def main(): module = AnsibleModule(argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True, no_log=True), )) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] changed = False msg = "" mk = mt_api.Mikrotik(hostname, username, password) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) result = sock.connect_ex((hostname, 8728)) if result == 0: try: mk.login() except: module.fail_json( msg= "Could not log into Mikrotik device. Check the username and password." ) else: module.fail_json( msg="Could not access RouterOS api." + " Verify API service is enabled and not blocked by firewall.") # response = apiros.talk([b'/ip/address/add', b'=address=192.168.15.2/24', b'=interface=ether7']) module.exit_json( changed=False, failed=False, )
def main(): module = AnsibleModule(argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True, no_log=True), )) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] changed = False msg = "" mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json( msg= "Could not log into Mikrotik device. Check the username and password." ) # response = apiros.talk([b'/ip/address/add', b'=address=192.168.15.2/24', b'=interface=ether7']) module.exit_json( changed=False, failed=False, )
def login(self): self.mk = mt_api.Mikrotik( self.hostname, self.username, self.password, ) try: self.mk.login() self.login_success = True except: self.failed_msg = "Could not log into Mikrotik device, check the username and password."
def main(): module = AnsibleModule( argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True, no_log=True), command=dict(required=True, type='str'), command_arguments=dict(required=False, type='dict'), ) ) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] changed = False changed_message = [] mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json( msg="Could not log into Mikrotik device." + " Check the username and password.", ) api_path = module.params['command'] if module.params['command_arguments'] != None: response = mk.api_command(base_path=api_path, params=module.params['command_arguments']) else: response = mk.api_command(base_path=api_path) if response[-1][0] == '!done': changed = True changed_message.append(response) changed_message.append(api_path) if module.params['command_arguments'] != None: changed_message.append(module.params['command_arguments']) if changed: module.exit_json( failed=False, changed=True, msg=changed_message ) else: module.exit_json( failed=False, changed=False, msg="Command failed" )
def login(self): self.mk = mt_api.Mikrotik( self.hostname, self.username, self.password, ) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) result = sock.connect_ex((self.hostname, 8728)) if result == 0: try: self.mk.login() self.login_success = True except: self.failed_msg = "Could not log into Mikrotik device." + " Check the username and password.", else: self.failed_msg = "Could not access RouterOS api." + " Verify API service is enabled and not blocked by firewall.",
def main(): module = AnsibleModule(argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True, no_log=True), interface=dict(required=True, type='str'), address=dict( required=True, type='str', aliases=['ip', 'addr', 'ip_address']), network=dict(required=False, type='str', default=""), comment=dict(required=False, type='str', default=""), state=dict(required=False, default="present", choices=['present', 'absent'], type='str'), )) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] ip_address = module.params['address'] interface = module.params['interface'] network = module.params['network'] ip_state = module.params['state'] comment = module.params['comment'] changed = False msg = "" interface_path = '/interface' address_path = '/ip/address' address_print_params = { ".proplist": "interface,address,.id,network,netmask,comment" } interface_print_params = {".proplist": "name,.id,type"} mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() interfaces = mk.api_print(interface_path, interface_print_params) except: module.fail_json(msg="Could not log into Mikrotik device." + " Check the username and password.", ) ################################### # Check if interface is present # exit if interface is not present ################################### interfacelist = [] exitmessage = [] for i in range(0, len(interfaces) - 1): interfacelist.append(interfaces[i][1]["name"]) intExists = False if (interface in interfacelist): intExists = True # module.exit_json(failed=False, changed=False, msg=interfacelist) if intExists: pass #exitmessage.append("Interface " + interface + " exists.") #this is never used else: exitmessage.append("Interface " + interface + " does not exist.") module.fail_json(failed=True, msg=exitmessage) ############################################## # Check if IP address is set on the interface # make no changes if address already set ############################################## ip_addresses = mk.api_print(address_path, address_print_params) iplist = [] for i in range(0, len(ip_addresses) - 