|
Packit Service |
ee01e6 |
#!/usr/bin/python
|
|
Packit Service |
0a38ef |
# -*- coding: utf-8 -*-
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# Authors:
|
|
Packit Service |
0a38ef |
# Chris Procter <cprocter@redhat.com>
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# Copyright (C) 2019 Red Hat
|
|
Packit Service |
0a38ef |
# see file 'COPYING' for use and warranty information
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# This program is free software; you can redistribute it and/or modify
|
|
Packit Service |
0a38ef |
# it under the terms of the GNU General Public License as published by
|
|
Packit Service |
0a38ef |
# the Free Software Foundation, either version 3 of the License, or
|
|
Packit Service |
0a38ef |
# (at your option) any later version.
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# This program is distributed in the hope that it will be useful,
|
|
Packit Service |
0a38ef |
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
0a38ef |
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
Packit Service |
0a38ef |
# GNU General Public License for more details.
|
|
Packit Service |
0a38ef |
#
|
|
Packit Service |
0a38ef |
# You should have received a copy of the GNU General Public License
|
|
Packit Service |
0a38ef |
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ANSIBLE_METADATA = {
|
|
Packit Service |
0a38ef |
"metadata_version": "1.0",
|
|
Packit Service |
0a38ef |
"supported_by": "community",
|
|
Packit Service |
0a38ef |
"status": ["preview"],
|
|
Packit Service |
0a38ef |
}
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
DOCUMENTATION = '''
|
|
Packit Service |
0a38ef |
---
|
|
Packit Service |
0a38ef |
module: ipa_dnsforwardzone
|
|
Packit Service |
0a38ef |
author: chris procter
|
|
Packit Service |
0a38ef |
short_description: Manage FreeIPA DNS Forwarder Zones
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
- Add and delete an IPA DNS Forwarder Zones using IPA API
|
|
Packit Service |
0a38ef |
options:
|
|
Packit Service |
0a38ef |
ipaadmin_principal:
|
|
Packit Service |
0a38ef |
description: The admin principal
|
|
Packit Service |
0a38ef |
default: admin
|
|
Packit Service |
0a38ef |
ipaadmin_password:
|
|
Packit Service |
0a38ef |
description: The admin password
|
|
Packit Service |
0a38ef |
required: false
|
|
Packit Service |
0a38ef |
name:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
- The DNS zone name which needs to be managed.
|
|
Packit Service |
0a38ef |
required: true
|
|
Packit Service |
0a38ef |
aliases: ["cn"]
|
|
Packit Service |
0a38ef |
state:
|
|
Packit Service |
0a38ef |
description: State to ensure
|
|
Packit Service |
0a38ef |
required: false
|
|
Packit Service |
0a38ef |
default: present
|
|
Packit Service |
0a38ef |
choices: ["present", "absent", "enabled", "disabled"]
|
|
Packit Service |
0a38ef |
forwarders:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
- List of the DNS servers to forward to
|
|
Packit Service |
0a38ef |
aliases: ["idnsforwarders"]
|
|
Packit Service |
a166ed |
options:
|
|
Packit Service |
a166ed |
ip_address:
|
|
Packit Service |
a166ed |
description: Forwarder IP address (either IPv4 or IPv6).
|
|
Packit Service |
a166ed |
required: false
|
|
Packit Service |
a166ed |
type: string
|
|
Packit Service |
a166ed |
port:
|
|
Packit Service |
a166ed |
description: Forwarder port.
|
|
Packit Service |
a166ed |
required: false
|
|
Packit Service |
a166ed |
type: int
|
|
Packit Service |
0a38ef |
forwardpolicy:
|
|
Packit Service |
0a38ef |
description: Per-zone conditional forwarding policy
|
|
Packit Service |
0a38ef |
required: false
|
|
Packit Service |
0a38ef |
default: only
|
|
Packit Service |
0a38ef |
choices: ["only", "first", "none"]
|
|
Packit Service |
0a38ef |
aliases: ["idnsforwarders"]
|
|
Packit Service |
0a38ef |
skip_overlap_check:
|
|
Packit Service |
0a38ef |
description:
|
|
Packit Service |
0a38ef |
- Force DNS zone creation even if it will overlap with an existing zone.
