#!/usr/bin/python # -*- coding: utf-8 -*- # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) from __future__ import absolute_import, division, print_function __metaclass__ = type DOCUMENTATION = ''' --- module: nios_nsgroup short_description: Configure InfoBlox DNS Nameserver Groups extends_documentation_fragment: - community.general.nios author: - Erich Birngruber (@ebirn) - Sumit Jaiswal (@sjaiswal) description: - Adds and/or removes nameserver groups form Infoblox NIOS servers. This module manages NIOS C(nsgroup) objects using the Infoblox. WAPI interface over REST. requirements: - infoblox_client options: name: description: - Specifies the name of the NIOS nameserver group to be managed. required: true grid_primary: description: - This host is to be used as primary server in this nameserver group. It must be a grid member. This option is required when setting I(use_external_primaries) to C(false). type: list elements: dict suboptions: name: description: - Provide the name of the grid member to identify the host. required: true enable_preferred_primaries: description: - This flag represents whether the preferred_primaries field values of this member are used (see Infoblox WAPI docs). default: false type: bool grid_replicate: description: - Use DNS zone transfers if set to C(True) or ID Grid Replication if set to C(False). type: bool default: false lead: description: - This flag controls if the grid lead secondary nameserver performs zone transfers to non lead secondaries. type: bool default: false stealth: description: - Configure the external nameserver as stealth server (without NS record) in the zones. type: bool default: false preferred_primaries: description: - Provide a list of elements like in I(external_primaries) to set the precedence of preferred primary nameservers. type: list elements: dict grid_secondaries: description: - Configures the list of grid member hosts that act as secondary nameservers. This option is required when setting I(use_external_primaries) to C(true). type: list elements: dict suboptions: name: description: - Provide the name of the grid member to identify the host. required: true enable_preferred_primaries: description: - This flag represents whether the preferred_primaries field values of this member are used (see Infoblox WAPI docs). default: false type: bool grid_replicate: description: - Use DNS zone transfers if set to C(True) or ID Grid Replication if set to C(False) type: bool default: false lead: description: - This flag controls if the grid lead secondary nameserver performs zone transfers to non lead secondaries. type: bool default: false stealth: description: - Configure the external nameserver as stealth server (without NS record) in the zones. type: bool default: false preferred_primaries: description: - Provide a list of elements like in I(external_primaries) to set the precedence of preferred primary nameservers. type: list elements: dict is_grid_default: description: - If set to C(True) this nsgroup will become the default nameserver group for new zones. type: bool required: false default: false use_external_primary: description: - This flag controls whether the group is using an external primary nameserver. Note that modification of this field requires passing values for I(grid_secondaries) and I(external_primaries). type: bool required: false default: false external_primaries: description: - Configures a list of external nameservers (non-members of the grid). This option is required when setting I(use_external_primaries) to C(true). type: list elements: dict suboptions: address: description: - Configures the IP address of the external nameserver required: true name: description: - Set a label for the external nameserver required: true stealth: description: - Configure the external nameserver as stealth server (without NS record) in the zones. type: bool default: false tsig_key_name: description: - Sets a label for the I(tsig_key) value tsig_key_alg: description: - Provides the algorithm used for the I(tsig_key) in use. choices: ['HMAC-MD5', 'HMAC-SHA256'] default: 'HMAC-MD5' tsig_key: description: - Set a DNS TSIG key for the nameserver to secure zone transfers (AFXRs). required: false external_secondaries: description: - Allows to provide a list of external secondary nameservers, that are not members of the grid. type: list elements: dict suboptions: address: description: - Configures the IP address of the external nameserver required: true name: description: - Set a label for the external nameserver required: true stealth: description: - Configure the external nameserver as stealth server (without NS record) in the zones. type: bool default: false tsig_key_name: description: - Sets a label for the I(tsig_key) value tsig_key_alg: description: - Provides the algorithm used for the I(tsig_key) in use. choices: ['HMAC-MD5', 'HMAC-SHA256'] default: 'HMAC-MD5' tsig_key: description: - Set a DNS TSIG key for the nameserver to secure zone transfers (AFXRs). extattrs: description: - Allows for the configuration of Extensible Attributes on the instance of the object. This argument accepts a set of key / value pairs for configuration. required: false comment: description: - Configures a text string comment to be associated with the instance of this