mirror of
https://github.com/ansible-collections/community.general.git
synced 2025-07-23 13:20:23 -07:00
Various fixes and features for bigip modules (#39972)
* Removed forwarders parameter that did not work * Updated coding conventions * Added ssl_cipher_suite and ssl_protocols to bigip_device_httpd * Added more unit tests
This commit is contained in:
parent
67f387bc3b
commit
4d691e9d7b
17 changed files with 445 additions and 138 deletions
|
@ -18,7 +18,7 @@ module: bigip_device_dns
|
|||
short_description: Manage BIG-IP device DNS settings
|
||||
description:
|
||||
- Manage BIG-IP device DNS settings
|
||||
version_added: "2.2"
|
||||
version_added: 2.2
|
||||
options:
|
||||
cache:
|
||||
description:
|
||||
|
@ -33,10 +33,6 @@ options:
|
|||
name_servers:
|
||||
description:
|
||||
- A list of name servers that the system uses to validate DNS lookups
|
||||
forwarders:
|
||||
description:
|
||||
- A list of BIND servers that the system can use to perform DNS lookups
|
||||
- Deprecated in 2.4. Use the GUI or edit named.conf.
|
||||
search:
|
||||
description:
|
||||
- A list of domains that the system searches for local domain lookups,
|
||||
|
@ -106,30 +102,23 @@ warnings:
|
|||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
@ -198,15 +187,6 @@ class Parameters(AnsibleF5Parameters):
|
|||
valid = ['enable', 'enabled']
|
||||
return True if self._values['dhcp'] in valid else False
|
||||
|
||||
@property
|
||||
def forwarders(self):
|
||||
if self._values['forwarders'] is None:
|
||||
return None
|
||||
else:
|
||||
raise F5ModuleError(
|
||||
"The modifying of forwarders is not supported."
|
||||
)
|
||||
|
||||
@property
|
||||
def ip_version(self):
|
||||
if self._values['ip_version'] in [6, '6', 'options inet6']:
|
||||
|
@ -344,11 +324,6 @@ class ArgumentSpec(object):
|
|||
default=None,
|
||||
type='list'
|
||||
),
|
||||
forwarders=dict(
|
||||
required=False,
|
||||
default=None,
|
||||
type='list'
|
||||
),
|
||||
search=dict(
|
||||
required=False,
|
||||
default=None,
|
||||
|
@ -369,7 +344,7 @@ class ArgumentSpec(object):
|
|||
self.argument_spec.update(f5_argument_spec)
|
||||
self.argument_spec.update(argument_spec)
|
||||
self.required_one_of = [
|
||||
['name_servers', 'search', 'forwarders', 'ip_version', 'cache']
|
||||
['name_servers', 'search', 'ip_version', 'cache']
|
||||
]
|
||||
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ description:
|
|||
of BIG-IP devices. Usage of this module should be done in conjunction
|
||||
with the C(bigip_configsync_actions) to sync configuration across
|
||||
the pair or cluster if auto-sync is disabled.
|
||||
version_added: "2.5"
|
||||
version_added: 2.5
|
||||
options:
|
||||
name:
|
||||
description:
|
||||
|
@ -149,30 +149,23 @@ max_incremental_sync_size:
|
|||
from ansible.module_utils.basic import AnsibleModule
|
||||
from ansible.module_utils.parsing.convert_bool import BOOLEANS_TRUE
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
|
|
@ -20,7 +20,7 @@ description:
|
|||
be added or removed, never updated. This is because the members are
|
||||
identified by unique name values and changing that name would invalidate
|
||||
the uniqueness.
|
||||
version_added: "2.5"
|
||||
version_added: 2.5
|
||||
options:
|
||||
name:
|
||||
description:
|
||||
|
@ -77,30 +77,23 @@ RETURN = r'''
|
|||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
|
|
@ -19,7 +19,7 @@ short_description: Manage HTTPD related settings on BIG-IP
|
|||
description:
|
||||
- Manages HTTPD related settings on the BIG-IP. These settings are interesting
|
||||
to change when you want to set GUI timeouts and other TMUI related settings.
|
||||
version_added: "2.5"
|
||||
version_added: 2.5
|
||||
options:
|
||||
allow:
|
||||
description:
|
||||
|
@ -64,6 +64,31 @@ options:
|
|||
ssl_port:
|
||||
description:
|
||||
- The HTTPS port to listen on.
