Jinja2模板概述
Posted gshelldon
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Jinja2模板概述相关的知识,希望对你有一定的参考价值。
例子一
循环语句
[root@m01 ~]# cat upstream.conf
upstream web {
{% for i in range(1,11) %}
server 172.16.1.{{ i }}
{% endfor %}
}
server {
listen 80;
server_name wp.gong.com;
location / {
proxy_pass http://web;
include proxy_params;
}
}
[root@m01 ~]# cat send_conf.yml
- hosts: web01
tasks:
- name: send jianja mode
template:
src: /root/upstream.conf
dest: /root/upstream.conf
# 推送生成的效果
[root@web01 ~]# cat upstream.conf
upstream web {
server 172.16.1.1
server 172.16.1.2
server 172.16.1.3
server 172.16.1.4
server 172.16.1.5
server 172.16.1.6
server 172.16.1.7
server 172.16.1.8
server 172.16.1.9
server 172.16.1.10
}
server {
listen 80;
server_name wp.gong.com;
location / {
proxy_pass http://web;
include proxy_params;
}
}
jinjia2语法
变量
## 调用变量
{{ VAR }} # 会把里面的变量名转换为变量值
## 模版文件
在一个文件中有{{ vars }}去调用变量的,使用template复制,会把变量转换为值。
模版文件中可以调用自己设置的变量。str_www: www
{{ str_www }}
调用facts变量
{{ ansible_fqdn }} # 获取主机名
{{ ansible_memtotal_mb }} # 获取主机物理内存大小
## 逻辑判断语法
- 注释
{# 中间的是注释 #}
在推送的时候,注释不会推送到目标主机
- 循环
{% for var in data %}
{{ var }} # 表示调用变量名,data可以是一个可迭代对象
{% endfor %}
- 判断的语法
{% if ansible_fqdn == "db01" %}
mem=16G
{% elif ansible_fqdn == "db02" %}
mem=8G
{% else %}
mem=4G
{% endif %}
案例一
推送motd
[root@m01 ~]# cat motd.j2
本机内存:{{ ansible_memtotal_mb }}
剩余内存:{{ ansible_memfree_mb }}
ip add : {{ ansible_eth0.ipv4.address }}
[root@m01 ~]# cat send_motd.yml
- hosts: web01
tasks:
- name: send jianja mode
template:
src: /root/motd.j2
dest: /root/motd
[root@web01 ~]# cat motd
本机内存:456
剩余内存:9
ip add : 10.0.0.7
fqdn和hostname的区别: 比如主机名是www.baidu.com;使用ansible_hostname得到的变量值是www;ansible_fqdn 取到的值是www.baidu.com
案例二
通过判断来配置不同的域名的nignx配置文件
[root@m01 ~]# cat upstream.j2
upstream web {
{% for i in range(1,10) %}
server 172.16.1.{{ i }}
{% endfor %}
}
server {
listen 80;
{% if ansible_fqdn == "web01" %}
server_name {{ domain_1 }}
{% elif ansible_fqdn == "web02" %}
server_name {{ domain_2 }}
{% elif ansible_fqdn == "web03" %}
server_name {{ domain_3 }}
{% endif %}
location / {
proxy_pass http://web;
include proxy_params;
}
}
[root@m01 ~]# cat send_up_j2.yml
- hosts: web_group
vars:
- domain_1: www.baidu.com
- domain_2: www.google.com
- domain_3: gong.cc.con
tasks:
- name: send up_j2 mode
template:
src: /root/upstream.j2
dest: /root/upstream_j2.conf
[root@web01 ~]# cat upstream_j2.conf
upstream web {
server 172.16.1.1
server 172.16.1.2
server 172.16.1.3
server 172.16.1.4
server 172.16.1.5
server 172.16.1.6
server 172.16.1.7
server 172.16.1.8
server 172.16.1.9
}
server {
listen 80;
server_name www.baidu.com
location / {
proxy_pass http://web;
include proxy_params;
}
}
[root@web02 ~]# cat upstream_j2.conf
upstream web {
server 172.16.1.1
server 172.16.1.2
server 172.16.1.3
server 172.16.1.4
server 172.16.1.5
server 172.16.1.6
server 172.16.1.7
server 172.16.1.8
server 172.16.1.9
}
server {
listen 80;
server_name www.google.com
location / {
proxy_pass http://web;
include proxy_params;
}
}
案例三
管理keepalived的配置文件
判断语法
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id lb01
}
vrrp_script check_web {
script "/root/check_web.sh"
interval 5
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
track_script {
check_web
}
}
[root@lb02 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id lb01
}
vrrp_script check_web {
script "/root/check_web.sh"
interval 5
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
track_script {
check_web
}
}
{# 把keepalived配置文件改成模板文件 #}
global_defs {
router_id {{ ansible_fqdn }}
}
vrrp_instance VI_1 {
{% if ansible_fqdn == ‘lb01‘ %}
state MASTER
priority 150
{% elif ansible_fqdn == ‘lb02‘ %}
state BACKUP
priority 100
{% endif %}
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
案例四
根据实际物理内存的大小来分配给mysql所占内存的百分比
[root@m01 ~]# vi mysql_mem.j2
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
innodb_buffer_pool_size = {{ (ansible_memtotal_mb * 0.8) | int }}
symbolic-links=0
[mysqld_safe]
log-error=/var/log/mariadb/mariadb.log
pid-file=/var/run/mariadb/mariadb.pid
!includedir /etc/my.cnf.d
以上是关于Jinja2模板概述的主要内容,如果未能解决你的问题,请参考以下文章
Flask服务端模板(Jinja2)注入漏洞(SSTI)复现