|
Packit Service |
0f71a7 |
# -*- coding: utf-8 -*-
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
# Authors:
|
|
Packit Service |
0f71a7 |
# Chris Procter <cprocter@redhat.com>
|
|
Packit Service |
0f71a7 |
#
|
|
Packit Service |
0f71a7 |
# Copyright (C) 2019 Red Hat
|
|
Packit Service |
0f71a7 |
# see file 'COPYING' for use and warranty information
|
|
Packit Service |
0f71a7 |
#
|
|
Packit Service |
0f71a7 |
# This program is free software; you can redistribute it and/or modify
|
|
Packit Service |
0f71a7 |
# it under the terms of the GNU General Public License as published by
|
|
Packit Service |
0f71a7 |
# the Free Software Foundation, either version 3 of the License, or
|
|
Packit Service |
0f71a7 |
# (at your option) any later version.
|
|
Packit Service |
0f71a7 |
#
|
|
Packit Service |
0f71a7 |
# This program is distributed in the hope that it will be useful,
|
|
Packit Service |
0f71a7 |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
0f71a7 |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit Service |
0f71a7 |
# GNU General Public License for more details.
|
|
Packit Service |
0f71a7 |
#
|
|
Packit Service |
0f71a7 |
# You should have received a copy of the GNU General Public License
|
|
Packit Service |
0f71a7 |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
ANSIBLE_METADATA = {
|
|
Packit Service |
0f71a7 |
"metadata_version": "1.0",
|
|
Packit Service |
0f71a7 |
"supported_by": "community",
|
|
Packit Service |
0f71a7 |
"status": ["preview"],
|
|
Packit Service |
0f71a7 |
}
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
DOCUMENTATION = '''
|
|
Packit Service |
0f71a7 |
---
|
|
Packit Service |
0f71a7 |
module: ipa_dnsforwardzone
|
|
Packit Service |
0f71a7 |
author: chris procter
|
|
Packit Service |
0f71a7 |
short_description: Manage FreeIPA DNS Forwarder Zones
|
|
Packit Service |
0f71a7 |
description:
|
|
Packit Service |
0f71a7 |
- Add and delete an IPA DNS Forwarder Zones using IPA API
|
|
Packit Service |
0f71a7 |
options:
|
|
Packit Service |
0f71a7 |
ipaadmin_principal:
|
|
Packit Service |
0f71a7 |
description: The admin principal
|
|
Packit Service |
0f71a7 |
default: admin
|
|
Packit Service |
0f71a7 |
ipaadmin_password:
|
|
Packit Service |
0f71a7 |
description: The admin password
|
|
Packit Service |
0f71a7 |
required: false
|
|
Packit Service |
0f71a7 |
name:
|
|
Packit Service |
0f71a7 |
description:
|
|
Packit Service |
0f71a7 |
- The DNS zone name which needs to be managed.
|
|
Packit Service |
0f71a7 |
required: true
|
|
Packit Service |
0f71a7 |
aliases: ["cn"]
|
|
Packit Service |
0f71a7 |
state:
|
|
Packit Service |
0f71a7 |
description: State to ensure
|
|
Packit Service |
0f71a7 |
required: false
|
|
Packit Service |
0f71a7 |
default: present
|
|
Packit Service |
0f71a7 |
choices: ["present", "absent", "enabled", "disabled"]
|
|
Packit Service |
0f71a7 |
forwarders:
|
|
Packit Service |
0f71a7 |
description:
|
|
Packit Service |
0f71a7 |
- List of the DNS servers to forward to
|
|
Packit Service |
0f71a7 |
aliases: ["idnsforwarders"]
|
|
Packit Service |
dd17a3 |
options:
|
|
Packit Service |
dd17a3 |
ip_address:
|
|
Packit Service |
dd17a3 |
description: Forwarder IP address (either IPv4 or IPv6).
|
|
Packit Service |
dd17a3 |
required: false
|
|
Packit Service |
dd17a3 |
type: string
|
|
Packit Service |
dd17a3 |
port:
|
|
Packit Service |
dd17a3 |
description: Forwarder port.
