#!/usr/bin/python

# -*- coding: utf-8 -*-

# Authors:

#   Rafael Guterres Jeffman <rjeffman@redhat.com>

#

# Copyright (C) 2020 Red Hat

# see file 'COPYING' for use and warranty information

#

# This program is free software; you can redistribute it and/or modify

# it under the terms of the GNU General Public License as published by

# the Free Software Foundation, either version 3 of the License, or

# (at your option) any later version.

#

# This program is distributed in the hope that it will be useful,

# but WITHOUT ANY WARRANTY; without even the implied warranty of

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

# GNU General Public License for more details.

#

# You should have received a copy of the GNU General Public License

# along with this program.  If not, see <http://www.gnu.org/licenses/>.

"""DNS Record ansible-freeipa module."""

ANSIBLE_METADATA = {

    "metadata_version": "1.0",

    "supported_by": "community",

    "status": ["preview"],

}

DOCUMENTATION = """

---

module: ipadnsrecord

short description: Manage FreeIPA DNS records

description: Manage FreeIPA DNS records

options:

  ipaadmin_principal:

    description: The admin principal

    default: admin

  ipaadmin_password:

    description: The admin password

    required: false

  records:

    description: The list of user dns records dicts

    required: false

    options:

      name:

        description: The DNS record name to manage.

        aliases: ["record_name"]

        required: true

      zone_name:

        description: |

          The DNS zone name to which DNS record needs to be managed.

          Required if not provided globally.

        aliases: ["dnszone"]

        required: false

      record_type:

        description: The type of DNS record.

        choices: ["A", "AAAA", "A6", "AFSDB", "CERT", "CNAME", "DLV", "DNAME",

                  "DS", "KX", "LOC", "MX", "NAPTR", "NS", "PTR", "SRV",

                  "SSHFP", "TLSA", "TXT", "URI"]

        default: "A"

      record_value:

        description: Manage DNS record name with these values.

        required: false

        type: list

      record_ttl:

        description: Set the TTL for the record.

        required: false

        type: int

      del_all:

        description: Delete all associated records.

        required: false

        type: bool

      a_rec:

        description: Raw A record.

        required: false

        aliases: ["a_record"]

      aaaa_rec:

        description: Raw AAAA record.

        required: false

        aliases: ["aaaa_record"]

      a6_rec:

        description: Raw A6 record.

        required: false

        aliases: ["a6_record"]

      afsdb_rec:

        description: Raw AFSDB record.

        required: false

        aliases: ["afsdb_record"]

      cert_rec:

        description: Raw CERT record.

        required: false

        aliases: ["cert_record"]

      cname_rec:

        description: Raw CNAME record.

        required: false

        aliases: ["cname_record"]

      dlv_rec:

        description: Raw DLV record.

        required: false

        aliases: ["dlv_record"]

      dname_rec:

        description: Raw DNAM record.

        required: false

        aliases: ["dname_record"]

      ds_rec:

        description: Raw DS record.

        required: false

        aliases: ["ds_record"]

      kx_rec:

        description: Raw KX record.

        required: false

        aliases: ["kx_record"]

      loc_rec:

        description: Raw LOC record.

        required: false

        aliases: ["loc_record"]

      mx_rec:

        description: Raw MX record.

        required: false

        aliases: ["mx_record"]

      naptr_rec:

        description: Raw NAPTR record.

        required: false

        aliases: ["naptr_record"]

      ns_rec:

        description: Raw NS record.

        required: false

        aliases: ["ns_record"]

      ptr_rec:

        description: Raw PTR record.

        required: false

        aliases: ["ptr_record"]

      srv_rec:

        description: Raw SRV record.

        required: false

        aliases: ["srv_record"]

      sshfp_rec:

        description: Raw SSHFP record.

        required: false

        aliases: ["sshfp_record"]

      tlsa_rec:

        description: Raw TLSA record.

        required: false

        aliases: ["tlsa_record"]

      txt_rec:

        description: Raw TXT record.

        required: false

        aliases: ["txt_record"]

      uri_rec:

        description: Raw URI record.

        required: false

        aliases: ["uri_record"]

      ip_address:

        description: IP adresses for A or AAAA records.

        required: false

        type: string

      a_ip_address:

        description: IP adresses for A records.

        required: false

        type: string

      a_create_reverse:

        description: |

          Create reverse record for A records.

