def main():
argument_spec = dict(
vrf=dict(required=True),
interface=dict(type='str', required=True),
state=dict(default='present',
choices=['present', 'absent'],
required=False),
)
argument_spec.update(nxos_argument_spec)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
warnings = list()
results = {'changed': False, 'commands': [], 'warnings': warnings}
vrf = module.params['vrf']
interface = module.params['interface'].lower()
state = module.params['state']
device_info = get_capabilities(module)
network_api = device_info.get('network_api', 'nxapi')
current_vrfs = get_vrf_list(module)
if vrf not in current_vrfs:
warnings.append("The VRF is not present/active on the device. "
"Use nxos_vrf to fix this.")
intf_type = get_interface_type(interface)
if (intf_type != 'ethernet' and network_api == 'cliconf'):
if is_default(interface, module) == 'DNE':
module.fail_json(msg="interface does not exist on switch. Verify "
"switch platform or create it first with "
"nxos_interface if it's a logical interface")
mode = get_interface_mode(interface, intf_type, module)
if mode == 'layer2':
module.fail_json(msg='Ensure interface is a Layer 3 port before '
'configuring a VRF on an interface. You can '
'use nxos_interface')
current_vrf = get_interface_info(interface, module)
existing = dict(interface=interface, vrf=current_vrf)
changed = False
if not existing['vrf']:
pass
elif vrf != existing['vrf'] and state == 'absent':
module.fail_json(msg='The VRF you are trying to remove '
'from the interface does not exist '
'on that interface.',
interface=interface,
proposed_vrf=vrf,
existing_vrf=existing['vrf'])
commands = []
if existing:
if state == 'absent':
if existing and vrf == existing['vrf']:
command = 'no vrf member {0}'.format(vrf)
commands.append(command)
elif state == 'present':
if existing['vrf'] != vrf:
command = 'vrf member {0}'.format(vrf)
commands.append(command)
if commands:
commands.insert(0, 'interface {0}'.format(interface))
if commands:
if module.check_mode:
module.exit_json(changed=True, commands=commands)
else:
load_config(module, commands)
changed = True
if 'configure' in commands:
commands.pop(0)
results['commands'] = commands
results['changed'] = changed
module.exit_json(**results)
def main():
module = AnsibleModule(argument_spec=dict(
src=dict(type='path'),
deployment=dict(type='str', required=True),
deploy_path=dict(type='path', default=DEFAULT_DEPLOY_PATH),
state=dict(type='str',
choices=['absent', 'present'],
default='present'),
),
required_if=[('state', 'present', ('src', ))],
supports_check_mode=True)
result = dict(changed=False)
src = module.params['src']
deployment = module.params['deployment']
deploy_path = module.params['deploy_path']
state = module.params['state']
if not os.path.exists(deploy_path):
module.fail_json(msg="deploy_path does not exist.")
if state == 'absent' and src:
module.warn('Parameter src is ignored when state=absent')
elif state == 'present' and not os.path.exists(src):
module.fail_json(msg='Source file %s does not exist.' % src)
deployed = is_deployed(deploy_path, deployment)
# === when check_mode ===
if module.check_mode:
if state == 'present':
if not deployed:
result['changed'] = True
elif deployed:
if module.sha1(src) != module.sha1(
os.path.join(deploy_path, deployment)):
result['changed'] = True
elif state == 'absent' and deployed:
result['changed'] = True
module.exit_json(**result)
# =======================
if state == 'present' and not deployed:
if is_failed(deploy_path, deployment):
# Clean up old failed deployment
os.remove(os.path.join(deploy_path, "%s.failed" % deployment))
shutil.copyfile(src, os.path.join(deploy_path, deployment))
while not deployed:
deployed = is_deployed(deploy_path, deployment)
if is_failed(deploy_path, deployment):
module.fail_json(msg='Deploying %s failed.' % deployment)
time.sleep(1)
result['changed'] = True
if state == 'present' and deployed:
if module.sha1(src) != module.sha1(
os.path.join(deploy_path, deployment)):
os.remove(os.path.join(deploy_path, "%s.deployed" % deployment))
shutil.copyfile(src, os.path.join(deploy_path, deployment))
deployed = False
while not deployed:
deployed = is_deployed(deploy_path, deployment)
if is_failed(deploy_path, deployment):
module.fail_json(msg='Deploying %s failed.' % deployment)
time.sleep(1)
result['changed'] = True
if state == 'absent' and deployed:
os.remove(os.path.join(deploy_path, "%s.deployed" % deployment))
while deployed:
deployed = not is_undeployed(deploy_path, deployment)
if is_failed(deploy_path, deployment):
module.fail_json(msg='Undeploying %s failed.' % deployment)
time.sleep(1)
result['changed'] = True
module.exit_json(**result)
def main():
arg_spec = dict(
name=dict(default=None),
path=dict(default=None, type='path'),
version=dict(default=None),
production=dict(default='no', type='bool'),
executable=dict(default=None, type='path'),
registry=dict(default=None),
state=dict(default='present', choices=['present', 'absent', 'latest']),
ignore_scripts=dict(default=False, type='bool'),
)
arg_spec['global'] = dict(default='no', type='bool')
module = AnsibleModule(
argument_spec=arg_spec,
supports_check_mode=True
)
name = module.params['name']
path = module.params['path']
version = module.params['version']
globally = module.params['global']
production = module.params['production']
executable = module.params['executable']
registry = module.params['registry']
state = module.params['state']
ignore_scripts = module.params['ignore_scripts']
# When installing globally, users should not be able to define a path for installation.
# Require a path if global is False, though!
if path is None and globally is False:
module.fail_json(msg='Path must be specified when not using global arg')
elif path and globally is True:
module.fail_json(msg='Cannot specify path if doing global installation')
if state == 'absent' and not name:
module.fail_json(msg='Package must be explicitly named when uninstalling.')
if state == 'latest':
version = 'latest'
# When installing globally, use the defined path for global node_modules
if globally:
path = Yarn.DEFAULT_GLOBAL_INSTALLATION_PATH
yarn = Yarn(module,
name=name,
path=path,
version=version,
globally=globally,
production=production,
executable=executable,
registry=registry,
ignore_scripts=ignore_scripts)
changed = False
out = ''
err = ''
if state == 'present':
if not name:
changed = True
out, err = yarn.install()
else:
installed, missing = yarn.list()
if len(missing):
changed = True
out, err = yarn.install()
elif state == 'latest':
if not name:
changed = True
out, err = yarn.install()
else:
installed, missing = yarn.list()
outdated = yarn.list_outdated()
if len(missing):
changed = True
out, err = yarn.install()
if len(outdated):
changed = True
out, err = yarn.update()
else:
# state == absent
installed, missing = yarn.list()
if name in installed:
changed = True
out, err = yarn.uninstall()
module.exit_json(changed=changed, out=out, err=err)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_fips_cc": {
"required": False,
"type": "dict",
"default": None,
"options": {
"entropy_token": {
"required": False,
"type": "str",
"choices": ["enable", "disable", "dynamic"]
},
"key_generation_self_test": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"self_test_period": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
module = AnsibleModule(
argument_spec=dict(type=dict(required=True, type='str'),
zone=dict(required=True,
aliases=['name'],
type='str'),
nameserver=dict(default=[], type='list'),
interfaces=dict(default=[], type='list'),
refresh=dict(default=3600, type='int'),
retry=dict(default=1800, type='int'),
expire=dict(default=604800, type='int'),
ttl=dict(default=600, type='int'),
contact=dict(default='', type='str'),
mx=dict(default=[], type='list'),
state=dict(default='present',
choices=['present', 'absent'],
type='str')),
supports_check_mode=True,
required_if=([('state', 'present', ['nameserver', 'interfaces'])]))
type = module.params['type']
zone = module.params['zone']
nameserver = module.params['nameserver']
interfaces = module.params['interfaces']
refresh = module.params['refresh']
retry = module.params['retry']
expire = module.params['expire']
ttl = module.params['ttl']
contact = module.params['contact']
mx = module.params['mx']
state = module.params['state']
changed = False
diff = None
obj = list(
ldap_search('(&(objectClass=dNSZone)(zoneName={0}))'.format(zone),
attr=['dNSZone']))
exists = bool(len(obj))
container = 'cn=dns,{0}'.format(base_dn())
dn = 'zoneName={0},{1}'.format(zone, container)
if contact == '':
contact = 'root@{0}.'.format(zone)
if state == 'present':
try:
if not exists:
obj = umc_module_for_add('dns/{0}'.format(type), container)
else:
obj = umc_module_for_edit('dns/{0}'.format(type), dn)
obj['zone'] = zone
obj['nameserver'] = nameserver
obj['a'] = interfaces
obj['refresh'] = convert_time(refresh)
obj['retry'] = convert_time(retry)
obj['expire'] = convert_time(expire)
obj['ttl'] = convert_time(ttl)
obj['contact'] = contact
obj['mx'] = mx
diff = obj.diff()
if exists:
for k in obj.keys():
if obj.hasChanged(k):
changed = True
else:
changed = True
if not module.check_mode:
if not exists:
obj.create()
elif changed:
obj.modify()
except Exception as e:
module.fail_json(
msg='Creating/editing dns zone {0} failed: {1}'.format(
zone, e))
if state == 'absent' and exists:
try:
obj = umc_module_for_edit('dns/{0}'.format(type), dn)
if not module.check_mode:
obj.remove()
changed = True
except Exception as e:
module.fail_json(
msg='Removing dns zone {0} failed: {1}'.format(zone, e))
module.exit_json(changed=changed, diff=diff, zone=zone)
def main():
"""main entry point for execution
"""
backup_spec = dict(
filename=dict(),
dir_path=dict(type='path')
)
argument_spec = dict(
backup=dict(default=False, type='bool'),
backup_options=dict(type='dict', options=backup_spec),
config=dict(type='str'),
commit=dict(type='bool'),
replace=dict(type='str'),
rollback=dict(type='int'),
commit_comment=dict(type='str'),
defaults=dict(default=False, type='bool'),
multiline_delimiter=dict(type='str'),
diff_replace=dict(choices=['line', 'block', 'config']),
diff_match=dict(choices=['line', 'strict', 'exact', 'none']),
diff_ignore_lines=dict(type='list')
)
mutually_exclusive = [('config', 'rollback')]
required_one_of = [['backup', 'config', 'rollback']]
module = AnsibleModule(argument_spec=argument_spec,
mutually_exclusive=mutually_exclusive,
required_one_of=required_one_of,
supports_check_mode=True)
result = {'changed': False}
connection = Connection(module._socket_path)
capabilities = module.from_json(connection.get_capabilities())
if capabilities:
device_operations = capabilities.get('device_operations', dict())
validate_args(module, device_operations)
else:
device_operations = dict()
if module.params['defaults']:
if 'get_default_flag' in capabilities.get('rpc'):
flags = connection.get_default_flag()
else:
flags = 'all'
else:
flags = []
candidate = module.params['config']
candidate = to_text(candidate, errors='surrogate_then_replace') if candidate else None
running = connection.get_config(flags=flags)
rollback_id = module.params['rollback']
if module.params['backup']:
result['__backup__'] = running
if candidate or rollback_id or module.params['replace']:
try:
result.update(run(module, device_operations, connection, candidate, running, rollback_id))
except Exception as exc:
module.fail_json(msg=to_text(exc))
module.exit_json(**result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_proxy_address": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"case_sensitivity": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"category": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"}
}},
"color": {"required": False, "type": "int"},
"comment": {"required": False, "type": "str"},
"header": {"required": False, "type": "str"},
"header_group": {"required": False, "type": "list",
"options": {
"case_sensitivity": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"header": {"required": False, "type": "str"},
"header_name": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"}
}},
"header_name": {"required": False, "type": "str"},
"host": {"required": False, "type": "str"},
"host_regex": {"required": False, "type": "str"},
"method": {"required": False, "type": "str",
"choices": ["get", "post", "put",
"head", "connect", "trace",
"options", "delete"]},
"name": {"required": True, "type": "str"},
"path": {"required": False, "type": "str"},
"query": {"required": False, "type": "str"},
"referrer": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tagging": {"required": False, "type": "list",
"options": {
"category": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"tags": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}}
}},
"type": {"required": False, "type": "str",
"choices": ["host-regex", "url", "category",
"method", "ua", "header",
"src-advanced", "dst-advanced"]},
"ua": {"required": False, "type": "str",
"choices": ["chrome", "ms", "firefox",
"safari", "other"]},
"uuid": {"required": False, "type": "str"},
"visibility": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
argument_spec = ucs_argument_spec
argument_spec.update(
org_dn=dict(type='str', default='org-root'),
name=dict(type='str', required=True),
description=dict(type='str', aliases=['descr'], default=''),
fabric=dict(type='str', default='A', choices=['A', 'B', 'A-B', 'B-A']),
redundancy_type=dict(type='str', default='none', choices=['none', 'primary', 'secondary']),
peer_redundancy_template=dict(type='str', aliases=['peer_redundancy_templ'], default=''),
target=dict(type='str', default='adapter', choices=['adapter', 'vm']),
template_type=dict(type='str', default='initial-template', choices=['initial-template', 'updating-template']),
vlans_list=dict(type='list'),
cdn_source=dict(type='str', default='vnic-name', choices=['vnic-name', 'user-defined']),
cdn_name=dict(type='str', default=''),
mtu=dict(type='str', default='1500'),
mac_pool=dict(type='str', default=''),
qos_policy=dict(type='str', default=''),
network_control_policy=dict(type='str', default=''),
pin_group=dict(type='str', default=''),
stats_policy=dict(type='str', default='default'),
state=dict(type='str', default='present', choices=['present', 'absent']),
)
module = AnsibleModule(
argument_spec,
supports_check_mode=True,
required_if=[
['cdn_source', 'user-defined', ['cdn_name']],
],
)
ucs = UCSModule(module)
err = False
# UCSModule creation above verifies ucsmsdk is present and exits on failure. Additional imports are done below.
from ucsmsdk.mometa.vnic.VnicLanConnTempl import VnicLanConnTempl
from ucsmsdk.mometa.vnic.VnicEtherIf import VnicEtherIf
changed = False
try:
mo_exists = False
props_match = False
# dn is <org_dn>/lan-conn-templ-<name>
dn = module.params['org_dn'] + '/lan-conn-templ-' + module.params['name']
mo = ucs.login_handle.query_dn(dn)
if mo:
mo_exists = True
if module.params['state'] == 'absent':
# mo must exist but all properties do not have to match
if mo_exists:
if not module.check_mode:
ucs.login_handle.remove_mo(mo)
ucs.login_handle.commit()
changed = True
else:
# set default params for lists which can't be done in the argument_spec
if module.params.get('vlans_list'):
for vlan in module.params['vlans_list']:
if not vlan.get('native'):
vlan['native'] = 'no'
if not vlan.get('state'):
vlan['state'] = 'present'
# for target 'adapter', change to internal UCS Manager spelling 'adaptor'
if module.params['target'] == 'adapter':
module.params['target'] = 'adaptor'
if mo_exists:
# check top-level mo props
kwargs = dict(descr=module.params['description'])
kwargs['switch_id'] = module.params['fabric']
kwargs['redundancy_pair_type'] = module.params['redundancy_type']
kwargs['peer_redundancy_templ_name'] = module.params['peer_redundancy_template']
kwargs['ident_pool_name'] = module.params['mac_pool']
# do not check shared props if this is a secondary template
if module.params['redundancy_type'] != 'secondary':
kwargs['target'] = module.params['target']
kwargs['templ_type'] = module.params['template_type']
kwargs['cdn_source'] = module.params['cdn_source']
kwargs['admin_cdn_name'] = module.params['cdn_name']
kwargs['mtu'] = module.params['mtu']
kwargs['qos_policy_name'] = module.params['qos_policy']
kwargs['nw_ctrl_policy_name'] = module.params['network_control_policy']
kwargs['pin_to_group_name'] = module.params['pin_group']
kwargs['stats_policy_name'] = module.params['stats_policy']
if mo.check_prop_match(**kwargs):
# top-level props match, check next level mo/props
if not module.params.get('vlans_list'):
props_match = True
else:
# check vlan props
for vlan in module.params['vlans_list']:
child_dn = dn + '/if-' + str(vlan['name'])
mo_1 = ucs.login_handle.query_dn(child_dn)
if vlan['state'] == 'absent':
if mo_1:
props_match = False
break
else:
if mo_1:
kwargs = dict(default_net=vlan['native'])
if mo_1.check_prop_match(**kwargs):
props_match = True
else:
props_match = False
break
if not props_match:
if not module.check_mode:
# create if mo does not already exist
# secondary template only sets non shared props
if module.params['redundancy_type'] == 'secondary':
mo = VnicLanConnTempl(
parent_mo_or_dn=module.params['org_dn'],
name=module.params['name'],
descr=module.params['description'],
switch_id=module.params['fabric'],
redundancy_pair_type=module.params['redundancy_type'],
peer_redundancy_templ_name=module.params['peer_redundancy_template'],
ident_pool_name=module.params['mac_pool'],
)
else:
mo = VnicLanConnTempl(
parent_mo_or_dn=module.params['org_dn'],
name=module.params['name'],
descr=module.params['description'],
switch_id=module.params['fabric'],
redundancy_pair_type=module.params['redundancy_type'],
peer_redundancy_templ_name=module.params['peer_redundancy_template'],
target=module.params['target'],
templ_type=module.params['template_type'],
cdn_source=module.params['cdn_source'],
admin_cdn_name=module.params['cdn_name'],
mtu=module.params['mtu'],
ident_pool_name=module.params['mac_pool'],
qos_policy_name=module.params['qos_policy'],
nw_ctrl_policy_name=module.params['network_control_policy'],
pin_to_group_name=module.params['pin_group'],
stats_policy_name=module.params['stats_policy'],
)
if module.params.get('vlans_list'):
for vlan in module.params['vlans_list']:
if vlan['state'] == 'absent':
child_dn = dn + '/if-' + str(vlan['name'])
mo_1 = ucs.login_handle.query_dn(child_dn)
ucs.login_handle.remove_mo(mo_1)
else:
mo_1 = VnicEtherIf(
parent_mo_or_dn=mo,
name=str(vlan['name']),
default_net=vlan['native'],
)
ucs.login_handle.add_mo(mo, True)
ucs.login_handle.commit()
changed = True
except Exception as e:
err = True
ucs.result['msg'] = "setup error: %s " % str(e)
ucs.result['changed'] = changed
if err:
module.fail_json(**ucs.result)
module.exit_json(**ucs.result)
def run_module():
# available arguments/parameters that a user can pass
module_args = dict(
state=dict(type='str', default='present', choices=['present', 'absent', 'opened', 'closed']),
device=dict(type='str'),
name=dict(type='str'),
keyfile=dict(type='path'),
new_keyfile=dict(type='path'),
remove_keyfile=dict(type='path'),
passphrase=dict(type='str', no_log=True),
new_passphrase=dict(type='str', no_log=True),
remove_passphrase=dict(type='str', no_log=True),
force_remove_last_key=dict(type='bool', default=False),
keysize=dict(type='int'),
label=dict(type='str'),
uuid=dict(type='str'),
type=dict(type='str', choices=['luks1', 'luks2']),
)
mutually_exclusive = [
('keyfile', 'passphrase'),
('new_keyfile', 'new_passphrase'),
('remove_keyfile', 'remove_passphrase')
]
# seed the result dict in the object
result = dict(
changed=False,
name=None
)
module = AnsibleModule(argument_spec=module_args,
supports_check_mode=True,
mutually_exclusive=mutually_exclusive)
if module.params['device'] is not None:
try:
statinfo = os.stat(module.params['device'])
mode = statinfo.st_mode
if not stat.S_ISBLK(mode) and not stat.S_ISCHR(mode):
raise Exception('{0} is not a device'.format(module.params['device']))
except Exception as e:
module.fail_json(msg=str(e))
crypt = CryptHandler(module)
conditions = ConditionsHandler(module, crypt)
# conditions not allowed to run
if module.params['label'] is not None and module.params['type'] == 'luks1':
module.fail_json(msg='You cannot combine type luks1 with the label option.')
