def main(): argument_spec = ipa_argument_spec() argument_spec.update( subca_name=dict(type='str', required=True, aliases=['name']), subca_subject=dict(type='str', required=True), subca_desc=dict(type='str'), state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, ) client = SubCAIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, record = ensure(module, client) module.exit_json(changed=changed, record=record) except Exception as exc: module.fail_json(msg=to_native(exc))
def main(): argument_spec = ipa_argument_spec() argument_spec.update( ipadefaultloginshell=dict(type='str', aliases=['loginshell']), ipadefaultemaildomain=dict(type='str', aliases=['emaildomain']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True ) client = ConfigIPAClient( module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot'] ) try: client.login( username=module.params['ipa_user'], password=module.params['ipa_pass'] ) changed, user = ensure(module, client) module.exit_json(changed=changed, user=user) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): record_types = [ 'A', 'AAAA', 'A6', 'CNAME', 'DNAME', 'PTR', 'TXT', 'SRV', 'MX' ] argument_spec = ipa_argument_spec() argument_spec.update( zone_name=dict(type='str', required=True), record_name=dict(type='str', aliases=['name'], required=True), record_type=dict(type='str', default='A', choices=record_types), record_value=dict(type='str', required=True), state=dict(type='str', default='present', choices=['present', 'absent']), record_ttl=dict(type='int', required=False), ) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = DNSRecordIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, record = ensure(module, client) module.exit_json(changed=changed, record=record) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update(cn=dict(type='str', required=True, aliases=['name']), description=dict(type='str'), group=dict(type='list', elements='str'), host=dict(type='list', elements='str'), hostgroup=dict(type='list', elements='str'), privilege=dict(type='list', elements='str'), service=dict(type='list', elements='str'), state=dict(type='str', default='present', choices=['present', 'absent']), user=dict(type='list', elements='str')) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = RoleIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, role = ensure(module, client) module.exit_json(changed=changed, role=role) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update(description=dict(type='str'), fqdn=dict(type='str', required=True, aliases=['name']), force=dict(type='bool'), ip_address=dict(type='str'), ns_host_location=dict(type='str', aliases=['nshostlocation']), ns_hardware_platform=dict(type='str', aliases=['nshardwareplatform']), ns_os_version=dict(type='str', aliases=['nsosversion']), user_certificate=dict(type='list', aliases=['usercertificate'], elements='str'), mac_address=dict(type='list', aliases=['macaddress'], elements='str'), update_dns=dict(type='bool'), state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']), random_password=dict(type='bool'),) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = HostIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, host = ensure(module, client) module.exit_json(changed=changed, host=host) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update( zone_name=dict(type='str', required=True), state=dict(type='str', default='present', choices=['present', 'absent']), dynamicupdate=dict(type='str', required=False, default='false', choices=['true', 'false']), ) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, ) client = DNSZoneIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, zone = ensure(module, client) module.exit_json(changed=changed, zone=zone) except Exception as e: module.fail_json(msg=to_native(e))
def main(): argument_spec = ipa_argument_spec() argument_spec.update(group=dict(type='str', aliases=['name']), state=dict(type='str', default='present', choices=['present', 'absent']), maxpwdlife=dict(type='str'), minpwdlife=dict(type='str'), historylength=dict(type='str'), minclasses=dict(type='str'), minlength=dict(type='str'), priority=dict(type='str'), maxfailcount=dict(type='str'), failinterval=dict(type='str'), lockouttime=dict(type='str')) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = PwPolicyIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, pwpolicy = ensure(module, client) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc()) module.exit_json(changed=changed, pwpolicy=pwpolicy)
