def main(): # define the available arguments/parameters that a user can pass to # the module fixed_ip_arg_spec = dict(mac=dict(type='str'), ip=dict(type='str'), name=dict(type='str'), ) reserved_ip_arg_spec = dict(start=dict(type='str'), end=dict(type='str'), comment=dict(type='str'), ) argument_spec = meraki_argument_spec() argument_spec.update(state=dict(type='str', choices=['absent', 'present', 'query'], default='query'), net_name=dict(type='str', aliases=['network']), net_id=dict(type='str'), vlan_id=dict(type='int'), name=dict(type='str', aliases=['vlan_name']), subnet=dict(type='str'), appliance_ip=dict(type='str'), fixed_ip_assignments=dict(type='list', default=None, elements='dict', options=fixed_ip_arg_spec), reserved_ip_range=dict(type='list', default=None, elements='dict', options=reserved_ip_arg_spec), vpn_nat_subnet=dict(type='str'), dns_nameservers=dict(type='str'), ) # seed the result dict in the object # we primarily care about changed and state # change is if this module effectively modified the target # state will include any data that you want your module to pass back # for consumption, for example, in a subsequent task result = dict( changed=False, ) # the AnsibleModule object will be our abstraction working with Ansible # this includes instantiation, a couple of common attr would be the # args/params passed to the execution, as well as if the module # supports check mode module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True, ) meraki = MerakiModule(module, function='vlan') meraki.params['follow_redirects'] = 'all' query_urls = {'vlan': '/networks/{net_id}/vlans'} query_url = {'vlan': '/networks/{net_id}/vlans/{vlan_id}'} create_url = {'vlan': '/networks/{net_id}/vlans'} update_url = {'vlan': '/networks/{net_id}/vlans/'} delete_url = {'vlan': '/networks/{net_id}/vlans/'} meraki.url_catalog['get_all'].update(query_urls) meraki.url_catalog['get_one'].update(query_url) meraki.url_catalog['create'] = create_url meraki.url_catalog['update'] = update_url meraki.url_catalog['delete'] = delete_url payload = None org_id = meraki.params['org_id'] if org_id is None: org_id = meraki.get_org_id(meraki.params['org_name']) net_id = meraki.params['net_id'] if net_id is None: nets = meraki.get_nets(org_id=org_id) net_id = meraki.get_net_id(net_name=meraki.params['net_name'], data=nets) if meraki.params['state'] == 'query': if not meraki.params['vlan_id']: meraki.result['data'] = get_vlans(meraki, net_id) else: path = meraki.construct_path('get_one', net_id=net_id, custom={'vlan_id': meraki.params['vlan_id']}) response = meraki.request(path, method='GET') meraki.result['data'] = response elif meraki.params['state'] == 'present': payload = {'id': meraki.params['vlan_id'], 'name': meraki.params['name'], 'subnet': meraki.params['subnet'], 'applianceIp': meraki.params['appliance_ip'], } if is_vlan_valid(meraki, net_id, meraki.params['vlan_id']) is False: # Create new VLAN if meraki.module.check_mode is True: meraki.result['data'] = payload meraki.result['changed'] = True meraki.exit_json(**meraki.result) path = meraki.construct_path('create', net_id=net_id) response = meraki.request(path, method='POST', payload=json.dumps(payload)) meraki.result['changed'] = True meraki.result['data'] = response else: # Update existing VLAN path = meraki.construct_path('get_one', net_id=net_id, custom={'vlan_id': meraki.params['vlan_id']}) original = meraki.request(path, method='GET') if meraki.params['dns_nameservers']: if meraki.params['dns_nameservers'] not in ('opendns', 'google_dns', 'upstream_dns'): payload['dnsNameservers'] = format_dns(meraki.params['dns_nameservers']) else: payload['dnsNameservers'] = meraki.params['dns_nameservers'] if meraki.params['fixed_ip_assignments']: payload['fixedIpAssignments'] = fixed_ip_factory(meraki, meraki.params['fixed_ip_assignments']) if meraki.params['reserved_ip_range']: payload['reservedIpRanges'] = meraki.params['reserved_ip_range'] if meraki.params['vpn_nat_subnet']: payload['vpnNatSubnet'] = meraki.params['vpn_nat_subnet'] ignored = ['networkId'] if meraki.is_update_required(original, payload, optional_ignore=ignored): meraki.result['diff'] = dict() diff = recursive_diff(original, payload) meraki.result['diff']['before'] = diff[0] meraki.result['diff']['after'] = diff[1] if meraki.module.check_mode is True: original.update(payload) meraki.result['changed'] = True meraki.result['data'] = original meraki.exit_json(**meraki.result) path = meraki.construct_path('update', net_id=net_id) + str(meraki.params['vlan_id']) response = meraki.request(path, method='PUT', payload=json.dumps(payload)) meraki.result['changed'] = True meraki.result['data'] = response else: if meraki.module.check_mode is True: meraki.result['data'] = original meraki.exit_json(**meraki.result) meraki.result['data'] = original elif meraki.params['state'] == 'absent': if is_vlan_valid(meraki, net_id, meraki.params['vlan_id']): if meraki.module.check_mode is True: meraki.result['data'] = {} meraki.result['changed'] = True meraki.exit_json(**meraki.result) path = meraki.construct_path('delete', net_id=net_id) + str(meraki.params['vlan_id']) response = meraki.request(path, 'DELETE') meraki.result['changed'] = True meraki.result['data'] = response # in the event of a successful module execution, you will want to # simple AnsibleModule.exit_json(), passing the key/value results meraki.exit_json(**meraki.result)
def init_module(self): """Init module object""" self.module = AnsibleModule( argument_spec=self.spec, supports_check_mode=True)
def main(): fields = { "host": {"required": False, "type": "str"}, "username": {"required": False, "type": "str"}, "password": {"required": False, "type": "str", "default": "", "no_log": True}, "vdom": {"required": False, "type": "str", "default": "root"}, "https": {"required": False, "type": "bool", "default": True}, "ssl_verify": {"required": False, "type": "bool", "default": True}, "switch_controller_global": { "required": False, "type": "dict", "default": None, "options": { "allow_multiple_interfaces": {"required": False, "type": "str", "choices": ["enable", "disable"]}, "default_virtual_switch_vlan": {"required": False, "type": "str"}, "disable_discovery": {"required": False, "type": "list", "options": { "name": {"required": True, "type": "str"} }}, "https_image_push": {"required": False, "type": "str", "choices": ["enable", "disable"]}, "log_mac_limit_violations": {"required": False, "type": "str", "choices": ["enable", "disable"]}, "mac_aging_interval": {"required": False, "type": "int"}, "mac_retention_period": {"required": False, "type": "int"}, "mac_violation_timer": {"required": False, "type": "int"} } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_switch_controller(module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_switch_controller(module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "vpn_certificate_setting": { "required": False, "type": "dict", "default": None, "options": { "certname_dsa1024": { "required": False, "type": "str" }, "certname_dsa2048": { "required": False, "type": "str" }, "certname_ecdsa256": { "required": False, "type": "str" }, "certname_ecdsa384": { "required": False, "type": "str" }, "certname_rsa1024": { "required": False, "type": "str" }, "certname_rsa2048": { "required": False, "type