1): iplist.append(ip_addresses[i][1]["address"]) if ip_addresses[i][1]["address"] == ip_address: ip_id = ip_addresses[i][1][".id"] if ip_state == "present": if ip_address in iplist: module.exit_json( failed=False, #msg="IP Address: " + ip_address + #" is already configured" + #" on interface " + interface, ) else: add_dict = { 'address': ip_address, 'interface': interface, 'comment': comment } response = mk.api_add(address_path, add_dict) module.exit_json( failed=False, changed=True, #msg="IP address: " + ip_address + " has been configured" + #" on interface " + interface ) if ip_state == "absent": if ip_address in iplist: response = mk.api_remove(address_path, ip_id) module.exit_json( failed=False, changed=True, #msg="IP Address: " + ip_address + #" has been removed" ) else: module.exit_json( failed=False, changed=False, #msg="IP Address: " + ip_address + #" is already absent" )
def main(): module = AnsibleModule(argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True, no_log=True), name=dict(required=False, type='str'), comment=dict(required=False, type='str'), admin_mac=dict(required=False, type='str'), auto_mac=dict(required=False, type='str'), ageing_time=dict(required=False, type='str'), forward_delay=dict(required=False, type='str'), max_message_age=dict(required=False, type='str'), transmit_hold_count=dict(required=False, type='str'), arp=dict(required=False, choices=['disabled', 'enabled', 'proxy-arp', 'reply-only'], type='str'), protocol_mode=dict(required=False, choices=['none', 'rstp', 'stp'], type='str'), settings=dict(required=False, type='dict'), state=dict(required=False, choices=['present', 'absent'], type='str'), ), supports_check_mode=True) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] state = module.params['state'] ansible_bridge_name = module.params['name'] check_mode = module.check_mode changed = False changed_message = [] msg = "" mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json(msg="Could not log into Mikrotik device." + " Check the username and password.", ) bridge_path = '/interface/bridge' response = mk.api_print(base_path=bridge_path) bridge_params = module.params mikrotik_bridge = {} for item in response: if 'name' in item[1]: if ansible_bridge_name == item[1]['name']: mikrotik_bridge = item[1] ######################################################## # Check if we need to edit the bridge settings ######################################################## if bridge_params['settings'] is not None: settings_path = '/interface/bridge/settings' settings_response = mk.api_print(settings_path) settings_response = settings_response[0][1] settings = bridge_params['settings'] bridge_settings_diff_keys = {} for key in settings: if isinstance(settings[key], bool): settings[key] = str(settings[key]) settings[key] = str.lower(settings[key]) else: if settings[key] == "yes": settings[key] = "true" if settings[key] == "no": settings[key] = "false" for key in settings: if key in settings_response: if settings[key] != settings_response[key]: bridge_settings_diff_keys[key] = settings[key] else: bridge_settings_diff_keys[key] = settings[key] if bridge_settings_diff_keys != {}: if not check_mode: mk.api_edit(base_path=settings_path, params=bridge_settings_diff_keys) changed_message.append(bridge_settings_diff_keys) changed = True else: changed = False ####################################### # remove unneeded parameters # clean up parameters ###################################### remove_params = ['hostname', 'username', 'password', 'state', 'settings'] for i in remove_params: del bridge_params[i] clean_params(bridge_params) if '.id' in mikrotik_bridge: client_id = mikrotik_bridge['.id'] else: client_id = False ################################################################## # We need to make sure that bridge_bridge name is a string # if it's null then it has not been defined. ################################################################### if (state == "present" and isinstance(ansible_bridge_name, str)): if mikrotik_bridge == {}: if not check_mode: mk.api_add(base_path=bridge_path, params=bridge_params) changed_message.append(ansible_bridge_name + " added") changed = True, else: bridge_diff_keys = {} for key in bridge_params: if key in mikrotik_bridge: if bridge_params[key] != mikrotik_bridge[key]: bridge_diff_keys[key] = bridge_params[key] else: bridge_diff_keys[key] = bridge_params[key] if bridge_diff_keys != {}: bridge_diff_keys['numbers'] = client_id if not check_mode: mk.api_edit(base_path=bridge_path, params=bridge_diff_keys) changed = True changed_message.append("Changed bridge: " + bridge_params['name']) else: #################### # Already up date ################### if not changed: changed = False elif state == "absent": if client_id: if not check_mode: mk.api_remove(base_path=bridge_path, remove_id=client_id) changed_message.append(bridge_params['name'] + " removed") changed = True ##################################################### # if client_id is not set there is nothing to remove ##################################################### else: if not changed: changed = False elif settings: ######################################################## # if settings were set we were modifying bridge settings # only pass else: module.exit_json( failed=True, changed=False, ) if changed: module.exit_json(failed=False, changed=True, msg=changed_message) else: module.exit_json( failed=False, changed=False, )
