ansible
Configuration management and automation with Ansible. Use when the user needs to write playbooks, manage inventory, create roles, use Ansible Vault for secrets, or orchestrate multi-server deployments across environments.
Best use case
ansible is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Configuration management and automation with Ansible. Use when the user needs to write playbooks, manage inventory, create roles, use Ansible Vault for secrets, or orchestrate multi-server deployments across environments.
Teams using ansible should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/ansible/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How ansible Compares
| Feature / Agent | ansible | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Configuration management and automation with Ansible. Use when the user needs to write playbooks, manage inventory, create roles, use Ansible Vault for secrets, or orchestrate multi-server deployments across environments.
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
SKILL.md Source
# Ansible
Ansible is an agentless automation tool for configuration management, application deployment, and orchestration. It uses SSH to connect to managed nodes and executes tasks defined in YAML playbooks.
## Installation
```bash
# Install Ansible via pip
pip install ansible
# Verify installation
ansible --version
```
## Inventory Management
```ini
# inventory/production.ini — Production inventory with groups
[webservers]
web1.example.com ansible_host=10.0.1.10
web2.example.com ansible_host=10.0.1.11
[databases]
db1.example.com ansible_host=10.0.2.10
[all:vars]
ansible_user=deploy
ansible_ssh_private_key_file=~/.ssh/deploy_key
ansible_python_interpreter=/usr/bin/python3
```
```yaml
# inventory/dynamic_aws.yml — Dynamic AWS EC2 inventory plugin
plugin: amazon.aws.aws_ec2
regions:
- us-east-1
- us-west-2
keyed_groups:
- key: tags.Environment
prefix: env
- key: instance_type
prefix: type
filters:
tag:Managed: ansible
compose:
ansible_host: private_ip_address
```
## Playbooks
```yaml
# playbooks/webserver.yml — Configure Nginx web servers
---
- name: Configure web servers
hosts: webservers
become: true
vars:
nginx_port: 80
app_root: /var/www/app
pre_tasks:
- name: Update apt cache
apt:
update_cache: true
cache_valid_time: 3600
tasks:
- name: Install Nginx
apt:
name: nginx
state: present
- name: Deploy Nginx configuration
template:
src: templates/nginx.conf.j2
dest: /etc/nginx/sites-available/default
owner: root
group: root
mode: "0644"
notify: Restart Nginx
- name: Ensure app directory exists
file:
path: "{{ app_root }}"
state: directory
owner: www-data
group: www-data
mode: "0755"
- name: Deploy application files
synchronize:
src: files/app/
dest: "{{ app_root }}/"
notify: Restart Nginx
- name: Ensure Nginx is running
service:
name: nginx
state: started
enabled: true
handlers:
- name: Restart Nginx
service:
name: nginx
state: restarted
```
```yaml
# playbooks/deploy-app.yml — Rolling deployment with serial execution
---
- name: Deploy application
hosts: webservers
become: true
serial: 2
max_fail_percentage: 25
pre_tasks:
- name: Remove from load balancer
uri:
url: "http://lb.example.com/api/deregister/{{ inventory_hostname }}"
method: POST
roles:
- role: app-deploy
vars:
app_version: "{{ deploy_version | default('latest') }}"
post_tasks:
- name: Health check
uri:
url: "http://{{ inventory_hostname }}:{{ app_port }}/health"
status_code: 200
retries: 5
delay: 10
- name: Re-register with load balancer
uri:
url: "http://lb.example.com/api/register/{{ inventory_hostname }}"
method: POST
```
## Roles
```yaml
# roles/common/tasks/main.yml — Common server baseline role
---
- name: Set timezone
timezone:
name: "{{ server_timezone | default('UTC') }}"
- name: Install common packages
apt:
name:
- curl
- wget
- vim
- htop
- unzip
- jq
- fail2ban
state: present
- name: Configure SSH hardening
template:
src: sshd_config.j2
dest: /etc/ssh/sshd_config
validate: sshd -t -f %s
notify: Restart SSH
- name: Configure firewall rules
ufw:
rule: allow
port: "{{ item }}"
proto: tcp
loop: "{{ allowed_ports | default(['22']) }}"
- name: Enable UFW
ufw:
state: enabled
policy: deny
```
```yaml
# roles/common/defaults/main.yml — Default variables for common role
---
server_timezone: UTC
allowed_ports:
- "22"
- "80"
- "443"
ntp_servers:
- 0.pool.ntp.org
- 1.pool.ntp.org
```
## Ansible Vault
```bash
# Create encrypted variables file
ansible-vault create group_vars/production/vault.yml
# Encrypt existing file
ansible-vault encrypt secrets.yml
# Edit encrypted file
ansible-vault edit group_vars/production/vault.yml
# Run playbook with vault password
ansible-playbook site.yml --ask-vault-pass
# Use password file (for CI/CD)
ansible-playbook site.yml --vault-password-file ~/.vault_pass
```
```yaml
# group_vars/production/vault.yml — Encrypted production secrets
---
vault_db_password: supersecretpassword
vault_api_key: abc123def456
vault_ssl_cert: |
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
```
```yaml
# group_vars/production/vars.yml — Reference vault variables with prefix
---
db_password: "{{ vault_db_password }}"
api_key: "{{ vault_api_key }}"
```
## Configuration
```ini
# ansible.cfg — Project-level Ansible configuration
[defaults]
inventory = inventory/
roles_path = roles/
retry_files_enabled = false
host_key_checking = false
stdout_callback = yaml
forks = 20
timeout = 30
[privilege_escalation]
become = true
become_method = sudo
become_ask_pass = false
[ssh_connection]
pipelining = true
ssh_args = -o ControlMaster=auto -o ControlPersist=60s
```
## Common Commands
```bash
# Run playbook against specific inventory
ansible-playbook -i inventory/production.ini playbooks/webserver.yml
