def main():
# define the available arguments/parameters that a user can pass to
# the module
fixed_ip_arg_spec = dict(mac=dict(type='str'),
ip=dict(type='str'),
name=dict(type='str'),
)
reserved_ip_arg_spec = dict(start=dict(type='str'),
end=dict(type='str'),
comment=dict(type='str'),
)
argument_spec = meraki_argument_spec()
argument_spec.update(state=dict(type='str', choices=['absent', 'present', 'query'], default='query'),
net_name=dict(type='str', aliases=['network']),
net_id=dict(type='str'),
vlan_id=dict(type='int'),
name=dict(type='str', aliases=['vlan_name']),
subnet=dict(type='str'),
appliance_ip=dict(type='str'),
fixed_ip_assignments=dict(type='list', default=None, elements='dict', options=fixed_ip_arg_spec),
reserved_ip_range=dict(type='list', default=None, elements='dict', options=reserved_ip_arg_spec),
vpn_nat_subnet=dict(type='str'),
dns_nameservers=dict(type='str'),
)
# seed the result dict in the object
# we primarily care about changed and state
# change is if this module effectively modified the target
# state will include any data that you want your module to pass back
# for consumption, for example, in a subsequent task
result = dict(
changed=False,
)
# the AnsibleModule object will be our abstraction working with Ansible
# this includes instantiation, a couple of common attr would be the
# args/params passed to the execution, as well as if the module
# supports check mode
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True,
)
meraki = MerakiModule(module, function='vlan')
meraki.params['follow_redirects'] = 'all'
query_urls = {'vlan': '/networks/{net_id}/vlans'}
query_url = {'vlan': '/networks/{net_id}/vlans/{vlan_id}'}
create_url = {'vlan': '/networks/{net_id}/vlans'}
update_url = {'vlan': '/networks/{net_id}/vlans/'}
delete_url = {'vlan': '/networks/{net_id}/vlans/'}
meraki.url_catalog['get_all'].update(query_urls)
meraki.url_catalog['get_one'].update(query_url)
meraki.url_catalog['create'] = create_url
meraki.url_catalog['update'] = update_url
meraki.url_catalog['delete'] = delete_url
payload = None
org_id = meraki.params['org_id']
if org_id is None:
org_id = meraki.get_org_id(meraki.params['org_name'])
net_id = meraki.params['net_id']
if net_id is None:
nets = meraki.get_nets(org_id=org_id)
net_id = meraki.get_net_id(net_name=meraki.params['net_name'], data=nets)
if meraki.params['state'] == 'query':
if not meraki.params['vlan_id']:
meraki.result['data'] = get_vlans(meraki, net_id)
else:
path = meraki.construct_path('get_one', net_id=net_id, custom={'vlan_id': meraki.params['vlan_id']})
response = meraki.request(path, method='GET')
meraki.result['data'] = response
elif meraki.params['state'] == 'present':
payload = {'id': meraki.params['vlan_id'],
'name': meraki.params['name'],
'subnet': meraki.params['subnet'],
'applianceIp': meraki.params['appliance_ip'],
}
if is_vlan_valid(meraki, net_id, meraki.params['vlan_id']) is False: # Create new VLAN
if meraki.module.check_mode is True:
meraki.result['data'] = payload
meraki.result['changed'] = True
meraki.exit_json(**meraki.result)
path = meraki.construct_path('create', net_id=net_id)
response = meraki.request(path, method='POST', payload=json.dumps(payload))
meraki.result['changed'] = True
meraki.result['data'] = response
else: # Update existing VLAN
path = meraki.construct_path('get_one', net_id=net_id, custom={'vlan_id': meraki.params['vlan_id']})
original = meraki.request(path, method='GET')
if meraki.params['dns_nameservers']:
if meraki.params['dns_nameservers'] not in ('opendns', 'google_dns', 'upstream_dns'):
payload['dnsNameservers'] = format_dns(meraki.params['dns_nameservers'])
else:
payload['dnsNameservers'] = meraki.params['dns_nameservers']
if meraki.params['fixed_ip_assignments']:
payload['fixedIpAssignments'] = fixed_ip_factory(meraki, meraki.params['fixed_ip_assignments'])
if meraki.params['reserved_ip_range']:
payload['reservedIpRanges'] = meraki.params['reserved_ip_range']
if meraki.params['vpn_nat_subnet']:
payload['vpnNatSubnet'] = meraki.params['vpn_nat_subnet']
ignored = ['networkId']
if meraki.is_update_required(original, payload, optional_ignore=ignored):
meraki.result['diff'] = dict()
diff = recursive_diff(original, payload)
meraki.result['diff']['before'] = diff[0]
meraki.result['diff']['after'] = diff[1]
if meraki.module.check_mode is True:
original.update(payload)
meraki.result['changed'] = True
meraki.result['data'] = original
meraki.exit_json(**meraki.result)
path = meraki.construct_path('update', net_id=net_id) + str(meraki.params['vlan_id'])
response = meraki.request(path, method='PUT', payload=json.dumps(payload))
meraki.result['changed'] = True
meraki.result['data'] = response
else:
if meraki.module.check_mode is True:
meraki.result['data'] = original
meraki.exit_json(**meraki.result)
meraki.result['data'] = original
elif meraki.params['state'] == 'absent':
if is_vlan_valid(meraki, net_id, meraki.params['vlan_id']):
if meraki.module.check_mode is True:
meraki.result['data'] = {}
meraki.result['changed'] = True
meraki.exit_json(**meraki.result)
path = meraki.construct_path('delete', net_id=net_id) + str(meraki.params['vlan_id'])
response = meraki.request(path, 'DELETE')
meraki.result['changed'] = True
meraki.result['data'] = response
# in the event of a successful module execution, you will want to
# simple AnsibleModule.exit_json(), passing the key/value results
meraki.exit_json(**meraki.result)
def init_module(self):
"""Init module object"""
self.module = AnsibleModule(
argument_spec=self.spec, supports_check_mode=True)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"switch_controller_global": {
"required": False, "type": "dict", "default": None,
"options": {
"allow_multiple_interfaces": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"default_virtual_switch_vlan": {"required": False, "type": "str"},
"disable_discovery": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"https_image_push": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"log_mac_limit_violations": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"mac_aging_interval": {"required": False, "type": "int"},
"mac_retention_period": {"required": False, "type": "int"},
"mac_violation_timer": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"vpn_certificate_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"certname_dsa1024": {
"required": False,
"type": "str"
},
"certname_dsa2048": {
"required": False,
"type": "str"
},
"certname_ecdsa256": {
"required": False,
