ansible-collections/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2025-07-22 12:50:22 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Initial commit

Browse source
This commit is contained in:
Ansible Core Team 2020-03-09 09:11:07 +00:00
commit aebc1b03fd
4861 changed files with 812621 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

226
plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group.py Normal file
View file

@ -0,0 +1,226 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_aaa_group
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy an aaa group object in Sophos UTM.
description:
- Create, update or destroy an aaa group object in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry.
type: str
required: true
adirectory_groups:
description:
- List of adirectory group strings.
type: list
adirectory_groups_sids:
description:
- Dictionary of group sids.
type: dict
backend_match:
description:
- The backend for the group.
type: str
choices:
- none
- adirectory
- edirectory
- radius
- tacacs
- ldap
default: none
comment:
description:
- Comment that describes the AAA group.
type: str
default: ''
dynamic:
description:
- Group type. Is static if none is selected.
type: str
default: none
choices:
- none
- ipsec_dn
- directory_groups
edirectory_groups:
description:
- List of edirectory group strings.
type: list
ipsec_dn:
description:
- The ipsec dn string.
type: str
ldap_attribute:
description:
- The ldap attribute to check against.
type: str
ldap_attribute_value:
description:
- The ldap attribute value to check against.
type: str
members:
description:
- A list of user ref names (aaa/user).
type: list
default: []
network:
description:
- The network reference name. The objects contains the known ip addresses for the authentication object (network/aaa).
type: str
default: ""
radius_groups:
description:
- A list of radius group strings.
type: list
default: []
tacacs_groups:
description:
- A list of tacacs group strings.
type: list
default: []
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create UTM aaa_group
utm_aaa_group:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAAAGroupEntry
backend_match: ldap
dynamic: directory_groups
ldap_attributes: memberof
ldap_attributes_value: "cn=groupname,ou=Groups,dc=mydomain,dc=com"
network: REF_OBJECT_STRING
state: present
- name: Remove UTM aaa_group
utm_aaa_group:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAAAGroupEntry
state: absent
"""
RETURN = """
result:
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
adirectory_groups:
description: List of Active Directory Groups.
type: str
adirectory_groups_sids:
description: List of Active Directory Groups SIDS.
type: list
backend_match:
description: The backend to use.
type: str
comment:
description: The comment string.
type: str
dynamic:
description: Whether the group match is ipsec_dn or directory_group.
type: str
edirectory_groups:
description: List of eDirectory Groups.
type: str
ipsec_dn:
description: ipsec_dn identifier to match.
type: str
ldap_attribute:
description: The LDAP Attribute to match against.
type: str
ldap_attribute_value:
description: The LDAP Attribute Value to match against.
type: str
members:
description: List of member identifiers of the group.
type: list
network:
description: The identifier of the network (network/aaa).
type: str
radius_group:
description: The radius group identifier.
type: str
tacacs_group:
description: The tacacs group identifier.
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "aaa/group"
key_to_check_for_changes = ["comment", "adirectory_groups", "adirectory_groups_sids", "backend_match", "dynamic",
"edirectory_groups", "ipsec_dn", "ldap_attribute", "ldap_attribute_value", "members",
"network", "radius_groups", "tacacs_groups"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
adirectory_groups=dict(type='list', elements='str', required=False, default=[]),
adirectory_groups_sids=dict(type='dict', required=False, default={}),
backend_match=dict(type='str', required=False, default="none",
choices=["none", "adirectory", "edirectory", "radius", "tacacs", "ldap"]),
comment=dict(type='str', required=False, default=""),
dynamic=dict(type='str', required=False, default="none", choices=["none", "ipsec_dn", "directory_groups"]),
edirectory_groups=dict(type='list', elements='str', required=False, default=[]),
ipsec_dn=dict(type='str', required=False, default=""),
ldap_attribute=dict(type='str', required=False, default=""),
ldap_attribute_value=dict(type='str', required=False, default=""),
members=dict(type='list', elements='str', required=False, default=[]),
network=dict(type='str', required=False, default=""),
radius_groups=dict(type='list', elements='str', required=False, default=[]),
tacacs_groups=dict(type='list', elements='str', required=False, default=[]),
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

127
plugins/modules/web_infrastructure/sophos_utm/utm_aaa_group_info.py Normal file
View file