|
||||
ssl_cipher_suite:
|
||||
description:
|
||||
- Specifies the ciphers that the system uses.
|
||||
- The values in the suite are separated by colons (:).
|
||||
- Can be specified in either a string or list form. The list form is the
|
||||
recommended way to provide the cipher suite. See examples for usage.
|
||||
- Use the value C(default) to set the cipher suite to the system default.
|
||||
This value is equivalent to specifying a list of C(ECDHE-RSA-AES128-GCM-SHA256,
|
||||
ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES128-SHA,ECDHE-RSA-AES256-SHA,
|
||||
ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES256-SHA384,ECDHE-ECDSA-AES128-GCM-SHA256,
|
||||
ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES128-SHA,ECDHE-ECDSA-AES256-SHA,
|
||||
ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES256-SHA384,AES128-GCM-SHA256,
|
||||
AES256-GCM-SHA384,AES128-SHA,AES256-SHA,AES128-SHA256,AES256-SHA256,
|
||||
ECDHE-RSA-DES-CBC3-SHA,ECDHE-ECDSA-DES-CBC3-SHA,DES-CBC3-SHA).
|
||||
version_added: 2.6
|
||||
ssl_protocols:
|
||||
description:
|
||||
- The list of SSL protocols to accept on the management console.
|
||||
- A space-separated list of tokens in the format accepted by the Apache
|
||||
mod_ssl SSLProtocol directive.
|
||||
- Can be specified in either a string or list form. The list form is the
|
||||
recommended way to provide the cipher suite. See examples for usage.
|
||||
- Use the value C(default) to set the SSL protocols to the system default.
|
||||
This value is equivalent to specifying a list of C(all,-SSLv2,-SSLv3).
|
||||
version_added: 2.6
|
||||
notes:
|
||||
- Requires the requests Python package on the host. This is as easy as
|
||||
C(pip install requests).
|
||||
|
@ -99,6 +124,45 @@ EXAMPLES = r'''
|
|||
server: lb.mydomain.com
|
||||
user: admin
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Set SSL cipher suite by list
|
||||
bigip_device_httpd:
|
||||
password: secret
|
||||
server: lb.mydomain.com
|
||||
user: admin
|
||||
ssl_cipher_suite:
|
||||
- ECDHE-RSA-AES128-GCM-SHA256
|
||||
- ECDHE-RSA-AES256-GCM-SHA384
|
||||
- ECDHE-RSA-AES128-SHA
|
||||
- AES256-SHA256
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Set SSL cipher suite by string
|
||||
bigip_device_httpd:
|
||||
password: secret
|
||||
server: lb.mydomain.com
|
||||
user: admin
|
||||
ssl_cipher_suite: ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:AES256-SHA256
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Set SSL protocols by list
|
||||
bigip_device_httpd:
|
||||
password: secret
|
||||
server: lb.mydomain.com
|
||||
user: admin
|
||||
ssl_protocols:
|
||||
- all
|
||||
- -SSLv2
|
||||
- -SSLv3
|
||||
delegate_to: localhost
|
||||
|
||||
- name: Set SSL protocols by string
|
||||
bigip_device_httpd:
|
||||
password: secret
|
||||
server: lb.mydomain.com
|
||||
user: admin
|
||||
ssl_cipher_suite: all -SSLv2 -SSLv3
|
||||
delegate_to: localhost
|
||||
'''
|
||||
|
||||
RETURN = r'''
|
||||
|
@ -152,36 +216,40 @@ ssl_port:
|
|||
returned: changed
|
||||
type: int
|
||||
sample: 10443
|
||||
ssl_cipher_suite:
|
||||
description: The new ciphers that the system uses.
|
||||
returned: changed
|
||||
type: string
|
||||
sample: ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA
|
||||
ssl_protocols:
|
||||
description: The new list of SSL protocols to accept on the management console.