": "str" }, "check_ca_cert": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "check_ca_chain": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "cmp_save_extra_certs": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "cn_match": { "required": False, "type": "str", "choices": ["substring", "value"] }, "ocsp_default_server": { "required": False, "type": "str" }, "ocsp_status": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "ssl_min_proto_version": { "required": False, "type": "str", "choices": ["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"] }, "ssl_ocsp_option": { "required": False, "type": "str", "choices": ["certificate", "server"] }, "ssl_ocsp_status": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "strict_crl_check": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "strict_ocsp_check": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "subject_match": { "required": False, "type": "str", "choices": ["substring", "value"] } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_vpn_certificate( module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_vpn_certificate( module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "state": { "required": True, "type": "str", "choices": ["present", "absent"] }, "vpn_certificate_ocsp_server": { "required": False, "type": "dict", "default": None, "options": { "cert": { "required": False, "type": "str" }, "name": { "required": True, "type": "str" }, "secondary_cert": { "required": False, "type": "str" }, "secondary_url": { "required": False, "type": "str" }, "source_ip": { "required": False, "type": "str" }, "unavail_action": { "required": False, "type": "str", "choices": ["revoke", "ignore"] }, "url": { "required": False, "type": "str" } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_vpn_certificate( module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_vpn_certificate( module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): argument_specs = dict( state=dict(default='present', choices=['absent', 'present']), avi_api_update_method=dict(default='put', choices=['put', 'patch']), avi_api_patch_op=dict(choices=['add', 'replace', 'delete']), async_interval=dict(type='int', ), clear_on_max_retries=dict(type='int', ), client_ip_addr_group=dict(type='dict', ), description=dict(type='str', ), dns_configs=dict(type='list', ), is_federated=dict(type='bool', ), leader_cluster_uuid=dict(type='str', required=True), maintenance_mode=dict(type='bool', ), name=dict(type='str', required=True), send_interval=dict(type='int', ), send_interval_prior_to_maintenance_mode=dict(type='int', ), sites=dict(type='list', ), tenant_ref=dict(type='str', ), third_party_sites=dict(type='list', ), url=dict(type='str', ), uuid=dict(type='str', ), view_id=dict(type='int', ), ) argument_specs.update(avi_common_argument_spec()) module = AnsibleModule(argument_spec=argument_specs, supports_check_mode=True) if not HAS_AVI: return module.fail_json(msg=( 'Avi python API SDK (avisdk>=17.1) or requests is not installed. ' 'For more details visit https://github.com/avinetworks/sdk.')) api_method = module.params['avi_api_update_method'] if str(api_method).lower() == 'patch': patch_op = module.params['avi_api_patch_op'] # Create controller session api_creds = AviCredentials() api_creds.update_from_ansible_module(module) api = ApiSession.get_session(api_creds.controller, api_creds.username, password=api_creds.password, timeout=api_creds.timeout, tenant=api_creds.tenant, tenant_uuid=api_creds.tenant_uuid, token=api_creds.token, port=api_creds.port) # Get existing gslb objects rsp = api.get('gslb', api_version=api_creds.api_version) existing_gslb = rsp.json() gslb = existing_gslb['results'] sites = module.params['gslb_sites_config'] for gslb_obj in gslb: # Update/Delete domain names in dns_configs fields in gslb object. if 'dns_configs' in module.params: if gslb_obj['leader_cluster_uuid'] == module.params[ 'leader_cluster_uuid']: if str(patch_op).lower() == 'delete': gslb_obj['dns_configs'] = [] elif str(patch_op).lower() == 'add': if module.params['dns_configs'] not in gslb_obj[ 'dns_configs']: gslb_obj['dns_configs'].extend( module.params['dns_configs']) else: gslb_obj['dns_configs'] = module.params['dns_configs'] # Update/Delete sites configuration if sites: for site_obj in gslb_obj['sites']: dns_vses = site_obj.get('dns_vses', []) for obj in sites: config_for = obj.get('ip_addr', None) if not config_for: return module.fail_json(msg=( "ip_addr of site in a configuration is mandatory. " "Please provide ip_addr i.e. gslb site's ip.")) if config_for == site_obj['ip_addresses'][0]['addr']: if str(patch_op).lower() == 'delete': site_obj['dns_vses'] = [] else: # Modify existing gslb sites object for key, val in obj.items(): if key == 'dns_vses' and str( patch_op).lower() == 'add': found = False # Check dns_vses field already exists on the controller for v in dns_vses: if val[0]['dns_vs_uuid'] != v[ 'dns_vs_uuid']: found = True break if not found: dns_vses.extend(val) else: site_obj[key] = val if str(patch_op).lower() == 'add': site_obj['dns_vses'] = dns_vses uni_dns_configs = [ dict(tupleized) for tupleized in set( tuple(item.items()) for item in gslb_obj['dns_configs']) ] gslb_obj['dns_configs'] = uni_dns_configs module.params.update(gslb_obj) module.params.update({ 'avi_api_update_method': 'put', 'state': 'present' }) return avi_ansible_api(module, 'gslb', set([]))
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "system_password_policy": { "required": False, "type": "dict", "default": None, "options": { "apply_to": { "required": False, "type": "str", "choices": ["admin-password", "ipsec-preshared-key"] }, "change_4_characters": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "expire_day": { "required": False, "type": "int" }, "expire_status": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "min_lower_case_letter": { "required": False, "type": "int" }, "min_non_alphanumeric": { "required": False, "type": "int" }, "min_number": { "required": False, "type": "int" }, "min_upper_case_letter": { "required": False, "type": "int" }, "minimum_length": { "required": False, "type": "int" }, "reuse_password": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "status": { "required": False, "type": "str", "choices": ["enable", "disable"] } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_system(module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_system(module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): module = AnsibleModule( argument_spec=dict( path=dict(type='path'), content=dict(type='str'), passphrase=dict(type='str', no_log=True), return_private_key_data=dict(type='bool', default=False), select_crypto_backend=dict( type='str', default='auto', choices=['auto', 'cryptography', 'pyopenssl']), ), required_one_of=(['path', 'content'], ), mutually_exclusive=(['path', 'content'], ), supports_check_mode=True, ) try: if module.params['path'] is not None: base_dir = os.path.dirname(module.params['path']) or '.' if not os.path.isdir(base_dir): module.fail_json( name=base_dir, msg= 'The directory %s does not exist or the file is not a directory' % base_dir) backend = module.params['select_crypto_backend'] if backend == 'auto': # Detect what backend we can use can_use_cryptography = CRYPTOGRAPHY_FOUND and