"type": "str"
},
"certname_ecdsa384": {
"required": False,
"type": "str"
},
"certname_rsa1024": {
"required": False,
"type": "str"
},
"certname_rsa2048": {
"required": False,
"type": "str"
},
"check_ca_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"check_ca_chain": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cmp_save_extra_certs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cn_match": {
"required": False,
"type": "str",
"choices": ["substring", "value"]
},
"ocsp_default_server": {
"required": False,
"type": "str"
},
"ocsp_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"ssl_ocsp_option": {
"required": False,
"type": "str",
"choices": ["certificate", "server"]
},
"ssl_ocsp_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"strict_crl_check": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"strict_ocsp_check": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"subject_match": {
"required": False,
"type": "str",
"choices": ["substring", "value"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_certificate(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_certificate(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"vpn_certificate_ocsp_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"cert": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"secondary_cert": {
"required": False,
"type": "str"
},
"secondary_url": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"unavail_action": {
"required": False,
"type": "str",
"choices": ["revoke", "ignore"]
},
"url": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_certificate(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_certificate(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
argument_specs = dict(
state=dict(default='present', choices=['absent', 'present']),
avi_api_update_method=dict(default='put', choices=['put', 'patch']),
avi_api_patch_op=dict(choices=['add', 'replace', 'delete']),
async_interval=dict(type='int', ),
clear_on_max_retries=dict(type='int', ),
client_ip_addr_group=dict(type='dict', ),
description=dict(type='str', ),
dns_configs=dict(type='list', ),
is_federated=dict(type='bool', ),
leader_cluster_uuid=dict(type='str', required=True),
maintenance_mode=dict(type='bool', ),
name=dict(type='str', required=True),
send_interval=dict(type='int', ),
send_interval_prior_to_maintenance_mode=dict(type='int', ),
sites=dict(type='list', ),
tenant_ref=dict(type='str', ),
third_party_sites=dict(type='list', ),
url=dict(type='str', ),
uuid=dict(type='str', ),
view_id=dict(type='int', ),
)
argument_specs.update(avi_common_argument_spec())
module = AnsibleModule(argument_spec=argument_specs,
supports_check_mode=True)
if not HAS_AVI:
return module.fail_json(msg=(
'Avi python API SDK (avisdk>=17.1) or requests is not installed. '
'For more details visit https://github.com/avinetworks/sdk.'))
api_method = module.params['avi_api_update_method']
if str(api_method).lower() == 'patch':
patch_op = module.params['avi_api_patch_op']
# Create controller session
api_creds = AviCredentials()
api_creds.update_from_ansible_module(module)
api = ApiSession.get_session(api_creds.controller,
api_creds.username,
password=api_creds.password,
timeout=api_creds.timeout,
tenant=api_creds.tenant,
tenant_uuid=api_creds.tenant_uuid,
token=api_creds.token,
port=api_creds.port)
# Get existing gslb objects
rsp = api.get('gslb', api_version=api_creds.api_version)
existing_gslb = rsp.json()
gslb = existing_gslb['results']
sites = module.params['gslb_sites_config']
for gslb_obj in gslb:
# Update/Delete domain names in dns_configs fields in gslb object.
if 'dns_configs' in module.params:
if gslb_obj['leader_cluster_uuid'] == module.params[
'leader_cluster_uuid']:
if str(patch_op).lower() == 'delete':
gslb_obj['dns_configs'] = []
elif str(patch_op).lower() == 'add':
if module.params['dns_configs'] not in gslb_obj[
'dns_configs']:
gslb_obj['dns_configs'].extend(
module.params['dns_configs'])
else:
gslb_obj['dns_configs'] = module.params['dns_configs']
# Update/Delete sites configuration
if sites:
for site_obj in gslb_obj['sites']:
dns_vses = site_obj.get('dns_vses', [])
for obj in sites:
config_for = obj.get('ip_addr', None)
if not config_for:
return module.fail_json(msg=(
"ip_addr of site in a configuration is mandatory. "
"Please provide ip_addr i.e. gslb site's ip."))
if config_for == site_obj['ip_addresses'][0]['addr']:
if str(patch_op).lower() == 'delete':
site_obj['dns_vses'] = []
else:
# Modify existing gslb sites object
for key, val in obj.items():
if key == 'dns_vses' and str(
patch_op).lower() == 'add':
found = False
# Check dns_vses field already exists on the controller
for v in dns_vses:
if val[0]['dns_vs_uuid'] != v[
'dns_vs_uuid']:
found = True
break
if not found:
dns_vses.extend(val)
else:
site_obj[key] = val
if str(patch_op).lower() == 'add':
site_obj['dns_vses'] = dns_vses
uni_dns_configs = [
dict(tupleized) for tupleized in set(
tuple(item.items()) for item in gslb_obj['dns_configs'])
]
gslb_obj['dns_configs'] = uni_dns_configs
module.params.update(gslb_obj)
module.params.update({
'avi_api_update_method': 'put',
'state': 'present'
})
return avi_ansible_api(module, 'gslb', set([]))
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_password_policy": {
"required": False,
"type": "dict",
"default": None,
"options": {
"apply_to": {
"required": False,
"type": "str",
"choices": ["admin-password", "ipsec-preshared-key"]
},
"change_4_characters": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"expire_day": {
"required": False,
"type": "int"
},
"expire_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"min_lower_case_letter": {
"required": False,
"type": "int"
},
"min_non_alphanumeric": {
"required": False,
"type": "int"
},
"min_number": {
"required": False,
"type": "int"
},
"min_upper_case_letter": {
"required": False,
"type": "int"
},
"minimum_length": {
"required": False,
"type": "int"
},
"reuse_password": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
module = AnsibleModule(
argument_spec=dict(
path=dict(type='path'),
content=dict(type='str'),
passphrase=dict(type='str', no_log=True),
return_private_key_data=dict(type='bool', default=False),
select_crypto_backend=dict(
type='str',
default='auto',
choices=['auto', 'cryptography', 'pyopenssl']),
),
required_one_of=(['path', 'content'], ),
mutually_exclusive=(['path', 'content'], ),
supports_check_mode=True,
)
try:
if module.params['path'] is not None:
base_dir = os.path.dirname(module.params['path']) or '.'