|
|
Packit Service |
0a38ef |
required: false
|
|
Packit Service |
0a38ef |
default: false
|
|
Packit Service |
a166ed |
permission:
|
|
Packit Service |
a166ed |
description:
|
|
Packit Service |
a166ed |
- Allow DNS Forward Zone to be managed.
|
|
Packit Service |
a166ed |
required: false
|
|
Packit Service |
a166ed |
type: bool
|
|
Packit Service |
0a38ef |
'''
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
EXAMPLES = '''
|
|
Packit Service |
0a38ef |
# Ensure dns zone is present
|
|
Packit Service |
0a38ef |
- ipadnsforwardzone:
|
|
Packit Service |
0a38ef |
ipaadmin_password: MyPassword123
|
|
Packit Service |
0a38ef |
state: present
|
|
Packit Service |
0a38ef |
name: example.com
|
|
Packit Service |
0a38ef |
forwarders:
|
|
Packit Service |
a166ed |
- ip_address: 8.8.8.8
|
|
Packit Service |
a166ed |
- ip_address: 4.4.4.4
|
|
Packit Service |
a166ed |
forwardpolicy: first
|
|
Packit Service |
a166ed |
skip_overlap_check: true
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# Ensure dns zone is present, with forwarder on non-default port
|
|
Packit Service |
a166ed |
- ipadnsforwardzone:
|
|
Packit Service |
a166ed |
ipaadmin_password: MyPassword123
|
|
Packit Service |
a166ed |
state: present
|
|
Packit Service |
a166ed |
name: example.com
|
|
Packit Service |
a166ed |
forwarders:
|
|
Packit Service |
a166ed |
- ip_address: 8.8.8.8
|
|
Packit Service |
a166ed |
port: 8053
|
|
Packit Service |
0a38ef |
forwardpolicy: first
|
|
Packit Service |
0a38ef |
skip_overlap_check: true
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# Ensure that dns zone is removed
|
|
Packit Service |
0a38ef |
- ipadnsforwardzone:
|
|
Packit Service |
0a38ef |
ipaadmin_password: MyPassword123
|
|
Packit Service |
0a38ef |
name: example.com
|
|
Packit Service |
0a38ef |
state: absent
|
|
Packit Service |
0a38ef |
'''
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
RETURN = '''
|
|
Packit Service |
0a38ef |
'''
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
from ansible.module_utils.basic import AnsibleModule
|
|
Packit Service |
a166ed |
from ansible.module_utils._text import to_text
|
|
Packit Service |
0a38ef |
from ansible.module_utils.ansible_freeipa_module import temp_kinit, \
|
|
Packit Service |
0a38ef |
temp_kdestroy, valid_creds, api_connect, api_command, compare_args_ipa, \
|
|
Packit Service |
0a38ef |
module_params_get
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
def find_dnsforwardzone(module, name):
|
|
Packit Service |
0a38ef |
_args = {
|
|
Packit Service |
0a38ef |
"all": True,
|
|
Packit Service |
0a38ef |
"idnsname": name
|
|
Packit Service |
0a38ef |
}
|
|
Packit Service |
0a38ef |
_result = api_command(module, "dnsforwardzone_find", name, _args)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
if len(_result["result"]) > 1:
|
|
Packit Service |
0a38ef |
module.fail_json(
|
|
Packit Service |
0a38ef |
msg="There is more than one dnsforwardzone '%s'" % (name))
|
|
Packit Service |
0a38ef |
elif len(_result["result"]) == 1:
|
|
Packit Service |
0a38ef |
return _result["result"][0]
|
|
Packit Service |
0a38ef |
else:
|
|
Packit Service |
0a38ef |
return None
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
def gen_args(forwarders, forwardpolicy, skip_overlap_check):
|
|
Packit Service |
0a38ef |
_args = {}
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
if forwarders is not None:
|
|
Packit Service |
0a38ef |
_args["idnsforwarders"] = forwarders
|
|
Packit Service |
0a38ef |
if forwardpolicy is not None:
|
|
Packit Service |
0a38ef |
_args["idnsforwardpolicy"] = forwardpolicy
|
|
Packit Service |
0a38ef |
if skip_overlap_check is not None:
|
|
Packit Service |
0a38ef |
_args["skip_overlap_check"] = skip_overlap_check
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
return _args
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
a166ed |
def forwarder_list(forwarders):
|
|
Packit Service |
a166ed |
"""Convert the forwarder dict into a list compatible with IPA API."""