CRYPTOGRAPHY_VERSION >= LooseVersion( MINIMAL_CRYPTOGRAPHY_VERSION) can_use_pyopenssl = PYOPENSSL_FOUND and PYOPENSSL_VERSION >= LooseVersion( MINIMAL_PYOPENSSL_VERSION) # If cryptography is available we'll use it if can_use_cryptography: backend = 'cryptography' elif can_use_pyopenssl: backend = 'pyopenssl' # Fail if no backend has been found if backend == 'auto': module.fail_json( msg=("Can't detect any of the required Python libraries " "cryptography (>= {0}) or PyOpenSSL (>= {1})" ).format(MINIMAL_CRYPTOGRAPHY_VERSION, MINIMAL_PYOPENSSL_VERSION)) if backend == 'pyopenssl': if not PYOPENSSL_FOUND: module.fail_json(msg=missing_required_lib( 'pyOpenSSL >= {0}'.format(MINIMAL_PYOPENSSL_VERSION)), exception=PYOPENSSL_IMP_ERR) module.deprecate( 'The module is using the PyOpenSSL backend. This backend has been deprecated', version='2.13') privatekey = PrivateKeyInfoPyOpenSSL(module) elif backend == 'cryptography': if not CRYPTOGRAPHY_FOUND: module.fail_json(msg=missing_required_lib( 'cryptography >= {0}'.format( MINIMAL_CRYPTOGRAPHY_VERSION)), exception=CRYPTOGRAPHY_IMP_ERR) privatekey = PrivateKeyInfoCryptography(module) result = privatekey.get_info() module.exit_json(**result) except crypto_utils.OpenSSLObjectError as exc: module.fail_json(msg=to_native(exc))
def main(): module = AnsibleModule( argument_spec=dict( auth_token=dict( type='str', default=os.environ.get('ONEANDONE_AUTH_TOKEN'), no_log=True), api_url=dict( type='str', default=os.environ.get('ONEANDONE_API_URL')), hostname=dict(type='str'), description=dict(type='str'), appliance=dict(type='str'), fixed_instance_size=dict(type='str'), vcore=dict(type='int'), cores_per_processor=dict(type='int'), ram=dict(type='float'), hdds=dict(type='list'), count=dict(type='int', default=1), ssh_key=dict(type='raw'), auto_increment=dict(type='bool', default=True), server=dict(type='str'), datacenter=dict( choices=DATACENTERS, default='US'), private_network=dict(type='str'), firewall_policy=dict(type='str'), load_balancer=dict(type='str'), monitoring_policy=dict(type='str'), server_type=dict(type='str', default='cloud', choices=['cloud', 'baremetal', 'k8s_node']), wait=dict(type='bool', default=True), wait_timeout=dict(type='int', default=600), wait_interval=dict(type='int', default=5), state=dict(type='str', default='present', choices=['present', 'absent', 'running', 'stopped']), ), supports_check_mode=True, mutually_exclusive=(['fixed_instance_size', 'vcore'], ['fixed_instance_size', 'cores_per_processor'], ['fixed_instance_size', 'ram'], ['fixed_instance_size', 'hdds'],), required_together=(['vcore', 'cores_per_processor', 'ram', 'hdds'],) ) if not HAS_ONEANDONE_SDK: module.fail_json(msg='1and1 required for this module') if not module.params.get('auth_token'): module.fail_json( msg='The "auth_token" parameter or ' + 'ONEANDONE_AUTH_TOKEN environment variable is required.') if not module.params.get('api_url'): oneandone_conn = oneandone.client.OneAndOneService( api_token=module.params.get('auth_token')) else: oneandone_conn = oneandone.client.OneAndOneService( api_token=module.params.get('auth_token'), api_url=module.params.get('api_url')) state = module.params.get('state') if state == 'absent': if not module.params.get('server'): module.fail_json( msg="'server' parameter is required for deleting a server.") try: (changed, servers) = remove_server(module, oneandone_conn) except Exception as ex: module.fail_json(msg=str(ex)) elif state in ('running', 'stopped'): if not module.params.get('server'): module.fail_json( msg="'server' parameter is required for starting/stopping a server.") try: (changed, servers) = startstop_server(module, oneandone_conn) except Exception as ex: module.fail_json(msg=str(ex)) elif state == 'present': for param in ('hostname', 'appliance', 'datacenter'): if not module.params.get(param): module.fail_json( msg="%s parameter is required for new server." % param) try: (changed, servers) = create_server(module, oneandone_conn) except Exception as ex: module.fail_json(msg=str(ex)) module.exit_json(changed=changed, servers=servers)
def main(): argument_spec = dict( ip_address=dict(required=True), password=dict(required=True, no_log=True), username=dict(default='admin'), api_key=dict(no_log=True), devicegroup=dict(default=None), description=dict(default=None), ip_to_register=dict(type='str', required=False), tag_names=dict(type='list', required=True), commit=dict(type='bool', default=True), operation=dict(type='str', required=True) ) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False) if not HAS_LIB: module.fail_json(msg='pan-python is required for this module') ip_address = module.params["ip_address"] password = module.params["password"] username = module.params['username'] api_key = module.params['api_key'] commit = module.params['commit'] devicegroup = module.params['devicegroup'] operation = module.params['operation'] # Create the device with the appropriate pandevice type device = base.PanDevice.create_from_device(ip_address, username, password, api_key=api_key) # If Panorama, validate the devicegroup dev_group = None if devicegroup and isinstance(device, panorama.Panorama): dev_group = get_devicegroup(device, devicegroup) if dev_group: device.add(dev_group) else: module.fail_json(msg='\'%s\' device group not found in Panorama. Is the name correct?' % devicegroup) result = None if operation == 'add': result, exc = register_ip_to_tag_map(device, ip_addresses=module.params.get('ip_to_register', None), tag=module.params.get('tag_names', None) ) elif operation == 'list': result, exc = get_all_address_group_mapping(device) elif operation == 'delete': result, exc = delete_address_from_mapping(device, ip_address=module.params.get('ip_to_register', None), tags=module.params.get('tag_names', []) ) else: module.fail_json(msg="Unsupported option") if not result: module.fail_json(msg=exc.message) if commit: try: device.commit(sync=True) except PanXapiError as exc: module.fail_json(msg=to_native(exc)) module.exit_json(changed=True, msg=result)
def main(): """ Module main """ spec = dict( gather_subset=dict(default=['!config'], type='list') ) spec.update(ce_argument_spec) module = AnsibleModule(argument_spec=spec, supports_check_mode=True) warnings = list() check_args(module, warnings) gather_subset = module.params['gather_subset'] runable_subsets = set() exclude_subsets = set() for subset in gather_subset: if subset == 'all': runable_subsets.update(VALID_SUBSETS) continue if subset.startswith('!'): subset = subset[1:] if subset == 'all': exclude_subsets.update(VALID_SUBSETS) continue exclude = True else: exclude = False if subset not in VALID_SUBSETS: module.fail_json(msg='Bad subset') if exclude: exclude_subsets.add(subset) else: runable_subsets.add(subset) if not runable_subsets: runable_subsets.update(VALID_SUBSETS) runable_subsets.difference_update(exclude_subsets) runable_subsets.add('default') facts = dict() facts['gather_subset'] = list(runable_subsets) instances = list() for key in runable_subsets: instances.append(FACT_SUBSETS[key](module)) for inst in instances: inst.populate() facts.update(inst.facts) ansible_facts = dict() for key, value in iteritems(facts): # this is to maintain capability with nxos_facts 2.1 if key.startswith('_'): ansible_facts[key[1:]] = value else: ansible_facts[key] = value module.exit_json(ansible_facts=ansible_facts, warnings=warnings)