if not os.path.isdir(base_dir):
module.fail_json(
name=base_dir,
msg=
'The directory %s does not exist or the file is not a directory'
% base_dir)
backend = module.params['select_crypto_backend']
if backend == 'auto':
# Detect what backend we can use
can_use_cryptography = CRYPTOGRAPHY_FOUND and CRYPTOGRAPHY_VERSION >= LooseVersion(
MINIMAL_CRYPTOGRAPHY_VERSION)
can_use_pyopenssl = PYOPENSSL_FOUND and PYOPENSSL_VERSION >= LooseVersion(
MINIMAL_PYOPENSSL_VERSION)
# If cryptography is available we'll use it
if can_use_cryptography:
backend = 'cryptography'
elif can_use_pyopenssl:
backend = 'pyopenssl'
# Fail if no backend has been found
if backend == 'auto':
module.fail_json(
msg=("Can't detect any of the required Python libraries "
"cryptography (>= {0}) or PyOpenSSL (>= {1})"
).format(MINIMAL_CRYPTOGRAPHY_VERSION,
MINIMAL_PYOPENSSL_VERSION))
if backend == 'pyopenssl':
if not PYOPENSSL_FOUND:
module.fail_json(msg=missing_required_lib(
'pyOpenSSL >= {0}'.format(MINIMAL_PYOPENSSL_VERSION)),
exception=PYOPENSSL_IMP_ERR)
module.deprecate(
'The module is using the PyOpenSSL backend. This backend has been deprecated',
version='2.13')
privatekey = PrivateKeyInfoPyOpenSSL(module)
elif backend == 'cryptography':
if not CRYPTOGRAPHY_FOUND:
module.fail_json(msg=missing_required_lib(
'cryptography >= {0}'.format(
MINIMAL_CRYPTOGRAPHY_VERSION)),
exception=CRYPTOGRAPHY_IMP_ERR)
privatekey = PrivateKeyInfoCryptography(module)
result = privatekey.get_info()
module.exit_json(**result)
except crypto_utils.OpenSSLObjectError as exc:
module.fail_json(msg=to_native(exc))
def main():
module = AnsibleModule(
argument_spec=dict(
auth_token=dict(
type='str',
default=os.environ.get('ONEANDONE_AUTH_TOKEN'),
no_log=True),
api_url=dict(
type='str',
default=os.environ.get('ONEANDONE_API_URL')),
hostname=dict(type='str'),
description=dict(type='str'),
appliance=dict(type='str'),
fixed_instance_size=dict(type='str'),
vcore=dict(type='int'),
cores_per_processor=dict(type='int'),
ram=dict(type='float'),
hdds=dict(type='list'),
count=dict(type='int', default=1),
ssh_key=dict(type='raw'),
auto_increment=dict(type='bool', default=True),
server=dict(type='str'),
datacenter=dict(
choices=DATACENTERS,
default='US'),
private_network=dict(type='str'),
firewall_policy=dict(type='str'),
load_balancer=dict(type='str'),
monitoring_policy=dict(type='str'),
server_type=dict(type='str', default='cloud', choices=['cloud', 'baremetal', 'k8s_node']),
wait=dict(type='bool', default=True),
wait_timeout=dict(type='int', default=600),
wait_interval=dict(type='int', default=5),
state=dict(type='str', default='present', choices=['present', 'absent', 'running', 'stopped']),
),
supports_check_mode=True,
mutually_exclusive=(['fixed_instance_size', 'vcore'], ['fixed_instance_size', 'cores_per_processor'],
['fixed_instance_size', 'ram'], ['fixed_instance_size', 'hdds'],),
required_together=(['vcore', 'cores_per_processor', 'ram', 'hdds'],)
)
if not HAS_ONEANDONE_SDK:
module.fail_json(msg='1and1 required for this module')
if not module.params.get('auth_token'):
module.fail_json(
msg='The "auth_token" parameter or ' +
'ONEANDONE_AUTH_TOKEN environment variable is required.')
if not module.params.get('api_url'):
oneandone_conn = oneandone.client.OneAndOneService(
api_token=module.params.get('auth_token'))
else:
oneandone_conn = oneandone.client.OneAndOneService(
api_token=module.params.get('auth_token'), api_url=module.params.get('api_url'))
state = module.params.get('state')
if state == 'absent':
if not module.params.get('server'):
module.fail_json(
msg="'server' parameter is required for deleting a server.")
try:
(changed, servers) = remove_server(module, oneandone_conn)
except Exception as ex:
module.fail_json(msg=str(ex))
elif state in ('running', 'stopped'):
if not module.params.get('server'):
module.fail_json(
msg="'server' parameter is required for starting/stopping a server.")
try:
(changed, servers) = startstop_server(module, oneandone_conn)
except Exception as ex:
module.fail_json(msg=str(ex))
elif state == 'present':
for param in ('hostname',
'appliance',
'datacenter'):
if not module.params.get(param):
module.fail_json(
msg="%s parameter is required for new server." % param)
try:
(changed, servers) = create_server(module, oneandone_conn)
except Exception as ex:
module.fail_json(msg=str(ex))
module.exit_json(changed=changed, servers=servers)
def main():
argument_spec = dict(
ip_address=dict(required=True),
password=dict(required=True, no_log=True),
username=dict(default='admin'),
api_key=dict(no_log=True),
devicegroup=dict(default=None),
description=dict(default=None),
ip_to_register=dict(type='str', required=False),
tag_names=dict(type='list', required=True),
commit=dict(type='bool', default=True),
operation=dict(type='str', required=True)
)
module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False)
if not HAS_LIB:
module.fail_json(msg='pan-python is required for this module')
ip_address = module.params["ip_address"]
password = module.params["password"]
username = module.params['username']
api_key = module.params['api_key']
commit = module.params['commit']
devicegroup = module.params['devicegroup']
operation = module.params['operation']
# Create the device with the appropriate pandevice type
device = base.PanDevice.create_from_device(ip_address, username, password, api_key=api_key)
# If Panorama, validate the devicegroup
dev_group = None
if devicegroup and isinstance(device, panorama.Panorama):
dev_group = get_devicegroup(device, devicegroup)
if dev_group:
device.add(dev_group)
else:
module.fail_json(msg='\'%s\' device group not found in Panorama. Is the name correct?' % devicegroup)
result = None
if operation == 'add':
result, exc = register_ip_to_tag_map(device,
ip_addresses=module.params.get('ip_to_register', None),
tag=module.params.get('tag_names', None)
)
elif operation == 'list':
result, exc = get_all_address_group_mapping(device)
elif operation == 'delete':
result, exc = delete_address_from_mapping(device,
ip_address=module.params.get('ip_to_register', None),
tags=module.params.get('tag_names', [])
)
else:
module.fail_json(msg="Unsupported option")
if not result:
module.fail_json(msg=exc.message)
if commit:
try:
device.commit(sync=True)
except PanXapiError as exc:
module.fail_json(msg=to_native(exc))
module.exit_json(changed=True, msg=result)
def main():
""" Module main """
spec = dict(
gather_subset=dict(default=['!config'], type='list')