def main(): module = AnsibleModule( argument_spec=dict( hostname =dict(required=True), username =dict(required=True), password =dict(required=True), interface =dict(required=True, type='str'), bridge =dict(required=False, type='str'), comment =dict(required=False, type='str'), path_cost =dict(required=False, type='str'), priority =dict(required=False, type='str'), horizon =dict(required=False, type='str'), external_fdb=dict( required=False, choices=['yes', 'no', 'auto'], type='str' ), auto_isolate=dict( required=False, choices=['yes', 'no'], type='str' ), edge=dict( required=False, choices=['auto', 'yes', 'no', 'no-discover', 'yes-discover'], type='str' ), point_to_point=dict( required=False, choices=['yes', 'no', 'auto'], type='str' ), state=dict( required=True, choices=['present', 'absent'], type='str' ), ), supports_check_mode=True ) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] state = module.params['state'] ansible_bridge_port_interface = module.params['interface'] changed = False changed_message = [] check_mode = module.check_mode msg = "" mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json( msg="Could not log into Mikrotik device." + " Check the username and password.", ) bridge_port_path = '/interface/bridge/port' response = mk.api_print(base_path=bridge_port_path) bridge_port_params = module.params mikrotik_bridge_port = {} for item in response: if 'interface' in item[1].keys(): if ansible_bridge_port_interface == item[1]['interface']: mikrotik_bridge_port = item[1] ####################################### # remove unneeded parameters ###################################### remove_params = ['hostname', 'username', 'password', 'state'] for i in remove_params: del bridge_port_params[i] ########################################## # modify clean_params in place ############################################ clean_params(bridge_port_params) if '.id' in mikrotik_bridge_port: client_id = mikrotik_bridge_port['.id'] else: client_id = False if state == "present": if mikrotik_bridge_port == {}: if not check_mode: mk.api_add( base_path=bridge_port_path, params=bridge_port_params ) changed_message.append(ansible_bridge_port_interface + " added to bridge") changed = True, else: bridge_port_diff_keys = {} for key in bridge_port_params: if key in mikrotik_bridge_port: if bridge_port_params[key] != mikrotik_bridge_port[key]: bridge_port_diff_keys[key] = bridge_port_params[key] else: bridge_port_diff_keys[key] = bridge_port_params[key] if bridge_port_diff_keys != {}: bridge_port_diff_keys['numbers'] = client_id if not check_mode: mk.api_edit(base_path=bridge_port_path, params=bridge_port_diff_keys) changed = True changed_message.append("Changed bridge port: " + bridge_port_params['bridge']) else: #################### # Already up date ################### if not changed: changed = False elif state == "absent": if client_id: if not check_mode: mk.api_remove(base_path=bridge_port_path, remove_id=client_id) changed_message.append(bridge_port_params['interface'] + " removed") changed = True ##################################################### # if client_id is not set there is nothing to remove ##################################################### else: if not changed: changed = False else: module.exit_json( failed=True, changed=False, ) if changed: module.exit_json( failed=False, changed=True, msg=changed_message ) else: module.exit_json( failed=False, changed=False, )
def main(): module = AnsibleModule( argument_spec=dict( hostname = dict(required=True), username = dict(required=True), password = dict(required=True), list_name = dict(required=True, type='str'), address_list = dict(required=False, type='list'), state = dict( required = False, default = "present", choices = ['present', 'absent', 'force'], type = 'str' ), ), supports_check_mode=True ) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] ansible_list_name = module.params['list_name'] ansible_address_list = module.params['address_list'] state = module.params['state'] check_mode = module.check_mode changed = False msg = "" address_list_path = '/ip/firewall/address-list' mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json( msg="Could not log into Mikrotik device." + " Check the username and password.", ) response = mk.api_print(address_list_path) mikrotik_address_list = [] mikrotik_address_id = {} list_name = ansible_list_name for item in response: if 'list' in item[1].keys(): address = item[1]['address'] if item[1]['list'] == list_name: temp_dict = {} temp_dict['address'] = item[1]['address'] if 'comment' in