@ -0,0 +1,127 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_aaa_group_info
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: get info for reverse_proxy frontend entry in Sophos UTM
description:
- get info for a reverse_proxy frontend entry in SOPHOS UTM.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Remove UTM aaa_group
utm_aaa_group_info:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAAAGroupEntry
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
adirectory_groups:
description: List of Active Directory Groups
type: str
adirectory_groups_sids:
description: List of Active Directory Groups SIDS
type: list
backend_match:
description: The backend to use
type: str
comment:
description: The comment string
type: str
dynamic:
description: Whether the group match is ipsec_dn or directory_group
type: str
edirectory_groups:
description: List of eDirectory Groups
type: str
ipsec_dn:
description: ipsec_dn identifier to match
type: str
ldap_attribute:
description: The LDAP Attribute to match against
type: str
ldap_attribute_value:
description: The LDAP Attribute Value to match against
type: str
members:
description: List of member identifiers of the group
type: list
network:
description: The identifier of the network (network/aaa)
type: str
radius_group:
description: The radius group identifier
type: str
tacacs_group:
description: The tacacs group identifier
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "aaa/group"
key_to_check_for_changes = []
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True)
)
)
try:
UTM(module, endpoint, key_to_check_for_changes, info_only=True).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

163
plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert.py Normal file
View file

@ -0,0 +1,163 @@
#!/usr/bin/python
# Copyright: (c) 2018, Stephan Schwarz <stearz@gmx.de>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_ca_host_key_cert
author:
- Stephan Schwarz (@stearz)
short_description: create, update or destroy ca host_key_cert entry in Sophos UTM
description:
- Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry.
required: true
ca:
description:
- A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
required: true
meta:
description:
- A reference to an existing utm_ca_meta_x509 object.
required: true
certificate:
description:
- The certificate in PEM format.
required: true
comment:
description:
- Optional comment string.
encrypted:
description:
- Optionally enable encryption.
default: False
type: bool
key:
description:
- Optional private key in PEM format.
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
# Create a ca_host_key_cert entry
- name: utm ca_host_key_cert
utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
ca: REF_ca/signing_ca_OBJECT_STRING
meta: REF_ca/meta_x509_OBJECT_STRING
certificate: |
--- BEGIN CERTIFICATE ---
. . .
. . .
. . .
--- END CERTIFICATE ---
state: present
# Remove a ca_host_key_cert entry
- name: utm ca_host_key_cert
utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: absent
# Read a ca_host_key_cert entry
- name: utm ca_host_key_cert
utm_ca_host_key_cert:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: info
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
ca:
description: A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
type: str
meta:
description: A reference to an existing utm_ca_meta_x509 object.
type: str
certificate:
description: The certificate in PEM format
type: str
comment:
description: Comment string (may be empty string)
type: str
encrypted:
description: If encryption is enabled
type: bool
key:
description: Private key in PEM format (may be empty string)
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "ca/host_key_cert"
key_to_check_for_changes = ["ca", "certificate", "comment", "encrypted", "key", "meta"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
ca=dict(type='str', required=True),
meta=dict(type='str', required=True),
certificate=dict(type='str', required=True),
comment=dict(type='str', required=False),
encrypted=dict(type='bool', required=False, default=False),
key=dict(type='str', required=False, no_log=True),
)
)
try:
# This is needed because the bool value only accepts int values in the backend
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

106
plugins/modules/web_infrastructure/sophos_utm/utm_ca_host_key_cert_info.py Normal file
View file

@ -0,0 +1,106 @@
#!/usr/bin/python
# Copyright: (c) 2018, Stephan Schwarz <stearz@gmx.de>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_ca_host_key_cert_info
author:
- Stephan Schwarz (@stearz)
short_description: Get info for a ca host_key_cert entry in Sophos UTM
description:
- Get info for a ca host_key_cert entry in SOPHOS UTM.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: utm ca_host_key_cert_info
utm_ca_host_key_cert_info:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
ca:
description: A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
type: str
meta:
description: A reference to an existing utm_ca_meta_x509 object.
type: str
certificate:
description: The certificate in PEM format
type: str
comment:
description: Comment string (may be empty string)
type: str
encrypted:
description: If encryption is enabled
type: bool
key:
description: Private key in PEM format (may be empty string)
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "ca/host_key_cert"
key_to_check_for_changes = []
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True)
)
)
try:
# This is needed because the bool value only accepts int values in the backend
UTM(module, endpoint, key_to_check_for_changes, info_only=True).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

156
plugins/modules/web_infrastructure/sophos_utm/utm_dns_host.py Normal file
View file

