def main(): helper = get_connection( with_classic_provider_spec=True, argument_spec=dict( hostname=dict(), domain=dict(), dns_server_primary=dict(), dns_server_secondary=dict(), timezone=dict(), panorama_primary=dict(), panorama_secondary=dict(), login_banner=dict(), update_server=dict(), verify_update_server=dict(type='bool'), ntp_server_primary=dict(), ntp_server_secondary=dict(), commit=dict(type='bool', default=True), # TODO(gfreeman) - remove in the next role release. devicegroup=dict(), ), ) module = AnsibleModule( argument_spec=helper.argument_spec, supports_check_mode=True, required_one_of=helper.required_one_of, ) parent = helper.get_pandevice_parent(module) # TODO(gfreeman) - remove this in the next role release. if module.params['devicegroup'] is not None: module.fail_json(msg='Param "devicegroup" has been removed') obj = SystemSettings() parent.add(obj) try: obj.refresh() except PanDeviceError as e: module.fail_json(msg='Failed refresh: {0}'.format(e)) param_relationships = { 'hostname': 'hostname', 'domain': 'domain', 'dns_server_primary': 'dns_primary', 'dns_server_secondary': 'dns_secondary', 'timezone': 'timezone', 'panorama_primary': 'panorama', 'panorama_secondary': 'panorama2', 'login_banner': 'login_banner', 'update_server': 'update_server', 'verify_update_server': 'verify_update_server', } changed = False for ansible_param, obj_param in param_relationships.items(): value = module.params[ansible_param] if value is not None and getattr(obj, obj_param) != value: changed = True setattr(obj, obj_param, value) if not module.check_mode: try: obj.update(obj_param) except PanDeviceError as e: module.fail_json( msg='Failed to update {0}: {1}'.format(obj_param, e)) ntp_relationships = { 'ntp_server_primary': NTPServerPrimary, 'ntp_server_secondary': NTPServerSecondary, } for ansible_param, ntp_obj_cls in ntp_relationships.items(): value = module.params[ansible_param] if value is not None: ntp_obj = None # As of pandevice v0.8.0, can't use .find() here as NTP objects # erroneously have cls.NAME != None. for ntp_obj in obj.children: if isinstance(ntp_obj, ntp_obj_cls): break else: ntp_obj = ntp_obj_cls() obj.add(ntp_obj) if ntp_obj.address != value: changed = True ntp_obj.address = value if not module.check_mode: try: ntp_obj.apply() except PanDeviceError as e: module.fail_json(msg='Failed to set {0}: {1}'.format( ansible_param, e)) # Optional commit. if changed and module.params['commit'] and not module.check_mode: helper.commit(module) module.exit_json(changed=changed, msg='done')
def main(): argument_spec = dict(ip_address=dict(required=True), password=dict(required=True, no_log=True), username=dict(default='admin'), api_key=dict(no_log=True), dns_server_primary=dict(), dns_server_secondary=dict(), panorama_primary=dict(), panorama_secondary=dict(), ntp_server_primary=dict(), ntp_server_secondary=dict(), timezone=dict(), login_banner=dict(), update_server=dict(), hostname=dict(), domain=dict(), devicegroup=dict(), commit=dict(type='bool', default=True)) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False, required_one_of=[['api_key', 'password']]) if not HAS_LIB: module.fail_json(msg='Missing required libraries.') ip_address = module.params["ip_address"] password = module.params["password"] username = module.params['username'] dns_server_primary = module.params['dns_server_primary'] dns_server_secondary = module.params['dns_server_secondary'] ntp_server_primary = module.params['ntp_server_primary'] ntp_server_secondary = module.params['ntp_server_secondary'] panorama_primary = module.params['panorama_primary'] panorama_secondary = module.params['panorama_secondary'] commit = module.params['commit'] api_key = module.params['api_key'] timezone = module.params['timezone'] login_banner = module.params['login_banner'] update_server = module.params['update_server'] hostname = module.params['hostname'] domain = module.params['hostname'] devicegroup = module.params['devicegroup'] # Create the device with the appropriate pandevice type device = base.PanDevice.create_from_device(ip_address, username, password, api_key=api_key) # If Panorama, validate