|
|
Packit Service |
a166ed |
if forwarders is None:
|
|
Packit Service |
a166ed |
return None
|
|
Packit Service |
a166ed |
fwd_list = []
|
|
Packit Service |
a166ed |
for forwarder in forwarders:
|
|
Packit Service |
a166ed |
if forwarder.get('port', None) is not None:
|
|
Packit Service |
a166ed |
formatter = "{ip_address} port {port}"
|
|
Packit Service |
a166ed |
else:
|
|
Packit Service |
a166ed |
formatter = "{ip_address}"
|
|
Packit Service |
a166ed |
fwd_list.append(to_text(formatter.format(**forwarder)))
|
|
Packit Service |
a166ed |
return fwd_list
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
|
|
Packit Service |
0a38ef |
def main():
|
|
Packit Service |
0a38ef |
ansible_module = AnsibleModule(
|
|
Packit Service |
0a38ef |
argument_spec=dict(
|
|
Packit Service |
0a38ef |
# general
|
|
Packit Service |
0a38ef |
ipaadmin_principal=dict(type="str", default="admin"),
|
|
Packit Service |
0a38ef |
ipaadmin_password=dict(type="str", required=False, no_log=True),
|
|
Packit Service |
a166ed |
name=dict(type="list", aliases=["cn"], default=None,
|
|
Packit Service |
0a38ef |
required=True),
|
|
Packit Service |
a166ed |
forwarders=dict(type="list", default=None, required=False,
|
|
Packit Service |
a166ed |
aliases=["idnsforwarders"], elements='dict',
|
|
Packit Service |
a166ed |
options=dict(
|
|
Packit Service |
a166ed |
ip_address=dict(type='str', required=True),
|
|
Packit Service |
a166ed |
port=dict(type='int', required=False,
|
|
Packit Service |
a166ed |
default=None),
|
|
Packit Service |
a166ed |
)),
|
|
Packit Service |
0a38ef |
forwardpolicy=dict(type='str', aliases=["idnsforwardpolicy"],
|
|
Packit Service |
0a38ef |
required=False,
|
|
Packit Service |
0a38ef |
choices=['only', 'first', 'none']),
|
|
Packit Service |
0a38ef |
skip_overlap_check=dict(type='bool', required=False),
|
|
Packit Service |
a166ed |
permission=dict(type='bool', required=False,
|
|
Packit Service |
a166ed |
aliases=['managedby']),
|
|
Packit Service |
0a38ef |
action=dict(type="str", default="dnsforwardzone",
|
|
Packit Service |
0a38ef |
choices=["member", "dnsforwardzone"]),
|
|
Packit Service |
0a38ef |
# state
|
|
Packit Service |
0a38ef |
state=dict(type='str', default='present',
|
|
Packit Service |
0a38ef |
choices=['present', 'absent', 'enabled', 'disabled']),
|
|
Packit Service |
0a38ef |
),
|
|
Packit Service |
0a38ef |
supports_check_mode=True,
|
|
Packit Service |
0a38ef |
)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
ansible_module._ansible_debug = True
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# Get parameters
|
|
Packit Service |
0a38ef |
ipaadmin_principal = module_params_get(ansible_module,
|
|
Packit Service |
0a38ef |
"ipaadmin_principal")
|
|
Packit Service |
0a38ef |
ipaadmin_password = module_params_get(ansible_module,
|
|
Packit Service |
0a38ef |
"ipaadmin_password")
|
|
Packit Service |
a166ed |
names = module_params_get(ansible_module, "name")
|
|
Packit Service |
0a38ef |
action = module_params_get(ansible_module, "action")
|
|
Packit Service |
a166ed |
forwarders = forwarder_list(
|
|
Packit Service |
a166ed |
module_params_get(ansible_module, "forwarders"))