|
|
Packit Service |
dd17a3 |
required: false
|
|
Packit Service |
dd17a3 |
type: int
|
|
Packit Service |
0f71a7 |
forwardpolicy:
|
|
Packit Service |
0f71a7 |
description: Per-zone conditional forwarding policy
|
|
Packit Service |
0f71a7 |
required: false
|
|
Packit Service |
0f71a7 |
default: only
|
|
Packit Service |
0f71a7 |
choices: ["only", "first", "none"]
|
|
Packit Service |
0f71a7 |
aliases: ["idnsforwarders"]
|
|
Packit Service |
0f71a7 |
skip_overlap_check:
|
|
Packit Service |
0f71a7 |
description:
|
|
Packit Service |
0f71a7 |
- Force DNS zone creation even if it will overlap with an existing zone.
|
|
Packit Service |
0f71a7 |
required: false
|
|
Packit Service |
0f71a7 |
default: false
|
|
Packit Service |
dd17a3 |
permission:
|
|
Packit Service |
dd17a3 |
description:
|
|
Packit Service |
dd17a3 |
- Allow DNS Forward Zone to be managed.
|
|
Packit Service |
dd17a3 |
required: false
|
|
Packit Service |
dd17a3 |
type: bool
|
|
Packit Service |
0f71a7 |
'''
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
EXAMPLES = '''
|
|
Packit Service |
0f71a7 |
# Ensure dns zone is present
|
|
Packit Service |
0f71a7 |
- ipadnsforwardzone:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: MyPassword123
|
|
Packit Service |
0f71a7 |
state: present
|
|
Packit Service |
0f71a7 |
name: example.com
|
|
Packit Service |
0f71a7 |
forwarders:
|
|
Packit Service |
0f71a7 |
- 8.8.8.8
|
|
Packit Service |
0f71a7 |
- 4.4.4.4
|
|
Packit Service |
0f71a7 |
forwardpolicy: first
|
|
Packit Service |
0f71a7 |
skip_overlap_check: true
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
# Ensure that dns zone is removed
|
|
Packit Service |
0f71a7 |
- ipadnsforwardzone:
|
|
Packit Service |
0f71a7 |
ipaadmin_password: MyPassword123
|
|
Packit Service |
0f71a7 |
name: example.com
|
|
Packit Service |
0f71a7 |
state: absent
|
|
Packit Service |
0f71a7 |
'''
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
RETURN = '''
|
|
Packit Service |
0f71a7 |
'''
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
from ansible.module_utils.basic import AnsibleModule
|
|
Packit Service |
0f71a7 |
from ansible.module_utils.ansible_freeipa_module import temp_kinit, \
|
|
Packit Service |
0f71a7 |
temp_kdestroy, valid_creds, api_connect, api_command, compare_args_ipa, \
|
|
Packit Service |
0f71a7 |
module_params_get
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
def find_dnsforwardzone(module, name):
|
|
Packit Service |
0f71a7 |
_args = {
|
|
Packit Service |
0f71a7 |
"all": True,
|
|
Packit Service |
0f71a7 |
"idnsname": name
|
|
Packit Service |
0f71a7 |
}
|
|
Packit Service |
0f71a7 |
_result = api_command(module, "dnsforwardzone_find", name, _args)
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
if len(_result["result"]) > 1:
|
|
Packit Service |
0f71a7 |
module.fail_json(
|
|
Packit Service |
0f71a7 |
msg="There is more than one dnsforwardzone '%s'" % (name))
|
|
Packit Service |
0f71a7 |
elif len(_result["result"]) == 1:
|
|
Packit Service |
0f71a7 |
return _result["result"][0]
|
|
Packit Service |
0f71a7 |
else:
|
|
Packit Service |
0f71a7 |
return None
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
def gen_args(forwarders, forwardpolicy, skip_overlap_check):
|
|
Packit Service |
0f71a7 |
_args = {}
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
if forwarders is not None:
|
|
Packit Service |
0f71a7 |
_args["idnsforwarders"] = forwarders
|
|
Packit Service |
0f71a7 |
if forwardpolicy is not None:
|
|
Packit Service |
0f71a7 |
_args["idnsforwardpolicy"] = forwardpolicy
|
|
Packit Service |
0f71a7 |
if skip_overlap_check is not None:
|
|
Packit Service |
0f71a7 |
_args["skip_overlap_check"] = skip_overlap_check
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
return _args
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
dd17a3 |
def forwarder_list(forwarders):
|
|
Packit Service |
dd17a3 |
"""Convert the forwarder dict into a list compatible with IPA API."""