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "log_syslogd4_filter": { "required": False, "type": "dict", "default": None, "options": { "anomaly": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "dns": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "filter": { "required": False, "type": "str" }, "filter_type": { "required": False, "type": "str", "choices": ["include", "exclude"] }, "forward_traffic": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "gtp": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "local_traffic": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "multicast_traffic": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "netscan_discovery": { "required": False, "type": "str" }, "netscan_vulnerability": { "required": False, "type": "str" }, "severity": { "required": False, "type": "str", "choices": [ "emergency", "alert", "critical", "error", "warning", "notification", "information", "debug" ] }, "sniffer_traffic": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "ssh": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "voip": { "required": False, "type": "str", "choices": ["enable", "disable"] } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_log_syslogd4( module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_log_syslogd4( module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): module = AnsibleModule(argument_spec=dict( name=dict(aliases=['pkg'], required=True), state=dict(choices=['present', 'absent', 'latest'], required=True), depot=dict(default=None, required=False)), supports_check_mode=True) name = module.params['name'] state = module.params['state'] depot = module.params['depot'] changed = False msg = "No changed" rc = 0 if (state == 'present' or state == 'latest') and depot is None: output = "depot parameter is mandatory in present or latest task" module.fail_json(name=name, msg=output, rc=rc) # Check local version rc, version_installed = query_package(module, name) if not rc: installed = True msg = "Already installed" else: installed = False if (state == 'present' or state == 'latest') and installed is False: if module.check_mode: module.exit_json(changed=True) rc, output = install_package(module, depot, name) if not rc: changed = True msg = "Package installed" else: module.fail_json(name=name, msg=output, rc=rc) elif state == 'latest' and installed is True: # Check depot version rc, version_depot = query_package(module, name, depot) if not rc: if compare_package(version_installed, version_depot) == -1: if module.check_mode: module.exit_json(changed=True) # Install new version rc, output = install_package(module, depot, name) if not rc: msg = "Package upgraded, Before " + version_installed + " Now " + version_depot changed = True else: module.fail_json(name=name, msg=output, rc=rc) else: output = "Software package not in repository " + depot module.fail_json(name=name, msg=output, rc=rc) elif state == 'absent' and installed is True: if module.check_mode: module.exit_json(changed=True) rc, output = remove_package(module, name) if not rc: changed = True msg = "Package removed" else: module.fail_json(name=name, msg=output, rc=rc) if module.check_mode: module.exit_json(changed=False) module.exit_json(changed=changed, name=name, state=state, msg=msg)
def main(): argument_spec = aci_argument_spec() argument_spec.update( description=dict(type='str', aliases=['descr']), node_id=dict(type='int'), # Not required for querying all objects pod_id=dict(type='int'), role=dict(type='str', choices=['leaf', 'spine', 'unspecified'], aliases=['role_name']), serial=dict(type='str', aliases=['serial_number' ]), # Not required for querying all objects switch=dict(type='str', aliases=['name', 'switch_name']), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['node_id', 'serial']], ['state', 'present', ['node_id', 'serial']], ], ) pod_id = module.params.get('pod_id') serial = module.params.get('serial') node_id = module.params.get('node_id') switch = module.params.get('switch') description = module.params.get('description') role = module.params.get('role') state = module.params.get('state') aci = ACIModule(module) aci.construct_url(root_class=dict( aci_class='fabricNodeIdentP', aci_rn='controller/nodeidentpol/nodep-{0}'.format(serial), module_object=serial, target_filter={'serial': serial}, )) aci.get_existing() if state == 'present': aci.payload( aci_class='fabricNodeIdentP', class_config=dict( descr=description, name=switch, nodeId=node_id, podId=pod_id, # NOTE: Originally we were sending 'rn', but now we need 'dn' for idempotency # FIXME: Did this change with ACI version ? dn='uni/controller/nodeidentpol/nodep-{0}'.format(serial), # rn='nodep-{0}'.format(serial), role=role, serial=serial, )) aci.get_diff(aci_class='fabricNodeIdentP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json(**aci.result)
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "state": { "required": True, "type": "str", "choices": ["present", "absent"] }, "web_proxy_forward_server": { "required": False, "type": "dict", "default": None, "options": { "addr_type": { "required": False, "type": "str", "choices": ["ip", "fqdn"] }, "comment": { "required": False, "type": "str" }, "fqdn": { "required": False, "type": "str" }, "healthcheck": { "required": False, "type": "str", "choices": ["disable", "enable"] }, "ip": { "required": False, "type": "str" }, "monitor": { "required": False, "type": "str" }, "name": { "required": True, "type": "str" }, "port": { "required": False, "type": "int" }, "server_down_option": { "required": False, "type": "str", "choices": ["block", "pass"] } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_web_proxy( module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_web_proxy(module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): argument_spec = ucs_argument_spec argument_spec.update( org_dn=dict(type='str', default='org-root'), name=dict(type='str'), descr=dict(type='str'), wwnn_pool=dict(type='str', default='default'), vhba_list=dict(type='list'), state=dict(type='str', default='present', choices=['present', 'absent']), san_connectivity_list=dict(type='list'), ) # Note that use of san_connectivity_list is an experimental feature which allows multiple resource updates with a single UCSM connection. # Support for san_connectivity_list may change or be removed once persistent UCS connections are supported. # Either san_connectivity_list or name is required (user can specify either a list or single resource). module = AnsibleModule( argument_spec, supports_check_mode=True, required_one_of=[ ['san_connectivity_list', 'name'], ], mutually_exclusive=[ ['san_connectivity_list', 'name'], ], ) ucs = UCSModule(module) err = False from ucsmsdk.mometa.vnic.VnicSanConnPolicy import VnicSanConnPolicy from ucsmsdk.mometa.vnic.VnicFcNode import VnicFcNode from ucsmsdk.mometa.vnic.VnicFc import VnicFc from ucsmsdk.mometa.vnic.VnicFcIf import VnicFcIf changed = False try: # Only documented use is a single resource, but to also support experimental # feature allowing multiple updates all params are converted to a san_connectivity_list below. if module.params['san_connectivity_list']: # directly use the list (single resource and list are mutually exclusive san_connectivity_list = module.params['san_connectivity_list'] else: # single resource specified, create list from the current params san_connectivity_list = [module.params] for san_connectivity in san_connectivity_list: mo_exists = False props_match = False # set default params. Done here to set values for lists which can't be done in the argument_spec if not san_connectivity.get('descr'): san_connectivity['descr'] = '' if not san_connectivity.get('wwnn_pool'): san_connectivity['wwnn_pool'] = 'default' if san_connectivity.get('vhba_list'): for vhba in san_connectivity['vhba_list']: if not vhba.get('adapter_policy'): vhba['adapter_policy'] = '' if not vhba.get('order'): vhba['order'] = 'unspecified' # dn is <org_dn>/san-conn-pol-<name> dn = module.params['org_dn'] + '/san-conn-pol-' + san_connectivity[ 'name'] mo = ucs.login_handle.query_dn(dn) if mo: mo_exists = True # check top-level mo props kwargs = dict(descr=san_connectivity['descr']) if (mo.check_prop_match(**kwargs)): # top-level props match, check next level mo/props # vnicFcNode object child_dn = dn + '/fc-node' mo_1 = ucs.login_handle.query_dn(child_dn) if mo_1: kwargs = dict( ident_pool_name=san_connectivity['wwnn_pool']) if (mo_1.check_prop_match(**kwargs)): if not san_connectivity.get('vhba_list'): props_match = True else: # check vnicFc props for vhba in san_connectivity['vhba_list']: child_dn = dn + '/fc-' + vhba['name'] mo_2 = ucs.login_handle.query_dn(child_dn) kwargs = {} kwargs['adaptor_profile_name'] = vhba[ 'adapter_policy'] kwargs['order'] = vhba['order'] kwargs['nw_templ_name'] = vhba[ 'vhba_template'] if (mo_2.check_prop_match(**kwargs)): props_match = True if module.params['state'] == 'absent': # mo must exist but all properties do not have to match if mo_exists: if not module.check_mode: ucs.login_handle.remove_mo(mo) ucs.login_handle.commit() changed = True else: if not props_match: if not module.check_mode: # create if mo does not already exist mo = VnicSanConnPolicy( parent_mo_or_dn=module.params['org_dn'], name=san_connectivity['name'], descr=san_connectivity['descr'], ) mo_1 = VnicFcNode( parent_mo_or_dn=mo, ident_pool_name=san_connectivity['wwnn_pool'], addr='pool-derived', ) if san_connectivity.get('vhba_list'): for vhba in san_connectivity['vhba_list']: mo_2 = VnicFc( parent_mo_or_dn=mo, name=vhba['name'], adaptor_profile_name=vhba[ 'adapter_policy'], nw_templ_name=vhba['vhba_template'], order=vhba['order'], ) mo_2_1 = VnicFcIf( parent_mo_or_dn=mo_2, name='default', ) ucs.login_handle.add_mo(mo, True) ucs.login_handle.commit() changed = True except Exception as e: err = True ucs.result['msg'] = "setup error: %s " % str(e) ucs.result['changed'] = changed if err: module.fail_json(**ucs.result) module.exit_json(**ucs.result)
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "state": { "required": True, "type": "str", "choices": ["present", "absent"] }, "user_peer": { "required": False, "type": "dict", "default": None, "options": { "ca": { "required": False, "type": "str" }, "cn": { "required": False, "type": "str" }, "cn_type": { "required": False, "type": "str", "choices": ["string", "email", "FQDN", "ipv4", "ipv6"] }, "ldap_mode": { "required": False, "type": "str", "choices": ["password", "principal-name"] }, "ldap_password": { "required": False, "type": "str" }, "ldap_server": { "required": False, "type": "str" }, "ldap_username": { "required": False, "type": "str" }, "mandatory_ca_verify": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "name": { "required": True, "type": "str" }, "ocsp_override_server": { "required": False, "type": "str" }, "passwd": { "required": False, "type": "str" }, "subject": { "required": False, "type": "str" }, "two_factor": { "required": False, "type": "str", "choices": ["enable", "disable"] } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_user(module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_user(module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "state": { "required": True, "type": "str", "choices": ["present", "absent"] }, "system_replacemsg_nac_quar": { "required": False, "type": "dict", "default": None, "options": { "buffer": { "required": False, "type": "str" }, "format": { "required": False, "type": "str", "choices": ["none", "text", "html", "wml"] }, "header": { "required": False, "type": "str", "choices": ["none", "http", "8bit"] }, "msg_type": { "required": False, "type": "str" } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_system_replacemsg( module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_system_replacemsg( module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): """ main entry point for module execution """ argument_spec = dict(hostname=dict(), domain_name=dict(), domain_search=dict(type='list'), name_servers=dict(type='list'), state=dict(choices=['present', 'absent'], default='present'), active=dict(default=True, type='bool')) argument_spec.update(junos_argument_spec) params = ['hostname', 'domain_name', 'domain_search', 'name_servers'] required_if = [('state', 'present', params, True), ('state', 'absent', params, True), ('state', 'active', params, True), ('state', 'suspend', params, True)] module = AnsibleModule(argument_spec=argument_spec, required_if=required_if, supports_check_mode=True) warnings = list() result = {'changed': False} if warnings: result['warnings'] = warnings top = 'system' param_to_xpath_map = collections.OrderedDict() param_to_xpath_map.update([('hostname', { 'xpath': 'host-name', 'leaf_only': True }), ('domain_name', { 'xpath': 'domain-name', 'leaf_only': True }), ('domain_search', { 'xpath': 'domain-search', 'leaf_only': True, 'value_req': True }), ('name_servers', { 'xpath': 'name-server/name', 'is_key': True })]) validate_param_values(module, param_to_xpath_map) want = map_params_to_obj(module, param_to_xpath_map) ele = map_obj_to_ele(module, want, top) with locked_config(module): diff = load_config(module, tostring(ele), warnings, action='merge') commit = not module.check_mode if diff: if commit: commit_configuration(module) else: discard_changes(module) result['changed'] = True if module._diff: result['diff'] = {'prepared': diff} module.exit_json(**result)
def main(): argument_spec = ovirt_full_argument_spec( state=dict(type='str', default='present', choices=['absent', 'present']), name=dict(type='str'), id=dict(type='str'), memory=dict(type='str'), memory_guaranteed=dict(type='str'), memory_max=dict(type='str'), cpu_sockets=dict(type='int'), cpu_cores=dict(type='int'), cpu_threads=dict(type='int'), operating_system=dict(type='str'), boot_devices=dict(type='list', choices=['cdrom', 'hd', 'network']), serial_console=dict(type='bool'), usb_support=dict(type='bool'), high_availability=dict(type='bool'), high_availability_priority=dict(type='int'), watchdog=dict(type='dict'), host=dict(type='str'), graphical_console=dict(type='dict'), description=dict(type='str'), cpu_mode=dict(type='str'), rng_device=dict(type='str'), rng_bytes=dict(type='int', default=None), rng_period=dict(type='int', default=None), placement_policy=dict(type='str'), cpu_pinning=dict(type='list'), soundcard_enabled=dict(type='bool', default=None), virtio_scsi=dict(type='bool', default=None), smartcard_enabled=dict(type='bool', default=None), io_threads=dict(type='int', default=None), nics=dict(type='list', default=[]), ballooning_enabled=dict(type='bool', default=None), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_one_of=[['id', 'name']], ) check_sdk(module) check_params(module) try: state = module.params['state'] auth = module.params.pop('auth') connection = create_connection(auth) its_service = connection.system_service().instance_types_service() its_module = InstanceTypeModule( connection=connection, module=module, service=its_service, ) it = its_module.search_entity() if state == 'present': ret = its_module.create( entity=it ) its_module.post_present(ret['id']) ret['changed'] = its_module.changed elif state == 'absent': ret = its_module.remove() module.exit_json(**ret) except Exception as e: module.fail_json(msg=str(e), exception=traceback.format_exc()) finally: connection.close(logout=auth.get('token') is None)
def main(): argument_spec = openstack_full_argument_spec( server=dict(required=True), volume=dict(required=True), device=dict(default=None), # None == auto choose device name state=dict(default='present', choices=['absent', 'present']), ) module_kwargs = openstack_module_kwargs() module = AnsibleModule(argument_spec, supports_check_mode=True, **module_kwargs) state = module.params['state'] wait = module.params['wait'] timeout = module.params['timeout'] sdk, cloud = openstack_cloud_from_module(module) try: server = cloud.get_server(module.params['server']) volume = cloud.get_volume(module.params['volume']) if not volume: module.fail_json(msg='volume %s is not found' % module.params['volume']) dev = cloud.get_volume_attach_device(volume, server.id) if module.check_mode: module.exit_json(changed=_system_state_change(state, dev)) if state == 'present': changed = False if not dev: changed = True cloud.attach_volume(server, volume, module.params['device'], wait=wait, timeout=timeout) server = cloud.get_server(module.params['server']) # refresh volume = cloud.get_volume(module.params['volume']) # refresh hostvars = cloud.get_openstack_vars(server) module.exit_json(changed=changed, id=volume['id'], attachments=volume['attachments'], openstack=hostvars) elif state == 'absent': if not dev: # Volume is not attached to this server module.exit_json(changed=False) cloud.detach_volume(server, volume, wait=wait, timeout=timeout) module.exit_json(changed=True, result='Detached volume from server') except (sdk.exceptions.OpenStackCloudException, sdk.exceptions.ResourceTimeout) as e: module.fail_json(msg=str(e))
def main(): module = AnsibleModule( argument_spec=dict( repo=dict(required=True), user=dict(required=True), password=dict(no_log=True), token=dict(no_log=True), action=dict(required=True, choices=['latest_release', 'create_release']), tag=dict(type='str'), target=dict(type='str'), name=dict(type='str'), body=dict(type='str'), draft=dict(type='bool', default=False), prerelease=dict(type='bool', default=False), ), supports_check_mode=True, mutually_exclusive=(('password', 'token'), ), required_if=[('action', 'create_release', ['tag']), ('action', 'create_release', ['password', 'token'], True)], ) if not HAS_GITHUB_API: module.fail_json(msg=missing_required_lib('github3.py >= 1.0.0a3'), exception=GITHUB_IMP_ERR) repo = module.params['repo'] user = module.params['user'] password = module.params['password'] login_token = module.params['token'] action = module.params['action'] tag = module.params.get('tag') target = module.params.get('target') name = module.params.get('name') body = module.params.get('body') draft = module.params.get('draft') prerelease = module.params.get('prerelease') # login to github try: if password: gh_obj = github3.login(user, password=password) elif login_token: gh_obj = github3.login(token=login_token) else: gh_obj = github3.GitHub() # test if we're actually logged in if password or login_token: gh_obj.me() except github3.exceptions.AuthenticationFailed as e: module.fail_json(msg='Failed to connect to GitHub: %s' % to_native(e), details="Please check username and password or token " "for repository %s" % repo) repository = gh_obj.repository(user, repo) if not repository: module.fail_json(msg="Repository %s/%s doesn't exist" % (user, repo)) if action == 'latest_release': release = repository.latest_release() if release: module.exit_json(tag=release.tag_name) else: module.exit_json(tag=None) if action == 'create_release': release_exists = repository.release_from_tag(tag) if release_exists: module.exit_json(changed=False, msg="Release for tag %s already exists." % tag) release = repository.create_release(tag, target, name, body, draft, prerelease) if release: module.exit_json(changed=True, tag=release.tag_name) else: module.exit_json(changed=False, tag=None)
def main(): module = AnsibleModule( argument_spec=dict( attributes=dict(type='dict'), device=dict(type='str'), force=dict(type='bool', default=False), recursive=dict(type='bool', default=False), state=dict(type='str', default='available', choices=['available', 'defined', 'removed']), ), supports_check_mode=True, ) force_opt = { True: '-f', False: '', } attributes = module.params['attributes'] device = module.params['device'] force = force_opt[module.params['force']] recursive = module.params['recursive'] state = module.params['state'] result = dict( changed=False, msg='', ) if state == 'available' or state == 'present': if attributes: # change attributes on device device_status, device_state = _check_device(module, device) if device_status: result['changed'], result['msg'] = change_device_attr( module, attributes, device, force) else: result['msg'] = "Device %s does not exist." % device else: # discovery devices (cfgmgr) if device and device != 'all': device_status, device_state = _check_device(module, device) if device_status: # run cfgmgr on specific device result['changed'], result['msg'] = discover_device( module, device) else: result['msg'] = "Device %s does not exist." % device else: result['changed'], result['msg'] = discover_device( module, device) elif state == 'removed' or state == 'absent' or state == 'defined': if not device: result['msg'] = "device is required to removed or defined state." else: # Remove device check_device, device_state = _check_device(module, device) if check_device: if state == 'defined' and device_state == 'Defined': result['changed'] = False result['msg'] = 'Device %s already in Defined' % device else: result['changed'], result['msg'] = remove_device( module, device, force, recursive, state) else: result['msg'] = "Device %s does not exist." % device else: result['msg'] = "Unexpected state %s." % state module.fail_json(**result) module.exit_json(**result)