)
spec.update(ce_argument_spec)
module = AnsibleModule(argument_spec=spec, supports_check_mode=True)
warnings = list()
check_args(module, warnings)
gather_subset = module.params['gather_subset']
runable_subsets = set()
exclude_subsets = set()
for subset in gather_subset:
if subset == 'all':
runable_subsets.update(VALID_SUBSETS)
continue
if subset.startswith('!'):
subset = subset[1:]
if subset == 'all':
exclude_subsets.update(VALID_SUBSETS)
continue
exclude = True
else:
exclude = False
if subset not in VALID_SUBSETS:
module.fail_json(msg='Bad subset')
if exclude:
exclude_subsets.add(subset)
else:
runable_subsets.add(subset)
if not runable_subsets:
runable_subsets.update(VALID_SUBSETS)
runable_subsets.difference_update(exclude_subsets)
runable_subsets.add('default')
facts = dict()
facts['gather_subset'] = list(runable_subsets)
instances = list()
for key in runable_subsets:
instances.append(FACT_SUBSETS[key](module))
for inst in instances:
inst.populate()
facts.update(inst.facts)
ansible_facts = dict()
for key, value in iteritems(facts):
# this is to maintain capability with nxos_facts 2.1
if key.startswith('_'):
ansible_facts[key[1:]] = value
else:
ansible_facts[key] = value
module.exit_json(ansible_facts=ansible_facts, warnings=warnings)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_syslogd4_filter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"netscan_discovery": {
"required": False,
"type": "str"
},
"netscan_vulnerability": {
"required": False,
"type": "str"
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_syslogd4(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_syslogd4(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
module = AnsibleModule(argument_spec=dict(
name=dict(aliases=['pkg'], required=True),
state=dict(choices=['present', 'absent', 'latest'], required=True),
depot=dict(default=None, required=False)),
supports_check_mode=True)
name = module.params['name']
state = module.params['state']
depot = module.params['depot']
changed = False
msg = "No changed"
rc = 0
if (state == 'present' or state == 'latest') and depot is None:
output = "depot parameter is mandatory in present or latest task"
module.fail_json(name=name, msg=output, rc=rc)
# Check local version
rc, version_installed = query_package(module, name)
if not rc:
installed = True
msg = "Already installed"
else:
installed = False
if (state == 'present' or state == 'latest') and installed is False:
if module.check_mode:
module.exit_json(changed=True)
rc, output = install_package(module, depot, name)
if not rc:
changed = True
msg = "Package installed"
else:
module.fail_json(name=name, msg=output, rc=rc)
elif state == 'latest' and installed is True:
# Check depot version
rc, version_depot = query_package(module, name, depot)
if not rc:
if compare_package(version_installed, version_depot) == -1:
if module.check_mode:
module.exit_json(changed=True)
# Install new version
rc, output = install_package(module, depot, name)
if not rc:
msg = "Package upgraded, Before " + version_installed + " Now " + version_depot
changed = True
else:
module.fail_json(name=name, msg=output, rc=rc)
else:
output = "Software package not in repository " + depot
module.fail_json(name=name, msg=output, rc=rc)
elif state == 'absent' and installed is True:
if module.check_mode:
module.exit_json(changed=True)
rc, output = remove_package(module, name)
if not rc:
changed = True
msg = "Package removed"
else:
module.fail_json(name=name, msg=output, rc=rc)
if module.check_mode:
module.exit_json(changed=False)
module.exit_json(changed=changed, name=name, state=state, msg=msg)
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
description=dict(type='str', aliases=['descr']),
node_id=dict(type='int'), # Not required for querying all objects
pod_id=dict(type='int'),
role=dict(type='str',
choices=['leaf', 'spine', 'unspecified'],
aliases=['role_name']),
serial=dict(type='str',
aliases=['serial_number'
]), # Not required for querying all objects
switch=dict(type='str', aliases=['name', 'switch_name']),
state=dict(type='str',
default='present',
choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['node_id', 'serial']],
['state', 'present', ['node_id', 'serial']],
],
)
pod_id = module.params.get('pod_id')
serial = module.params.get('serial')
node_id = module.params.get('node_id')
switch = module.params.get('switch')
description = module.params.get('description')
role = module.params.get('role')
state = module.params.get('state')
aci = ACIModule(module)
aci.construct_url(root_class=dict(
aci_class='fabricNodeIdentP',
aci_rn='controller/nodeidentpol/nodep-{0}'.format(serial),
module_object=serial,
target_filter={'serial': serial},
))
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='fabricNodeIdentP',
class_config=dict(
descr=description,
name=switch,
nodeId=node_id,
podId=pod_id,
# NOTE: Originally we were sending 'rn', but now we need 'dn' for idempotency
# FIXME: Did this change with ACI version ?
dn='uni/controller/nodeidentpol/nodep-{0}'.format(serial),
# rn='nodep-{0}'.format(serial),
role=role,
serial=serial,
))
aci.get_diff(aci_class='fabricNodeIdentP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json(**aci.result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"web_proxy_forward_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"addr_type": {
"required": False,
"type": "str",
"choices": ["ip", "fqdn"]
},
"comment": {
"required": False,
"type": "str"
},
"fqdn": {
"required": False,
"type": "str"
},
"healthcheck": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ip": {
"required": False,
"type": "str"
},
"monitor": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"server_down_option": {
"required": False,
"type": "str",
"choices": ["block", "pass"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_web_proxy(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_web_proxy(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
argument_spec = ucs_argument_spec
argument_spec.update(
org_dn=dict(type='str', default='org-root'),
name=dict(type='str'),
descr=dict(type='str'),
wwnn_pool=dict(type='str', default='default'),
vhba_list=dict(type='list'),
state=dict(type='str',
default='present',
choices=['present', 'absent']),
san_connectivity_list=dict(type='list'),
)
# Note that use of san_connectivity_list is an experimental feature which allows multiple resource updates with a single UCSM connection.