|
|
Packit Service |
dd17a3 |
if forwarders is None:
|
|
Packit Service |
dd17a3 |
return None
|
|
Packit Service |
dd17a3 |
fwd_list = []
|
|
Packit Service |
dd17a3 |
for forwarder in forwarders:
|
|
Packit Service |
dd17a3 |
if forwarder.get('port', None) is not None:
|
|
Packit Service |
dd17a3 |
formatter = "{ip_address} port {port}"
|
|
Packit Service |
dd17a3 |
else:
|
|
Packit Service |
dd17a3 |
formatter = "{ip_address}"
|
|
Packit Service |
dd17a3 |
fwd_list.append(formatter.format(**forwarder))
|
|
Packit Service |
dd17a3 |
return fwd_list
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
0f71a7 |
def main():
|
|
Packit Service |
0f71a7 |
ansible_module = AnsibleModule(
|
|
Packit Service |
0f71a7 |
argument_spec=dict(
|
|
Packit Service |
0f71a7 |
# general
|
|
Packit Service |
0f71a7 |
ipaadmin_principal=dict(type="str", default="admin"),
|
|
Packit Service |
0f71a7 |
ipaadmin_password=dict(type="str", required=False, no_log=True),
|
|
Packit Service |
dd17a3 |
name=dict(type="list", aliases=["cn"], default=None,
|
|
Packit Service |
0f71a7 |
required=True),
|
|
Packit Service |
dd17a3 |
forwarders=dict(type="list", default=None, required=False,
|
|
Packit Service |
dd17a3 |
aliases=["idnsforwarders"], elements='dict',
|
|
Packit Service |
dd17a3 |
options=dict(
|
|
Packit Service |
dd17a3 |
ip_address=dict(type='str', required=True),
|
|
Packit Service |
dd17a3 |
port=dict(type='int', required=False,
|
|
Packit Service |
dd17a3 |
default=None),
|
|
Packit Service |
dd17a3 |
)),
|
|
Packit Service |
0f71a7 |
forwardpolicy=dict(type='str', aliases=["idnsforwardpolicy"],
|
|
Packit Service |
0f71a7 |
required=False,
|
|
Packit Service |
0f71a7 |
choices=['only', 'first', 'none']),
|
|
Packit Service |
0f71a7 |
skip_overlap_check=dict(type='bool', required=False),
|
|
Packit Service |
dd17a3 |
permission=dict(type='bool', required=False,
|
|
Packit Service |
dd17a3 |
aliases=['managedby']),
|
|
Packit Service |
0f71a7 |
action=dict(type="str", default="dnsforwardzone",
|
|
Packit Service |
0f71a7 |
choices=["member", "dnsforwardzone"]),
|
|
Packit Service |
0f71a7 |
# state
|
|
Packit Service |
0f71a7 |
state=dict(type='str', default='present',
|
|
Packit Service |
0f71a7 |
choices=['present', 'absent', 'enabled', 'disabled']),
|
|
Packit Service |
0f71a7 |
),
|
|
Packit Service |
0f71a7 |
supports_check_mode=True,
|
|
Packit Service |
0f71a7 |
)
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
ansible_module._ansible_debug = True
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
# Get parameters
|
|
Packit Service |
0f71a7 |
ipaadmin_principal = module_params_get(ansible_module,
|
|
Packit Service |
0f71a7 |
"ipaadmin_principal")
|
|
Packit Service |
0f71a7 |
ipaadmin_password = module_params_get(ansible_module,
|
|
Packit Service |
0f71a7 |
"ipaadmin_password")
|
|
Packit Service |
dd17a3 |
names = module_params_get(ansible_module, "name")
|
|
Packit Service |
0f71a7 |
action = module_params_get(ansible_module, "action")
|
|
Packit Service |
dd17a3 |
forwarders = forwarder_list(
|
|
Packit Service |
dd17a3 |
module_params_get(ansible_module, "forwarders"))