          There is no equivalent to remove reverse records.

        type: bool

        required: false

      aaaa_ip_address:

        description: IP adresses for AAAA records.

        required: false

        type: string

      aaaa_create_reverse:

        description: |

          Create reverse record for AAAA records.

          There is no equivalent to remove reverse records.

        type: bool

        required: false

      create_reverse:

        description: |

          Create reverse record for A or AAAA record types.

          There is no equivalent to remove reverse records.

        type: bool

        required: false

        aliases: ["reverse"]

      a6_data:

        description: A6 record data.

        required: false

      afsdb_subtype:

        description: AFSDB Subtype

        required: false

        type: int

      afsdb_hostname:

        description: AFSDB Hostname

        required: false

        type: string

      cert_type:

        description: CERT Certificate Type

        required: false

        type: int

      cert_key_tag:

        description: CERT Key Tag

        required: false

        type: int

      cert_algorithm:

        description: CERT Algorithm

        required: false

        type: int

      cert_certificate_or_crl:

        description: CERT Certificate or Certificate Revocation List (CRL).

        required: false

        type: string

      cname_hostname:

        description: A hostname which this alias hostname points to.

        required: false

        type: string

      dlv_key_tag:

        description: DS Key Tag

        required: false

        type: int

      dlv_algorithm:

        description: DLV Algorithm

        required: false

        type: int

      dlv_digest_type:

        description: DLV Digest Type

        required: false

        type: int

      dlv_digest:

        description: DLV Digest

        required: false

        type: string

      dname_target:

        description: DNAME Target

        required: false

        type: string

      ds_key_tag:

        description: DS Key Tag

        required: false

        type: int

      ds_algorithm:

        description: DS Algorithm

        required: false

        type: int

      ds_digest_type:

        description: DS Digest Type

        required: false

        type: int

      ds_digest:

        description: DS Digest

        required: false

        type: string

      kx_preference:

        description: |

          Preference given to this exchanger. Lower values are more preferred.

        required: false

        type: int

      kx_exchanger:

        description: A host willing to act as a key exchanger.

        required: false

        type: string

      loc_lat_deg:

        description: LOC Degrees Latitude

        required: false

        type: int

      loc_lat_min:

        description: LOC Minutes Latitude

        required: false

        type: int

      loc_lat_sec:

        description: LOC Seconds Latitude

        required: false

        type: float

      loc_lat_dir:

        description: LOC Direction Latitude

        required: false

        choices: ["N", "S"]

      loc_lon_deg:

        description: LOC Degrees Longitude

        required: false

        type: int

      loc_lon_min:

        description: LOC Minutes Longitude

        required: false

        type: int

      loc_lon_sec:

        description: LOC Seconds Longitude

        required: false

        type: float

      loc_lon_dir:

        description: LOC Direction Longitude

        required: false

        choices: ["E", "W"]

      loc_altitude:

        description: LOC Altitude

        required: false

        type: float

      loc_size:

        description: LOC Size

        required: false

        type: float

      loc_h_precision:

        description: LOC Horizontal Precision

        required: false

        type: float

      loc_v_precision:

        description: LOC Vertical Precision

        required: false

        type: float

      mx_preference:

        description: |

          Preference given to this exchanger. Lower values are more preferred.

        required: false

        type: int

      mx_exchanger:

        description: A host willing to act as a mail exchanger.

        required: false

        type: string

      naptr_order:

        description: NAPTR Order

        required: false

        type: int

      naptr_preference:

        description: NAPTR Preference

        required: false

        type: int

      naptr_flags:

        description: NAPTR Flags

        required: false

        type: string

      naptr_service:

        description: NAPTR Service

        required: false

        type: string

      naptr_regexp:

        description: NAPTR Regular Expression

        required: false

        type: string

      naptr_replacement:

        description: NAPTR Replacement

        required: false

        type: string

      ns_hostname:

        description: NS Hostname

        required: false

        type: string

      ptr_hostname:

        description: The hostname this reverse record points to.