@ -0,0 +1,156 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_dns_host
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: create, update or destroy dns entry in Sophos UTM
description:
- Create, update or destroy a dns entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
address:
description:
- The IPV4 Address of the entry. Can be left empty for automatic resolving.
default: 0.0.0.0
address6:
description:
- The IPV6 Address of the entry. Can be left empty for automatic resolving.
default: "::"
comment:
description:
- An optional comment to add to the dns host object
hostname:
description:
- The hostname for the dns host object
interface:
description:
- The reference name of the interface to use. If not provided the default interface will be used
resolved:
description:
- whether the hostname's ipv4 address is already resolved or not
default: False
type: bool
resolved6:
description:
- whether the hostname's ipv6 address is already resolved or not
default: False
type: bool
timeout:
description:
- the timeout for the utm to resolve the ip address for the hostname again
default: 0
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create UTM dns host entry
utm_dns_host:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestDNSEntry
hostname: testentry.some.tld
state: present
- name: Remove UTM dns host entry
utm_dns_host:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestDNSEntry
state: absent
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
name:
description: The name of the object
type: str
address:
description: The ipv4 address of the object
type: str
address6:
description: The ipv6 address of the object
type: str
comment:
description: The comment string
type: str
hostname:
description: The hostname of the object
type: str
interface:
description: The reference name of the interface the object is associated with
type: str
resolved:
description: Whether the ipv4 address is resolved or not
type: bool
resolved6:
description: Whether the ipv6 address is resolved or not
type: bool
timeout:
description: The timeout until a new resolving will be attempted
type: int
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "network/dns_host"
key_to_check_for_changes = ["comment", "hostname", "interface"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
address=dict(type='str', required=False, default='0.0.0.0'),
address6=dict(type='str', required=False, default='::'),
comment=dict(type='str', required=False, default=""),
hostname=dict(type='str', required=False),
interface=dict(type='str', required=False, default=""),
resolved=dict(type='bool', required=False, default=False),
resolved6=dict(type='bool', required=False, default=False),
timeout=dict(type='int', required=False, default=0),
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

136
plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address.py Normal file
View file

@ -0,0 +1,136 @@
#!/usr/bin/python
# Copyright: (c) 2018, Juergen Wiebe <wiebe@e-spirit.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_network_interface_address
author:
- Juergen Wiebe (@steamx)
short_description: Create, update or destroy network/interface_address object
description:
- Create, update or destroy a network/interface_address object in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
address:
description:
- The ip4 address of the network/interface_address object.
required: true
address6:
description:
- The ip6 address of the network/interface_address object.
required: false
comment:
description:
- An optional comment to add to the object
resolved:
description:
- Whether or not the object is resolved
resolved6:
description:
- Whether or not the object is resolved
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
# Create a network interface address
- name: utm network interface address
utm_proxy_backend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestNetworkInterfaceAddress
address: 0.0.0.0
state: present
# Remove a network interface address
- name: utm network interface address
network_interface_address:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestNetworkInterfaceAddress
address: 0.0.0.0
state: absent
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
address:
description: The ip4 address of the network/interface_address object
type: str
address6:
description: The ip6 address of the network/interface_address object
type: str
comment:
description: The comment string
type: str
resolved:
description: Whether or not the object is resolved
type: bool
resolved6:
description: Whether or not the object is resolved
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "network/interface_address"
key_to_check_for_changes = ["comment", "address"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
address=dict(type='str', required=True),
comment=dict(type='str', required=False, default=""),
address6=dict(type='str', required=False),
resolved=dict(type='boolean', required=False),
resolved6=dict(type='boolean', required=False)
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

101
plugins/modules/web_infrastructure/sophos_utm/utm_network_interface_address_info.py Normal file
View file

@ -0,0 +1,101 @@
#!/usr/bin/python
# Copyright: (c) 2018, Juergen Wiebe <wiebe@e-spirit.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_network_interface_address_info
author:
- Juergen Wiebe (@steamx)
short_description: Get info for a network/interface_address object
description:
- Get info for a network/interface_address object in SOPHOS UTM.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: utm network interface address
utm_proxy_interface_address_info:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestNetworkInterfaceAddress
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
address:
description: The ip4 address of the network/interface_address object
type: str
address6:
description: The ip6 address of the network/interface_address object
type: str
comment:
description: The comment string
type: str
resolved:
description: Whether or not the object is resolved
type: bool
resolved6:
description: Whether or not the object is resolved
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "network/interface_address"
key_to_check_for_changes = []
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True)
)
)
try:
UTM(module, endpoint, key_to_check_for_changes, info_only=True).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

348
plugins/modules/web_infrastructure/sophos_utm/utm_proxy_auth_profile.py Normal file
View file