# Support for san_connectivity_list may change or be removed once persistent UCS connections are supported.
# Either san_connectivity_list or name is required (user can specify either a list or single resource).
module = AnsibleModule(
argument_spec,
supports_check_mode=True,
required_one_of=[
['san_connectivity_list', 'name'],
],
mutually_exclusive=[
['san_connectivity_list', 'name'],
],
)
ucs = UCSModule(module)
err = False
from ucsmsdk.mometa.vnic.VnicSanConnPolicy import VnicSanConnPolicy
from ucsmsdk.mometa.vnic.VnicFcNode import VnicFcNode
from ucsmsdk.mometa.vnic.VnicFc import VnicFc
from ucsmsdk.mometa.vnic.VnicFcIf import VnicFcIf
changed = False
try:
# Only documented use is a single resource, but to also support experimental
# feature allowing multiple updates all params are converted to a san_connectivity_list below.
if module.params['san_connectivity_list']:
# directly use the list (single resource and list are mutually exclusive
san_connectivity_list = module.params['san_connectivity_list']
else:
# single resource specified, create list from the current params
san_connectivity_list = [module.params]
for san_connectivity in san_connectivity_list:
mo_exists = False
props_match = False
# set default params. Done here to set values for lists which can't be done in the argument_spec
if not san_connectivity.get('descr'):
san_connectivity['descr'] = ''
if not san_connectivity.get('wwnn_pool'):
san_connectivity['wwnn_pool'] = 'default'
if san_connectivity.get('vhba_list'):
for vhba in san_connectivity['vhba_list']:
if not vhba.get('adapter_policy'):
vhba['adapter_policy'] = ''
if not vhba.get('order'):
vhba['order'] = 'unspecified'
# dn is <org_dn>/san-conn-pol-<name>
dn = module.params['org_dn'] + '/san-conn-pol-' + san_connectivity[
'name']
mo = ucs.login_handle.query_dn(dn)
if mo:
mo_exists = True
# check top-level mo props
kwargs = dict(descr=san_connectivity['descr'])
if (mo.check_prop_match(**kwargs)):
# top-level props match, check next level mo/props
# vnicFcNode object
child_dn = dn + '/fc-node'
mo_1 = ucs.login_handle.query_dn(child_dn)
if mo_1:
kwargs = dict(
ident_pool_name=san_connectivity['wwnn_pool'])
if (mo_1.check_prop_match(**kwargs)):
if not san_connectivity.get('vhba_list'):
props_match = True
else:
# check vnicFc props
for vhba in san_connectivity['vhba_list']:
child_dn = dn + '/fc-' + vhba['name']
mo_2 = ucs.login_handle.query_dn(child_dn)
kwargs = {}
kwargs['adaptor_profile_name'] = vhba[
'adapter_policy']
kwargs['order'] = vhba['order']
kwargs['nw_templ_name'] = vhba[
'vhba_template']
if (mo_2.check_prop_match(**kwargs)):
props_match = True
if module.params['state'] == 'absent':
# mo must exist but all properties do not have to match
if mo_exists:
if not module.check_mode:
ucs.login_handle.remove_mo(mo)
ucs.login_handle.commit()
changed = True
else:
if not props_match:
if not module.check_mode:
# create if mo does not already exist
mo = VnicSanConnPolicy(
parent_mo_or_dn=module.params['org_dn'],
name=san_connectivity['name'],
descr=san_connectivity['descr'],
)
mo_1 = VnicFcNode(
parent_mo_or_dn=mo,
ident_pool_name=san_connectivity['wwnn_pool'],
addr='pool-derived',
)
if san_connectivity.get('vhba_list'):
for vhba in san_connectivity['vhba_list']:
mo_2 = VnicFc(
parent_mo_or_dn=mo,
name=vhba['name'],
adaptor_profile_name=vhba[
'adapter_policy'],
nw_templ_name=vhba['vhba_template'],
order=vhba['order'],
)
mo_2_1 = VnicFcIf(
parent_mo_or_dn=mo_2,
name='default',
)
ucs.login_handle.add_mo(mo, True)
ucs.login_handle.commit()
changed = True
except Exception as e:
err = True
ucs.result['msg'] = "setup error: %s " % str(e)
ucs.result['changed'] = changed
if err:
module.fail_json(**ucs.result)
module.exit_json(**ucs.result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"user_peer": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ca": {
"required": False,
"type": "str"
},
"cn": {
"required": False,
"type": "str"
},
"cn_type": {
"required": False,
"type": "str",
"choices": ["string", "email", "FQDN", "ipv4", "ipv6"]
},
"ldap_mode": {
"required": False,
"type": "str",
"choices": ["password", "principal-name"]
},
"ldap_password": {
"required": False,
"type": "str"
},
"ldap_server": {
"required": False,
"type": "str"
},
"ldap_username": {
"required": False,
"type": "str"
},
"mandatory_ca_verify": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"ocsp_override_server": {
"required": False,
"type": "str"
},
"passwd": {
"required": False,
"type": "str"
},
"subject": {
"required": False,
"type": "str"
},
"two_factor": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_replacemsg_nac_quar": {
"required": False,
"type": "dict",
"default": None,
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_replacemsg(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_replacemsg(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
""" main entry point for module execution
"""
argument_spec = dict(hostname=dict(),
domain_name=dict(),
domain_search=dict(type='list'),
name_servers=dict(type='list'),
state=dict(choices=['present', 'absent'],
default='present'),
active=dict(default=True, type='bool'))
argument_spec.update(junos_argument_spec)
params = ['hostname', 'domain_name', 'domain_search', 'name_servers']
required_if = [('state', 'present', params, True),
('state', 'absent', params, True),
('state', 'active', params, True),
('state', 'suspend', params, True)]
module = AnsibleModule(argument_spec=argument_spec,
required_if=required_if,
supports_check_mode=True)
warnings = list()
result = {'changed': False}
if warnings:
result['warnings'] = warnings
top = 'system'
param_to_xpath_map = collections.OrderedDict()
param_to_xpath_map.update([('hostname', {
'xpath': 'host-name',
'leaf_only': True
}), ('domain_name', {
'xpath': 'domain-name',
'leaf_only': True
}),
('domain_search', {
'xpath': 'domain-search',
'leaf_only': True,
'value_req': True
}),
('name_servers', {
'xpath': 'name-server/name',
'is_key': True
})])
validate_param_values(module, param_to_xpath_map)
want = map_params_to_obj(module, param_to_xpath_map)
ele = map_obj_to_ele(module, want, top)
with locked_config(module):
diff = load_config(module, tostring(ele), warnings, action='merge')
commit = not module.check_mode
if diff:
if commit:
commit_configuration(module)
else:
discard_changes(module)
result['changed'] = True
if module._diff:
result['diff'] = {'prepared': diff}
module.exit_json(**result)
def main():
argument_spec = ovirt_full_argument_spec(
state=dict(type='str', default='present',
choices=['absent', 'present']),
name=dict(type='str'),
id=dict(type='str'),
memory=dict(type='str'),
memory_guaranteed=dict(type='str'),
memory_max=dict(type='str'),
cpu_sockets=dict(type='int'),
cpu_cores=dict(type='int'),
cpu_threads=dict(type='int'),
operating_system=dict(type='str'),
boot_devices=dict(type='list', choices=['cdrom', 'hd', 'network']),
serial_console=dict(type='bool'),
usb_support=dict(type='bool'),
high_availability=dict(type='bool'),
high_availability_priority=dict(type='int'),
watchdog=dict(type='dict'),
host=dict(type='str'),
graphical_console=dict(type='dict'),
description=dict(type='str'),
cpu_mode=dict(type='str'),
rng_device=dict(type='str'),
rng_bytes=dict(type='int', default=None),
rng_period=dict(type='int', default=None),
placement_policy=dict(type='str'),
cpu_pinning=dict(type='list'),
soundcard_enabled=dict(type='bool', default=None),
virtio_scsi=dict(type='bool', default=None),
smartcard_enabled=dict(type='bool', default=None),
io_threads=dict(type='int', default=None),
nics=dict(type='list', default=[]),
ballooning_enabled=dict(type='bool', default=None),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_one_of=[['id', 'name']],
)
check_sdk(module)
check_params(module)
try:
state = module.params['state']
auth = module.params.pop('auth')
connection = create_connection(auth)
its_service = connection.system_service().instance_types_service()
its_module = InstanceTypeModule(
connection=connection,
module=module,
service=its_service,
)
it = its_module.search_entity()
if state == 'present':
ret = its_module.create(
entity=it
)
its_module.post_present(ret['id'])
ret['changed'] = its_module.changed
elif state == 'absent':
ret = its_module.remove()
module.exit_json(**ret)
except Exception as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
finally:
connection.close(logout=auth.get('token') is None)
def main():
argument_spec = openstack_full_argument_spec(
server=dict(required=True),
volume=dict(required=True),
device=dict(default=None), # None == auto choose device name
state=dict(default='present', choices=['absent', 'present']),
)
module_kwargs = openstack_module_kwargs()
module = AnsibleModule(argument_spec,
supports_check_mode=True,
**module_kwargs)
state = module.params['state']
wait = module.params['wait']
timeout = module.params['timeout']
sdk, cloud = openstack_cloud_from_module(module)
try:
server = cloud.get_server(module.params['server'])
volume = cloud.get_volume(module.params['volume'])
if not volume:
module.fail_json(msg='volume %s is not found' %
module.params['volume'])
dev = cloud.get_volume_attach_device(volume, server.id)
if module.check_mode:
module.exit_json(changed=_system_state_change(state, dev))
if state == 'present':
changed = False
if not dev:
changed = True
cloud.attach_volume(server,
volume,
module.params['device'],
wait=wait,
timeout=timeout)
server = cloud.get_server(module.params['server']) # refresh
volume = cloud.get_volume(module.params['volume']) # refresh
hostvars = cloud.get_openstack_vars(server)
module.exit_json(changed=changed,
id=volume['id'],
attachments=volume['attachments'],
openstack=hostvars)
elif state == 'absent':
if not dev:
# Volume is not attached to this server
module.exit_json(changed=False)
cloud.detach_volume(server, volume, wait=wait, timeout=timeout)
module.exit_json(changed=True,
result='Detached volume from server')
except (sdk.exceptions.OpenStackCloudException,
sdk.exceptions.ResourceTimeout) as e:
module.fail_json(msg=str(e))
def main():
module = AnsibleModule(
argument_spec=dict(
repo=dict(required=True),
user=dict(required=True),
password=dict(no_log=True),
token=dict(no_log=True),
action=dict(required=True,
choices=['latest_release', 'create_release']),
tag=dict(type='str'),
target=dict(type='str'),
name=dict(type='str'),
body=dict(type='str'),
draft=dict(type='bool', default=False),
prerelease=dict(type='bool', default=False),
),
supports_check_mode=True,
mutually_exclusive=(('password', 'token'), ),
required_if=[('action', 'create_release', ['tag']),
('action', 'create_release', ['password',
'token'], True)],
)
if not HAS_GITHUB_API:
module.fail_json(msg=missing_required_lib('github3.py >= 1.0.0a3'),
exception=GITHUB_IMP_ERR)
repo = module.params['repo']
user = module.params['user']
password = module.params['password']
login_token = module.params['token']
action = module.params['action']
tag = module.params.get('tag')
target = module.params.get('target')
name = module.params.get('name')
body = module.params.get('body')
draft = module.params.get('draft')
prerelease = module.params.get('prerelease')
# login to github
try:
if password:
gh_obj = github3.login(user, password=password)
elif login_token:
gh_obj = github3.login(token=login_token)
else:
gh_obj = github3.GitHub()
# test if we're actually logged in
if password or login_token:
gh_obj.me()
except github3.exceptions.AuthenticationFailed as e:
module.fail_json(msg='Failed to connect to GitHub: %s' % to_native(e),
details="Please check username and password or token "
"for repository %s" % repo)
repository = gh_obj.repository(user, repo)
if not repository:
module.fail_json(msg="Repository %s/%s doesn't exist" % (user, repo))
if action == 'latest_release':
release = repository.latest_release()
if release:
module.exit_json(tag=release.tag_name)
else:
module.exit_json(tag=None)
if action == 'create_release':
release_exists = repository.release_from_tag(tag)
if release_exists:
module.exit_json(changed=False,
msg="Release for tag %s already exists." % tag)
release = repository.create_release(tag, target, name, body, draft,
prerelease)
if release:
module.exit_json(changed=True, tag=release.tag_name)
else:
module.exit_json(changed=False, tag=None)
def main():
module = AnsibleModule(
argument_spec=dict(
attributes=dict(type='dict'),
device=dict(type='str'),
force=dict(type='bool', default=False),
recursive=dict(type='bool', default=False),
state=dict(type='str',
default='available',
choices=['available', 'defined', 'removed']),
),
supports_check_mode=True,
)
force_opt = {
True: '-f',
False: '',
}
attributes = module.params['attributes']
device = module.params['device']
force = force_opt[module.params['force']]
recursive = module.params['recursive']
state = module.params['state']
result = dict(
changed=False,
msg='',
)
if state == 'available' or state == 'present':
if attributes:
# change attributes on device
device_status, device_state = _check_device(module, device)
if device_status:
result['changed'], result['msg'] = change_device_attr(
module, attributes, device, force)
else:
result['msg'] = "Device %s does not exist." % device
else:
# discovery devices (cfgmgr)
if device and device != 'all':
device_status, device_state = _check_device(module, device)
if device_status:
# run cfgmgr on specific device
result['changed'], result['msg'] = discover_device(
module, device)
else:
result['msg'] = "Device %s does not exist." % device
else:
result['changed'], result['msg'] = discover_device(
module, device)
elif state == 'removed' or state == 'absent' or state == 'defined':
if not device:
result['msg'] = "device is required to removed or defined state."