        required: false

        type: string

      srv_priority:

        description: |

          Lower number means higher priority. Clients will attempt to contact

          the server with the lowest-numbered priority they can reach.

        required: false

        type: int

      srv_weight:

        description: Relative weight for entries with the same priority.

        required: false

        type: int

      srv_port:

        description: SRV Port

        required: false

        type: int

      srv_target:

        description: |

          The domain name of the target host or '.' if the service is decidedly

          not available at this domain.

        required: false

        type: string

      sshfp_algorithm:

        description: SSHFP Algorithm

        required: False

        type: int

      sshfp_fp_type:

        description: SSHFP Fingerprint Type

        required: False

        type: int

      sshfp_fingerprint:

        description: SSHFP Fingerprint

        required: False

        type: string

      txt_data:

        description: TXT Text Data

        required: false

        type: string

      tlsa_cert_usage:

        description: TLSA Certificate Usage

        required: false

        type: int

      tlsa_selector:

        description: TLSA Selector

        required: false

        type: int

      tlsa_matching_type:

        description: TLSA Matching Type

        required: false

        type: int

      tlsa_cert_association_data:

        description: TLSA Certificate Association Data

        required: false

        type: string

      uri_target:

        description: Target Uniform Resource Identifier according to RFC 3986.

        required: false

        type: string

      uri_priority:

        description: |

          Lower number means higher priority. Clients will attempt to contact

          the URI with the lowest-numbered priority they can reach.

        required: false

        type: int

      uri_weight:

        description: Relative weight for entries with the same priority.

        required: false

        type: int

  zone_name:

    description: |

      The DNS zone name to which DNS record needs to be managed.

      Required if not provided globally.

    aliases: ["dnszone"]

    required: false

  name:

    description: The DNS record name to manage.

    aliases: ["record_name"]

    required: true

  record_type:

    description: The type of DNS record.

    required: false

    choices: ["A", "AAAA", "A6", "AFSDB", "CERT", "CNAME", "DLV", "DNAME",

              "DS", "KX", "LOC", "MX", "NAPTR", "NS", "PTR", "SRV", "SSHFP",

              "TLSA", "TXT", "URI"]

    default: "A"

  record_value:

    description: Manage DNS record name with this values.

    required: false

    type: list

  record_ttl:

    description: Set the TTL for the record.

    required: false

    type: int

  del_all:

    description: Delete all associated records.

    required: false

    type: bool

  a_rec:

    description: Raw A record.

    required: false

    aliases: ["a_record"]

  aaaa_rec:

    description: Raw AAAA record.

    required: false

    aliases: ["aaaa_record"]

  a6_rec:

    description: Raw A6 record.

    required: false

    aliases: ["a6_record"]

  afsdb_rec:

    description: Raw AFSDB record.

    required: false

    aliases: ["afsdb_record"]

  cert_rec:

    description: Raw CERT record.

    required: false

    aliases: ["cert_record"]

  cname_rec:

    description: Raw CNAME record.

    required: false

    aliases: ["cname_record"]

  dlv_rec:

    description: Raw DLV record.

    required: false

    aliases: ["dlv_record"]

  dname_rec:

    description: Raw DNAM record.

    required: false

    aliases: ["dname_record"]

  ds_rec:

    description: Raw DS record.

    required: false

    aliases: ["ds_record"]

  kx_rec:

    description: Raw KX record.

    required: false

    aliases: ["kx_record"]

  loc_rec:

    description: Raw LOC record.

    required: false

    aliases: ["loc_record"]

  mx_rec:

    description: Raw MX record.

    required: false

    aliases: ["mx_record"]

  naptr_rec:

    description: Raw NAPTR record.

    required: false

    aliases: ["naptr_record"]

  ns_rec:

    description: Raw NS record.

    required: false

    aliases: ["ns_record"]

  ptr_rec:

    description: Raw PTR record.

    required: false

    aliases: ["ptr_record"]

  srv_rec:

    description: Raw SRV record.