item[1].keys(): temp_dict['comment'] = item[1]['comment'] mikrotik_address_list.append(dict(temp_dict)) mikrotik_address_id[address] = item[1]['.id'] if state == "present": if ansible_address_list == mikrotik_address_list: module.exit_json( changed = False, failed = False, msg = "list up to date", ) common_list = [] for item in ansible_address_list: for item2 in mikrotik_address_list: if item['address'] in item2['address']: common_list.append(item['address']) if item['comment'] in item2['comment']: ################## # update comment ################# pass ################################# # build add_list # add item missing from mikrotik ################################# add_list = [] for item in ansible_address_list: if item['address'] not in common_list: temp_dict = {} temp_dict['address'] = item['address'] temp_dict['comment'] = item['comment'] add_list.append(dict(temp_dict)) for i in add_list: #address = i['address'] #comment = i['comment'] add_dictionary = { "address": i['address'], "list": list_name, "comment": i['comment'] } if not check_mode: mk.api_add(address_list_path, add_dictionary) changed = True ##################### # build remove list ###################### remove_list = [] for item in mikrotik_address_list: if item['address'] not in common_list: remove_list.append(item['address']) ####################################### # Remove every item in the address_list ####################################### for i in remove_list: remove_id = mikrotik_address_id[i] if not check_mode: mk.api_remove(address_list_path, remove_id) if not changed: changed = True else: ####################################### # Remove every item ####################################### for remove_id in mikrotik_address_id.values(): if not check_mode: mk.api_remove(address_list_path, remove_id) if not changed: changed = True if changed: module.exit_json( changed = True, failed = False, msg = ansible_list_name + "has been modified", ) else: module.exit_json( changed = False, failed = False, msg = ansible_list_name + " is up to date", )
def main(): module = AnsibleModule(argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True), address=dict(required=False, type='str'), comment=dict(required=True, type='str'), secret=dict(required=False, type='str'), service=dict(required=False, type='list'), timeout=dict(required=False, type='str'), incoming=dict(required=False, type='dict'), state=dict(required=True, choices=['present', 'absent'], type='str'), ), supports_check_mode=True) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] state = module.params['state'] check_mode = module.check_mode changed = False msg = "" radius_path = '/radius' mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json(msg="Could not log into Mikrotik device." + " Check the username and password.", ) response = mk.api_print(radius_path) radius_params = module.params ######################################################## # Check if we need to edit the incoming radius settings ######################################################## if radius_params['incoming'] is not None: incoming_path = '/radius/incoming' incoming_response = mk.api_print(incoming_path) incoming = radius_params['incoming'] if incoming_response[0][1]['accept'] == incoming['accept']: if incoming_response[0][1]['port'] == incoming['port']: # nothing to do pass else: # edit port if not check_mode: mk.api_edit(base_path=incoming_path, params=incoming) else: # edit the accept and the port if not check_mode: mk.api_edit(base_path=incoming_path, params=incoming) ####################################### # Since we are grabbing all the parameters passed by the module # We need to remove the one that won't be used # as mikrotik parameters remove_params = ['hostname', 'username', 'password', 'state', 'incoming'] for i in remove_params: radius_params.pop(i) ####################################### # remove keys with empty values # convert service list to stings ###################################### for key in radius_params.keys(): if radius_params[key] is None: radius_params.pop(key) ################################################# # Convert service list to comma separated string ################################################# list_to_string = "" if 'service' in radius_params: list_to_string = ','.join(map(str, radius_params['service'])) radius_params['service'] = list_to_string ################################################ # mikrotik_radius is the dictionary with the parameters # we get from mikrotik ################################# # We grab the first radius item to # match the comment ################################# mikrotik_radius = {} for i in response: if 'comment' in i[1]: if i[1]['comment'] == radius_params['comment']: mikrotik_radius = i[1] break ########################################################## # Define radius_id to be used by remove and edit function ########################################################## if '.id' in mikrotik_radius: radius_id = mikrotik_radius['.id'] else: radius_id = False ###################################################### # If