + - key: python_module_rlimit_nofile + section: defaults + name: Adjust maximum file descriptor soft limit during Python module execution + vars: + - name: ansible_python_module_rlimit_nofile + version_added: '2.8' +RETRY_FILES_ENABLED: + default: false + description: This controls whether a failed Ansible playbook should create a .retry + file. + env: + - name: ANSIBLE_RETRY_FILES_ENABLED + ini: + - key: retry_files_enabled + section: defaults + name: Retry files + type: bool +RETRY_FILES_SAVE_PATH: + default: null + description: + - This sets the path in which Ansible will save .retry files when a playbook fails + and retry files are enabled. + - This file will be overwritten after each run with the list of failed hosts from + all plays. + env: + - name: ANSIBLE_RETRY_FILES_SAVE_PATH + ini: + - key: retry_files_save_path + section: defaults + name: Retry files path + type: path +RUN_VARS_PLUGINS: + choices: + demand: will run vars_plugins relative to inventory sources anytime vars are 'demanded' + by tasks. + start: will run vars_plugins relative to inventory sources after importing that + inventory source. + default: demand + description: + - This setting can be used to optimize vars_plugin usage depending on user's inventory + size and play selection. + env: + - name: ANSIBLE_RUN_VARS_PLUGINS + ini: + - key: run_vars_plugins + section: defaults + name: When should vars plugins run relative to inventory + type: str + version_added: '2.10' +SHOW_CUSTOM_STATS: + default: false + description: This adds the custom stats set via the set_stats plugin to the default + output + env: + - name: ANSIBLE_SHOW_CUSTOM_STATS + ini: + - key: show_custom_stats + section: defaults + name: Display custom stats + type: bool +STRING_CONVERSION_ACTION: + default: warn + description: + - Action to take when a module parameter value is converted to a string (this does + not affect variables). For string parameters, values such as '1.00', "['a', 'b',]", + and 'yes', 'y', etc. will be converted by the YAML parser unless fully quoted. + - Valid options are 'error', 'warn', and 'ignore'. + - Since 2.8, this option defaults to 'warn' but will change to 'error' in 2.12. + env: + - name: ANSIBLE_STRING_CONVERSION_ACTION + ini: + - key: string_conversion_action + section: defaults + type: string + version_added: '2.8' +STRING_TYPE_FILTERS: + default: + - string + - to_json + - to_nice_json + - to_yaml + - to_nice_yaml + - ppretty + - json + description: + - This list of filters avoids 'type conversion' when templating variables + - Useful when you want to avoid conversion into lists or dictionaries for JSON strings, + for example. + env: + - name: ANSIBLE_STRING_TYPE_FILTERS + ini: + - key: dont_type_filters + section: jinja2 + name: Filters to preserve strings + type: list +SYSTEM_WARNINGS: + default: true + description: + - Allows disabling of warnings related to potential issues on the system running + ansible itself (not on the managed hosts) + - These may include warnings about 3rd party packages or other conditions that should + be resolved if possible. + env: + - name: ANSIBLE_SYSTEM_WARNINGS + ini: + - key: system_warnings + section: defaults + name: System warnings + type: boolean +TAGS_RUN: + default: [] + description: default list of tags to run in your plays, Skip Tags has precedence. + env: + - name: ANSIBLE_RUN_TAGS + ini: + - key: run + section: tags + name: Run Tags + type: list + version_added: '2.5' +TAGS_SKIP: + default: [] + description: default list of tags to skip in your plays, has precedence over Run + Tags + env: + - name: ANSIBLE_SKIP_TAGS + ini: + - key: skip + section: tags + name: Skip Tags + type: list + version_added: '2.5' +TASK_DEBUGGER_IGNORE_ERRORS: + default: true + description: + - This option defines whether the task debugger will be invoked on a failed task + when ignore_errors=True is specified. + - True specifies that the debugger will honor ignore_errors, False will not honor + ignore_errors. + env: + - name: ANSIBLE_TASK_DEBUGGER_IGNORE_ERRORS + ini: + - key: task_debugger_ignore_errors + section: defaults + name: Whether a failed task with ignore_errors=True will still invoke the debugger + type: boolean + version_added: '2.7' +TASK_TIMEOUT: + default: 0 + description: + - Set the maximum time (in seconds) that a task can run for. + - If set to 0 (the default) there is no timeout. + env: + - name: ANSIBLE_TASK_TIMEOUT + ini: + - key: task_timeout + section: defaults + name: Task Timeout + type: integer + version_added: '2.10' +TRANSFORM_INVALID_GROUP_CHARS: + choices: + always: it will replace any invalid characters with '_' (underscore) and