@ -0,0 +1,348 @@
#!/usr/bin/python
# Copyright: (c) 2018, Stephan Schwarz <stearz@gmx.de>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_proxy_auth_profile
author:
- Stephan Schwarz (@stearz)
short_description: create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
aaa:
description:
- List of references to utm_aaa objects (allowed users or groups)
required: true
basic_prompt:
description:
- The message in the basic authentication prompt
required: true
backend_mode:
description:
- Specifies if the backend server needs authentication ([Basic|None])
default: None
choices:
- Basic
- None
backend_strip_basic_auth:
description:
- Should the login data be stripped when proxying the request to the backend host
type: bool
default: True
choices:
- True
- False
backend_user_prefix:
description:
- Prefix string to prepend to the username for backend authentication
default: ""
backend_user_suffix:
description:
- Suffix string to append to the username for backend authentication
default: ""
comment:
description:
- Optional comment string
default: ""
frontend_cookie:
description:
- Frontend cookie name
frontend_cookie_secret:
description:
- Frontend cookie secret
frontend_form:
description:
- Frontend authentication form name
frontend_form_template:
description:
- Frontend authentication form template
default: ""
frontend_login:
description:
- Frontend login name
frontend_logout:
description:
- Frontend logout name
frontend_mode:
description:
- Frontend authentication mode (Form|Basic)
default: Basic
choices:
- Basic
- Form
frontend_realm:
description:
- Frontend authentication realm
frontend_session_allow_persistency:
description:
- Allow session persistency
type: bool
default: False
choices:
- True
- False
frontend_session_lifetime:
description:
- session lifetime
required: true
frontend_session_lifetime_limited:
description:
- Specifies if limitation of session lifetime is active
type: bool
default: True
choices:
- True
- False
frontend_session_lifetime_scope:
description:
- scope for frontend_session_lifetime (days|hours|minutes)
default: hours
choices:
- days
- hours
- minutes
frontend_session_timeout:
description:
- session timeout
required: true
frontend_session_timeout_enabled:
description:
- Specifies if session timeout is active
type: bool
default: True
choices:
- True
- False
frontend_session_timeout_scope:
description:
- scope for frontend_session_timeout (days|hours|minutes)
default: minutes
choices:
- days
- hours
- minutes
logout_delegation_urls:
description:
- List of logout URLs that logouts are delegated to
default: []
logout_mode:
description:
- Mode of logout (None|Delegation)
default: None
choices:
- None
- Delegation
redirect_to_requested_url:
description:
- Should a redirect to the requested URL be made
type: bool
default: False
choices:
- True
- False
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create UTM proxy_auth_profile
utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
basic_prompt: "Authentication required: Please login"
frontend_session_lifetime: 1
frontend_session_timeout: 1
state: present
- name: Remove UTM proxy_auth_profile
utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: absent
- name: Read UTM proxy_auth_profile
utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: info
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
aaa:
description: List of references to utm_aaa objects (allowed users or groups)
type: list
basic_prompt:
description: The message in the basic authentication prompt
type: str
backend_mode:
description: Specifies if the backend server needs authentication ([Basic|None])
type: str
backend_strip_basic_auth:
description: Should the login data be stripped when proxying the request to the backend host
type: bool
backend_user_prefix:
description: Prefix string to prepend to the username for backend authentication
type: str
backend_user_suffix:
description: Suffix string to append to the username for backend authentication
type: str
comment:
description: Optional comment string
type: str
frontend_cookie:
description: Frontend cookie name
type: str