# The conditions are in order to allow more operations in one run.
# (e.g. create luks and add a key to it)
# luks create
if conditions.luks_create():
if not module.check_mode:
try:
crypt.run_luks_create(conditions.device,
module.params['keyfile'],
module.params['passphrase'],
module.params['keysize'])
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
result['changed'] = True
if module.check_mode:
module.exit_json(**result)
# luks open
name = conditions.opened_luks_name()
if name is not None:
result['name'] = name
if conditions.luks_open():
name = module.params['name']
if name is None:
try:
name = crypt.generate_luks_name(conditions.device)
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
if not module.check_mode:
try:
crypt.run_luks_open(conditions.device,
module.params['keyfile'],
module.params['passphrase'],
name)
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
result['name'] = name
result['changed'] = True
if module.check_mode:
module.exit_json(**result)
# luks close
if conditions.luks_close():
if conditions.device is not None:
try:
name = crypt.get_container_name_by_device(
conditions.device)
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
else:
name = module.params['name']
if not module.check_mode:
try:
crypt.run_luks_close(name)
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
result['name'] = name
result['changed'] = True
if module.check_mode:
module.exit_json(**result)
# luks add key
if conditions.luks_add_key():
if not module.check_mode:
try:
crypt.run_luks_add_key(conditions.device,
module.params['keyfile'],
module.params['passphrase'],
module.params['new_keyfile'],
module.params['new_passphrase'])
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
result['changed'] = True
if module.check_mode:
module.exit_json(**result)
# luks remove key
if conditions.luks_remove_key():
if not module.check_mode:
try:
last_key = module.params['force_remove_last_key']
crypt.run_luks_remove_key(conditions.device,
module.params['remove_keyfile'],
module.params['remove_passphrase'],
force_remove_last_key=last_key)
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
result['changed'] = True
if module.check_mode:
module.exit_json(**result)
# luks remove
if conditions.luks_remove():
if not module.check_mode:
try:
crypt.run_luks_remove(conditions.device)
except ValueError as e:
module.fail_json(msg="luks_device error: %s" % e)
result['changed'] = True
if module.check_mode:
module.exit_json(**result)
# Success - return result
module.exit_json(**result)
def main():
argument_spec = rax_argument_spec()
argument_spec.update(
dict(
address=dict(),
condition=dict(choices=['enabled', 'disabled', 'draining']),
load_balancer_id=dict(required=True, type='int'),
node_id=dict(type='int'),
port=dict(type='int'),
state=dict(default='present', choices=['present', 'absent']),
type=dict(choices=['primary', 'secondary']),
virtualenv=dict(type='path'),
wait=dict(default=False, type='bool'),
wait_timeout=dict(default=30, type='int'),
weight=dict(type='int'),
))
module = AnsibleModule(
argument_spec=argument_spec,
required_together=rax_required_together(),
)
if not HAS_PYRAX:
module.fail_json(msg='pyrax is required for this module')
address = module.params['address']
condition = (module.params['condition']
and module.params['condition'].upper())
load_balancer_id = module.params['load_balancer_id']
node_id = module.params['node_id']
port = module.params['port']
state = module.params['state']
typ = module.params['type'] and module.params['type'].upper()
virtualenv = module.params['virtualenv']
wait = module.params['wait']
wait_timeout = module.params['wait_timeout'] or 1
weight = module.params['weight']
if virtualenv:
try:
_activate_virtualenv(virtualenv)
except IOError as e:
module.fail_json(msg='Failed to activate virtualenv %s (%s)' %
(virtualenv, e))
setup_rax_module(module, pyrax)
if not pyrax.cloud_loadbalancers:
module.fail_json(msg='Failed to instantiate client. This '
'typically indicates an invalid region or an '
'incorrectly capitalized region name.')
try:
lb = pyrax.cloud_loadbalancers.get(load_balancer_id)
except pyrax.exc.PyraxException as e:
module.fail_json(msg='%s' % e.message)
node = _get_node(lb, node_id, address, port)
result = rax_clb_node_to_dict(node)
if state == 'absent':
if not node: # Removing a non-existent node
module.exit_json(changed=False, state=state)
try:
lb.delete_node(node)
result = {}
except pyrax.exc.NotFound:
module.exit_json(changed=False, state=state)
except pyrax.exc.PyraxException as e:
module.fail_json(msg='%s' % e.message)
else: # present
if not node:
if node_id: # Updating a non-existent node
msg = 'Node %d not found' % node_id
if lb.nodes:
msg += (' (available nodes: %s)' %
', '.join([str(x.id) for x in lb.nodes]))
module.fail_json(msg=msg)
else: # Creating a new node
try:
node = pyrax.cloudloadbalancers.Node(address=address,
port=port,
condition=condition,
weight=weight,
type=typ)
resp, body = lb.add_nodes([node])
result.update(body['nodes'][0])
except pyrax.exc.PyraxException as e:
module.fail_json(msg='%s' % e.message)
else: # Updating an existing node
mutable = {
'condition': condition,
'type': typ,
'weight': weight,
}
for name, value in mutable.items():
if value is None or value == getattr(node, name):
mutable.pop(name)
if not mutable:
module.exit_json(changed=False, state=state, node=result)
try:
# The diff has to be set explicitly to update node's weight and
# type; this should probably be fixed in pyrax
lb.update_node(node, diff=mutable)
result.update(mutable)
except pyrax.exc.PyraxException as e:
module.fail_json(msg='%s' % e.message)
if wait:
pyrax.utils.wait_until(lb,
"status",
"ACTIVE",
interval=1,
attempts=wait_timeout)
if lb.status != 'ACTIVE':
module.fail_json(
msg='Load balancer not active after %ds (current status: %s)' %
(wait_timeout, lb.status.lower()))
kwargs = {'node': result} if result else {}
module.exit_json(changed=True, state=state, **kwargs)
def main():
argument_spec = ec2_argument_spec()
argument_spec.update(
dict(distribution_id=dict(required=False, type='str'),
invalidation_id=dict(required=False, type='str'),
origin_access_identity_id=dict(required=False, type='str'),
domain_name_alias=dict(required=False, type='str'),
all_lists=dict(required=False, default=False, type='bool'),
distribution=dict(required=False, default=False, type='bool'),
distribution_config=dict(required=False,
default=False,
type='bool'),
origin_access_identity=dict(required=False,
default=False,
type='bool'),
origin_access_identity_config=dict(required=False,
default=False,
type='bool'),
invalidation=dict(required=False, default=False, type='bool'),
streaming_distribution=dict(required=False,
default=False,
type='bool'),
streaming_distribution_config=dict(required=False,
default=False,
type='bool'),
list_origin_access_identities=dict(required=False,
default=False,
type='bool'),
list_distributions=dict(required=False,
default=False,
type='bool'),
list_distributions_by_web_acl_id=dict(required=False,
default=False,
type='bool'),
list_invalidations=dict(required=False,
default=False,
type='bool'),
list_streaming_distributions=dict(required=False,
default=False,
type='bool'),
summary=dict(required=False, default=False, type='bool')))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=False)
is_old_facts = module._name == 'cloudfront_facts'
if is_old_facts:
module.deprecate(
"The 'cloudfront_facts' module has been renamed to 'cloudfront_info', "
"and the renamed one no longer returns ansible_facts",
version='2.13')
if not HAS_BOTO3:
module.fail_json(msg='boto3 is required.')
service_mgr = CloudFrontServiceManager(module)
distribution_id = module.params.get('distribution_id')
invalidation_id = module.params.get('invalidation_id')
origin_access_identity_id = module.params.get('origin_access_identity_id')
web_acl_id = module.params.get('web_acl_id')
domain_name_alias = module.params.get('domain_name_alias')
all_lists = module.params.get('all_lists')
distribution = module.params.get('distribution')
distribution_config = module.params.get('distribution_config')
origin_access_identity = module.params.get('origin_access_identity')
origin_access_identity_config = module.params.get(
'origin_access_identity_config')
invalidation = module.params.get('invalidation')
streaming_distribution = module.params.get('streaming_distribution')
streaming_distribution_config = module.params.get(
'streaming_distribution_config')
list_origin_access_identities = module.params.get(
'list_origin_access_identities')
list_distributions = module.params.get('list_distributions')
list_distributions_by_web_acl_id = module.params.get(
'list_distributions_by_web_acl_id')
list_invalidations = module.params.get('list_invalidations')
list_streaming_distributions = module.params.get(
'list_streaming_distributions')
summary = module.params.get('summary')
aliases = []
result = {'cloudfront': {}}
facts = {}
require_distribution_id = (distribution or distribution_config
or invalidation or streaming_distribution
or streaming_distribution_config
or list_invalidations)
# set default to summary if no option specified
summary = summary or not (
distribution or distribution_config or origin_access_identity or
origin_access_identity_config or invalidation or streaming_distribution
or streaming_distribution_config or list_origin_access_identities
or list_distributions_by_web_acl_id or list_invalidations
or list_streaming_distributions or list_distributions)
# validations
if require_distribution_id and distribution_id is None and domain_name_alias is None:
module.fail_json(
msg=
'Error distribution_id or domain_name_alias have not been specified.'