|
||||
returned: changed
|
||||
type: string
|
||||
sample: all -SSLv2 -SSLv3
|
||||
'''
|
||||
|
||||
import time
|
||||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
from ansible.module_utils.six import string_types
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
@ -206,29 +274,55 @@ class Parameters(AnsibleF5Parameters):
|
|||
'logLevel': 'log_level',
|
||||
'maxClients': 'max_clients',
|
||||
'redirectHttpToHttps': 'redirect_http_to_https',
|
||||
'sslPort': 'ssl_port'
|
||||
'sslPort': 'ssl_port',
|
||||
'sslCiphersuite': 'ssl_cipher_suite',
|
||||
'sslProtocol': 'ssl_protocols'
|
||||
}
|
||||
|
||||
api_attributes = [
|
||||
'authPamIdleTimeout', 'authPamValidateIp', 'authName', 'authPamDashboardTimeout',
|
||||
'fastcgiTimeout', 'hostnameLookup', 'logLevel', 'maxClients', 'sslPort',
|
||||
'redirectHttpToHttps', 'allow'
|
||||
'redirectHttpToHttps', 'allow', 'sslCiphersuite', 'sslProtocol'
|
||||
]
|
||||
|
||||
returnables = [
|
||||
'auth_pam_idle_timeout', 'auth_pam_validate_ip', 'auth_name',
|
||||
'auth_pam_dashboard_timeout', 'fast_cgi_timeout', 'hostname_lookup',
|
||||
'log_level', 'max_clients', 'redirect_http_to_https', 'ssl_port',
|
||||
'allow'
|
||||
'allow', 'ssl_cipher_suite', 'ssl_protocols'
|
||||
]
|
||||
|
||||
updatables = [
|
||||
'auth_pam_idle_timeout', 'auth_pam_validate_ip', 'auth_name',
|
||||
'auth_pam_dashboard_timeout', 'fast_cgi_timeout', 'hostname_lookup',
|
||||
'log_level', 'max_clients', 'redirect_http_to_https', 'ssl_port',
|
||||
'allow'
|
||||
'allow', 'ssl_cipher_suite', 'ssl_protocols'
|
||||
]
|
||||
|
||||
_ciphers = "ECDHE-RSA-AES128-GCM-SHA256:" \
|
||||
"ECDHE-RSA-AES256-GCM-SHA384:" \
|
||||
"ECDHE-RSA-AES128-SHA:" \
|
||||
"ECDHE-RSA-AES256-SHA:" \
|
||||
"ECDHE-RSA-AES128-SHA256:" \
|
||||
"ECDHE-RSA-AES256-SHA384:" \
|
||||
"ECDHE-ECDSA-AES128-GCM-SHA256:" \
|
||||
"ECDHE-ECDSA-AES256-GCM-SHA384:" \
|
||||
"ECDHE-ECDSA-AES128-SHA:" \
|
||||
"ECDHE-ECDSA-AES256-SHA:" \
|
||||
"ECDHE-ECDSA-AES128-SHA256:" \
|
||||
"ECDHE-ECDSA-AES256-SHA384:" \
|
||||
"AES128-GCM-SHA256:" \
|
||||
"AES256-GCM-SHA384:" \
|
||||
"AES128-SHA:" \
|
||||
"AES256-SHA:" \
|
||||
"AES128-SHA256:" \
|
||||
"AES256-SHA256:" \
|
||||
"ECDHE-RSA-DES-CBC3-SHA:" \
|
||||
"ECDHE-ECDSA-DES-CBC3-SHA:" \
|
||||
"DES-CBC3-SHA"
|
||||
|
||||
_protocols = 'all -SSLv2 -SSLv3'
|
||||
|
||||
@property
|
||||
def auth_pam_idle_timeout(self):
|
||||
if self._values['auth_pam_idle_timeout'] is None:
|
||||
|
@ -300,6 +394,46 @@ class ModuleParameters(Parameters):
|
|||
result = sorted(result)
|
||||
return result
|
||||
|
||||
@property
|
||||
def ssl_cipher_suite(self):
|
||||
if self._values['ssl_cipher_suite'] is None:
|
||||
return None
|
||||
if isinstance(self._values['ssl_cipher_suite'], string_types):
|
||||
ciphers = self._values['ssl_cipher_suite'].strip()
|
||||
else:
|
||||
ciphers = self._values['ssl_cipher_suite']
|
||||
if not ciphers:
|
||||
raise F5ModuleError(
|