|
|
Packit Service |
0f71a7 |
forwardpolicy = module_params_get(ansible_module, "forwardpolicy")
|
|
Packit Service |
0f71a7 |
skip_overlap_check = module_params_get(ansible_module,
|
|
Packit Service |
0f71a7 |
"skip_overlap_check")
|
|
Packit Service |
dd17a3 |
permission = module_params_get(ansible_module, "permission")
|
|
Packit Service |
0f71a7 |
state = module_params_get(ansible_module, "state")
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
dd17a3 |
if state == 'present' and len(names) != 1:
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(
|
|
Packit Service |
dd17a3 |
msg="Only one dnsforwardzone can be added at a time.")
|
|
Packit Service |
dd17a3 |
if state == 'absent' and len(names) < 1:
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(msg="No name given.")
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
0f71a7 |
# absent stae means delete if the action is NOT member but update if it is
|
|
Packit Service |
0f71a7 |
# if action is member then update an exisiting resource
|
|
Packit Service |
0f71a7 |
# and if action is not member then create a resource
|
|
Packit Service |
0f71a7 |
if state == "absent" and action == "dnsforwardzone":
|
|
Packit Service |
0f71a7 |
operation = "del"
|
|
Packit Service |
0f71a7 |
elif action == "member":
|
|
Packit Service |
0f71a7 |
operation = "update"
|
|
Packit Service |
0f71a7 |
else:
|
|
Packit Service |
0f71a7 |
operation = "add"
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
dd17a3 |
if state in ["enabled", "disabled"]:
|
|
Packit Service |
dd17a3 |
if action == "member":
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(
|
|
Packit Service |
dd17a3 |
msg="Action `member` cannot be used with state `%s`"
|
|
Packit Service |
dd17a3 |
% (state))
|
|
Packit Service |
dd17a3 |
invalid = [
|
|
Packit Service |
dd17a3 |
"forwarders", "forwardpolicy", "skip_overlap_check", "permission"
|
|
Packit Service |
dd17a3 |
]
|
|
Packit Service |
dd17a3 |
for x in invalid:
|
|
Packit Service |
dd17a3 |
if vars()[x] is not None:
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(
|
|
Packit Service |
dd17a3 |
msg="Argument '%s' can not be used with action "
|
|
Packit Service |
dd17a3 |
"'%s', state `%s`" % (x, action, state))
|
|
Packit Service |
dd17a3 |
wants_enable = (state == "enabled")
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
if operation == "del":
|
|
Packit Service |
dd17a3 |
invalid = [
|
|
Packit Service |
dd17a3 |
"forwarders", "forwardpolicy", "skip_overlap_check", "permission"
|
|
Packit Service |
dd17a3 |
]
|
|
Packit Service |
0f71a7 |
for x in invalid:
|
|
Packit Service |
0f71a7 |
if vars()[x] is not None:
|
|
Packit Service |
0f71a7 |
ansible_module.fail_json(
|
|
Packit Service |
0f71a7 |
msg="Argument '%s' can not be used with action "
|
|
Packit Service |
dd17a3 |
"'%s', state `%s`" % (x, action, state))
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
changed = False
|
|
Packit Service |
0f71a7 |
exit_args = {}
|
|
Packit Service |
0f71a7 |
args = {}
|
|
Packit Service |
0f71a7 |
ccache_dir = None
|
|
Packit Service |
0f71a7 |
ccache_name = None
|
|
Packit Service |