|
|
Packit Service |
0a38ef |
forwardpolicy = module_params_get(ansible_module, "forwardpolicy")
|
|
Packit Service |
0a38ef |
skip_overlap_check = module_params_get(ansible_module,
|
|
Packit Service |
0a38ef |
"skip_overlap_check")
|
|
Packit Service |
a166ed |
permission = module_params_get(ansible_module, "permission")
|
|
Packit Service |
0a38ef |
state = module_params_get(ansible_module, "state")
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
a166ed |
if state == 'present' and len(names) != 1:
|
|
Packit Service |
a166ed |
ansible_module.fail_json(
|
|
Packit Service |
a166ed |
msg="Only one dnsforwardzone can be added at a time.")
|
|
Packit Service |
a166ed |
if state == 'absent' and len(names) < 1:
|
|
Packit Service |
a166ed |
ansible_module.fail_json(msg="No name given.")
|
|
Packit Service |
a166ed |
|
|
Packit Service |
0a38ef |
# absent stae means delete if the action is NOT member but update if it is
|
|
Packit Service |
0a38ef |
# if action is member then update an exisiting resource
|
|
Packit Service |
0a38ef |
# and if action is not member then create a resource
|
|
Packit Service |
0a38ef |
if state == "absent" and action == "dnsforwardzone":
|
|
Packit Service |
0a38ef |
operation = "del"
|
|
Packit Service |
0a38ef |
elif action == "member":
|
|
Packit Service |
0a38ef |
operation = "update"
|
|
Packit Service |
0a38ef |
else:
|
|
Packit Service |
0a38ef |
operation = "add"
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
a166ed |
if state in ["enabled", "disabled"]:
|
|
Packit Service |
a166ed |
if action == "member":
|
|
Packit Service |
a166ed |
ansible_module.fail_json(
|
|
Packit Service |
a166ed |
msg="Action `member` cannot be used with state `%s`"
|
|
Packit Service |
a166ed |
% (state))
|
|
Packit Service |
a166ed |
invalid = [
|
|
Packit Service |
a166ed |
"forwarders", "forwardpolicy", "skip_overlap_check", "permission"
|
|
Packit Service |
a166ed |
]
|
|
Packit Service |
a166ed |
for x in invalid:
|
|
Packit Service |
a166ed |
if vars()[x] is not None:
|
|
Packit Service |
a166ed |
ansible_module.fail_json(
|
|
Packit Service |
a166ed |
msg="Argument '%s' can not be used with action "
|
|
Packit Service |
a166ed |
"'%s', state `%s`" % (x, action, state))
|
|
Packit Service |
a166ed |
wants_enable = (state == "enabled")
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
if operation == "del":
|
|
Packit Service |
a166ed |
invalid = [
|
|
Packit Service |
a166ed |
"forwarders", "forwardpolicy", "skip_overlap_check", "permission"
|
|
Packit Service |
a166ed |
]
|
|
Packit Service |
0a38ef |
for x in invalid:
|
|
Packit Service |
0a38ef |
if vars()[x] is not None:
|
|
Packit Service |
0a38ef |
ansible_module.fail_json(
|
|
Packit Service |
0a38ef |
msg="Argument '%s' can not be used with action "
|
|
Packit Service |
a166ed |
"'%s', state `%s`" % (x, action, state))
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
changed = False
|
|
Packit Service |
0a38ef |
exit_args = {}
|
|
Packit Service |
0a38ef |
args = {}
|
|
Packit Service |
0a38ef |
ccache_dir = None
|
|
Packit Service |
0a38ef |
ccache_name = None
|
|