def run_module(): # define the available arguments/parameters that a user can pass to # the module module_args = dict( cpm_action=dict(choices=['getplugconfig', 'setplugconfig'], required=True), cpm_url=dict(type='str', required=True), cpm_username=dict(type='str', required=True), cpm_password=dict(type='str', required=True, no_log=True), plug_id=dict(type='str', required=True), plug_name=dict(type='str', required=False), plug_bootdelay=dict(type='int', required=False, default=None, choices=[0, 1, 2, 3, 4, 5, 6, 7, 8, 9]), plug_default=dict(type='int', required=False, default=None, choices=[0, 1]), plug_bootpriority=dict(type='int', required=False, default=None), use_https=dict(type='bool', default=True), validate_certs=dict(type='bool', default=True), use_proxy=dict(type='bool', default=False) ) result = dict( changed=False, data='', debug='' ) module = AnsibleModule(argument_spec=module_args, supports_check_mode=True) if module.check_mode: return result auth = to_text(base64.b64encode(to_bytes('{0}:{1}'.format(to_native(module.params['cpm_username']), to_native(module.params['cpm_password'])), errors='surrogate_or_strict'))) if module.params['use_https'] is True: protocol = "https://" else: protocol = "http://" Payload = None if (module.params['cpm_action'] == 'getplugconfig'): fullurl = ("%s%s/api/v2/config/powerplugconfig" % (protocol, to_native(module.params['cpm_url']))) if (module.params['plug_id'].lower() != 'all'): fullurl = '%s?plug=%s' % (fullurl, to_native(module.params['plug_id'])) method = 'GET' elif (module.params['cpm_action'] == 'setplugconfig'): Payload = assemble_json(module, result) result['debug'] = Payload fullurl = ("%s%s/api/v2/config/powerplugconfig" % (protocol, to_native(module.params['cpm_url']))) method = 'POST' try: response = open_url(fullurl, data=Payload, method=method, validate_certs=module.params['validate_certs'], use_proxy=module.params['use_proxy'], headers={'Content-Type': 'application/json', 'Authorization': "Basic %s" % auth}) if (method != 'GET'): result['changed'] = True except HTTPError as e: fail_json = dict(msg='Received HTTP error for {0} : {1}'.format(fullurl, to_native(e)), changed=False) module.fail_json(**fail_json) except URLError as e: fail_json = dict(msg='Failed lookup url for {0} : {1}'.format(fullurl, to_native(e)), changed=False) module.fail_json(**fail_json) except SSLValidationError as e: fail_json = dict(msg='Error validating the server''s certificate for {0} : {1}'.format(fullurl, to_native(e)), changed=False) module.fail_json(**fail_json) except ConnectionError as e: fail_json = dict(msg='Error connecting to for {0} : {1}'.format(fullurl, to_native(e)), changed=False) module.fail_json(**fail_json) result['data'] = json.loads(response.read()) module.exit_json(**result)
def main(): argument_spec = aci_argument_spec() argument_spec.update( contract=dict(type='str', aliases=['contract_name', 'name']), # Not required for querying all objects tenant=dict(type='str', aliases=['tenant_name']), # Not required for querying all objects description=dict(type='str', aliases=['descr']), scope=dict(type='str', choices=['application-profile', 'context', 'global', 'tenant']), priority=dict(type='str', choices=['level1', 'level2', 'level3', 'unspecified']), # No default provided on purpose dscp=dict(type='str', choices=['AF11', 'AF12', 'AF13', 'AF21', 'AF22', 'AF23', 'AF31', 'AF32', 'AF33', 'AF41', 'AF42', 'AF43', 'CS0', 'CS1', 'CS2', 'CS3', 'CS4', 'CS5', 'CS6', 'CS7', 'EF', 'VA', 'unspecified'], aliases=['target']), # No default provided on purpose state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['contract', 'tenant']], ['state', 'present', ['contract', 'tenant']], ], ) contract = module.params.get('contract') description = module.params.get('description') scope = module.params.get('scope') priority = module.params.get('priority') dscp = module.params.get('dscp') state = module.params.get('state') tenant = module.params.get('tenant') aci = ACIModule(module) aci.construct_url( root_class=dict( aci_class='fvTenant', aci_rn='tn-{0}'.format(tenant), module_object=tenant, target_filter={'name': tenant}, ), subclass_1=dict( aci_class='vzBrCP', aci_rn='brc-{0}'.format(contract), module_object=contract, target_filter={'name': contract}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='vzBrCP', class_config=dict( name=contract, descr=description, scope=scope, prio=priority, targetDscp=dscp, ), ) aci.get_diff(aci_class='vzBrCP') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): argument_spec = aci_argument_spec() argument_spec.update( aaa_password=dict(type='str', no_log=True), aaa_password_lifetime=dict(type='int'), aaa_password_update_required=dict(type='bool'), aaa_user=dict(type='str', aliases=['name']), # Not required for querying all objects clear_password_history=dict(type='bool'), description=dict(type='str', aliases=['descr']), email=dict(type='str'), enabled=dict(type='bool'), expiration=dict(type='str'), expires=dict(type='bool'), first_name=dict(type='str'), last_name=dict(type='str'), phone=dict(type='str'), state=dict(type='str', default='present', choices=['absent', 'present', 'query']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, required_if=[ ['state', 'absent', ['aaa_user']], ['state', 'present', ['aaa_user']], ['expires', True, ['expiration']], ], ) aci = ACIModule(module) if not HAS_DATEUTIL: module.fail_json(msg='dateutil required for this module') aaa_password = module.params.get('aaa_password') aaa_password_lifetime = module.params.get('aaa_password_lifetime') aaa_password_update_required = aci.boolean(module.params.get('aaa_password_update_required')) aaa_user = module.params.get('aaa_user') clear_password_history = aci.boolean(module.params.get('clear_password_history'), 'yes', 'no') description = module.params.get('description') email = module.params.get('email') enabled = aci.boolean(module.params.get('enabled'), 'active', 'inactive') expires = aci.boolean(module.params.get('expires')) first_name = module.params.get('first_name') last_name = module.params.get('last_name') phone = module.params.get('phone') state = module.params.get('state') expiration = module.params.get('expiration') if expiration is not None and expiration != 'never': try: expiration = aci.iso8601_format(dateutil.parser.parse(expiration).replace(tzinfo=tzutc())) except Exception as e: module.fail_json(msg="Failed to parse date format '%s', %s" % (module.params.get('expiration'), e)) aci.construct_url( root_class=dict( aci_class='aaaUser', aci_rn='userext/user-{0}'.format(aaa_user), module_object=aaa_user, target_filter={'name': aaa_user}, ), ) aci.get_existing() if state == 'present': aci.payload( aci_class='aaaUser', class_config=dict( accountStatus=enabled, clearPwdHistory=clear_password_history, descr=description, email=email, expiration=expiration, expires=expires, firstName=first_name, lastName=last_name, name=aaa_user, phone=phone, pwd=aaa_password, pwdLifeTime=aaa_password_lifetime, pwdUpdateRequired=aaa_password_update_required, ), ) aci.get_diff(aci_class='aaaUser') aci.post_config() elif state == 'absent': aci.delete_config() aci.exit_json()