the state is present and we can't find matching # radius comment we add a new item with all the parameters # from Ansible ####################################################### if state == "present": if mikrotik_radius == {}: if not check_mode: mk.api_add(base_path=radius_path, params=radius_params) module.exit_json( failed=False, changed=True, msg="Added radius item", ) ################################################### # If an item exists we check if all the parameters # match what we have in ansible ###################################### else: radius_diff_keys = {} for key in radius_params: if radius_params[key] != mikrotik_radius[key]: radius_diff_keys[key] = radius_params[key] if radius_diff_keys != {}: radius_diff_keys['numbers'] = radius_id if not check_mode: mk.api_edit(base_path=radius_path, params=radius_diff_keys) module.exit_json(failed=False, changed=True, msg="Changed radius item: " + radius_params['comment']) else: #################### # Already up date module.exit_json( failed=False, changed=False, ) elif state == "absent": if radius_id: if not check_mode: mk.api_remove(base_path=radius_path, remove_id=radius_id) module.exit_json(failed=False, changed=True, msg=radius_params['comment'] + " removed") ##################################################### # if radius_id is not set there is nothing to remove ##################################################### else: module.exit_json( failed=False, changed=False, ) else: module.exit_json( failed=True, changed=False, )
def main(): module = AnsibleModule(argument_spec=dict( hostname=dict(required=True), username=dict(required=True), password=dict(required=True, no_log=True), name=dict(required=True, type='str'), on_event=dict(required=False, type='str'), comment=dict(required=False, type='str'), interval=dict(required=False, type='str'), policy=dict(required=False, type='list'), start_date=dict(required=False, type='str'), start_time=dict(required=False, type='str'), state=dict(required=True, choices=['present', 'absent'], type='str'), ), supports_check_mode=True) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] state = module.params['state'] check_mode = module.check_mode ansible_scheduler_name = module.params['name'] changed = False changed_message = [] msg = "" mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json(msg="Could not log into Mikrotik device." + " Check the username and password.", ) api_path = '/system/scheduler' response = mk.api_print(base_path=api_path) ansible_scheduler_params = module.params mikrotik_scheduler_task = {} for item in response: if 'name' in item[1]: if ansible_scheduler_name == item[1]['name']: mikrotik_scheduler_task = item[1] ####################################### # remove unneeded parameters ###################################### remove_params = ['hostname', 'username', 'password', 'state'] for i in remove_params: del ansible_scheduler_params[i] ########################################## # modify params in place ############################################ clean_params(ansible_scheduler_params) if '.id' in mikrotik_scheduler_task: client_id = mikrotik_scheduler_task['.id'] else: client_id = False if state == "present": ################################################# # Convert policy list to comma separated string ################################################# if mikrotik_scheduler_task == {}: if 'policy' in ansible_scheduler_params: list_to_string = "" list_to_string = ','.join( map(str, ansible_scheduler_params['policy'])) ansible_scheduler_params['policy'] = list_to_string if not check_mode: mk.api_add(base_path=api_path, params=ansible_scheduler_params) changed_message.append(ansible_scheduler_name + " added to bridge") changed = True, else: scheduler_diff_keys = {} ######################################################################## # policy parameter is a comma separated list of values in a string that # we receive from mikrotik # we need to convert it to a list and then do a comparison against # ansible policy list to get the difference # if there is a difference between the two we need to convert the # ansible_scheduler_params['policy'] to a string with comma separated values ######################################################################### if 'policy' in ansible_scheduler_params: dif_list = [] if 'policy' in mikrotik_scheduler_task: policy = mikrotik_scheduler_task['policy'].split(',') dif_list = set( ansible_scheduler_params['policy']) & set(policy) if dif_list == []: list_to_string = "" list_to_string = ','.join( map(str, ansible_scheduler_params['policy'])) scheduler_diff_keys['policy'] = list_to_string for key in ansible_scheduler_params: if key != 'policy': if key in mikrotik_scheduler_task: if ansible_scheduler_params[ key] != mikrotik_scheduler_task[key]: scheduler_diff_keys[ key] = ansible_scheduler_params[key] else: scheduler_diff_keys[key] = ansible_scheduler_params[ key] if scheduler_diff_keys != {}: scheduler_diff_keys['numbers'] = client_id if not