Packit Service |
0a38ef |
is_enabled = "IGNORE"
|
|
Packit Service |
0a38ef |
try:
|
|
Packit Service |
0a38ef |
# we need to determine 3 variables
|
|
Packit Service |
0a38ef |
# args = the values we want to change/set
|
|
Packit Service |
0a38ef |
# command = the ipa api command to call del, add, or mod
|
|
Packit Service |
0a38ef |
# is_enabled = is the current resource enabled (True)
|
|
Packit Service |
0a38ef |
# disabled (False) and do we care (IGNORE)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
if not valid_creds(ansible_module, ipaadmin_principal):
|
|
Packit Service |
0a38ef |
ccache_dir, ccache_name = temp_kinit(ipaadmin_principal,
|
|
Packit Service |
0a38ef |
ipaadmin_password)
|
|
Packit Service |
0a38ef |
api_connect()
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
a166ed |
for name in names:
|
|
Packit Service |
a166ed |
commands = []
|
|
Packit Service |
5b5096 |
command = None
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# Make sure forwardzone exists
|
|
Packit Service |
a166ed |
existing_resource = find_dnsforwardzone(ansible_module, name)
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# validate parameters
|
|
Packit Service |
a166ed |
if state == 'present':
|
|
Packit Service |
a166ed |
if existing_resource is None and not forwarders:
|
|
Packit Service |
a166ed |
ansible_module.fail_json(msg='No forwarders specified.')
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
if existing_resource is None:
|
|
Packit Service |
a166ed |
if operation == "add":
|
|
Packit Service |
a166ed |
# does not exist but should be present
|
|
Packit Service |
a166ed |
# determine args
|
|
Packit Service |
a166ed |
args = gen_args(forwarders, forwardpolicy,
|
|
Packit Service |
a166ed |
skip_overlap_check)
|
|
Packit Service |
a166ed |
# set command
|
|
Packit Service |
a166ed |
command = "dnsforwardzone_add"
|
|
Packit Service |
a166ed |
# enabled or disabled?
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
elif operation == "update":
|
|
Packit Service |
a166ed |
# does not exist and is updating
|
|
Packit Service |
a166ed |
# trying to update something that doesn't exist, so error
|
|
Packit Service |
a166ed |
ansible_module.fail_json(
|
|
Packit Service |
a166ed |
msg="dnsforwardzone '%s' not found." % (name))
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
elif operation == "del":
|
|
Packit Service |
a166ed |
# there's nothnig to do.
|
|
Packit Service |
a166ed |
continue
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
else: # existing_resource is not None
|
|
Packit Service |
a166ed |
if state != "absent":
|
|
Packit Service |
a166ed |
if forwarders:
|
|
Packit Service |
a166ed |
forwarders = list(
|
|
Packit Service |
a166ed |
set(existing_resource["idnsforwarders"]
|
|
Packit Service |
a166ed |
+ forwarders))
|
|
Packit Service |
a166ed |
else:
|
|
Packit Service |
a166ed |
if forwarders:
|
|
Packit Service |
a166ed |
forwarders = list(
|
|
Packit Service |
a166ed |
set(existing_resource["idnsforwarders"])
|
|
Packit Service |
a166ed |
- set(forwarders))
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
if operation == "add":