)
if (invalidation and invalidation_id is None):
module.fail_json(msg='Error invalidation_id has not been specified.')
if (origin_access_identity or origin_access_identity_config
) and origin_access_identity_id is None:
module.fail_json(
msg='Error origin_access_identity_id has not been specified.')
if list_distributions_by_web_acl_id and web_acl_id is None:
module.fail_json(msg='Error web_acl_id has not been specified.')
# get distribution id from domain name alias
if require_distribution_id and distribution_id is None:
distribution_id = service_mgr.get_distribution_id_from_domain_name(
domain_name_alias)
if not distribution_id:
module.fail_json(
msg=
'Error unable to source a distribution id from domain_name_alias'
)
# set appropriate cloudfront id
if distribution_id and not list_invalidations:
facts = {distribution_id: {}}
aliases = service_mgr.get_aliases_from_distribution_id(distribution_id)
for alias in aliases:
facts.update({alias: {}})
if invalidation_id:
facts.update({invalidation_id: {}})
elif distribution_id and list_invalidations:
facts = {distribution_id: {}}
aliases = service_mgr.get_aliases_from_distribution_id(distribution_id)
for alias in aliases:
facts.update({alias: {}})
elif origin_access_identity_id:
facts = {origin_access_identity_id: {}}
elif web_acl_id:
facts = {web_acl_id: {}}
# get details based on options
if distribution:
facts_to_set = service_mgr.get_distribution(distribution_id)
if distribution_config:
facts_to_set = service_mgr.get_distribution_config(distribution_id)
if origin_access_identity:
facts[origin_access_identity_id].update(
service_mgr.get_origin_access_identity(origin_access_identity_id))
if origin_access_identity_config:
facts[origin_access_identity_id].update(
service_mgr.get_origin_access_identity_config(
origin_access_identity_id))
if invalidation:
facts_to_set = service_mgr.get_invalidation(distribution_id,
invalidation_id)
facts[invalidation_id].update(facts_to_set)
if streaming_distribution:
facts_to_set = service_mgr.get_streaming_distribution(distribution_id)
if streaming_distribution_config:
facts_to_set = service_mgr.get_streaming_distribution_config(
distribution_id)
if list_invalidations:
facts_to_set = {
'invalidations': service_mgr.list_invalidations(distribution_id)
}
if 'facts_to_set' in vars():
facts = set_facts_for_distribution_id_and_alias(
facts_to_set, facts, distribution_id, aliases)
# get list based on options
if all_lists or list_origin_access_identities:
facts[
'origin_access_identities'] = service_mgr.list_origin_access_identities(
)
if all_lists or list_distributions:
facts['distributions'] = service_mgr.list_distributions()
if all_lists or list_streaming_distributions:
facts[
'streaming_distributions'] = service_mgr.list_streaming_distributions(
)
if list_distributions_by_web_acl_id:
facts[
'distributions_by_web_acl_id'] = service_mgr.list_distributions_by_web_acl_id(
web_acl_id)
if list_invalidations:
facts['invalidations'] = service_mgr.list_invalidations(
distribution_id)
# default summary option
if summary:
facts['summary'] = service_mgr.summary()
result['changed'] = False
result['cloudfront'].update(facts)
if is_old_facts:
module.exit_json(msg="Retrieved CloudFront facts.",
ansible_facts=result)
else:
module.exit_json(msg="Retrieved CloudFront info.", **result)
def main():
module = AnsibleModule(argument_spec=dict(state=dict(
default="present",
choices=["present", "latest", "absent"],
required=False),
name=dict(aliases=["pkg"],
required=True,
type='list'),
cached=dict(default=False,
type='bool'),
annotation=dict(default="",
required=False),
pkgsite=dict(default="",
required=False),
rootdir=dict(default="",
required=False,
type='path'),
chroot=dict(default="",
required=False,
type='path'),
jail=dict(default="",
required=False,
type='str'),
autoremove=dict(default=False,
type='bool')),
supports_check_mode=True,
mutually_exclusive=[["rootdir", "chroot", "jail"]])
pkgng_path = module.get_bin_path('pkg', True)
p = module.params
pkgs = p["name"]
changed = False
msgs = []
dir_arg = ""
if p["rootdir"] != "":
old_pkgng = pkgng_older_than(module, pkgng_path, [1, 5, 0])
if old_pkgng:
module.fail_json(
msg="To use option 'rootdir' pkg version must be 1.5 or greater"
)
else:
dir_arg = "--rootdir %s" % (p["rootdir"])
if p["chroot"] != "":
dir_arg = '--chroot %s' % (p["chroot"])
if p["jail"] != "":
dir_arg = '--jail %s' % (p["jail"])
if p["state"] in ("present", "latest"):
_changed, _msg = install_packages(module, pkgng_path, pkgs,
p["cached"], p["pkgsite"], dir_arg,
p["state"])
changed = changed or _changed
msgs.append(_msg)
elif p["state"] == "absent":
_changed, _msg = remove_packages(module, pkgng_path, pkgs, dir_arg)
changed = changed or _changed
msgs.append(_msg)
if p["autoremove"]:
_changed, _msg = autoremove_packages(module, pkgng_path, dir_arg)
changed = changed or _changed
msgs.append(_msg)
if p["annotation"]:
_changed, _msg = annotate_packages(module, pkgng_path, pkgs,
p["annotation"], dir_arg)
changed = changed or _changed
msgs.append(_msg)
module.exit_json(changed=changed, msg=", ".join(msgs))
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"switch_controller_qos_ip_dscp_map": {
"required": False,
"type": "dict",
"default": None,
"options": {
"description": {
"required": False,
"type": "str"
},
"map": {
"required": False,
"type": "list",
"options": {
"cos_queue": {
"required": False,
"type": "int"
},
"diffserv": {
"required":
False,
"type":
"str",
"choices": [
"CS0", "CS1", "AF11", "AF12", "AF13", "CS2",
"AF21", "AF22", "AF23", "CS3", "AF31", "AF32",
"AF33", "CS4", "AF41", "AF42", "AF43", "CS5",
"EF", "CS6", "CS7"
]
},
"ip_precedence": {
"required":
False,
"type":
"str",
"choices": [
"network-control", "internetwork-control",
"critic-ecp", "flashoverride", "flash",
"immediate", "priority", "routine"
]
},
"name": {
"required": True,
"type": "str"
},
"value": {
"required": False,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller_qos(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller_qos(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
""" Initiates module."""
module = AnsibleModule(argument_spec=dict(
balancer_vhost=dict(required=True, default=None, type='str'),
balancer_url_suffix=dict(default="/balancer-manager/", type='str'),
member_host=dict(type='str'),
state=dict(type='str'),
tls=dict(default=False, type='bool'),
validate_certs=dict(default=True, type='bool')),
supports_check_mode=True)
if HAS_BEAUTIFULSOUP is False:
module.fail_json(msg=missing_required_lib('BeautifulSoup'),
exception=BEAUTIFUL_SOUP_IMP_ERR)
if module.params['state'] is not None:
states = module.params['state'].split(',')
if (len(states) > 1) and (("present" in states) or
("enabled" in states)):
module.fail_json(
msg=
"state present/enabled is mutually exclusive with other states!"
)
else:
for _state in states:
if _state not in [
'present', 'absent', 'enabled', 'disabled', 'drained',
'hot_standby', 'ignore_errors'
]:
module.fail_json(
msg=
"State can only take values amongst 'present', 'absent', 'enabled', 'disabled', 'drained', 'hot_standby', 'ignore_errors'."
)
else:
states = ['None']
mybalancer = Balancer(module.params['balancer_vhost'],
module.params['balancer_url_suffix'],
module=module,
tls=module.params['tls'])
if module.params['member_host'] is None:
json_output_list = []
for member in mybalancer.members:
json_output_list.append({
"host": member.host,
"status": member.status,
"protocol": member.protocol,
"port": member.port,
"path": member.path,
"attributes": member.attributes,
"management_url": member.management_url,
"balancer_url": member.balancer_url
})
module.exit_json(changed=False, members=json_output_list)
else:
changed = False
member_exists = False
member_status = {
'disabled': False,
'drained': False,
'hot_standby': False,
'ignore_errors': False
}
for mode in member_status.keys():
for state in states:
if mode == state:
member_status[mode] = True
elif mode == 'disabled' and state == 'absent':
member_status[mode] = True
for member in mybalancer.members:
if str(member.host) == str(module.params['member_host']):
member_exists = True
if module.params['state'] is not None:
member_status_before = member.status
if not module.check_mode:
member_status_after = member.status = member_status
else:
member_status_after = member_status
if member_status_before != member_status_after:
changed = True
json_output = {
"host": member.host,
"status": member.status,
"protocol": member.protocol,
"port": member.port,
"path": member.path,
"attributes": member.attributes,
"management_url": member.management_url,
"balancer_url": member.balancer_url
}
if member_exists:
module.exit_json(changed=changed, member=json_output)
else:
module.fail_json(msg=str(module.params['member_host']) +
' is not a member of the balancer ' +
str(module.params['balancer_vhost']) + '!')
def main():
module = AnsibleModule(argument_spec=dict(
name=dict(required=True),
template=dict(),
recreate_instances=dict(type='bool', default=False),
# Do not set a default size here. For Create and some update
# operations, it is required and should be explicitly set.
# Below, we set it to the existing value if it has not been set.
size=dict(type='int'),
state=dict(choices=['absent', 'present'], default='present'),
zone=dict(required=True),
autoscaling=dict(type='dict', default=None),
named_ports=dict(type='list', default=None),
service_account_email=dict(),
service_account_permissions=dict(type='list'),
pem_file=dict(type='path'),
credentials_file=dict(type='path'),
project_id=dict(), ), )
if not HAS_PYTHON26:
module.fail_json(
msg="GCE module requires python's 'ast' module, python v2.6+")
if not HAS_LIBCLOUD:
module.fail_json(
msg='libcloud with GCE Managed Instance Group support (1.2+) required for this module.')