frontend_cookie_secret:
description: Frontend cookie secret
type: str
frontend_form:
description: Frontend authentication form name
type: str
frontend_form_template:
description: Frontend authentication form template
type: str
frontend_login:
description: Frontend login name
type: str
frontend_logout:
description: Frontend logout name
type: str
frontend_mode:
description: Frontend authentication mode (Form|Basic)
type: str
frontend_realm:
description: Frontend authentication realm
type: str
frontend_session_allow_persistency:
description: Allow session persistency
type: bool
frontend_session_lifetime:
description: session lifetime
type: int
frontend_session_lifetime_limited:
description: Specifies if limitation of session lifetime is active
type: bool
frontend_session_lifetime_scope:
description: scope for frontend_session_lifetime (days|hours|minutes)
type: str
frontend_session_timeout:
description: session timeout
type: int
frontend_session_timeout_enabled:
description: Specifies if session timeout is active
type: bool
frontend_session_timeout_scope:
description: scope for frontend_session_timeout (days|hours|minutes)
type: str
logout_delegation_urls:
description: List of logout URLs that logouts are delegated to
type: list
logout_mode:
description: Mode of logout (None|Delegation)
type: str
redirect_to_requested_url:
description: Should a redirect to the requested URL be made
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/auth_profile"
key_to_check_for_changes = ["aaa", "basic_prompt", "backend_mode", "backend_strip_basic_auth",
"backend_user_prefix", "backend_user_suffix", "comment", "frontend_cookie",
"frontend_cookie_secret", "frontend_form", "frontend_form_template",
"frontend_login", "frontend_logout", "frontend_mode", "frontend_realm",
"frontend_session_allow_persistency", "frontend_session_lifetime",
"frontend_session_lifetime_limited", "frontend_session_lifetime_scope",
"frontend_session_timeout", "frontend_session_timeout_enabled",
"frontend_session_timeout_scope", "logout_delegation_urls", "logout_mode",
"redirect_to_requested_url"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
aaa=dict(type='list', elements='str', required=True),
basic_prompt=dict(type='str', required=True),
backend_mode=dict(type='str', required=False, default="None", choices=['Basic', 'None']),
backend_strip_basic_auth=dict(type='bool', required=False, default=True, choices=[True, False]),
backend_user_prefix=dict(type='str', required=False, default=""),
backend_user_suffix=dict(type='str', required=False, default=""),
comment=dict(type='str', required=False, default=""),
frontend_cookie=dict(type='str', required=False),
frontend_cookie_secret=dict(type='str', required=False),
frontend_form=dict(type='str', required=False),
frontend_form_template=dict(type='str', required=False, default=""),
frontend_login=dict(type='str', required=False),
frontend_logout=dict(type='str', required=False),
frontend_mode=dict(type='str', required=False, default="Basic", choices=['Basic', 'Form']),
frontend_realm=dict(type='str', required=False),
frontend_session_allow_persistency=dict(type='bool', required=False, default=False, choices=[True, False]),
frontend_session_lifetime=dict(type='int', required=True),
frontend_session_lifetime_limited=dict(type='bool', required=False, default=True, choices=[True, False]),
frontend_session_lifetime_scope=dict(type='str', required=False, default="hours", choices=['days', 'hours', 'minutes']),
frontend_session_timeout=dict(type='int', required=True),
frontend_session_timeout_enabled=dict(type='bool', required=False, default=True, choices=[True, False]),
frontend_session_timeout_scope=dict(type='str', required=False, default="minutes", choices=['days', 'hours', 'minutes']),
logout_delegation_urls=dict(type='list', elements='str', required=False, default=[]),
logout_mode=dict(type='str', required=False, default="None", choices=['None', 'Delegation']),
redirect_to_requested_url=dict(type='bool', required=False, default=False, choices=[True, False])
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