||||
"ssl_cipher_suite may not be set to 'none'"
|
||||
)
|
||||
if ciphers == 'default':
|
||||
ciphers = ':'.join(sorted(Parameters._ciphers.split(':')))
|
||||
elif isinstance(self._values['ssl_cipher_suite'], string_types):
|
||||
ciphers = ':'.join(sorted(ciphers.split(':')))
|
||||
else:
|
||||
ciphers = ':'.join(sorted(ciphers))
|
||||
return ciphers
|
||||
|
||||
@property
|
||||
def ssl_protocols(self):
|
||||
if self._values['ssl_protocols'] is None:
|
||||
return None
|
||||
if isinstance(self._values['ssl_protocols'], string_types):
|
||||
protocols = self._values['ssl_protocols'].strip()
|
||||
else:
|
||||
protocols = self._values['ssl_protocols']
|
||||
if not protocols:
|
||||
raise F5ModuleError(
|
||||
"ssl_protocols may not be set to 'none'"
|
||||
)
|
||||
if protocols == 'default':
|
||||
protocols = ' '.join(sorted(Parameters._protocols.split(' ')))
|
||||
elif isinstance(protocols, string_types):
|
||||
protocols = ' '.join(sorted(protocols.split(' ')))
|
||||
else:
|
||||
protocols = ' '.join(sorted(protocols))
|
||||
return protocols
|
||||
|
||||
|
||||
class ApiParameters(Parameters):
|
||||
@property
|
||||
|
@ -331,7 +465,21 @@ class UsableChanges(Changes):
|
|||
|
||||
|
||||
class ReportableChanges(Changes):
|
||||
pass
|
||||
@property
|
||||
def ssl_cipher_suite(self):
|
||||
default = ':'.join(sorted(Parameters._ciphers.split(':')))
|
||||
if self._values['ssl_cipher_suite'] == default:
|
||||
return 'default'
|
||||
else:
|
||||
return self._values['ssl_cipher_suite']
|
||||
|
||||
@property
|
||||
def ssl_protocols(self):
|
||||
default = ' '.join(sorted(Parameters._protocols.split(' ')))
|
||||
if self._values['ssl_protocols'] == default:
|
||||
return 'default'
|
||||
else:
|
||||
return self._values['ssl_protocols']
|
||||
|
||||
|
||||
class Difference(object):
|
||||
|
@ -449,7 +597,6 @@ class ModuleManager(object):
|
|||
def update_on_device(self):
|
||||
params = self.changes.api_params()
|
||||
resource = self.client.api.tm.sys.httpd.load()
|
||||
|
||||
try:
|
||||
resource.modify(**params)
|
||||
return True
|
||||
|
@ -504,7 +651,9 @@ class ArgumentSpec(object):
|
|||
),
|
||||
redirect_http_to_https=dict(
|
||||
type='bool'
|
||||
)
|
||||
),
|
||||
ssl_cipher_suite=dict(type='raw'),
|
||||
ssl_protocols=dict(type='raw')
|
||||
)
|
||||
self.argument_spec = {}
|
||||
self.argument_spec.update(f5_argument_spec)
|
||||
|
|
|
@ -17,7 +17,7 @@ module: bigip_device_ntp
|
|||
short_description: Manage NTP servers on a BIG-IP
|
||||
description:
|
||||
- Manage NTP servers on a BIG-IP.
|
||||
version_added: "2.2"
|
||||
version_added: 2.2
|
||||
options:
|
||||
ntp_servers:
|
||||
description:
|
||||
|
@ -79,30 +79,23 @@ timezone:
|
|||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
|
|
@ -17,7 +17,7 @@ module: bigip_device_sshd
|
|||
short_description: Manage the SSHD settings of a BIG-IP
|
||||
description:
|
||||
- Manage the SSHD settings of a BIG-IP.