    required: false

    aliases: ["srv_record"]

  sshfp_rec:

    description: Raw SSHFP record.

    required: false

    aliases: ["sshfp_record"]

  tlsa_rec:

    description: Raw TLSA record.

    required: false

    aliases: ["tlsa_record"]

  txt_rec:

    description: Raw TXT record.

    required: false

    aliases: ["txt_record"]

  uri_rec:

    description: Raw URI record.

    required: false

    aliases: ["uri_record"]

  ip_address:

    description: IP adresses for A ar AAAA.

    required: false

    type: string

  create_reverse:

    description: |

      Create reverse record for A or AAAA record types.

      There is no equivalent to remove reverse records.

    type: bool

    required: false

    aliases: ["reverse"]

  a_ip_address:

    description: IP adresses for A records.

    required: false

    type: string

  a_create_reverse:

    description: |

      Create reverse record for A records.

      There is no equivalent to remove reverse records.

    type: bool

    required: false

  aaaa_ip_address:

    description: IP adresses for AAAA records.

    required: false

    type: string

  aaaa_create_reverse:

    description: |

      Create reverse record for AAAA records.

      There is no equivalent to remove reverse records.

    type: bool

    required: false

  afsdb_subtype:

    description: AFSDB Subtype

    required: false

    type: int

  afsdb_hostname:

    description: AFSDB Hostname

    required: false

    type: string

  cert_type:

    description: CERT Certificate Type

    required: false

    type: int

  cert_key_tag:

    description: CERT Key Tag

    required: false

    type: int

  cert_algorithm:

    description: CERT Algorithm

    required: false

    type: int

  cert_certificate_or_crl:

    description: CERT Certificate/CRL

    required: false

    type: string

  cname_hostname:

    description: A hostname which this alias hostname points to.

    required: false

    type: string

  dlv_key_tag:

    description: DS Key Tag

    required: false

    type: int

  dlv_algorithm:

    description: DLV Algorithm

    required: false

    type: int

  dlv_digest_type:

    description: DLV Digest Type

    required: false

    type: int

  dlv_digest:

    description: DLV Digest

    required: false

    type: string

  dname_target:

    description: DNAME Target

    required: false

    type: string

  ds_key_tag:

    description: DS Key Tag

    required: false

    type: int

  ds_algorithm:

    description: DS Algorithm

    required: false

    type: int

  ds_digest_type:

    description: DS Digest Type

    required: false

    type: int

  ds_digest:

    description: DS Digest

    required: false

    type: string

  kx_preference:

    description: |

      Preference given to this exchanger. Lower values are more preferred.

    required: false

    type: int

  kx_exchanger:

    description: A host willing to act as a key exchanger.

    required: false

    type: string

  loc_lat_deg:

    description: LOC Degrees Latitude

    required: false

    type: int

  loc_lat_min:

    description: LOC Minutes Latitude

    required: false

    type: int

  loc_lat_sec:

    description: LOC Seconds Latitude

    required: false

    type: float

  loc_lat_dir:

    description: LOC Direction Latitude

    required: false

    choices: ["N", "S"]

  loc_lon_deg:

    description: LOC Degrees Longitude

    required: false

    type: int

  loc_lon_min:

    description: LOC Minutes Longitude

    required: false

    type: int

  loc_lon_sec:

    description: LOC Seconds Longitude

    required: false

    type: float

  loc_lon_dir:

    description: LOC Direction Longitude

    required: false

    choices: ["E", "W"]

  loc_altitude:

    description: LOC Altitude

    required: false

    type: float

  loc_size:

    description: LOC Size

    required: false

    type: float

  loc_h_precision:

    description: LOC Horizontal Precision

    required: false

    type: float

  loc_v_precision:

    description: LOC Vertical Precision

    required: false

    type: float

  mx_preference:

    description: |

      Preference given to this exchanger. Lower values are more preferred.

    required: false

    type: int

  mx_exchanger:

    description: A host willing to act as a mail exchanger.

