When it comes to making configuration changes, the lineinfile Ansible module is often your first port of call and can handle a lot of the small-scale changes that might be required. Consider the example of deploying a MariaDB server that we started earlier in this chapter. Although we successfully installed the packages, they will have been installed with their default configuration, and this is unlikely to suit all but the most basic of use cases.

For example, the default bind address for the MariaDB server is 127.0.0.1, meaning that it is not possible to make use of our MariaDB installation from an external application. We have well established the need to make changes in a reliable, repeatable manner, so let's take a look at how we might change this using Ansible.

In order to change this configuration, the first thing we need to do is establish where the default configuration is located and what it looks like. From here, we will define an Ansible task, to rewrite the configuration.

Taking our Ubuntu server by way of example, the service bind-address is configured in the /etc/mysql/mariadb.conf.d/50-server.cnf file—the default directive looks like this:

bind-address       = 127.0.0.1

Thus, in order to change this, we might employ a simple role, like this:

---
- name: Reconfigure MariaDB Server to listen for external connections
  lineinfile:
    path: /etc/mysql/mariadb.conf.d/50-server.cnf
    regexp: '^bind-addresss+='
    line: 'bind-address = 0.0.0.0'
    insertafter: '^[mysqld]'
    state: present

- name: Restart MariaDB to pick up configuration changes
  service:
    name: mariadb
    state: restarted

Let's break the lineinfile task down and look at it in more detail:

• path: Tells the module which configuration file to modify.
• regexp: Used to locate an existing line to modify if there is one so that we don't end up with two conflicting bind-address directives.
• line: The line to replace/insert into the configuration file.

• insertafter: If the regexp is not matched (that is, the line is not present in the file), this directive ensures that the lineinfile module inserts a new line after the [mysqld] statement, thus ensuring it is in the correct part of the file.
• state: Setting this to present state ensures that the line is present in the file, even if the original regexp is not matched—in this instance, a line is added to the file in accordance with the value of line.

Following on from this modification, we know that the MariaDB server will not pick up any configuration changes unless we restart it, so we do exactly that at the end of the role. Now, if we run this, we can see that it has the desired effect, as shown in the following screenshot:

For simple configuration adjustments such as this, on a small number of systems, this achieves exactly the result that we desire. There are, however, drawbacks to this approach that need to be addressed, especially when it comes to not just the point in time where the change is made, but also to the long-term integrity of the system. Even with the best automation strategies in the world, someone making manual changes can remove the consistency and standardization that is core to good automation practice, and hence there is a real need to ensure that future playbook runs will still yield the desired end result. We will explore this issue in the next section.