def main(): fields = { "host": { "required": False, "type": "str" }, "username": { "required": False, "type": "str" }, "password": { "required": False, "type": "str", "default": "", "no_log": True }, "vdom": { "required": False, "type": "str", "default": "root" }, "https": { "required": False, "type": "bool", "default": True }, "ssl_verify": { "required": False, "type": "bool", "default": True }, "state": { "required": False, "type": "str", "choices": ["present", "absent"] }, "router_static": { "required": False, "type": "dict", "default": None, "options": { "state": { "required": False, "type": "str", "choices": ["present", "absent"] }, "bfd": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "blackhole": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "comment": { "required": False, "type": "str" }, "device": { "required": False, "type": "str" }, "distance": { "required": False, "type": "int" }, "dst": { "required": False, "type": "str" }, "dstaddr": { "required": False, "type": "str" }, "dynamic_gateway": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "gateway": { "required": False, "type": "str" }, "internet_service": { "required": False, "type": "int" }, "internet_service_custom": { "required": False, "type": "str" }, "link_monitor_exempt": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "priority": { "required": False, "type": "int" }, "seq_num": { "required": False, "type": "int" }, "src": { "required": False, "type": "str" }, "status": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "virtual_wan_link": { "required": False, "type": "str", "choices": ["enable", "disable"] }, "vrf": { "required": False, "type": "int" }, "weight": { "required": False, "type": "int" } } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_router(module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_router(module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)
def main(): module = AnsibleModule(argument_spec=dict( addrobj=dict(required=True, default=None, aliases=['nic', 'interface']), property=dict(required=True, aliases=['name']), value=dict(required=False), temporary=dict(default=False, type='bool'), state=dict(default='present', choices=['absent', 'present', 'reset']), ), supports_check_mode=True) addrprop = AddrProp(module) rc = None out = '' err = '' result = {} result['property'] = addrprop.property result['addrobj'] = addrprop.addrobj result['state'] = addrprop.state result['temporary'] = addrprop.temporary if addrprop.value: result['value'] = addrprop.value if addrprop.state == 'absent' or addrprop.state == 'reset': if addrprop.property_exists(): if not addrprop.property_is_modified(): if module.check_mode: module.exit_json(changed=True) (rc, out, err) = addrprop.reset_property() if rc != 0: module.fail_json(property=addrprop.property, addrobj=addrprop.addrobj, msg=err, rc=rc) elif addrprop.state == 'present': if addrprop.value is None: module.fail_json(msg='Value is mandatory with state "present"') if addrprop.property_exists(): if not addrprop.property_is_set(): if module.check_mode: module.exit_json(changed=True) (rc, out, err) = addrprop.set_property() if rc != 0: module.fail_json(property=addrprop.property, addrobj=addrprop.addrobj, msg=err, rc=rc) if rc is None: result['changed'] = False else: result['changed'] = True if out: result['stdout'] = out if err: result['stderr'] = err module.exit_json(**result)
def __init__(self): """ Parse arguments, setup state variables, check parameters and ensure SDK is installed """ self._size_unit_map = netapp_utils.SF_BYTE_MAP self.argument_spec = netapp_utils.ontap_sf_host_argument_spec() self.argument_spec.update(dict( state=dict(required=True, choices=['present', 'absent']), name=dict(required=True, type='str'), account_id=dict(required=True), enable512e=dict(type='bool', aliases=['512emulation']), qos=dict(required=False, type='dict', default=None), attributes=dict(required=False, type='dict', default=None), size=dict(type='int'), size_unit=dict(default='gb', choices=['bytes', 'b', 'kb', 'mb', 'gb', 'tb', 'pb', 'eb', 'zb', 'yb'], type='str'), access=dict(required=False, type='str', default=None, choices=['readOnly', 'readWrite', 'locked', 'replicationTarget']), )) self.module = AnsibleModule( argument_spec=self.argument_spec, required_if=[ ('state', 'present', ['size', 'enable512e']) ], supports_check_mode=True ) param = self.module.params # set up state variables self.state = param['state'] self.name = param['name'] self.account_id = param['account_id'] self.enable512e = param['enable512e'] self.qos = param['qos'] self.attributes = param['attributes'] self.access = param['access'] self.size_unit = param['size_unit'] if param['size'] is not None: self.size = param['size'] * self._size_unit_map[self.size_unit] else: self.size = None if HAS_SF_SDK is False: self.module.fail_json(msg="Unable to import the ElementSW Python SDK") else: try: self.sfe = netapp_utils.create_sf_connection(module=self.module) except solidfire.common.ApiServerError: self.module.fail_json(msg="Unable to create the connection") self.elementsw_helper = NaElementSWModule(self.sfe) # add telemetry attributes if self.attributes is not None: self.attributes.update(self.elementsw_helper.set_element_attributes(source='na_elementsw_volume')) else: self.attributes = self.elementsw_helper.set_element_attributes(source='na_elementsw_volume')
def main(): fields = { "host": {"required": False, "type": "str"}, "username": {"required": False, "type": "str"}, "password": {"required": False, "type": "str", "default": "", "no_log": True}, "vdom": {"required": False, "type": "str", "default": "root"}, "https": {"required": False, "type": "bool", "default": True}, "ssl_verify": {"required": False, "type": "bool", "default": True}, "state": {"required": False, "type": "str", "choices": ["present", "absent"]}, "firewall_DoS_policy6": { "required": False, "type": "dict", "default": None, "options": { "state": {"required": False, "type": "str", "choices": ["present", "absent"]}, "anomaly": {"required": False, "type": "list", "options": { "action": {"required": False, "type": "str", "choices": ["pass", "block"]}, "log": {"required": False, "type": "str", "choices": ["enable", "disable"]}, "name": {"required": True, "type": "str"}, "quarantine": {"required": False, "type": "str", "choices": ["none", "attacker"]}, "quarantine_expiry": {"required": False, "type": "str"}, "quarantine_log": {"required": False, "type": "str", "choices": ["disable", "enable"]}, "status": {"required": False, "type": "str", "choices": ["disable", "enable"]}, "threshold": {"required": False, "type": "int"}, "threshold(default)": {"required": False, "type": "int"} }}, "comments": {"required": False, "type": "str"}, "dstaddr": {"required": False, "type": "list", "options": { "name": {"required": True, "type": "str"} }}, "interface": {"required": False, "type": "str"}, "policyid": {"required": True, "type": "int"}, "service": {"required": False, "type": "list", "options": { "name": {"required": True, "type": "str"} }}, "srcaddr": {"required": False, "type": "list", "options": { "name": {"required": True, "type": "str"} }}, "status": {"required": False, "type": "str", "choices": ["enable", "disable"]} } } } module = AnsibleModule(argument_spec=fields, supports_check_mode=False) # legacy_mode refers to using fortiosapi instead of HTTPAPI legacy_mode = 'host' in module.params and module.params['host'] is not None and \ 'username' in module.params and module.params['username'] is not None and \ 'password' in module.params and module.params['password'] is not None if not legacy_mode: if module._socket_path: connection = Connection(module._socket_path) fos = FortiOSHandler(connection) is_error, has_changed, result = fortios_firewall(module.params, fos) else: module.fail_json(**FAIL_SOCKET_MSG) else: try: from fortiosapi import FortiOSAPI except ImportError: module.fail_json(msg="fortiosapi module is required") fos = FortiOSAPI() login(module.params, fos) is_error, has_changed, result = fortios_firewall(module.params, fos) fos.logout() if not is_error: module.exit_json(changed=has_changed, meta=result) else: module.fail_json(msg="Error in repo", meta=result)