gce = gce_connect(module)
if not hasattr(gce, 'ex_create_instancegroupmanager'):
module.fail_json(
msg='libcloud with GCE Managed Instance Group support (1.2+) required for this module.',
changed=False)
params = {}
params['state'] = module.params.get('state')
params['zone'] = module.params.get('zone')
params['name'] = module.params.get('name')
params['size'] = module.params.get('size')
params['template'] = module.params.get('template')
params['recreate_instances'] = module.params.get('recreate_instances')
params['autoscaling'] = module.params.get('autoscaling', None)
params['named_ports'] = module.params.get('named_ports', None)
(valid_autoscaling, as_msg) = _validate_autoscaling_params(params)
if not valid_autoscaling:
module.fail_json(msg=as_msg, changed=False)
if params['named_ports'] is not None and not hasattr(
gce, 'ex_instancegroup_set_named_ports'):
module.fail_json(
msg="Apache Libcloud 1.3.0+ is required to use 'named_ports' option",
changed=False)
(valid_named_ports, np_msg) = _validate_named_port_params(params)
if not valid_named_ports:
module.fail_json(msg=np_msg, changed=False)
changed = False
json_output = {'state': params['state'], 'zone': params['zone']}
mig = get_mig(gce, params['name'], params['zone'])
if not mig:
if params['state'] == 'absent':
# Doesn't exist in GCE, and state==absent.
changed = False
module.fail_json(
msg="Cannot delete unknown managed instance group: %s" %
(params['name']))
else:
# Create MIG
req_create_fields = [
{'name': 'template', 'required': True, 'type': str},
{'name': 'size', 'required': True, 'type': int}
] # yapf: disable
(valid_create_fields, valid_create_msg) = _check_params(
params, req_create_fields)
if not valid_create_fields:
module.fail_json(msg=valid_create_msg, changed=False)
(changed, json_output['created_instances']) = create_mig(gce,
params)
if params['autoscaling'] and params['autoscaling'][
'enabled'] is True:
# Fetch newly-created MIG and create Autoscaler for it.
mig = get_mig(gce, params['name'], params['zone'])
if not mig:
module.fail_json(
msg='Unable to fetch created MIG %s to create \
autoscaler in zone: %s' % (
params['name'], params['zone']), changed=False)
if not create_autoscaler(gce, mig, params['autoscaling']):
module.fail_json(
msg='Unable to fetch MIG %s to create autoscaler \
in zone: %s' % (params['name'], params['zone']),
changed=False)
json_output['created_autoscaler'] = True
# Add named ports if available
if params['named_ports']:
mig = get_mig(gce, params['name'], params['zone'])
if not mig:
module.fail_json(
msg='Unable to fetch created MIG %s to create \
autoscaler in zone: %s' % (
params['name'], params['zone']), changed=False)
json_output['set_named_ports'] = update_named_ports(
mig, params['named_ports'])
if json_output['set_named_ports']:
json_output['named_ports'] = params['named_ports']
elif params['state'] == 'absent':
# Delete MIG
# First, check and remove the autoscaler, if present.
# Note: multiple autoscalers can be associated to a single MIG. We
# only handle the one that is named, but we might want to think about this.
if params['autoscaling']:
autoscaler = get_autoscaler(gce, params['autoscaling']['name'],
params['zone'])
if not autoscaler:
module.fail_json(msg='Unable to fetch autoscaler %s to delete \
in zone: %s' % (params['autoscaling']['name'], params['zone']),
changed=False)
changed = delete_autoscaler(autoscaler)
json_output['deleted_autoscaler'] = changed
# Now, delete the MIG.
(changed, json_output['deleted_instances']) = delete_mig(mig)
else:
# Update MIG
# If we're going to update a MIG, we need a size and template values.
# If not specified, we use the values from the existing MIG.
if not params['size']:
params['size'] = mig.size
if not params['template']:
params['template'] = mig.template.name
if params['template'] != mig.template.name:
# Update Instance Template.
new_template = gce.ex_get_instancetemplate(params['template'])
mig.set_instancetemplate(new_template)
json_output['updated_instancetemplate'] = True
changed = True
if params['recreate_instances'] is True:
# Recreate Instances.
(changed, json_output['recreated_instances']
) = recreate_instances_in_mig(mig)
if params['size'] != mig.size:
# Resize MIG.
keystr = 'created' if params['size'] > mig.size else 'deleted'
(changed, json_output['resize_%s_instances' %
(keystr)]) = resize_mig(mig, params['size'])
# Update Autoscaler
if params['autoscaling']:
autoscaler = get_autoscaler(gce, params['autoscaling']['name'],
params['zone'])
if not autoscaler:
# Try to create autoscaler.
# Note: this isn't perfect, if the autoscaler name has changed
# we wouldn't know that here.
if not create_autoscaler(gce, mig, params['autoscaling']):
module.fail_json(
msg='Unable to create autoscaler %s for existing MIG %s\
in zone: %s' % (params['autoscaling']['name'],
params['name'], params['zone']),
changed=False)
json_output['created_autoscaler'] = True
changed = True
else:
if params['autoscaling']['enabled'] is False:
# Delete autoscaler
changed = delete_autoscaler(autoscaler)
json_output['delete_autoscaler'] = changed
else:
# Update policy, etc.
changed = update_autoscaler(gce, autoscaler,
params['autoscaling'])
json_output['updated_autoscaler'] = changed
named_ports = params['named_ports'] or []
json_output['updated_named_ports'] = update_named_ports(mig,
named_ports)
if json_output['updated_named_ports']:
json_output['named_ports'] = named_ports
json_output['changed'] = changed
json_output.update(params)
module.exit_json(**json_output)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_wccp": {
"required": False, "type": "dict", "default": None,
"options": {
"assignment_bucket_format": {"required": False, "type": "str",
"choices": ["wccp-v2", "cisco-implementation"]},
"assignment_dstaddr_mask": {"required": False, "type": "str"},
"assignment_method": {"required": False, "type": "str",
"choices": ["HASH", "MASK", "any"]},
"assignment_srcaddr_mask": {"required": False, "type": "str"},
"assignment_weight": {"required": False, "type": "int"},
"authentication": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"cache_engine_method": {"required": False, "type": "str",
"choices": ["GRE", "L2"]},
"cache_id": {"required": False, "type": "str"},
"forward_method": {"required": False, "type": "str",
"choices": ["GRE", "L2", "any"]},
"group_address": {"required": False, "type": "str"},
"password": {"required": False, "type": "str"},
"ports": {"required": False, "type": "str"},
"ports_defined": {"required": False, "type": "str",
"choices": ["source", "destination"]},
"primary_hash": {"required": False, "type": "str",
"choices": ["src-ip", "dst-ip", "src-port",
"dst-port"]},
"priority": {"required": False, "type": "int"},
"protocol": {"required": False, "type": "int"},
"return_method": {"required": False, "type": "str",
"choices": ["GRE", "L2", "any"]},
"router_id": {"required": False, "type": "str"},
"router_list": {"required": False, "type": "str"},
"server_list": {"required": False, "type": "str"},
"server_type": {"required": False, "type": "str",
"choices": ["forward", "proxy"]},
"service_id": {"required": False, "type": "str"},
"service_type": {"required": False, "type": "str",
"choices": ["auto", "standard", "dynamic"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_fortianalyzer_override_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"__change_ip": {
"required": False,
"type": "int"
},
"certificate": {
"required": False,
"type": "str"
},
"conn_timeout": {
"required": False,
"type": "int"
},
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low"]
},
"faz_type": {
"required": False,
"type": "int"
},
"hmac_algorithm": {
"required": False,
"type": "str",
"choices": ["sha256", "sha1"]
},
"ips_archive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mgmt_name": {
"required": False,
"type": "str"
},
"monitor_failure_retry_period": {
"required": False,
"type": "int"
},
"monitor_keepalive_period": {
"required": False,
"type": "int"
},
"override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"reliable": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"upload_day": {
"required": False,
"type": "str"
},
"upload_interval": {
"required": False,
"type": "str",
"choices": ["daily", "weekly", "monthly"]
},
"upload_option": {
"required":
False,
"type":
"str",
"choices":
["store-and-upload", "realtime", "1-minute", "5-minute"]
},
"upload_time": {
"required": False,
"type": "str"
},
"use_management_vdom": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortianalyzer(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortianalyzer(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
""" This section is for arguments parsing """
state_map = dict(present='role-create',
absent='role-delete',
update='role-modify')
module = AnsibleModule(
argument_spec=dict(
pn_cliswitch=dict(required=False, type='str'),
state=dict(required=True, type='str', choices=state_map.keys()),
pn_scope=dict(required=False,
type='str',
choices=['local', 'fabric']),
pn_access=dict(required=False,
type='str',
choices=['read-only', 'read-write']),
pn_shell=dict(required=False, type='bool'),
pn_sudo=dict(required=False, type='bool'),
pn_running_config=dict(required=False, type='bool'),
pn_name=dict(required=False, type='str'),
pn_delete_from_users=dict(required=False, type='bool'),
),
required_if=(
["state", "present", ["pn_name", "pn_scope"]],
["state", "absent", ["pn_name"]],
["state", "update", ["pn_name"]],
),
)
# Accessing the arguments
cliswitch = module.params['pn_cliswitch']
state = module.params['state']
scope = module.params['pn_scope']
access = module.params['pn_access']
shell = module.params['pn_shell']
sudo = module.params['pn_sudo']
running_config = module.params['pn_running_config']
name = module.params['pn_name']
delete_from_users = module.params['pn_delete_from_users']
command = state_map[state]
# Building the CLI command string
cli = pn_cli(module, cliswitch)
ROLE_EXISTS = check_cli(module, cli)
cli += ' %s name %s ' % (command, name)
if shell is (False or '') and sudo is True:
module.fail_json(failed=True, msg='sudo access requires shell access')
if command == 'role-modify':
if ROLE_EXISTS is False:
module.fail_json(failed=True,
msg='Role with name %s does not exist' % name)
if command == 'role-delete':
if ROLE_EXISTS is False:
module.exit_json(skipped=True,
msg='Role with name %s does not exist' % name)
if command == 'role-create':
if ROLE_EXISTS is True:
module.exit_json(skipped=True,
msg='Role with name %s already exists' % name)
if scope:
cli += ' scope ' + scope
if command != 'role-delete':
if access:
cli += ' access ' + access
cli += booleanArgs(shell, 'shell', 'no-shell')
cli += booleanArgs(sudo, 'sudo', 'no-sudo')
cli += booleanArgs(running_config, 'running-config',
'no-running-config')
if command == 'role-modify':
if delete_from_users:
cli += ' delete-from-users ' + delete_from_users
run_cli(module, cli, state_map)
def main():
# The following example playbooks:
#
# - cronvar: name="SHELL" value="/bin/bash"
#
# - name: Set the email
# cronvar: name="EMAILTO" value="*****@*****.**"
#
# - name: Get rid of the old new host variable
# cronvar: name="NEW_HOST" state=absent
#
# Would produce:
# SHELL = /bin/bash
# EMAILTO = [email protected]
module = AnsibleModule(
argument_spec=dict(
name=dict(type='str', required=True),
value=dict(type='str'),
user=dict(type='str'),
cron_file=dict(type='str'),
insertafter=dict(type='str'),
insertbefore=dict(type='str'),
state=dict(type='str',
default='present',
choices=['absent', 'present']),
backup=dict(type='bool', default=False),
),
mutually_exclusive=[['insertbefore', 'insertafter']],
supports_check_mode=False,
)
name = module.params['name']
value = module.params['value']
user = module.params['user']
cron_file = module.params['cron_file']
insertafter = module.params['insertafter']
insertbefore = module.params['insertbefore']
state = module.params['state']
backup = module.params['backup']
ensure_present = state == 'present'
changed = False
res_args = dict()