check_mode: mk.api_edit(base_path=api_path, params=scheduler_diff_keys) changed = True changed_message.append("Changed scheduler task : " + ansible_scheduler_params['name']) else: #################### # Already up date ################### if not changed: changed = False elif state == "absent": if client_id: if not check_mode: mk.api_remove(base_path=api_path, remove_id=client_id) changed_message.append(ansible_scheduler_params['name'] + " removed") changed = True ##################################################### # if client_id is not set there is nothing to remove ##################################################### else: if not changed: changed = False else: module.exit_json(failed=True, changed=False, msg="state is invalid") if changed: module.exit_json(failed=False, changed=True, msg=changed_message) else: module.exit_json( failed=False, changed=False, )
def main(): module = AnsibleModule( argument_spec=dict( hostname = dict(required=True), username = dict(required=True), password = dict(required=True), rule = dict(required=False, type='dict'), parameter = dict(required=True, type='str'), state = dict( required = False, default = "present", choices = ['present', 'absent'], type = 'str' ), ), supports_check_mode=True ) hostname = module.params['hostname'] username = module.params['username'] password = module.params['password'] rule = module.params['rule'] state = module.params['state'] api_path = '/ip/firewall/' + module.params['parameter'] check_mode = module.check_mode # ############################################## # Check if "place-before" is an integer # ############################################# try: desired_order = int(rule['place-before']) except: module.exit_json( failed=True, changed=False, msg="place-before is not set or is not set to an integer", ) changed = False msg = "" mk = mt_api.Mikrotik(hostname, username, password) try: mk.login() except: module.fail_json( msg="Could not log into Mikrotik device." + " Check the username and password.", ) filter_response = mk.api_print(api_path) current_rule = None current_id = None existing_order = None last_item = len(filter_response) - 2 changed_msg = [] # Always set the comment to the order_number if 'comment' in rule: rule['comment'] = str(desired_order) + " " + str(rule['comment']) else: rule['comment'] = str(desired_order) if desired_order <= last_item: placed_at_the_end = False else: placed_at_the_end = True # remove the place-before if we are placing # the rule at the bottom of the chain rule.pop('place-before', None) # Check rule is not present # find existing rule # current_rule is what's on mikrotik right now for index, current_param in enumerate(filter_response): if 'comment' in current_param[1]: if re.search(r"^" + str(desired_order) + "\s+", current_param[1]['comment']): current_id = current_param[1]['.id'] existing_order = index current_rule = current_param[1] # remove the place-before since we'll be editing not moving it rule.pop('place-before', None) # ensure the rule if state is present if state == "present": # if we don't have an existing rule to match # the desired we create a new one if not current_rule: if not check_mode: mk.api_add(api_path, rule) changed = True, # if current_rule is true we need to ensure the changes else: out_params = {} old_params = {} for desired_param in rule: rule[desired_param] = str(rule[desired_param]) if desired_param in current_rule: if current_rule[desired_param] != rule[desired_param]: out_params[desired_param] = rule[desired_param] old_params[desired_param] = current_rule[desired_param] else: out_params[desired_param] = rule[desired_param] if desired_param in current_rule: old_params[desired_param] = current_rule[desired_param] # When out_params has been set it means we found our diff # and will set it on the mikrotik if out_params: if current_id is not None: out_params['.id'] = current_id if not check_mode: mk.api_edit( base_path = api_path, params = out_params ) # we don't need to show the .id in the changed message if '.id' in out_params: del out_params['.id'] changed = True changed_msg.append({ "new_params": out_params, "old_params": old_params, }) # ensure the rule is in right position if current_id: if int(existing_order) != int(desired_order): api_path += '/move' params = False if placed_at_the_end: if existing_order > last_item: params = { '.id': current_id, } else: params = { '.id': current_id, 'destination': desired_order } if params: if not check_mode: mk.api_command(api_path, params) changed_msg.append({ "moved": existing_order, "to": old_params, }) changed = True ##################################### # Remove the rule ##################################### elif state == "absent": if current_rule: if not check_mode: mk.api_remove(api_path, current_id) changed = True changed_msg.append("removed rule: " + str(desired_order)) else: failed = True if changed: module.exit_json( failed=False, changed=True, msg=changed_msg ) elif not changed: module.exit_json( failed=False, changed=False, ) else: module.fail_json()