    required: false

    type: string

  naptr_order:

    description: NAPTR Order

    required: false

    type: int

  naptr_preference:

    description: NAPTR Preference

    required: false

    type: int

  naptr_flags:

    description: NAPTR Flags

    required: false

    type: string

  naptr_service:

    description: NAPTR Service

    required: false

    type: string

  naptr_regexp:

    description: NAPTR Regular Expression

    required: false

    type: string

  naptr_replacement:

    description: NAPTR Replacement

    required: false

    type: string

  ns_hostname:

    description: NS Hostname

    required: false

    type: string

  ptr_hostname:

    description: The hostname this reverse record points to.

    required: false

    type: string

  srv_priority:

    description: |

      Lower number means higher priority. Clients will attempt to contact the

      server with the lowest-numbered priority they can reach.

    required: false

    type: int

  srv_weight:

    description: Relative weight for entries with the same priority.

    required: false

    type: int

  srv_port:

    description: SRV Port

    required: false

    type: int

  srv_target:

    description: |

      The domain name of the target host or '.' if the service is decidedly not

      available at this domain.

    required: false

    type: string

  sshfp_algorithm:

    description: SSHFP Algorithm

    required: false

    type: int

  sshfp_fp_type:

    description: SSHFP Fingerprint Type

    required: false

    type: int

  sshfp_fingerprint:

    description: SSHFP Fingerprint

    required: false

    type: string

  txt_data:

    description: TXT Text Data

    required: false

    type: string

  tlsa_cert_usage:

    description: TLSA Certificate Usage

    required: false

    type: int

  tlsa_selector:

    description: TLSA Selector

    required: false

    type: int

  tlsa_matching_type:

    description: TLSA Matching Type

    required: false

    type: int

  tlsa_cert_association_data:

    description: TLSA Certificate Association Data

    required: false

    type: string

  uri_target:

    description: Target Uniform Resource Identifier according to RFC 3986.

    required: false

    type: string

  uri_priority:

    description: |

      Lower number means higher priority. Clients will attempt to contact the

      URI with the lowest-numbered priority they can reach.

    required: false

    type: int

  uri_weight:

    description: Relative weight for entries with the same priority.

    required: false

    type: int

  state:

    description: State to ensure

    default: present

    choices: ["present", "absent"]

author:

    - Rafael Guterres Jeffman

"""

EXAMPLES = """

# Ensure dns record is present

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: vm-001

    zone_name: example.com

    record_type: 'AAAA'

    record_value: '::1'

# Ensure that dns record exists with a TTL

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: host01

    zone_name: example.com

    record_type: 'AAAA'

    record_value: '::1'

    record_ttl: 300

# Ensure that dns record exists with a reverse record

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: host02

    zone_name: example.com

    record_type: 'AAAA'

    record_value: 'fd00::0002'

    create_reverse: yes

# Ensure a PTR record is present

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: 5

    zone_name: 2.168.192.in-addr.arpa

    record_type: 'PTR'

    record_value: 'internal.ipa.example.com'

# Ensure a TXT record is present

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: _kerberos

    zone_name: example.com

    record_type: 'TXT'

    record_value: 'EXAMPLE.COM'

# Ensure a SRV record is present

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: _kerberos._udp.example.com

    zone_name: example.com

    record_type: 'SRV'

    record_value: '10 50 88 ipa.example.com'

# Ensure an MX record is present

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: '@'

    zone_name: example.com

    record_type: 'MX'

    record_value: '1 mailserver.example.com'

# Ensure that dns record is absent

- ipadnsrecord:

    ipaadmin_password: SomeADMINpassword

    name: host01

    zone_name: example.com

    record_type: 'AAAA'

    record_value: '::1'

    state: absent

"""

RETURN = """

"""

from ansible.module_utils.basic import AnsibleModule

from ansible.module_utils._text import to_text

from ansible.module_utils.ansible_freeipa_module import temp_kinit, \

    temp_kdestroy, valid_creds, api_connect, api_command, module_params_get, \

    is_ipv4_addr, is_ipv6_addr

import dns.reversename

import dns.resolver

import ipalib.errors

import six

if six.PY3:

    unicode = str