def main(): argument_spec = ipa_argument_spec() argument_spec.update(krbcanonicalname=dict(type='str', required=True, aliases=['name']), force=dict(type='bool', required=False), hosts=dict(type='list', required=False, elements='str'), state=dict(type='str', required=False, default='present', choices=['present', 'absent'])) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = ServiceIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, host = ensure(module, client) module.exit_json(changed=changed, host=host) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update( ipatokentotpauthwindow=dict(type='int', aliases=['totpauthwindow'], no_log=False), ipatokentotpsyncwindow=dict(type='int', aliases=['totpsyncwindow'], no_log=False), ipatokenhotpauthwindow=dict(type='int', aliases=['hotpauthwindow'], no_log=False), ipatokenhotpsyncwindow=dict(type='int', aliases=['hotpsyncwindow'], no_log=False), ) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = OTPConfigIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, otpconfig = ensure(module, client) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc()) module.exit_json(changed=changed, otpconfig=otpconfig)
def main(): argument_spec = ipa_argument_spec() argument_spec.update(cn=dict(type='str', required=True, aliases=['name']), description=dict(type='str'), ipavaulttype=dict(type='str', default='symmetric', choices=['standard', 'symmetric', 'asymmetric'], aliases=['vault_type']), ipavaultsalt=dict(type='str', aliases=['vault_salt']), ipavaultpublickey=dict(type='str', aliases=['vault_public_key']), service=dict(type='str'), replace=dict(type='bool', default=False, choices=[True, False]), state=dict(type='str', default='present', choices=['present', 'absent']), username=dict(type='list', elements='str', aliases=['user'])) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True, mutually_exclusive=[['username', 'service']]) client = VaultIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, vault = ensure(module, client) module.exit_json(changed=changed, vault=vault) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update(cn=dict(type='str', required=True, aliases=['name']), description=dict(type='str'), external=dict(type='bool'), gidnumber=dict(type='str', aliases=['gid']), group=dict(type='list', elements='str'), nonposix=dict(type='bool'), state=dict(type='str', default='present', choices=['present', 'absent']), user=dict(type='list', elements='str'), append=dict(type='bool', default=False)) module = AnsibleModule( argument_spec=argument_spec, supports_check_mode=True, ) client = GroupIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, group = ensure(module, client) module.exit_json(changed=changed, group=group) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update( ipaconfigstring=dict(type='list', elements='str', choices=[ 'AllowNThash', 'KDC:Disable Last Success', 'KDC:Disable Lockout', 'KDC:Disable Default Preauth for SPNs' ], aliases=['configstring']), ipadefaultloginshell=dict(type='str', aliases=['loginshell']), ipadefaultemaildomain=dict(type='str', aliases=['emaildomain']), ipadefaultprimarygroup=dict(type='str', aliases=['primarygroup']), ipagroupsearchfields=dict(type='list', elements='str', aliases=['groupsearchfields']), ipahomesrootdir=dict(type='str', aliases=['homesrootdir']), ipakrbauthzdata=dict(type='list', elements='str', choices=['MS-PAC', 'PAD', 'nfs:NONE'], aliases=['krbauthzdata']), ipamaxusernamelength=dict(type='int', aliases=['maxusernamelength']), ipapwdexpadvnotify=dict(type='int', aliases=['pwdexpadvnotify']), ipasearchrecordslimit=dict(type='int', aliases=['searchrecordslimit']), ipasearchtimelimit=dict(type='int', aliases=['searchtimelimit']), ipaselinuxusermaporder=dict(type='list', elements='str', aliases=['selinuxusermaporder']), ipauserauthtype=dict(type='list', elements='str', aliases=['userauthtype'], choices=[ "password", "radius", "otp", "pkinit", "hardened", "disabled" ]), ipausersearchfields=dict(type='list', elements='str', aliases=['usersearchfields']), ) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = ConfigIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, user = ensure(module, client) module.exit_json(changed=changed, user=user) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update( displayname=dict(type='str'), givenname=dict(type='str'), update_password=dict(type='str', default="always", choices=['always', 