object. The provided text string will be configured on the object instance. required: false state: description: - Configures the intended state of the instance of the object on the NIOS server. When this value is set to C(present), the object is configured on the device and when this value is set to C(absent) the value is removed (if necessary) from the device. choices: [present, absent] default: present ''' EXAMPLES = ''' - name: Create simple infoblox nameserver group community.general.nios_nsgroup: name: my-simple-group comment: "this is a simple nameserver group" grid_primary: - name: infoblox-test.example.com state: present provider: host: "{{ inventory_hostname_short }}" username: admin password: admin connection: local - name: Create infoblox nameserver group with external primaries community.general.nios_nsgroup: name: my-example-group use_external_primary: true comment: "this is my example nameserver group" external_primaries: "{{ ext_nameservers }}" grid_secondaries: - name: infoblox-test.example.com lead: True preferred_primaries: "{{ ext_nameservers }}" state: present provider: host: "{{ inventory_hostname_short }}" username: admin password: admin connection: local - name: Delete infoblox nameserver group community.general.nios_nsgroup: name: my-simple-group comment: "this is a simple nameserver group" grid_primary: - name: infoblox-test.example.com state: absent provider: host: "{{ inventory_hostname_short }}" username: admin password: admin connection: local ''' RETURN = ''' # ''' from ansible.module_utils.basic import AnsibleModule from ansible_collections.community.general.plugins.module_utils.net_tools.nios.api import WapiModule from ansible_collections.community.general.plugins.module_utils.net_tools.nios.api import NIOS_NSGROUP # from infoblox documentation # Fields List # Field Type Req R/O Base Search # comment String N N Y : = ~ # extattrs Extattr N N N ext # external_primaries [struct] N N N N/A # external_secondaries [struct] N N N N/A # grid_primary [struct] N N N N/A # grid_secondaries [struct] N N N N/A # is_grid_default Bool N N N N/A # is_multimaster Bool N Y N N/A # name String Y N Y : = ~ # use_external_primary Bool N N N N/A def main(): '''entrypoint for module execution.''' argument_spec = dict( provider=dict(required=True), state=dict(default='present', choices=['present', 'absent']), ) # cleanup tsig fields def clean_tsig(ext): if 'tsig_key' in ext and not ext['tsig_key']: del ext['tsig_key'] if 'tsig_key' not in ext and 'tsig_key_name' in ext and not ext['tsig_key_name']: del ext['tsig_key_name'] if 'tsig_key' not in ext and 'tsig_key_alg' in ext: del ext['tsig_key_alg'] def clean_grid_member(member): if member['preferred_primaries']: for ext in member['preferred_primaries']: clean_tsig(ext) if member['enable_preferred_primaries'] is False: del member['enable_preferred_primaries'] del member['preferred_primaries'] if member['lead'] is False: del member['lead'] if member['grid_replicate'] is False: del member['grid_replicate'] def ext_primaries_transform(module): if module.params['external_primaries']: for ext in module.params['external_primaries']: clean_tsig(ext) return module.params['external_primaries'] def ext_secondaries_transform(module): if module.params['external_secondaries']: for ext in module.params['external_secondaries']: clean_tsig(ext) return module.params['external_secondaries'] def grid_primary_preferred_transform(module): for member in module.params['grid_primary']: clean_grid_member(member) return module.params['grid_primary'] def grid_secondaries_preferred_primaries_transform(module): for member in module.params['grid_secondaries']: clean_grid_member(member) return module.params['grid_secondaries'] extserver_spec = dict( address=dict(required=True, ib_req=True), name=dict(required=True, ib_req=True), stealth=dict(type='bool', default=False), tsig_key=dict(no_log=True), tsig_key_alg=dict(choices=['HMAC-MD5', 'HMAC-SHA256'], default='HMAC-MD5'), tsig_key_name=dict(required=True) ) memberserver_spec = dict( name=dict(required=True, ib_req=True), enable_preferred_primaries=dict(type='bool', default=False), grid_replicate=dict(type='bool', default=False), lead=dict(type='bool', default=False), preferred_primaries=dict(type='list', elements='dict', options=extserver_spec, default=[]), stealth=dict(type='bool', default=False), ) ib_spec = dict( name=dict(required=True, ib_req=True), grid_primary=dict(type='list', elements='dict', options=memberserver_spec, transform=grid_primary_preferred_transform), grid_secondaries=dict(type='list', elements='dict', options=memberserver_spec, transform=grid_secondaries_preferred_primaries_transform), external_primaries=dict(type='list', elements='dict', options=extserver_spec, transform=ext_primaries_transform), external_secondaries=dict(type='list', elements='dict', options=extserver_spec, transform=ext_secondaries_transform), is_grid_default=dict(type='bool', default=False), use_external_primary=dict(type='bool', default=False), extattrs=dict(), comment=dict(), ) argument_spec.update(ib_spec) argument_spec.update(WapiModule.provider_spec) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) wapi = WapiModule(module) result = wapi.run(NIOS_NSGROUP, ib_spec) module.exit_json(**result) if __name__ == '__main__': main()