def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
subca_name=dict(type='str', required=True, aliases=['name']),
subca_subject=dict(type='str', required=True),
subca_desc=dict(type='str'),
state=dict(type='str',
default='present',
choices=['present', 'absent', 'enabled', 'disabled']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
client = SubCAIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, record = ensure(module, client)
module.exit_json(changed=changed, record=record)
except Exception as exc:
module.fail_json(msg=to_native(exc))
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
description=dict(type='str'),
fqdn=dict(type='str', required=True, aliases=['name']),
force=dict(type='bool'),
ip_address=dict(type='str'),
ns_host_location=dict(type='str', aliases=['nshostlocation']),
ns_hardware_platform=dict(type='str', aliases=['nshardwareplatform']),
ns_os_version=dict(type='str', aliases=['nsosversion']),
user_certificate=dict(type='list', aliases=['usercertificate']),
mac_address=dict(type='list', aliases=['macaddress']),
update_dns=dict(type='bool'),
state=dict(type='str',
default='present',
choices=['present', 'absent', 'enabled', 'disabled']),
random_password=dict(type='bool'),
)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
client = HostIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, host = ensure(module, client)
module.exit_json(changed=changed, host=host)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
record_types = [
'A', 'AAAA', 'A6', 'CNAME', 'DNAME', 'PTR', 'TXT', 'SRV', 'MX'
]
argument_spec = ipa_argument_spec()
argument_spec.update(
zone_name=dict(type='str', required=True),
record_name=dict(type='str', aliases=['name'], required=True),
record_type=dict(type='str', default='A', choices=record_types),
record_value=dict(type='str', required=True),
state=dict(type='str',
default='present',
choices=['present', 'absent']),
record_ttl=dict(type='int'),
)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
client = DNSRecordIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, record = ensure(module, client)
module.exit_json(changed=changed, record=record)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
zone_name=dict(type='str', required=True),
state=dict(type='str',
default='present',
choices=['present', 'absent']),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
client = DNSZoneIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, zone = ensure(module, client)
module.exit_json(changed=changed, zone=zone)
except Exception as e:
module.fail_json(msg=to_native(e))
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
cn=dict(type='str', required=True, aliases=['name']),
description=dict(type='str'),
host=dict(type='list'),
hostgroup=dict(type='list'),
state=dict(type='str',
default='present',
choices=['present', 'absent', 'enabled', 'disabled']))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
client = HostGroupIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, hostgroup = ensure(module, client)
module.exit_json(changed=changed, hostgroup=hostgroup)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(cn=dict(type='str', required=True, aliases=['name']),
description=dict(type='str'),
ipavaulttype=dict(type='str', default='symmetric',
choices=['standard', 'symmetric', 'asymmetric'], aliases=['vault_type']),
ipavaultsalt=dict(type='str', aliases=['vault_salt']),
ipavaultpublickey=dict(type='str', aliases=['vault_public_key']),
service=dict(type='str'),
replace=dict(type='bool', default=False, choices=[True, False]),
state=dict(type='str', default='present', choices=['present', 'absent']),
username=dict(type='list', aliases=['user']))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True,
mutually_exclusive=[['username', 'service']])
client = VaultIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, vault = ensure(module, client)
module.exit_json(changed=changed, vault=vault)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(krbcanonicalname=dict(type='str',
required=True,
aliases=['name']),
force=dict(type='bool', required=False),
hosts=dict(type='list', required=False),
state=dict(type='str',
required=False,
default='present',
choices=['present', 'absent']))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
client = ServiceIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, host = ensure(module, client)
module.exit_json(changed=changed, host=host)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
displayname=dict(type='str'),
givenname=dict(type='str'),
update_password=dict(type='str',
default="always",
choices=['always', 'on_create']),
krbpasswordexpiration=dict(type='str'),
loginshell=dict(type='str'),
mail=dict(type='list'),
sn=dict(type='str'),
uid=dict(type='str', required=True, aliases=['name']),
gidnumber=dict(type='str'),
uidnumber=dict(type='str'),
password=dict(type='str', no_log=True),
sshpubkey=dict(type='list'),
state=dict(type='str',
default='present',
choices=['present', 'absent', 'enabled', 'disabled']),
telephonenumber=dict(type='list'),
title=dict(type='str'))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
client = UserIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
# If sshpubkey is defined as None than module.params['sshpubkey'] is [None]. IPA itself returns None (not a list).
# Therefore a small check here to replace list(None) by None. Otherwise get_user_diff() would return sshpubkey
# as different which should be avoided.
if module.params['sshpubkey'] is not None:
if len(module.params['sshpubkey']
) == 1 and module.params['sshpubkey'][0] == "":
module.params['sshpubkey'] = None
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, user = ensure(module, client)
module.exit_json(changed=changed, user=user)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
ipadefaultloginshell=dict(type='str', aliases=['loginshell']),
ipadefaultemaildomain=dict(type='str', aliases=['emaildomain']),
)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
client = ConfigIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, user = ensure(module, client)
module.exit_json(changed=changed, user=user)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main():
argument_spec = ipa_argument_spec()
argument_spec.update(
cmd=dict(type='list'),
cmdcategory=dict(type='str', choices=['all']),
cn=dict(type='str', required=True, aliases=['name']),
description=dict(type='str'),
host=dict(type='list'),
hostcategory=dict(type='str', choices=['all']),
hostgroup=dict(type='list'),
runasusercategory=dict(type='str', choices=['all']),
runasgroupcategory=dict(type='str', choices=['all']),
sudoopt=dict(type='list'),
state=dict(type='str',
default='present',
choices=['present', 'absent', 'enabled', 'disabled']),
user=dict(type='list'),
usercategory=dict(type='str', choices=['all']),
usergroup=dict(type='list'))
module = AnsibleModule(argument_spec=argument_spec,
mutually_exclusive=[['cmdcategory', 'cmd'],
['hostcategory', 'host'],
['hostcategory', 'hostgroup'],
['usercategory', 'user'],
['usercategory', 'usergroup']],
supports_check_mode=True)
client = SudoRuleIPAClient(module=module,
host=module.params['ipa_host'],
port=module.params['ipa_port'],
protocol=module.params['ipa_prot'])
try:
client.login(username=module.params['ipa_user'],
password=module.params['ipa_pass'])
changed, sudorule = ensure(module, client)
module.exit_json(changed=changed, sudorule=sudorule)
except Exception as e:
module.fail_json(msg=to_native(e), exception=traceback.format_exc())