else:
# Remove device
check_device, device_state = _check_device(module, device)
if check_device:
if state == 'defined' and device_state == 'Defined':
result['changed'] = False
result['msg'] = 'Device %s already in Defined' % device
else:
result['changed'], result['msg'] = remove_device(
module, device, force, recursive, state)
else:
result['msg'] = "Device %s does not exist." % device
else:
result['msg'] = "Unexpected state %s." % state
module.fail_json(**result)
module.exit_json(**result)
def run_module():
# define the available arguments/parameters that a user can pass to
# the module
module_args = dict(
cpm_action=dict(choices=['getplugconfig', 'setplugconfig'], required=True),
cpm_url=dict(type='str', required=True),
cpm_username=dict(type='str', required=True),
cpm_password=dict(type='str', required=True, no_log=True),
plug_id=dict(type='str', required=True),
plug_name=dict(type='str', required=False),
plug_bootdelay=dict(type='int', required=False, default=None, choices=[0, 1, 2, 3, 4, 5, 6, 7, 8, 9]),
plug_default=dict(type='int', required=False, default=None, choices=[0, 1]),
plug_bootpriority=dict(type='int', required=False, default=None),
use_https=dict(type='bool', default=True),
validate_certs=dict(type='bool', default=True),
use_proxy=dict(type='bool', default=False)
)
result = dict(
changed=False,
data='',
debug=''
)
module = AnsibleModule(argument_spec=module_args, supports_check_mode=True)
if module.check_mode:
return result
auth = to_text(base64.b64encode(to_bytes('{0}:{1}'.format(to_native(module.params['cpm_username']), to_native(module.params['cpm_password'])),
errors='surrogate_or_strict')))
if module.params['use_https'] is True:
protocol = "https://"
else:
protocol = "http://"
Payload = None
if (module.params['cpm_action'] == 'getplugconfig'):
fullurl = ("%s%s/api/v2/config/powerplugconfig" % (protocol, to_native(module.params['cpm_url'])))
if (module.params['plug_id'].lower() != 'all'):
fullurl = '%s?plug=%s' % (fullurl, to_native(module.params['plug_id']))
method = 'GET'
elif (module.params['cpm_action'] == 'setplugconfig'):
Payload = assemble_json(module, result)
result['debug'] = Payload
fullurl = ("%s%s/api/v2/config/powerplugconfig" % (protocol, to_native(module.params['cpm_url'])))
method = 'POST'
try:
response = open_url(fullurl, data=Payload, method=method, validate_certs=module.params['validate_certs'], use_proxy=module.params['use_proxy'],
headers={'Content-Type': 'application/json', 'Authorization': "Basic %s" % auth})
if (method != 'GET'):
result['changed'] = True
except HTTPError as e:
fail_json = dict(msg='Received HTTP error for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
module.fail_json(**fail_json)
except URLError as e:
fail_json = dict(msg='Failed lookup url for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
module.fail_json(**fail_json)
except SSLValidationError as e:
fail_json = dict(msg='Error validating the server''s certificate for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
module.fail_json(**fail_json)
except ConnectionError as e:
fail_json = dict(msg='Error connecting to for {0} : {1}'.format(fullurl, to_native(e)), changed=False)
module.fail_json(**fail_json)
result['data'] = json.loads(response.read())
module.exit_json(**result)
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
contract=dict(type='str', aliases=['contract_name', 'name']), # Not required for querying all objects
tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects
description=dict(type='str', aliases=['descr']),
scope=dict(type='str', choices=['application-profile', 'context', 'global', 'tenant']),
priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), # No default provided on purpose
dscp=dict(type='str',
choices=['AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43',
'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified'],
aliases=['target']), # No default provided on purpose
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['contract', 'tenant']],
['state', 'present', ['contract', 'tenant']],
],
)
contract = module.params.get('contract')
description = module.params.get('description')
scope = module.params.get('scope')
priority = module.params.get('priority')
dscp = module.params.get('dscp')
state = module.params.get('state')
tenant = module.params.get('tenant')
aci = ACIModule(module)
aci.construct_url(
root_class=dict(
aci_class='fvTenant',
aci_rn='tn-{0}'.format(tenant),
module_object=tenant,
target_filter={'name': tenant},
),
subclass_1=dict(
aci_class='vzBrCP',
aci_rn='brc-{0}'.format(contract),
module_object=contract,
target_filter={'name': contract},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='vzBrCP',
class_config=dict(
name=contract,
descr=description,
scope=scope,
prio=priority,
targetDscp=dscp,
),
)
aci.get_diff(aci_class='vzBrCP')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
argument_spec = aci_argument_spec()
argument_spec.update(
aaa_password=dict(type='str', no_log=True),
aaa_password_lifetime=dict(type='int'),
aaa_password_update_required=dict(type='bool'),
aaa_user=dict(type='str', aliases=['name']), # Not required for querying all objects
clear_password_history=dict(type='bool'),
description=dict(type='str', aliases=['descr']),
email=dict(type='str'),
enabled=dict(type='bool'),
expiration=dict(type='str'),
expires=dict(type='bool'),
first_name=dict(type='str'),
last_name=dict(type='str'),
phone=dict(type='str'),
state=dict(type='str', default='present', choices=['absent', 'present', 'query']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
required_if=[
['state', 'absent', ['aaa_user']],
['state', 'present', ['aaa_user']],
['expires', True, ['expiration']],
],
)
aci = ACIModule(module)
if not HAS_DATEUTIL:
module.fail_json(msg='dateutil required for this module')
aaa_password = module.params.get('aaa_password')
aaa_password_lifetime = module.params.get('aaa_password_lifetime')
aaa_password_update_required = aci.boolean(module.params.get('aaa_password_update_required'))
aaa_user = module.params.get('aaa_user')
clear_password_history = aci.boolean(module.params.get('clear_password_history'), 'yes', 'no')
description = module.params.get('description')
email = module.params.get('email')
enabled = aci.boolean(module.params.get('enabled'), 'active', 'inactive')
expires = aci.boolean(module.params.get('expires'))
first_name = module.params.get('first_name')
last_name = module.params.get('last_name')
phone = module.params.get('phone')
state = module.params.get('state')
expiration = module.params.get('expiration')
if expiration is not None and expiration != 'never':
try:
expiration = aci.iso8601_format(dateutil.parser.parse(expiration).replace(tzinfo=tzutc()))
except Exception as e:
module.fail_json(msg="Failed to parse date format '%s', %s" % (module.params.get('expiration'), e))
aci.construct_url(
root_class=dict(
aci_class='aaaUser',
aci_rn='userext/user-{0}'.format(aaa_user),
module_object=aaa_user,
target_filter={'name': aaa_user},
),
)
aci.get_existing()
if state == 'present':
aci.payload(
aci_class='aaaUser',
class_config=dict(
accountStatus=enabled,
clearPwdHistory=clear_password_history,
descr=description,
email=email,
expiration=expiration,
expires=expires,
firstName=first_name,
lastName=last_name,
name=aaa_user,
phone=phone,
pwd=aaa_password,
pwdLifeTime=aaa_password_lifetime,
pwdUpdateRequired=aaa_password_update_required,
),
)
aci.get_diff(aci_class='aaaUser')
aci.post_config()
elif state == 'absent':
aci.delete_config()
aci.exit_json()
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"router_static": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"bfd": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"blackhole": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comment": {
"required": False,
"type": "str"
},
"device": {
"required": False,
"type": "str"
},
"distance": {
"required": False,
"type": "int"
},
"dst": {
"required": False,
"type": "str"
},
"dstaddr": {
"required": False,
"type": "str"
},
"dynamic_gateway": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gateway": {
"required": False,
"type": "str"
},
"internet_service": {
"required": False,
"type": "int"
},
"internet_service_custom": {
"required": False,
"type": "str"
},
"link_monitor_exempt": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"priority": {
"required": False,
"type": "int"
},
"seq_num": {
"required": False,
"type": "int"
},
"src": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"virtual_wan_link": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"vrf": {
"required": False,
"type": "int"
},
"weight": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
module = AnsibleModule(argument_spec=dict(
addrobj=dict(required=True, default=None, aliases=['nic',
'interface']),
property=dict(required=True, aliases=['name']),
value=dict(required=False),
temporary=dict(default=False, type='bool'),
state=dict(default='present', choices=['absent', 'present', 'reset']),
),
supports_check_mode=True)
addrprop = AddrProp(module)
rc = None
out = ''
err = ''
result = {}
result['property'] = addrprop.property
result['addrobj'] = addrprop.addrobj
result['state'] = addrprop.state
result['temporary'] = addrprop.temporary
if addrprop.value:
result['value'] = addrprop.value
if addrprop.state == 'absent' or addrprop.state == 'reset':
if addrprop.property_exists():
if not addrprop.property_is_modified():
if module.check_mode:
module.exit_json(changed=True)
(rc, out, err) = addrprop.reset_property()
if rc != 0:
module.fail_json(property=addrprop.property,
addrobj=addrprop.addrobj,
msg=err,
rc=rc)
elif addrprop.state == 'present':
if addrprop.value is None:
module.fail_json(msg='Value is mandatory with state "present"')
if addrprop.property_exists():
if not addrprop.property_is_set():
if module.check_mode:
module.exit_json(changed=True)
(rc, out, err) = addrprop.set_property()
if rc != 0:
module.fail_json(property=addrprop.property,
addrobj=addrprop.addrobj,
msg=err,
rc=rc)
if rc is None:
result['changed'] = False
else:
result['changed'] = True
if out:
result['stdout'] = out
if err:
result['stderr'] = err
module.exit_json(**result)
def __init__(self):
"""
Parse arguments, setup state variables,
check parameters and ensure SDK is installed
"""
self._size_unit_map = netapp_utils.SF_BYTE_MAP
self.argument_spec = netapp_utils.ontap_sf_host_argument_spec()
self.argument_spec.update(dict(
state=dict(required=True, choices=['present', 'absent']),
name=dict(required=True, type='str'),
account_id=dict(required=True),
enable512e=dict(type='bool', aliases=['512emulation']),
qos=dict(required=False, type='dict', default=None),
attributes=dict(required=False, type='dict', default=None),
size=dict(type='int'),
size_unit=dict(default='gb',
choices=['bytes', 'b', 'kb', 'mb', 'gb', 'tb',
'pb', 'eb', 'zb', 'yb'], type='str'),
access=dict(required=False, type='str', default=None, choices=['readOnly', 'readWrite',
'locked', 'replicationTarget']),
))
self.module = AnsibleModule(
argument_spec=self.argument_spec,
required_if=[
('state', 'present', ['size', 'enable512e'])
],
supports_check_mode=True
)
param = self.module.params
# set up state variables
self.state = param['state']
self.name = param['name']
self.account_id = param['account_id']
self.enable512e = param['enable512e']
self.qos = param['qos']
self.attributes = param['attributes']
self.access = param['access']
self.size_unit = param['size_unit']
if param['size'] is not None:
self.size = param['size'] * self._size_unit_map[self.size_unit]
else:
self.size = None
if HAS_SF_SDK is False:
self.module.fail_json(msg="Unable to import the ElementSW Python SDK")
else:
try:
self.sfe = netapp_utils.create_sf_connection(module=self.module)
except solidfire.common.ApiServerError:
self.module.fail_json(msg="Unable to create the connection")
self.elementsw_helper = NaElementSWModule(self.sfe)
# add telemetry attributes
if self.attributes is not None:
self.attributes.update(self.elementsw_helper.set_element_attributes(source='na_elementsw_volume'))
else:
self.attributes = self.elementsw_helper.set_element_attributes(source='na_elementsw_volume')
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_DoS_policy6": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"anomaly": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["pass", "block"]},
"log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"name": {"required": True, "type": "str"},
"quarantine": {"required": False, "type": "str",
"choices": ["none", "attacker"]},
"quarantine_expiry": {"required": False, "type": "str"},
"quarantine_log": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"status": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"threshold": {"required": False, "type": "int"},
"threshold(default)": {"required": False, "type": "int"}
}},
"comments": {"required": False, "type": "str"},
"dstaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"interface": {"required": False, "type": "str"},
"policyid": {"required": True, "type": "int"},
"service": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"srcaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