# Limit to specific hosts
ansible-playbook playbooks/deploy.yml --limit web1.example.com
# Dry run (check mode)
ansible-playbook playbooks/deploy.yml --check --diff
# Run ad-hoc commands
ansible webservers -m shell -a "uptime"
ansible all -m ping
# List hosts in a group
ansible-inventory --list --yaml
# Run with extra variables
ansible-playbook deploy.yml -e "deploy_version=2.1.0 env=production"
# Tags for selective execution
ansible-playbook site.yml --tags "configuration,packages"
ansible-playbook site.yml --skip-tags "slow_tasks"
```
## Jinja2 Templates
```nginx
# templates/nginx.conf.j2 — Nginx virtual host template
server {
listen {{ nginx_port }};
server_name {{ ansible_fqdn }};
root {{ app_root }};
{% if ssl_enabled | default(false) %}
listen 443 ssl;
ssl_certificate {{ ssl_cert_path }};
ssl_certificate_key {{ ssl_key_path }};
{% endif %}
location / {
proxy_pass http://127.0.0.1:{{ app_port }};
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
access_log /var/log/nginx/{{ inventory_hostname }}_access.log;
error_log /var/log/nginx/{{ inventory_hostname }}_error.log;
}
```
## Conditionals and Loops
```yaml
# playbooks/conditional-tasks.yml — Tasks with conditionals and loops
---
- name: Conditional and loop examples
hosts: all
become: true
tasks:
- name: Install packages based on OS family
apt:
name: "{{ item }}"
state: present
loop: "{{ debian_packages }}"
when: ansible_os_family == "Debian"
- name: Create users from list
user:
name: "{{ item.name }}"
groups: "{{ item.groups | join(',') }}"
shell: "{{ item.shell | default('/bin/bash') }}"
state: present
loop: "{{ users }}"
no_log: true
- name: Wait for service readiness
uri:
url: "http://localhost:{{ app_port }}/health"
register: health
until: health.status == 200
retries: 10
delay: 5
```Related Skills
zustand
You are an expert in Zustand, the small, fast, and scalable state management library for React. You help developers manage global state without boilerplate using Zustand's hook-based stores, selectors for performance, middleware (persist, devtools, immer), computed values, and async actions — replacing Redux complexity with a simple, un-opinionated API in under 1KB.
zoho
Integrate and automate Zoho products. Use when a user asks to work with Zoho CRM, Zoho Books, Zoho Desk, Zoho Projects, Zoho Mail, or Zoho Creator, build custom integrations via Zoho APIs, automate workflows with Deluge scripting, sync data between Zoho apps and external systems, manage leads and deals, automate invoicing, build custom Zoho Creator apps, set up webhooks, or manage Zoho organization settings. Covers Zoho CRM, Books, Desk, Projects, Creator, and cross-product integrations.
zod
You are an expert in Zod, the TypeScript-first schema declaration and validation library. You help developers define schemas that validate data at runtime AND infer TypeScript types at compile time — eliminating the need to write types and validators separately. Used for API input validation, form validation, environment variables, config files, and any data boundary.
zipkin
Deploy and configure Zipkin for distributed tracing and request flow visualization. Use when a user needs to set up trace collection, instrument Java/Spring or other services with Zipkin, analyze service dependencies, or configure storage backends for trace data.
zig
Expert guidance for Zig, the systems programming language focused on performance, safety, and readability. Helps developers write high-performance code with compile-time evaluation, seamless C interop, no hidden control flow, and no garbage collector. Zig is used for game engines, operating systems, networking, and as a C/C++ replacement.
zed
Expert guidance for Zed, the high-performance code editor built in Rust with native collaboration, AI integration, and GPU-accelerated rendering. Helps developers configure Zed, create custom extensions, set up collaborative editing sessions, and integrate AI assistants for productive coding.
zeabur
Expert guidance for Zeabur, the cloud deployment platform that auto-detects frameworks, builds and deploys applications with zero configuration, and provides managed services like databases and message queues. Helps developers deploy full-stack applications with automatic scaling and one-click marketplace services.
zapier
Automate workflows between apps with Zapier. Use when a user asks to connect apps without code, automate repetitive tasks, sync data between services, or build no-code integrations between SaaS tools.
zabbix
Configure Zabbix for enterprise infrastructure monitoring with templates, triggers, discovery rules, and dashboards. Use when a user needs to set up Zabbix server, configure host monitoring, create custom templates, define trigger expressions, or automate host discovery and registration.
yup
Validate data with Yup schemas. Use when adding form validation, defining API request schemas, validating configuration, or building type-safe validation pipelines in JavaScript/TypeScript.
yt-dlp
Download video and audio from YouTube and other platforms with yt-dlp. Use when a user asks to download YouTube videos, extract audio from videos, download playlists, get subtitles, download specific formats or qualities, batch download, archive channels, extract metadata, embed thumbnails, download from social media platforms (Twitter, Instagram, TikTok), or build media ingestion pipelines. Covers format selection, audio extraction, playlists, subtitles, metadata, and automation.
youtube-transcription
Transcribe YouTube videos to text using OpenAI Whisper and yt-dlp. Use when the user wants to get a transcript from a YouTube video, generate subtitles, convert video speech to text, create SRT/VTT captions, or extract spoken content from YouTube URLs.