242
plugins/modules/web_infrastructure/sophos_utm/utm_proxy_exception.py Normal file
View file

@ -0,0 +1,242 @@
#!/usr/bin/python
# Copyright: (c) 2018, Sebastian Schenzel <sebastian.schenzel@mailbox.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_proxy_exception
author:
- Sebastian Schenzel (@RickS-C137)
short_description: Create, update or destroy reverse_proxy exception entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: True
type: str
op:
description:
- The operand to be used with the entries of the path parameter
default: 'AND'
choices:
- 'AND'
- 'OR'
required: False
type: str
path:
description:
- The paths the exception in the reverse proxy is defined for
type: list
default: []
required: False
skip_custom_threats_filters:
description:
- A list of threats to be skipped
type: list
default: []
required: False
skip_threats_filter_categories:
description:
- Define which categories of threats are skipped
type: list
default: []
required: False
skipav:
description:
- Skip the Antivirus Scanning
default: False
type: bool
required: False
skipbadclients:
description:
- Block clients with bad reputation
default: False
type: bool
required: False
skipcookie:
description:
- Skip the Cookie Signing check
default: False
type: bool
required: False
skipform:
description:
- Enable form hardening
default: False
type: bool
required: False
skipform_missingtoken:
description:
- Enable form hardening with missing tokens
default: False
type: bool
required: False
skiphtmlrewrite:
description:
- Protection against SQL
default: False
type: bool
required: False
skiptft:
description:
- Enable true file type control
default: False
type: bool
required: False
skipurl:
description:
- Enable static URL hardening
default: False
type: bool
required: False
source:
description:
- Define which categories of threats are skipped
type: list
default: []
required: False
status:
description:
- Status of the exception rule set
default: True
type: bool
required: False
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create UTM proxy_exception
utm_proxy_exception:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestExceptionEntry
backend: REF_OBJECT_STRING
state: present
- name: Remove UTM proxy_exception
utm_proxy_exception:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestExceptionEntry
state: absent
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
comment:
description: The optional comment string
op:
description: The operand to be used with the entries of the path parameter
type: str
path:
description: The paths the exception in the reverse proxy is defined for
type: list
skip_custom_threats_filters:
description: A list of threats to be skipped
type: list
skip_threats_filter_categories:
description: Define which categories of threats are skipped
type: list
skipav:
description: Skip the Antivirus Scanning
type: bool
skipbadclients:
description: Block clients with bad reputation
type: bool
skipcookie:
description: Skip the Cookie Signing check
type: bool
skipform:
description: Enable form hardening
type: bool
skipform_missingtoken:
description: Enable form hardening with missing tokens
type: bool
skiphtmlrewrite:
description: Protection against SQL
type: bool
skiptft:
description: Enable true file type control
type: bool
skipurl:
description: Enable static URL hardening
type: bool
source:
description: Define which categories of threats are skipped
type: list
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/exception"
key_to_check_for_changes = ["op", "path", "skip_custom_threats_filters", "skip_threats_filter_categories", "skipav",
"comment", "skipbadclients", "skipcookie", "skipform", "status", "skipform_missingtoken",
"skiphtmlrewrite", "skiptft", "skipurl", "source"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
op=dict(type='str', required=False, default='AND', choices=['AND', 'OR']),
path=dict(type='list', elements='string', required=False, default=[]),
skip_custom_threats_filters=dict(type='list', elements='string', required=False, default=[]),
skip_threats_filter_categories=dict(type='list', elements='string', required=False, default=[]),
skipav=dict(type='bool', required=False, default=False),
skipbadclients=dict(type='bool', required=False, default=False),
skipcookie=dict(type='bool', required=False, default=False),
skipform=dict(type='bool', required=False, default=False),
skipform_missingtoken=dict(type='bool', required=False, default=False),
skiphtmlrewrite=dict(type='bool', required=False, default=False),
skiptft=dict(type='bool', required=False, default=False),
skipurl=dict(type='bool', required=False, default=False),
source=dict(type='list', elements='string', required=False, default=[]),
status=dict(type='bool', required=False, default=True),
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

268
plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend.py Normal file
View file