'on_create'], no_log=False), krbpasswordexpiration=dict(type='str', no_log=False), loginshell=dict(type='str'), mail=dict(type='list', elements='str'), sn=dict(type='str'), uid=dict(type='str', required=True, aliases=['name']), gidnumber=dict(type='str'), uidnumber=dict(type='str'), password=dict(type='str', no_log=True), sshpubkey=dict(type='list', elements='str'), state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']), telephonenumber=dict(type='list', elements='str'), title=dict(type='str'), homedirectory=dict(type='str'), userauthtype=dict( type='str', choices=['password', 'radius', 'otp', 'pkinit', 'hardened'])) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = UserIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) # If sshpubkey is defined as None than module.params['sshpubkey'] is [None]. IPA itself returns None (not a list). # Therefore a small check here to replace list(None) by None. Otherwise get_user_diff() would return sshpubkey # as different which should be avoided. if module.params['sshpubkey'] is not None: if len(module.params['sshpubkey'] ) == 1 and module.params['sshpubkey'][0] == "": module.params['sshpubkey'] = None try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, user = ensure(module, client) module.exit_json(changed=changed, user=user) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update(uniqueid=dict(type='str', aliases=['name'], required=True), newuniqueid=dict(type='str'), otptype=dict(type='str', choices=['totp', 'hotp']), secretkey=dict(type='str', no_log=True), description=dict(type='str'), owner=dict(type='str'), enabled=dict(type='bool', default=True), notbefore=dict(type='str'), notafter=dict(type='str'), vendor=dict(type='str'), model=dict(type='str'), serial=dict(type='str'), state=dict(type='str', choices=['present', 'absent'], default='present'), algorithm=dict( type='str', choices=['sha1', 'sha256', 'sha384', 'sha512']), digits=dict(type='int', choices=[6, 8]), offset=dict(type='int'), interval=dict(type='int'), counter=dict(type='int')) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = OTPTokenIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, otptoken = ensure(module, client) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc()) module.exit_json(changed=changed, otptoken=otptoken)
def main(): argument_spec = ipa_argument_spec() argument_spec.update(description=dict(type='str'), state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']), sudocmd=dict(type='str', required=True, aliases=['name'])) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) client = SudoCmdIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, sudocmd = ensure(module, client) module.exit_json(changed=changed, sudocmd=sudocmd) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())
def main(): argument_spec = ipa_argument_spec() argument_spec.update( cmd=dict(type='list', elements='str'), cmdgroup=dict(type='list', elements='str'), cmdcategory=dict(type='str', choices=['all']), cn=dict(type='str', required=True, aliases=['name']), description=dict(type='str'), host=dict(type='list', elements='str'), hostcategory=dict(type='str', choices=['all']), hostgroup=dict(type='list', elements='str'), runasusercategory=dict(type='str', choices=['all']), runasgroupcategory=dict(type='str', choices=['all']), sudoopt=dict(type='list', elements='str'), state=dict(type='str', default='present', choices=['present', 'absent', 'enabled', 'disabled']), user=dict(type='list', elements='str'), usercategory=dict(type='str', choices=['all']), usergroup=dict(type='list', elements='str'), runasextusers=dict(type='list', elements='str')) module = AnsibleModule(argument_spec=argument_spec, mutually_exclusive=[['cmdcategory', 'cmd'], ['cmdcategory', 'cmdgroup'], ['hostcategory', 'host'], ['hostcategory', 'hostgroup'], ['usercategory', 'user'], ['usercategory', 'usergroup']], supports_check_mode=True) client = SudoRuleIPAClient(module=module, host=module.params['ipa_host'], port=module.params['ipa_port'], protocol=module.params['ipa_prot']) try: client.login(username=module.params['ipa_user'], password=module.params['ipa_pass']) changed, sudorule = ensure(module, client) module.exit_json(changed=changed, sudorule=sudorule) except Exception as e: module.fail_json(msg=to_native(e), exception=traceback.format_exc())