# Ensure all files generated are only writable by the owning user. Primarily relevant for the cron_file option.
os.umask(int('022', 8))
cronvar = CronVar(module, user, cron_file)
module.debug('cronvar instantiated - name: "%s"' % name)
# --- user input validation ---
if name is None and ensure_present:
module.fail_json(
msg="You must specify 'name' to insert a new cron variable")
if value is None and ensure_present:
module.fail_json(
msg="You must specify 'value' to insert a new cron variable")
if name is None and not ensure_present:
module.fail_json(
msg="You must specify 'name' to remove a cron variable")
# if requested make a backup before making a change
if backup:
(_, backup_file) = tempfile.mkstemp(prefix='cronvar')
cronvar.write(backup_file)
if cronvar.cron_file and not name and not ensure_present:
changed = cronvar.remove_job_file()
module.exit_json(changed=changed, cron_file=cron_file, state=state)
old_value = cronvar.find_variable(name)
if ensure_present:
if old_value is None:
cronvar.add_variable(name, value, insertbefore, insertafter)
changed = True
elif old_value != value:
cronvar.update_variable(name, value)
changed = True
else:
if old_value is not None:
cronvar.remove_variable(name)
changed = True
res_args = {"vars": cronvar.get_var_names(), "changed": changed}
if changed:
cronvar.write()
# retain the backup only if crontab or cron file have changed
if backup:
if changed:
res_args['backup_file'] = backup_file
else:
os.unlink(backup_file)
if cron_file:
res_args['cron_file'] = cron_file
module.exit_json(**res_args)
def main():
"""main entry point for module execution
"""
argument_spec = dict(
# { command: <str>, prompt: <str>, response: <str> }
commands=dict(type='list', required=True),
wait_for=dict(type='list'),
match=dict(default='all', choices=['all', 'any']),
retries=dict(default=10, type='int'),
interval=dict(default=1, type='int')
)
argument_spec.update(dellos6_argument_spec)
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
result = {'changed': False}
warnings = list()
check_args(module, warnings)
commands = parse_commands(module, warnings)
result['warnings'] = warnings
wait_for = module.params['wait_for'] or list()
try:
conditionals = [Conditional(c) for c in wait_for]
except AttributeError as exc:
module.fail_json(msg=to_text(exc))
retries = module.params['retries']
interval = module.params['interval']
match = module.params['match']
while retries > 0:
responses = run_commands(module, commands)
for item in list(conditionals):
if item(responses):
if match == 'any':
conditionals = list()
break
conditionals.remove(item)
if not conditionals:
break
time.sleep(interval)
retries -= 1
if conditionals:
failed_conditions = [item.raw for item in conditionals]
msg = 'One or more conditional statements have not been satisfied'
module.fail_json(msg=msg, failed_conditions=failed_conditions)
result.update({
'stdout': responses,
'stdout_lines': list(to_lines(responses))
})
module.exit_json(**result)
def main():
argument_spec = ovirt_full_argument_spec(
state=dict(type='str', default='present', choices=['absent', 'present']),
cluster=dict(type='str', required=True),
name=dict(type='str', required=True),
description=dict(type='str'),
vm_enforcing=dict(type='bool'),
vm_rule=dict(type='str', choices=['disabled', 'negative', 'positive']),
host_enforcing=dict(type='bool'),
host_rule=dict(type='str', choices=['disabled', 'negative', 'positive']),
vms=dict(type='list'),
hosts=dict(type='list'),
)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
check_sdk(module)
try:
auth = module.params.pop('auth')
connection = create_connection(auth)
# Check if unsupported parameters were passed:
supported_41 = ('host_enforcing', 'host_rule', 'hosts')
if not check_support(
version='4.1',
connection=connection,
module=module,
params=supported_41,
):
module.fail_json(
msg='Following parameters are supported since 4.1: {params}'.format(
params=supported_41,
)
)
clusters_service = connection.system_service().clusters_service()
vms_service = connection.system_service().vms_service()
hosts_service = connection.system_service().hosts_service()
cluster_name = module.params['cluster']
cluster = search_by_name(clusters_service, cluster_name)
if cluster is None:
raise Exception("Cluster '%s' was not found." % cluster_name)
cluster_service = clusters_service.cluster_service(cluster.id)
affinity_groups_service = cluster_service.affinity_groups_service()
# Fetch VM ids which should be assigned to affinity group:
vm_ids = sorted([
get_id_by_name(vms_service, vm_name)
for vm_name in module.params['vms']
]) if module.params['vms'] is not None else None
# Fetch host ids which should be assigned to affinity group:
host_ids = sorted([
get_id_by_name(hosts_service, host_name)
for host_name in module.params['hosts']
]) if module.params['hosts'] is not None else None
affinity_groups_module = AffinityGroupsModule(
connection=connection,
module=module,
service=affinity_groups_service,
vm_ids=vm_ids,
host_ids=host_ids,
)
state = module.params['state']
if state == 'present':
ret = affinity_groups_module.create()
elif state == 'absent':
ret = affinity_groups_module.remove()
module.exit_json(**ret)
except Exception as e:
module.fail_json(msg=str(e), exception=traceback.format_exc())
finally:
connection.close(logout=auth.get('token') is None)
def main():
module = AnsibleModule(
argument_spec=dict(
name=dict(required=True, type='str'),
type=dict(default='ipv4',
type='str',
aliases=['tunnel_type'],
choices=SUPPORTED_TYPES),
local_address=dict(type='str', aliases=['local']),
remote_address=dict(type='str', aliases=['remote']),
temporary=dict(default=False, type='bool'),
state=dict(default='present', choices=['absent', 'present']),
),
required_if=[
['state', 'present', ['local_address', 'remote_address']],
],
supports_check_mode=True)
iptun = IPTun(module)
rc = None
out = ''
err = ''
result = {}
result['name'] = iptun.name
result['type'] = iptun.type
result['local_address'] = iptun.local_address
result['remote_address'] = iptun.remote_address
result['state'] = iptun.state
result['temporary'] = iptun.temporary
if iptun.state == 'absent':
if iptun.iptun_exists():
if module.check_mode:
module.exit_json(changed=True)
(rc, out, err) = iptun.delete_iptun()
if rc != 0:
module.fail_json(name=iptun.name, msg=err, rc=rc)
elif iptun.state == 'present':
if not iptun.iptun_exists():
if module.check_mode:
module.exit_json(changed=True)
(rc, out, err) = iptun.create_iptun()
if rc is not None and rc != 0:
module.fail_json(name=iptun.name, msg=err, rc=rc)
else:
if iptun.iptun_needs_updating():
(rc, out, err) = iptun.update_iptun()
if rc != 0:
module.fail_json(
msg='Error while updating tunnel interface: "%s"' %
err,
name=iptun.name,
stderr=err,
rc=rc)
if rc is None:
result['changed'] = False
else:
result['changed'] = True
if out:
result['stdout'] = out
if err:
result['stderr'] = err
module.exit_json(**result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"router_access_list": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comments": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"rule": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["permit", "deny"]
},
"exact_match": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"flags": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"prefix": {
"required": False,
"type": "str"
},
"wildcard": {
"required": False,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
module_specific_arguments = dict(
policyname=dict(type='str'),
url=dict(type='str'),
rule=dict(type='str'),
domain=dict(type='str'),
action=dict(type='str'),
)
hand_inserted_arguments = dict()
argument_spec = dict()
argument_spec.update(netscaler_common_arguments)
argument_spec.update(module_specific_arguments)
argument_spec.update(hand_inserted_arguments)
module = AnsibleModule(
argument_spec=argument_spec,
supports_check_mode=True,
)
module_result = dict(
changed=False,
failed=False,
loglines=loglines,
)
# Fail the module if imports failed
if not PYTHON_SDK_IMPORTED:
module.fail_json(msg='Could not load nitro python sdk')
# Fallthrough to rest of execution
client = get_nitro_client(module)
try:
client.login()
except nitro_exception as e:
msg = "nitro exception during login. errorcode=%s, message=%s" % (str(
e.errorcode), e.message)
module.fail_json(msg=msg)
except Exception as e:
if str(type(e)) == "<class 'requests.exceptions.ConnectionError'>":
module.fail_json(msg='Connection error %s' % str(e))
elif str(type(e)) == "<class 'requests.exceptions.SSLError'>":
module.fail_json(msg='SSL Error %s' % str(e))
else:
module.fail_json(msg='Unexpected error during login %s' % str(e))
readwrite_attrs = [
'policyname',
'url',
'rule',
'domain',
'action',
]
readonly_attrs = [
'vstype',
'hits',
'bindhits',
'labelname',
'labeltype',
'priority',
'activepolicy',
'cspolicytype',
]
transforms = {}
# Instantiate config proxy
cspolicy_proxy = ConfigProxy(
actual=cspolicy(),
client=client,
attribute_values_dict=module.params,
readwrite_attrs=readwrite_attrs,
readonly_attrs=readonly_attrs,
transforms=transforms,
)
try:
ensure_feature_is_enabled(client, 'CS')
# Apply appropriate state
if module.params['state'] == 'present':
log('Sanity checks for state present')
if not policy_exists(client, module):
if not module.check_mode:
cspolicy_proxy.add()
if module.params['save_config']:
client.save_config()
module_result['changed'] = True
elif not policy_identical(client, module, cspolicy_proxy):
if not module.check_mode:
cspolicy_proxy.update()
if module.params['save_config']:
client.save_config()
module_result['changed'] = True
else:
module_result['changed'] = False
# Sanity check for state
if not module.check_mode:
log('Sanity checks for state present')
if not policy_exists(client, module):
module.fail_json(msg='Policy does not exist',
**module_result)
if not policy_identical(client, module, cspolicy_proxy):
module.fail_json(msg='Policy differs from configured',
diff=diff_list(client, module,
cspolicy_proxy),
**module_result)
elif module.params['state'] == 'absent':
log('Applying actions for state absent')
if policy_exists(client, module):
if not module.check_mode:
cspolicy_proxy.delete()
if module.params['save_config']:
client.save_config()
module_result['changed'] = True
else:
module_result['changed'] = False
# Sanity check for state
if not module.check_mode:
log('Sanity checks for state absent')
if policy_exists(client, module):
module.fail_json(msg='Policy still exists',
**module_result)
except nitro_exception as e:
msg = "nitro exception errorcode=%s, message=%s" % (str(
e.errorcode), e.message)
module.fail_json(msg=msg, **module_result)
client.logout()
module.exit_json(**module_result)
def main():
"""entry point for module execution
"""
argument_spec = dict(
source=dict(choices=['running', 'candidate', 'startup']),
filter=dict(),
display=dict(choices=['json', 'pretty', 'xml']),
lock=dict(default='never', choices=['never', 'always',
'if-supported']))
module = AnsibleModule(argument_spec=argument_spec,
supports_check_mode=True)
capabilities = get_capabilities(module)
operations = capabilities['device_operations']
source = module.params['source']
filter = module.params['filter']
filter_type = get_filter_type(filter)
lock = module.params['lock']
display = module.params['display']
if source == 'candidate' and not operations.get('supports_commit', False):
module.fail_json(
msg='candidate source is not supported on this device')
if source == 'startup' and not operations.get('supports_startup', False):
module.fail_json(msg='startup source is not supported on this device')
if filter_type == 'xpath' and not operations.get('supports_xpath', False):
module.fail_json(
msg=
"filter value '%s' of type xpath is not supported on this device" %
filter)
# If source is None, NETCONF <get> operation is issued, reading config/state data
# from the running datastore. The python expression "(source or 'running')" results
# in the value of source (if not None) or the value 'running' (if source is None).
if lock == 'never':
execute_lock = False
elif (source or 'running') in operations.get('lock_datastore', []):
# lock is requested (always/if-support) and supported => lets do it
execute_lock = True
else:
# lock is requested (always/if-supported) but not supported => issue warning
module.warn(
"lock operation on '%s' source is not supported on this device" %
(source or 'running'))
execute_lock = (lock == 'always')
if display == 'json' and not HAS_JXMLEASE:
module.fail_json(
msg='jxmlease is required to display response in json format'
'but does not appear to be installed. '
'It can be installed using `pip install jxmlease`')
filter_spec = (filter_type, filter) if filter_type else None
if source is not None:
response = get_config(module, source, filter_spec, execute_lock)
else:
response = get(module, filter_spec, execute_lock)
xml_resp = to_text(tostring(response))
output = None
if display == 'xml':
output = remove_namespaces(xml_resp)
elif display == 'json':
try:
output = jxmlease.parse(xml_resp)
except Exception:
raise ValueError(xml_resp)
elif display == 'pretty':
output = to_text(tostring(response, pretty_print=True))
result = {'stdout': xml_resp, 'output': output}
module.exit_json(**result)
def main():
""" main entry point for module execution
"""
neighbors_spec = dict(host=dict(), port=dict())
element_spec = dict(name=dict(),
description=dict(),
speed=dict(),
mtu=dict(),
enabled=dict(default=True, type='bool'),
tx_rate=dict(),
rx_rate=dict(),
neighbors=dict(type='list',
elements='dict',
options=neighbors_spec),
delay=dict(default=10, type='int'),
state=dict(default='present',
choices=['present', 'absent', 'up',
'down']))
aggregate_spec = deepcopy(element_spec)
aggregate_spec['name'] = dict(required=True)
# remove default in aggregate spec, to handle common arguments
remove_default_spec(aggregate_spec)
argument_spec = dict(aggregate=dict(type='list',
elements='dict',
options=aggregate_spec), )
argument_spec.update(element_spec)
argument_spec.update(eos_argument_spec)
required_one_of = [['name', 'aggregate']]
mutually_exclusive = [['name', 'aggregate']]
module = AnsibleModule(argument_spec=argument_spec,
required_one_of=required_one_of,
mutually_exclusive=mutually_exclusive,
supports_check_mode=True)
warnings = list()
result = {'changed': False}
if warnings:
result['warnings'] = warnings
want = map_params_to_obj(module)
have = map_config_to_obj(module)
commands = map_obj_to_commands((want, have), module)
result['commands'] = commands
if commands:
commit = not module.check_mode
response = load_config(module, commands, commit=commit)
if response.get('diff') and module._diff:
result['diff'] = {'prepared': response.get('diff')}
result['session_name'] = response.get('session')
result['changed'] = True
failed_conditions = check_declarative_intent_params(module, want, result)
if failed_conditions:
msg = 'One or more conditional statements have not been satisfied'
module.fail_json(msg=msg, failed_conditions=failed_conditions)
module.exit_json(**result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"vpn_certificate_local": {
"required": False, "type": "dict", "default": None,
"options": {
"auto_regenerate_days": {"required": False, "type": "int"},
"auto_regenerate_days_warning": {"required": False, "type": "int"},
"ca_identifier": {"required": False, "type": "str"},
"certificate": {"required": False, "type": "str"},
"cmp_path": {"required": False, "type": "str"},
"cmp_regeneration_method": {"required": False, "type": "str",
"choices": ["keyupate", "renewal"]},
"cmp_server": {"required": False, "type": "str"},
"cmp_server_cert": {"required": False, "type": "str"},
"comments": {"required": False, "type": "str"},
"csr": {"required": False, "type": "str"},
"enroll_protocol": {"required": False, "type": "str",
"choices": ["none", "scep", "cmpv2"]},
"ike_localid": {"required": False, "type": "str"},
"ike_localid_type": {"required": False, "type": "str",
"choices": ["asn1dn", "fqdn"]},
"last_updated": {"required": False, "type": "int"},
"name": {"required": True, "type": "str"},
"name_encoding": {"required": False, "type": "str",
"choices": ["printable", "utf8"]},
"password": {"required": False, "type": "str"},
"private_key": {"required": False, "type": "str"},
"range": {"required": False, "type": "str",
"choices": ["global", "vdom"]},
"scep_password": {"required": False, "type": "str"},
"scep_url": {"required": False, "type": "str"},
"source": {"required": False, "type": "str",
"choices": ["factory", "user", "bundle"]},
"source_ip": {"required": False, "type": "str"},
"state": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_certificate(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_certificate(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
class ISIS_Instance(object):
"""Manages ISIS Instance"""
def __init__(self, argument_spec):
self.spec = argument_spec
self.module = None
self.__init_module__()
# module input info
self.instance_id = self.module.params['instance_id']
self.vpn_name = self.module.params['vpn_name']
self.state = self.module.params['state']
# state
self.changed = False
self.isis_dict = dict()
self.updates_cmd = list()
self.commands = list()
self.results = dict()
self.proposed = dict()
self.existing = dict()
self.end_state = dict()
def __init_module__(self):
"""init module"""
self.module = AnsibleModule(argument_spec=self.spec,
supports_check_mode=True)
def get_isis_dict(self):
"""isis config dict"""
isis_dict = dict()
isis_dict["instance"] = dict()
conf_str = CE_NC_GET_ISIS % (
(CE_NC_GET_ISIS_INSTANCE % self.instance_id))
xml_str = get_nc_config(self.module, conf_str)
if "<data/>" in xml_str:
return isis_dict
xml_str = xml_str.replace('\r', '').replace('\n', '').\
replace('xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"', "").\
replace('xmlns="http://www.huawei.com/netconf/vrp"', "")
root = ElementTree.fromstring(xml_str)
# get isis info
glb = root.find("isiscomm/isSites/isSite")
if glb:
for attr in glb:
isis_dict["instance"][attr.tag] = attr.text
return isis_dict
def config_session(self):
"""configures isis"""
xml_str = ""
instance = self.isis_dict["instance"]
if not self.instance_id:
return xml_str
if self.state == "present":
xml_str = "<instanceId>%s</instanceId>" % self.instance_id
self.updates_cmd.append("isis %s" % self.instance_id)
if self.vpn_name:
xml_str += "<vpnName>%s</vpnName>" % self.vpn_name
self.updates_cmd.append("vpn-instance %s" % self.vpn_name)
else:
# absent
if self.instance_id and str(
self.instance_id) == instance.get("instanceId"):
xml_str = "<instanceId>%s</instanceId>" % self.instance_id
self.updates_cmd.append("undo isis %s" % self.instance_id)
if self.state == "present":
return '<isSites><isSite operation="merge">' + xml_str + '</isSite></isSites>'
else:
if xml_str:
return '<isSites><isSite operation="delete">' + xml_str + '</isSite></isSites>'
def netconf_load_config(self, xml_str):
"""load isis config by netconf"""
if not xml_str:
return
xml_cfg = """
<config>
<isiscomm xmlns="http://www.huawei.com/netconf/vrp" content-version="1.0" format-version="1.0">
%s
</isiscomm>
</config>""" % xml_str
set_nc_config(self.module, xml_cfg)
self.changed = True
def check_params(self):
"""Check all input params"""
# check instance id
if not self.instance_id:
self.module.fail_json(
msg="Error: Missing required arguments: instance_id.")