@ -0,0 +1,268 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_proxy_frontend
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: create, update or destroy reverse_proxy frontend entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy frontend entry in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
add_content_type_header :
description:
- Whether to add the content type header or not
type: bool
default: False
address:
description:
- The reference name of the network/interface_address object.
default: REF_DefaultInternalAddress
allowed_networks:
description:
- A list of reference names for the allowed networks.
default: ['REF_NetworkAny']
certificate:
description:
- The reference name of the ca/host_key_cert object.
default: ""
comment:
description:
- An optional comment to add to the object
default: ""
disable_compression:
description:
- Whether to enable the compression
type: bool
default: False
domain:
description:
- A list of domain names for the frontend object
exceptions:
description:
- A list of exception ref names (reverse_proxy/exception)
default: []
htmlrewrite:
description:
- Whether to enable html rewrite or not
type: bool
default: False
htmlrewrite_cookies:
description:
- Whether to enable html rewrite cookie or not
type: bool
default: False
implicitredirect:
description:
- Whether to enable implicit redirection or not
type: bool
default: False
lbmethod:
description:
- Which loadbalancer method should be used
choices:
- ""
- bybusyness
- bytraffic
- byrequests
default: bybusyness
locations:
description:
- A list of location ref names (reverse_proxy/location)
default: []
port:
description:
- The frontend http port
default: 80
preservehost:
description:
- Whether to preserve host header
type: bool
default: False
profile:
description:
- The reference string of the reverse_proxy/profile
default: ""
status:
description:
- Whether to activate the frontend entry or not
type: bool
default: True
type:
description:
- Which protocol should be used
choices:
- http
- https
default: http
xheaders:
description:
- Whether to pass the host header or not
type: bool
default: False
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create utm proxy_frontend
utm_proxy_frontend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestFrontendEntry
host: REF_OBJECT_STRING
state: present
- name: Remove utm proxy_frontend
utm_proxy_frontend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestFrontendEntry
state: absent
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
add_content_type_header:
description: Whether to add the content type header
type: bool
address:
description: The reference name of the address
type: str
allowed_networks:
description: List of reference names of networks associated
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert)
type: str
comment:
description: The comment string
type: str
disable_compression:
description: State of compression support
type: bool
domain:
description: List of hostnames
type: list
exceptions:
description: List of associated proxy exceptions
type: list
htmlrewrite:
description: State of html rewrite
type: bool
htmlrewrite_cookies:
description: Whether the html rewrite cookie will be set
type: bool
implicitredirect:
description: Whether to use implicit redirection
type: bool
lbmethod:
description: The method of loadbalancer to use
type: str
locations:
description: The reference names of reverse_proxy/locations associated with the object
type: list
port:
description: The port of the frontend connection
type: int
preservehost:
description: Preserve host header
type: bool
profile:
description: The associated reverse_proxy/profile
type: str
status:
description: Whether the frontend object is active or not
type: bool
type:
description: The connection type
type: str
xheaders:
description: The xheaders state
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/frontend"
key_to_check_for_changes = ["add_content_type_header", "address", "allowed_networks", "certificate",
"comment", "disable_compression", "domain", "exceptions", "htmlrewrite",
"htmlrewrite_cookies", "implicitredirect", "lbmethod", "locations",
"port", "preservehost", "profile", "status", "type", "xheaders"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
add_content_type_header=dict(type='bool', required=False, default=False),
address=dict(type='str', required=False, default="REF_DefaultInternalAddress"),
allowed_networks=dict(type='list', elements='str', required=False, default=["REF_NetworkAny"]),
certificate=dict(type='str', required=False, default=""),
comment=dict(type='str', required=False, default=""),
disable_compression=dict(type='bool', required=False, default=False),
domain=dict(type='list', elements='str', required=False),
exceptions=dict(type='list', elements='str', required=False, default=[]),
htmlrewrite=dict(type='bool', required=False, default=False),
htmlrewrite_cookies=dict(type='bool', required=False, default=False),
implicitredirect=dict(type='bool', required=False, default=False),
lbmethod=dict(type='str', required=False, default="bybusyness",
choices=['bybusyness', 'bytraffic', 'byrequests', '']),
locations=dict(type='list', elements='str', required=False, default=[]),
port=dict(type='int', required=False, default=80),
preservehost=dict(type='bool', required=False, default=False),
profile=dict(type='str', required=False, default=""),
status=dict(type='bool', required=False, default=True),
type=dict(type='str', required=False, default="http", choices=['http', 'https']),
xheaders=dict(type='bool', required=False, default=False),
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

146
plugins/modules/web_infrastructure/sophos_utm/utm_proxy_frontend_info.py Normal file
View file

@ -0,0 +1,146 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_proxy_frontend_info
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: create, update or destroy reverse_proxy frontend entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy frontend entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Get utm proxy_frontend
utm_proxy_frontend_info:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestBackendEntry
host: REF_OBJECT_STRING
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
add_content_type_header:
description: Whether to add the content type header
type: bool
address:
description: The reference name of the address
type: str
allowed_networks:
description: List of reference names of networks associated
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert)
type: str
comment:
description: The comment string
type: str
disable_compression:
description: State of compression support
type: bool
domain:
description: List of hostnames
type: list
exceptions:
description: List of associated proxy exceptions
type: list
htmlrewrite:
description: State of html rewrite
type: bool
htmlrewrite_cookies:
description: whether the html rewrite cookie will be set
type: bool
implicitredirect:
description: whether to use implicit redirection
type: bool
lbmethod:
description: The method of loadbalancer to use
type: str
locations:
description: The reference names of reverse_proxy/locations associated with the object
type: list
port:
description: The port of the frontend connection
type: int
preservehost:
description: Preserve host header
type: bool
profile:
description: The associated reverse_proxy/profile
type: str
status:
description: Whether the frontend object is active or not
type: bool
type:
description: The connection type
type: str
xheaders:
description: The xheaders state
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/frontend"
key_to_check_for_changes = []
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True)
)
)
try:
UTM(module, endpoint, key_to_check_for_changes, info_only=True).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

209
plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location.py Normal file
View file

