VhG-ddlmZmZmZeZdZdZdZddl Z ddl m Z ddl m Z mZddlmZGd d e Z dd Zd Zd ZdZedk(reyy))absolute_importdivisionprint_functionaI module: ipa_host author: Thomas Krahn (@Nosmoht) short_description: Manage FreeIPA host description: - Add, modify and delete an IPA host using IPA API. attributes: check_mode: support: full diff_mode: support: none options: fqdn: description: - Full qualified domain name. - Can not be changed as it is the unique identifier. required: true aliases: ["name"] type: str description: description: - A description of this host. type: str force: description: - Force host name even if not in DNS. required: false type: bool ip_address: description: - Add the host to DNS with this IP address. type: str mac_address: description: - List of Hardware MAC address(es) off this host. - If option is omitted MAC addresses will not be checked or changed. - If an empty list is passed all assigned MAC addresses will be removed. - MAC addresses that are already assigned but not passed will be removed. aliases: ["macaddress"] type: list elements: str ns_host_location: description: - Host location (for example V(Lab 2)). aliases: ["nshostlocation"] type: str ns_hardware_platform: description: - Host hardware platform (for example V(Lenovo T61")). aliases: ["nshardwareplatform"] type: str ns_os_version: description: - Host operating system and version (for example V(Fedora 9)). aliases: ["nsosversion"] type: str user_certificate: description: - List of Base-64 encoded server certificates. - If option is omitted certificates will not be checked or changed. - If an empty list is passed all assigned certificates will be removed. - Certificates already assigned but not passed will be removed. aliases: ["usercertificate"] type: list elements: str state: description: - State to ensure. default: present choices: ["absent", "disabled", "enabled", "present"] type: str force_creation: description: - Create host if O(state=disabled) or O(state=enabled) but not present. default: true type: bool version_added: 9.5.0 update_dns: description: - If set V(true) with O(state=absent), then removes DNS records of the host managed by FreeIPA DNS. - This option has no effect for states other than V(absent). type: bool random_password: description: Generate a random password to be used in bulk enrollment. type: bool extends_documentation_fragment: - community.general.ipa.documentation - community.general.attributes a - name: Ensure host is present community.general.ipa_host: name: host01.example.com description: Example host ip_address: 192.168.0.123 ns_host_location: Lab ns_os_version: CentOS 7 ns_hardware_platform: Lenovo T61 mac_address: - "08:00:27:E3:B1:2D" - "52:54:00:BD:97:1E" state: present ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Generate a random password for bulk enrolment community.general.ipa_host: name: host01.example.com description: Example host ip_address: 192.168.0.123 state: present ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret random_password: true - name: Ensure host is disabled community.general.ipa_host: name: host01.example.com state: disabled ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure that all user certificates are removed community.general.ipa_host: name: host01.example.com user_certificate: [] ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure host is absent community.general.ipa_host: name: host01.example.com state: absent ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret - name: Ensure host and its DNS record is absent community.general.ipa_host: name: host01.example.com state: absent ipa_host: ipa.example.com ipa_user: admin ipa_pass: topsecret update_dns: true z host: description: Host as returned by IPA API. returned: always type: dict host_diff: description: List of options that differ and would be changed. returned: if check mode and a difference is found type: list N) AnsibleModule) IPAClientipa_argument_spec) to_nativecBeZdZfdZdZdZdZdZdZdZ xZ S) HostIPAClientc2tt| ||||y)N)superr __init__)selfmodulehostportprotocol __class__s n/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/general/plugins/modules/ipa_host.pyrzHostIPAClient.__init__s mT+FD$Ic(|jd|S)N host_showmethodname _post_jsonrrs rrzHostIPAClient.host_showsk==rc0|jddd|dS)N host_findT)allfqdnrritemrrs rr zHostIPAClient.host_findsk4Y]C^__rc*|jd||S)Nhost_addr#rrrrs rr&zHostIPAClient.host_addjt$GGrc*|jd||S)Nhost_modr#rr's rr*zHostIPAClient.host_modr(rc.|jd|d|iS)Nhost_del updatednsr#r)rr update_dnss rr,zHostIPAClient.host_delsjt;PZB[\\rc(|jd|S)N host_disablerrrs rr0zHostIPAClient.host_disablesn4@@r) __name__ __module__ __qualname__rrr r&r*r,r0 __classcell__)rs@rr r s,J>`HH]Arr c i} ||| d<||| d<||| d<||| d<||| d<||| d<||D cgc]} d| ic} | d<||| d <||| d <| Scc} w) N descriptionforce ip_addressnshostlocationnshardwareplatform nsosversion __base64__usercertificate macaddressrandom) r6r7r8ns_host_locationns_hardware_platform ns_os_versionuser_certificate mac_addressrandom_passworddatar$s r get_host_dictrHs D)] W '\#!1 '%9 !" +]#DT"UDL$#7"U (\"(X K #Vs Acddg}|jds|jd|D] }||vs||= |j||S)Nr7r8r?)ipa_data module_data)getappendget_diff)clientipa_host module_hostnon_updateable_keyskeys r get_host_diffrTs["L1 ??8 $""8,"! + C ! ??H+? FFrc |jd}|jd}|jd}|j|}t|jd|jd|jd|jd|jd |jd |jd |jd |jd  }d}|dvr%|s+|s|dk(r$d}|jsQ||j ||fS|dvr|j d|zdzt |||}t|dkDrd}|jsi} |D]} |j| | | <d| vr&|jdgD cgc]} | d c} | d<|j|} | jddr2|dk(s|jjd r|j|||j|| fS|dk(r?|r=d}|jjdd} |js|j|| ||j|fScc} w) Nr"stateforce_creation)rr6r7r8rArBrCrDrErF) r6r7r8rArBrCrDrErFF)presentenableddisabledrXT)rr)rZrYzNo host with name z found)msgrr=r< has_keytabrZabsentr.)rr.) paramsr rH check_moder& fail_jsonrTlenrLrr0r*r,)rrOrrVrWrPrQchangeddiffrGrScert ipa_host_showr.s rensurerfsk == D MM' "E]]#34NT*HFMM-,H&,mmG&<+1==+F17?Q1R5;]]CY5Z.4mmO.L17?Q1R,2MM-,H06 >O0P "KG 22^u /AG$$T  LLL//  %9H%Dx%O P ;?D4y1}((D#9$/OOC$8S 9(4;C<rX)rXr]rYrZ)ridefaultchoicesF)rino_log)riro) r6r"r7r8rArBrCrDrEr.rVrFrW) argument_specsupports_check_moderPipa_portipa_prot)rrrripa_useripa_pass)usernamepassword)rbr)r[ exception)rupdatedictrr r^loginrf exit_json Exceptionr`r traceback format_exc)rrrrOrbres rmainr#s}%'MTu%5"vhO#0$(e$4*.EDTCU*V.2H\G].^'+'P*.FEVDWbg*h%)v ~X]%^$(f$5# Kwx)-6%)H(,&$(G J/35F& & j 9 & j 9$*MM*$=?F M fmmJ7$mmJ7  9vv. t4 MYq\Y5I5I5KLLMsAE F.FF__main__) NNNNNNNNN) __future__rrrri __metaclass__ DOCUMENTATIONEXAMPLESRETURNransible.module_utils.basicr>ansible_collections.community.general.plugins.module_utils.iparr+ansible.module_utils.common.text.convertersr r rHrTrfrr1r@rrrs}A@ X t< | 4gAAIA.nr_c0G20jMB zFr