if self.instance_id:
if self.instance_id < 1 or self.instance_id > 4294967295:
self.module.fail_json(
msg="Error: Instance id is not ranges from 1 to 4294967295."
)
# check vpn_name
if self.vpn_name:
if not is_valid_ip_vpn(self.vpn_name):
self.module.fail_json(
msg="Error: Session vpn_name is invalid.")
def get_proposed(self):
"""get proposed info"""
# base config
self.proposed["instance_id"] = self.instance_id
self.proposed["vpn_name"] = self.vpn_name
self.proposed["state"] = self.state
def get_existing(self):
"""get existing info"""
if not self.isis_dict:
self.existing["instance"] = None
self.existing["instance"] = self.isis_dict.get("instance")
def get_end_state(self):
"""get end state info"""
isis_dict = self.get_isis_dict()
if not isis_dict:
self.end_state["instance"] = None
self.end_state["instance"] = isis_dict.get("instance")
if self.end_state == self.existing:
self.changed = False
def work(self):
"""worker"""
self.check_params()
self.isis_dict = self.get_isis_dict()
self.get_existing()
self.get_proposed()
# deal present or absent
xml_str = ''
if self.instance_id:
cfg_str = self.config_session()
if cfg_str:
xml_str += cfg_str
# update to device
if xml_str:
self.netconf_load_config(xml_str)
self.changed = True
self.get_end_state()
self.results['changed'] = self.changed
self.results['proposed'] = self.proposed
self.results['existing'] = self.existing
self.results['end_state'] = self.end_state
if self.changed:
self.results['updates'] = self.updates_cmd
else:
self.results['updates'] = list()
self.module.exit_json(**self.results)
def main():
argument_spec = get_default_argspec()
argument_spec.update(
dict(
terms_agreed=dict(type='bool', default=False),
state=dict(type='str',
required=True,
choices=['absent', 'present', 'changed_key']),
allow_creation=dict(type='bool', default=True),
contact=dict(type='list', elements='str', default=[]),
new_account_key_src=dict(type='path'),
new_account_key_content=dict(type='str', no_log=True),
))
module = AnsibleModule(
argument_spec=argument_spec,
required_one_of=(['account_key_src', 'account_key_content'], ),
mutually_exclusive=(
['account_key_src', 'account_key_content'],
['new_account_key_src', 'new_account_key_content'],
),
required_if=(
# Make sure that for state == changed_key, one of
# new_account_key_src and new_account_key_content are specified
[
'state', 'changed_key',
['new_account_key_src', 'new_account_key_content'], True
], ),
supports_check_mode=True,
)
handle_standard_module_arguments(module, needs_acme_v2=True)
try:
account = ACMEAccount(module)
changed = False
state = module.params.get('state')
diff_before = {}
diff_after = {}
if state == 'absent':
created, account_data = account.setup_account(allow_creation=False)
if account_data:
diff_before = dict(account_data)
diff_before['public_account_key'] = account.key_data['jwk']
if created:
raise AssertionError('Unwanted account creation')
if account_data is not None:
# Account is not yet deactivated
if not module.check_mode:
# Deactivate it
payload = {'status': 'deactivated'}
result, info = account.send_signed_request(
account.uri, payload)
if info['status'] != 200:
raise ModuleFailException(
'Error deactivating account: {0} {1}'.format(
info['status'], result))
changed = True
elif state == 'present':
allow_creation = module.params.get('allow_creation')
# Make sure contact is a list of strings (unfortunately, Ansible doesn't do that for us)
contact = [str(v) for v in module.params.get('contact')]
terms_agreed = module.params.get('terms_agreed')
created, account_data = account.setup_account(
contact,
terms_agreed=terms_agreed,
allow_creation=allow_creation,
)
if account_data is None:
raise ModuleFailException(
msg='Account does not exist or is deactivated.')
if created:
diff_before = {}
else:
diff_before = dict(account_data)
diff_before['public_account_key'] = account.key_data['jwk']
updated = False
if not created:
updated, account_data = account.update_account(
account_data, contact)
changed = created or updated
diff_after = dict(account_data)
diff_after['public_account_key'] = account.key_data['jwk']
elif state == 'changed_key':
# Parse new account key
error, new_key_data = account.parse_key(
module.params.get('new_account_key_src'),
module.params.get('new_account_key_content'))
if error:
raise ModuleFailException(
"error while parsing account key: %s" % error)
# Verify that the account exists and has not been deactivated
created, account_data = account.setup_account(allow_creation=False)
if created:
raise AssertionError('Unwanted account creation')
if account_data is None:
raise ModuleFailException(
msg='Account does not exist or is deactivated.')
diff_before = dict(account_data)
diff_before['public_account_key'] = account.key_data['jwk']
# Now we can start the account key rollover
if not module.check_mode:
# Compose inner signed message
# https://tools.ietf.org/html/rfc8555#section-7.3.5
url = account.directory['keyChange']
protected = {
"alg": new_key_data['alg'],
"jwk": new_key_data['jwk'],
"url": url,
}
payload = {
"account": account.uri,
"newKey":
new_key_data['jwk'], # specified in draft 12 and older
"oldKey": account.jwk, # specified in draft 13 and newer
}
data = account.sign_request(protected, payload, new_key_data)
# Send request and verify result
result, info = account.send_signed_request(url, data)
if info['status'] != 200:
raise ModuleFailException(
'Error account key rollover: {0} {1}'.format(
info['status'], result))
if module._diff:
account.key_data = new_key_data
account.jws_header['alg'] = new_key_data['alg']
diff_after = account.get_account_data()
elif module._diff:
# Kind of fake diff_after
diff_after = dict(diff_before)
diff_after['public_account_key'] = new_key_data['jwk']
changed = True
result = {
'changed': changed,
'account_uri': account.uri,
}
if module._diff:
result['diff'] = {
'before': diff_before,
'after': diff_after,
}
module.exit_json(**result)
except ModuleFailException as e:
e.do_fail(module)
def main():
argument_spec = vmware_argument_spec()
argument_spec.update(name=dict(type='str'),
name_match=dict(type='str',
choices=['first', 'last'],
default='first'),
uuid=dict(type='str'),
use_instance_uuid=dict(type='bool', default=False),
moid=dict(type='str'),
folder=dict(type='str'),
datacenter=dict(type='str', required=True),
tags=dict(type='bool', default=False),
schema=dict(type='str',
choices=['summary', 'vsphere'],
default='summary'),
properties=dict(type='list'))
module = AnsibleModule(argument_spec=argument_spec,
required_one_of=[['name', 'uuid', 'moid']],
supports_check_mode=True)
if module._name == 'vmware_guest_facts':
module.deprecate(
"The 'vmware_guest_facts' module has been renamed to 'vmware_guest_info'",
version='2.13')
if module.params.get('folder'):
# FindByInventoryPath() does not require an absolute path
# so we should leave the input folder path unmodified
module.params['folder'] = module.params['folder'].rstrip('/')
if module.params['schema'] != 'vsphere' and module.params.get(
'properties'):
module.fail_json(
msg=
"The option 'properties' is only valid when the schema is 'vsphere'"
)
pyv = PyVmomi(module)
# Check if the VM exists before continuing
vm = pyv.get_vm()
# VM already exists
if vm:
try:
if module.params['schema'] == 'summary':
instance = pyv.gather_facts(vm)
else:
instance = pyv.to_json(vm, module.params['properties'])
if module.params.get('tags'):
if not HAS_VSPHERE:
module.fail_json(
msg=
"Unable to find 'vCloud Suite SDK' Python library which is required."
" Please refer this URL for installation steps"
" - https://code.vmware.com/web/sdk/60/vcloudsuite-python"
)
vm_rest_client = VmwareTag(module)
instance.update(tags=vm_rest_client.get_vm_tags(
vm_rest_client.tag_service,
vm_rest_client.tag_association_svc,
vm_mid=vm._moId))
module.exit_json(instance=instance)
except Exception as exc:
module.fail_json(
msg="Information gathering failed with exception %s" %
to_text(exc))
else:
vm_id = (module.params.get('uuid') or module.params.get('name')
or module.params.get('moid'))
module.fail_json(
msg="Unable to gather information for non-existing VM %s" % vm_id)