@ -0,0 +1,209 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_proxy_location
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: create, update or destroy reverse_proxy location entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy location entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
access_control:
description:
- whether to activate the access control for the location
type: str
default: '0'
choices:
- '0'
- '1'
allowed_networks:
description:
- A list of allowed networks
type: list
default: REF_NetworkAny
auth_profile:
description:
- The reference name of the auth profile
backend:
description:
- A list of backends that are connected with this location declaration
default: []
be_path:
description:
- The path of the backend
comment:
description:
- The optional comment string
denied_networks:
description:
- A list of denied network references
default: []
hot_standby:
description:
- Activate hot standby mode
type: bool
default: False
path:
description:
- The path of the location
default: "/"
status:
description:
- Whether the location is active or not
type: bool
default: True
stickysession_id:
description:
- The stickysession id
default: ROUTEID
stickysession_status:
description:
- Enable the stickysession
type: bool
default: False
websocket_passthrough:
description:
- Enable the websocket passthrough
type: bool
default: False
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Create UTM proxy_location
utm_proxy_backend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestLocationEntry
backend: REF_OBJECT_STRING
state: present
- name: Remove UTM proxy_location
utm_proxy_backend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestLocationEntry
state: absent
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
access_control:
description: Whether to use access control state
type: str
allowed_networks:
description: List of allowed network reference names
type: list
auth_profile:
description: The auth profile reference name
type: str
backend:
description: The backend reference name
type: str
be_path:
description: The backend path
type: str
comment:
description: The comment string
type: str
denied_networks:
description: The list of the denied network names
type: list
hot_standby:
description: Use hot standy
type: bool
path:
description: Path name
type: str
status:
description: Whether the object is active or not
type: bool
stickysession_id:
description: The identifier of the stickysession
type: str
stickysession_status:
description: Whether to use stickysession or not
type: bool
websocket_passthrough:
description: Whether websocket passthrough will be used or not
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/location"
key_to_check_for_changes = ["access_control", "allowed_networks", "auth_profile", "backend", "be_path", "comment",
"denied_networks", "hot_standby", "path", "status", "stickysession_id",
"stickysession_status", "websocket_passthrough"]
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True),
access_control=dict(type='str', required=False, default="0", choices=['0', '1']),
allowed_networks=dict(type='list', elements='str', required=False, default=['REF_NetworkAny']),
auth_profile=dict(type='str', required=False, default=""),
backend=dict(type='list', elements='str', required=False, default=[]),
be_path=dict(type='str', required=False, default=""),
comment=dict(type='str', required=False, default=""),
denied_networks=dict(type='list', elements='str', required=False, default=[]),
hot_standby=dict(type='bool', required=False, default=False),
path=dict(type='str', required=False, default="/"),
status=dict(type='bool', required=False, default=True),
stickysession_id=dict(type='str', required=False, default='ROUTEID'),
stickysession_status=dict(type='bool', required=False, default=False),
websocket_passthrough=dict(type='bool', required=False, default=False),
)
)
try:
UTM(module, endpoint, key_to_check_for_changes).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()

127
plugins/modules/web_infrastructure/sophos_utm/utm_proxy_location_info.py Normal file
View file

@ -0,0 +1,127 @@
#!/usr/bin/python
# Copyright: (c) 2018, Johannes Brunswicker <johannes.brunswicker@gmail.com>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import absolute_import, division, print_function
__metaclass__ = type
ANSIBLE_METADATA = {
'metadata_version': '1.1',
'status': ['preview'],
'supported_by': 'community'
}
DOCUMENTATION = '''
---
module: utm_proxy_location_info
author:
- Johannes Brunswicker (@MatrixCrawler)
short_description: create, update or destroy reverse_proxy location entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy location entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
extends_documentation_fragment:
- community.general.utm
'''
EXAMPLES = """
- name: Remove UTM proxy_location
utm_proxy_location_info:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestLocationEntry
"""
RETURN = """
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
access_control:
description: Whether to use access control state
type: str
allowed_networks:
description: List of allowed network reference names
type: list
auth_profile:
description: The auth profile reference name
type: str
backend:
description: The backend reference name
type: str
be_path:
description: The backend path
type: str
comment:
description: The comment string
type: str
denied_networks:
description: The list of the denied network names
type: list
hot_standby:
description: Use hot standy
type: bool
path:
description: Path name
type: str
status:
description: Whether the object is active or not
type: bool
stickysession_id:
description: The identifier of the stickysession
type: str
stickysession_status:
description: Whether to use stickysession or not
type: bool
websocket_passthrough:
description: Whether websocket passthrough will be used or not
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
from ansible.module_utils._text import to_native
def main():
endpoint = "reverse_proxy/location"
key_to_check_for_changes = []
module = UTMModule(
argument_spec=dict(
name=dict(type='str', required=True)
)
)
try:
UTM(module, endpoint, key_to_check_for_changes, info_only=True).execute()
except Exception as e:
module.fail_json(msg=to_native(e))
if __name__ == '__main__':
main()