warn + the user + ignore: it does the same as 'never', without issuing a warning + never: it will allow for the group name but warn about the issue + silently: it does the same as 'always', without issuing a warning + default: never + description: + - Make ansible transform invalid characters in group names supplied by inventory + sources. + env: + - name: ANSIBLE_TRANSFORM_INVALID_GROUP_CHARS + ini: + - key: force_valid_group_names + section: defaults + name: Transform invalid characters in group names + type: string + version_added: '2.8' +USE_PERSISTENT_CONNECTIONS: + default: false + description: Toggles the use of persistence for connections. + env: + - name: ANSIBLE_USE_PERSISTENT_CONNECTIONS + ini: + - key: use_persistent_connections + section: defaults + name: Persistence + type: boolean +VALIDATE_ACTION_GROUP_METADATA: + default: true + description: + - A toggle to disable validating a collection's 'metadata' entry for a module_defaults + action group. Metadata containing unexpected fields or value types will produce + a warning when this is True. + env: + - name: ANSIBLE_VALIDATE_ACTION_GROUP_METADATA + ini: + - key: validate_action_group_metadata + section: defaults + type: bool + version_added: '2.12' +VARIABLE_PLUGINS_ENABLED: + default: + - host_group_vars + description: Accept list for variable plugins that require it. + env: + - name: ANSIBLE_VARS_ENABLED + ini: + - key: vars_plugins_enabled + section: defaults + name: Vars plugin enabled list + type: list + version_added: '2.10' +VARIABLE_PRECEDENCE: + default: + - all_inventory + - groups_inventory + - all_plugins_inventory + - all_plugins_play + - groups_plugins_inventory + - groups_plugins_play + description: Allows to change the group variable precedence merge order. + env: + - name: ANSIBLE_PRECEDENCE + ini: + - key: precedence + section: defaults + name: Group variable precedence + type: list + version_added: '2.4' +VAULT_ENCRYPT_SALT: + default: null + description: The salt to use for the vault encryption. If it is not provided, a + random salt will be used. + env: + - name: ANSIBLE_VAULT_ENCRYPT_SALT + ini: + - key: vault_encrypt_salt + section: defaults + name: Vault salt to use for encryption + version_added: '2.15' +VERBOSE_TO_STDERR: + default: false + description: + - Force 'verbose' option to use stderr instead of stdout + env: + - name: ANSIBLE_VERBOSE_TO_STDERR + ini: + - key: verbose_to_stderr + section: defaults + type: bool + version_added: '2.8' +WIN_ASYNC_STARTUP_TIMEOUT: + default: 5 + description: + - For asynchronous tasks in Ansible (covered in Asynchronous Actions and Polling), + this is how long, in seconds, to wait for the task spawned by Ansible to connect + back to the named pipe used on Windows systems. The default is 5 seconds. This + can be too low on slower systems, or systems under heavy load. + - This is not the total time an async command can run for, but is a separate timeout + to wait for an async command to start. The task will only start to be timed against + its async_timeout once it has connected to the pipe, so the overall maximum duration + the task can take will be extended by the amount specified here. + env: + - name: ANSIBLE_WIN_ASYNC_STARTUP_TIMEOUT + ini: + - key: win_async_startup_timeout + section: defaults + name: Windows Async Startup Timeout + type: integer + vars: + - name: ansible_win_async_startup_timeout + version_added: '2.10' +WORKER_SHUTDOWN_POLL_COUNT: + default: 0 + description: + - The maximum number of times to check Task Queue Manager worker processes to verify + they have exited cleanly. + - After this limit is reached any worker processes still running will be terminated. + - This is for internal use only. + env: + - name: ANSIBLE_WORKER_SHUTDOWN_POLL_COUNT + name: Worker Shutdown Poll Count + type: integer + version_added: '2.10' +WORKER_SHUTDOWN_POLL_DELAY: + default: 0.1 + description: + - The number of seconds to sleep between polling loops when checking Task Queue + Manager worker processes to verify they have exited cleanly. + - This is for internal use only. + env: + - name: ANSIBLE_WORKER_SHUTDOWN_POLL_DELAY + name: Worker Shutdown Poll Delay + type: float + version_added: '2.10' +YAML_FILENAME_EXTENSIONS: + default: + - .yml + - .yaml + - .json + description: + - Check all of these extensions when looking for 'variable' files which should be + YAML or JSON or vaulted versions of these. + - This affects vars_files, include_vars, inventory and vars plugins among others. + env: + - name: ANSIBLE_YAML_FILENAME_EXT + ini: + - key: yaml_valid_extensions + section: defaults + name: Valid YAML extensions + type: list |