0f71a7 |
is_enabled = "IGNORE"
|
|
Packit Service |
0f71a7 |
try:
|
|
Packit Service |
0f71a7 |
# we need to determine 3 variables
|
|
Packit Service |
0f71a7 |
# args = the values we want to change/set
|
|
Packit Service |
0f71a7 |
# command = the ipa api command to call del, add, or mod
|
|
Packit Service |
0f71a7 |
# is_enabled = is the current resource enabled (True)
|
|
Packit Service |
0f71a7 |
# disabled (False) and do we care (IGNORE)
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
if not valid_creds(ansible_module, ipaadmin_principal):
|
|
Packit Service |
0f71a7 |
ccache_dir, ccache_name = temp_kinit(ipaadmin_principal,
|
|
Packit Service |
0f71a7 |
ipaadmin_password)
|
|
Packit Service |
0f71a7 |
api_connect()
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
dd17a3 |
for name in names:
|
|
Packit Service |
dd17a3 |
commands = []
|
|
Packit Service |
0f71a7 |
command = None
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
# Make sure forwardzone exists
|
|
Packit Service |
dd17a3 |
existing_resource = find_dnsforwardzone(ansible_module, name)
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
# validate parameters
|
|
Packit Service |
dd17a3 |
if state == 'present':
|
|
Packit Service |
dd17a3 |
if existing_resource is None and not forwarders:
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(msg='No forwarders specified.')
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
if existing_resource is None:
|
|
Packit Service |
dd17a3 |
if operation == "add":
|
|
Packit Service |
dd17a3 |
# does not exist but should be present
|
|
Packit Service |
dd17a3 |
# determine args
|
|
Packit Service |
dd17a3 |
args = gen_args(forwarders, forwardpolicy,
|
|
Packit Service |
dd17a3 |
skip_overlap_check)
|
|
Packit Service |
dd17a3 |
# set command
|
|
Packit Service |
dd17a3 |
command = "dnsforwardzone_add"
|
|
Packit Service |
dd17a3 |
# enabled or disabled?
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
elif operation == "update":
|
|
Packit Service |
dd17a3 |
# does not exist and is updating
|
|
Packit Service |
dd17a3 |
# trying to update something that doesn't exist, so error
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(
|
|
Packit Service |
dd17a3 |
msg="dnsforwardzone '%s' not found." % (name))
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
elif operation == "del":
|
|
Packit Service |
dd17a3 |
# there's nothnig to do.
|
|
Packit Service |
dd17a3 |
continue
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
else: # existing_resource is not None
|
|
Packit Service |
dd17a3 |
if state != "absent":
|
|
Packit Service |
dd17a3 |
if forwarders:
|
|
Packit Service |
dd17a3 |
forwarders = list(
|
|
Packit Service |
dd17a3 |
set(existing_resource["idnsforwarders"]
|
|
Packit Service |
dd17a3 |
+ forwarders))
|
|
Packit Service |
dd17a3 |
else:
|
|
Packit Service |
dd17a3 |
if forwarders:
|
|
Packit Service |
dd17a3 |
forwarders = list(
|
|
Packit Service |
dd17a3 |
set(existing_resource["idnsforwarders"])
|
|
Packit Service |
dd17a3 |
- set(forwarders))
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
if operation == "add":