|
|
Packit Service |
a166ed |
# exists and should be present, has it changed?
|
|
Packit Service |
a166ed |
# determine args
|
|
Packit Service |
a166ed |
args = gen_args(
|
|
Packit Service |
a166ed |
forwarders, forwardpolicy, skip_overlap_check)
|
|
Packit Service |
a166ed |
if 'skip_overlap_check' in args:
|
|
Packit Service |
a166ed |
del args['skip_overlap_check']
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# set command
|
|
Packit Service |
a166ed |
if not compare_args_ipa(
|
|
Packit Service |
a166ed |
ansible_module, args, existing_resource):
|
|
Packit Service |
a166ed |
command = "dnsforwardzone_mod"
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
elif operation == "del":
|
|
Packit Service |
a166ed |
# exists but should be absent
|
|
Packit Service |
a166ed |
# set command
|
|
Packit Service |
a166ed |
command = "dnsforwardzone_del"
|
|
Packit Service |
a166ed |
args = {}
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
elif operation == "update":
|
|
Packit Service |
a166ed |
# exists and is updating
|
|
Packit Service |
a166ed |
# calculate the new forwarders and mod
|
|
Packit Service |
a166ed |
args = gen_args(
|
|
Packit Service |
a166ed |
forwarders, forwardpolicy, skip_overlap_check)
|
|
Packit Service |
a166ed |
if "skip_overlap_check" in args:
|
|
Packit Service |
a166ed |
del args['skip_overlap_check']
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# command
|
|
Packit Service |
a166ed |
if not compare_args_ipa(
|
|
Packit Service |
a166ed |
ansible_module, args, existing_resource):
|
|
Packit Service |
a166ed |
command = "dnsforwardzone_mod"
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
if state in ['enabled', 'disabled']:
|
|
Packit Service |
a166ed |
if existing_resource is not None:
|
|
Packit Service |
a166ed |
is_enabled = existing_resource["idnszoneactive"][0]
|
|
Packit Service |
a166ed |
else:
|
|
Packit Service |
a166ed |
ansible_module.fail_json(
|
|
Packit Service |
a166ed |
msg="dnsforwardzone '%s' not found." % (name))
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# does the enabled state match what we want (if we care)
|
|
Packit Service |
a166ed |
if is_enabled != "IGNORE":
|
|
Packit Service |
a166ed |
if wants_enable and is_enabled != "TRUE":
|
|
Packit Service |
a166ed |
commands.append([name, "dnsforwardzone_enable", {}])
|
|
Packit Service |
a166ed |
elif not wants_enable and is_enabled != "FALSE":
|
|
Packit Service |
a166ed |
commands.append([name, "dnsforwardzone_disable", {}])
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
# if command is set...
|
|
Packit Service |
a166ed |
if command is not None:
|
|
Packit Service |
a166ed |
commands.append([name, command, args])
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
if permission is not None:
|
|
Packit Service |
a166ed |
if existing_resource is None:
|
|
Packit Service |
a166ed |
managedby = None
|
|
Packit Service |
a166ed |
else:
|
|
Packit Service |
a166ed |
managedby = existing_resource.get('managedby', None)
|
|
Packit Service |
a166ed |
if permission and managedby is None:
|
|
Packit Service |
a166ed |
commands.append(
|
|
Packit Service |
a166ed |
[name, 'dnsforwardzone_add_permission', {}]
|
|
Packit Service |
a166ed |
)
|
|
Packit Service |
a166ed |
elif not permission and managedby is not None:
|
|
Packit Service |
a166ed |
commands.append(
|
|
Packit Service |
a166ed |
[name, 'dnsforwardzone_remove_permission', {}]
|
|
Packit Service |
a166ed |
)
|
|
Packit Service |
a166ed |
|
|
Packit Service |
a166ed |
for name, command, args in commands:
|
|
Packit Service |
a166ed |
api_command(ansible_module, command, name, args)
|
|
Packit Service |
0a38ef |
changed = True
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
except Exception as e:
|
|
Packit Service |
0a38ef |
ansible_module.fail_json(msg=str(e))
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
finally:
|
|
Packit Service |
0a38ef |
temp_kdestroy(ccache_dir, ccache_name)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
# Done
|
|
Packit Service |
0a38ef |
ansible_module.exit_json(changed=changed, dnsforwardzone=exit_args)
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
|
|
Packit Service |
0a38ef |
if __name__ == "__main__":
|
|
Packit Service |
0a38ef |
main()
|