the devicegroup dev_group = None if devicegroup and isinstance(device, panorama.Panorama): dev_group = get_devicegroup(device, devicegroup) if dev_group: device.add(dev_group) else: module.fail_json( msg= '\'%s\' device group not found in Panorama. Is the name correct?' % devicegroup) changed = False try: ss = SystemSettings.refreshall(device)[0] if dns_server_primary is not None: ss.dns_primary = dns_server_primary changed = True if dns_server_secondary is not None: ss.dns_secondary = dns_server_secondary changed = True if panorama_primary is not None: ss.panorama = panorama_primary changed = True if panorama_secondary is not None: ss.panorama2 = panorama_secondary changed = True if ntp_server_primary is not None: changed |= set_ntp_server(ss, ntp_server_primary, primary=True) if ntp_server_secondary is not None: changed |= set_ntp_server(ss, ntp_server_secondary, primary=False) if login_banner: ss.login_banner = login_banner changed = True if timezone: ss.timezone = timezone changed = True if update_server: ss.update_server = update_server changed = True if hostname: ss.hostname = hostname changed = True if domain: ss.domain = domain changed = True if changed: ss.apply() if commit: device.commit(sync=True) except PanXapiError: exc = get_exception() module.fail_json(msg=exc.message) module.exit_json(changed=changed, msg="okey dokey")
def main(): argument_spec = dict(ip_address=dict(required=True), password=dict(required=True, no_log=True), username=dict(default='admin'), api_key=dict(no_log=True), newpassword=dict(required=True, no_log=True), localuser=dict(required=True), template=dict(required=True), commit=dict(type='bool', default=True)) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False, required_one_of=[['api_key', 'password']]) if not HAS_LIB: module.fail_json(msg='Missing required libraries.') ip_address = module.params["ip_address"] password = module.params["password"] username = module.params['username'] local = module.params['localuser'] commit = module.params['commit'] api_key = module.params['api_key'] newpassword = module.params["newpassword"] template = module.params['template'] # Create the device with the appropriate pandevice type device = base.PanDevice.create_from_device(ip_address, username, password, api_key=api_key) changed = False try: phash = device.request_password_hash(password) #return phash ss = SystemSettings.refreshall(device)[0] print('changed = {}'.format(changed)) if dns_server_primary is not None and ss.dns_primary != dns_server_primary: ss.dns_primary = dns_server_primary changed = True print('changed = {}'.format(changed)) if dns_server_secondary is not None and ss.dns_secondary != dns_server_secondary: ss.dns_secondary = dns_server_secondary changed = True print('changed = {}'.format(changed)) if panorama_primary is not None and ss.panorama != panorama_primary: ss.panorama = panorama_primary changed = True print('changed = {}'.format(changed)) if panorama_secondary is not None and ss.panorama2 != panorama_secondary: ss.panorama2 = panorama_secondary changed = True print('changed = {}'.format(changed)) if ntp_server_primary is not None: changed |= set_ntp_server(ss, ntp_server_primary, primary=True) print('changed = {}'.format(changed)) if ntp_server_secondary is not None: changed |= set_ntp_server(ss, ntp_server_secondary, primary=False) print('changed = {}'.format(changed)) if login_banner and ss.login_banner != login_banner: ss.login_banner = login_banner changed = True if timezone and ss.timezone != timezone: ss.timezone = timezone changed = True if update_server and ss.update_server != update_server: ss.update_server = update_server changed = True if hostname and ss.hostname != hostname: ss.hostname = hostname changed = True if domain and ss.domain != domain: ss.domain = domain changed = True print('changed = {}'.format(changed)) if changed: ss.apply() if commit: device.commit(sync=True) except PanXapiError: exc = get_exception() module.fail_json(msg=exc.message) except PanDeviceError as e: module.fail_json(msg='Failed to change password: {}'.format(e)) module.exit_json(changed=changed, msg="okey dokey")