|
|
Packit Service |
dd17a3 |
# exists and should be present, has it changed?
|
|
Packit Service |
dd17a3 |
# determine args
|
|
Packit Service |
dd17a3 |
args = gen_args(
|
|
Packit Service |
dd17a3 |
forwarders, forwardpolicy, skip_overlap_check)
|
|
Packit Service |
dd17a3 |
if 'skip_overlap_check' in args:
|
|
Packit Service |
dd17a3 |
del args['skip_overlap_check']
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
# set command
|
|
Packit Service |
dd17a3 |
if not compare_args_ipa(
|
|
Packit Service |
dd17a3 |
ansible_module, args, existing_resource):
|
|
Packit Service |
dd17a3 |
command = "dnsforwardzone_mod"
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
elif operation == "del":
|
|
Packit Service |
dd17a3 |
# exists but should be absent
|
|
Packit Service |
dd17a3 |
# set command
|
|
Packit Service |
dd17a3 |
command = "dnsforwardzone_del"
|
|
Packit Service |
dd17a3 |
args = {}
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
elif operation == "update":
|
|
Packit Service |
dd17a3 |
# exists and is updating
|
|
Packit Service |
dd17a3 |
# calculate the new forwarders and mod
|
|
Packit Service |
dd17a3 |
args = gen_args(
|
|
Packit Service |
dd17a3 |
forwarders, forwardpolicy, skip_overlap_check)
|
|
Packit Service |
dd17a3 |
if "skip_overlap_check" in args:
|
|
Packit Service |
dd17a3 |
del args['skip_overlap_check']
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
# command
|
|
Packit Service |
dd17a3 |
if not compare_args_ipa(
|
|
Packit Service |
dd17a3 |
ansible_module, args, existing_resource):
|
|
Packit Service |
dd17a3 |
command = "dnsforwardzone_mod"
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
if state in ['enabled', 'disabled']:
|
|
Packit Service |
dd17a3 |
if existing_resource is not None:
|
|
Packit Service |
dd17a3 |
is_enabled = existing_resource["idnszoneactive"][0]
|
|
Packit Service |
dd17a3 |
else:
|
|
Packit Service |
dd17a3 |
ansible_module.fail_json(
|
|
Packit Service |
dd17a3 |
msg="dnsforwardzone '%s' not found." % (name))
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
# does the enabled state match what we want (if we care)
|
|
Packit Service |
dd17a3 |
if is_enabled != "IGNORE":
|
|
Packit Service |
dd17a3 |
if wants_enable and is_enabled != "TRUE":
|
|
Packit Service |
dd17a3 |
commands.append([name, "dnsforwardzone_enable", {}])
|
|
Packit Service |
dd17a3 |
elif not wants_enable and is_enabled != "FALSE":
|
|
Packit Service |
dd17a3 |
commands.append([name, "dnsforwardzone_disable", {}])
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
# if command is set...
|
|
Packit Service |
dd17a3 |
if command is not None:
|
|
Packit Service |
dd17a3 |
commands.append([name, command, args])
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
if permission is not None:
|
|
Packit Service |
dd17a3 |
if existing_resource is None:
|
|
Packit Service |
dd17a3 |
managedby = None
|
|
Packit Service |
dd17a3 |
else:
|
|
Packit Service |
dd17a3 |
managedby = existing_resource.get('managedby', None)
|
|
Packit Service |
dd17a3 |
if permission and managedby is None:
|
|
Packit Service |
dd17a3 |
commands.append(
|
|
Packit Service |
dd17a3 |
[name, 'dnsforwardzone_add_permission', {}]
|
|
Packit Service |
dd17a3 |
)
|
|
Packit Service |
dd17a3 |
elif not permission and managedby is not None:
|
|
Packit Service |
dd17a3 |
commands.append(
|
|
Packit Service |
dd17a3 |
[name, 'dnsforwardzone_remove_permission', {}]
|
|
Packit Service |
dd17a3 |
)
|
|
Packit Service |
dd17a3 |
|
|
Packit Service |
dd17a3 |
for name, command, args in commands:
|
|
Packit Service |
dd17a3 |
api_command(ansible_module, command, name, args)
|
|
Packit Service |
0f71a7 |
changed = True
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
except Exception as e:
|
|
Packit Service |
0f71a7 |
ansible_module.fail_json(msg=str(e))
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
finally:
|
|
Packit Service |
0f71a7 |
temp_kdestroy(ccache_dir, ccache_name)
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
# Done
|
|
Packit Service |
0f71a7 |
ansible_module.exit_json(changed=changed, dnsforwardzone=exit_args)
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
|
|
Packit Service |
0f71a7 |
if __name__ == "__main__":
|
|
Packit Service |
0f71a7 |
main()
|