|
||||
version_added: "2.2"
|
||||
version_added: 2.2
|
||||
options:
|
||||
allow:
|
||||
description:
|
||||
|
@ -147,30 +147,23 @@ port:
|
|||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
@ -229,13 +222,33 @@ class Parameters(AnsibleF5Parameters):
|
|||
return result
|
||||
|
||||
|
||||
class ApiParameters(Parameters):
|
||||
pass
|
||||
|
||||
|
||||
class ModuleParameters(Parameters):
|
||||
pass
|
||||
|
||||
|
||||
class Changes(Parameters):
|
||||
pass
|
||||
|
||||
|
||||
class UsableChanges(Changes):
|
||||
pass
|
||||
|
||||
|
||||
class ReportableChanges(Changes):
|
||||
pass
|
||||
|
||||
|
||||
class ModuleManager(object):
|
||||
def __init__(self, *args, **kwargs):
|
||||
self.module = kwargs.get('module', None)
|
||||
self.client = kwargs.get('client', None)
|
||||
self.have = None
|
||||
self.want = Parameters(params=self.module.params)
|
||||
self.changes = Parameters()
|
||||
self.want = ModuleParameters(params=self.module.params)
|
||||
self.changes = UsableChanges()
|
||||
|
||||
def _update_changed_options(self):
|
||||
changed = {}
|
||||
|
@ -246,7 +259,7 @@ class ModuleManager(object):
|
|||
if attr1 != attr2:
|
||||
changed[key] = attr1
|
||||
if changed:
|
||||
self.changes = Parameters(params=changed)
|
||||
self.changes = UsableChanges(params=changed)
|
||||
return True
|
||||
return False
|
||||
|
||||
|
@ -266,7 +279,7 @@ class ModuleManager(object):
|
|||
def read_current_from_device(self):
|
||||
resource = self.client.api.tm.sys.sshd.load()
|
||||
result = resource.attrs
|
||||
return Parameters(params=result)
|
||||
return ApiParameters(params=result)
|
||||
|
||||
def update(self):
|
||||
self.have = self.read_current_from_device()
|
||||
|
@ -284,7 +297,7 @@ class ModuleManager(object):
|
|||
return False
|
||||
|
||||
def update_on_device(self):
|
||||
params = self.want.api_params()
|
||||
params = self.changes.api_params()
|
||||
resource = self.client.api.tm.sys.sshd.load()
|
||||
resource.update(**params)
|
||||
|
||||
|
|
|
@ -19,7 +19,7 @@ description:
|
|||
- Manage the trust relationships between BIG-IPs. Devices, once peered, cannot
|
||||
be updated. If updating is needed, the peer must first be removed before it
|
||||
can be re-added to the trust.
|
||||
version_added: "2.5"
|
||||
version_added: 2.5
|
||||
options:
|
||||
peer_server:
|
||||
description:
|
||||
|
@ -107,30 +107,23 @@ import re
|
|||
|
||||
from ansible.module_utils.basic import AnsibleModule
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
@ -189,7 +182,7 @@ class Parameters(AnsibleF5Parameters):
|
|||
def peer_hostname(self):
|
||||
if self._values['peer_hostname'] is None:
|
||||
return self.peer_server
|
||||
regex = re.compile('[^a-zA-Z.-_]')
|
||||
regex = re.compile(r'[^a-zA-Z0-9.\-_]')
|
||||
result = regex.sub('_', self._values['peer_hostname'])
|
||||
return result
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ description:
|
|||
where the physical network components reside, such as the server and link
|
||||
objects that share the same subnet on the network. This module is able to
|
||||
manipulate the data center definitions in a BIG-IP.
|
||||
version_added: "2.2"
|
||||
version_added: 2.2
|
||||
options:
|
||||
contact:
|
||||
description:
|
||||
|
@ -107,30 +107,23 @@ location:
|
|||
from ansible.module_utils.basic import AnsibleModule
|
||||
from ansible.module_utils.basic import env_fallback
|
||||
|
||||
HAS_DEVEL_IMPORTS = False
|
||||
|
||||
try:
|
||||
# Sideband repository used for dev
|
||||
from library.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from library.module_utils.network.f5.bigip import F5Client
|
||||
from library.module_utils.network.f5.common import F5ModuleError
|
||||
from library.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from library.module_utils.network.f5.common import cleanup_tokens
|
||||
from library.module_utils.network.f5.common import fqdn_name
|
||||
from library.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from library.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
except ImportError:
|
||||
HAS_F5SDK = False
|
||||
HAS_DEVEL_IMPORTS = True
|
||||
except ImportError:
|
||||
# Upstream Ansible
|
||||
from ansible.module_utils.network.f5.bigip import HAS_F5SDK
|
||||
from ansible.module_utils.network.f5.bigip import F5Client
|
||||
from ansible.module_utils.network.f5.common import F5ModuleError
|
||||
from ansible.module_utils.network.f5.common import AnsibleF5Parameters
|
||||
from ansible.module_utils.network.f5.common import cleanup_tokens
|
||||
from ansible.module_utils.network.f5.common import fqdn_name
|
||||
from ansible.module_utils.network.f5.common import f5_argument_spec
|
||||
try:
|
||||
from ansible.module_utils.network.f5.common import iControlUnexpectedHTTPError
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue