mirror of
https://github.com/ansible-collections/community.general.git
synced 2026-02-04 16:01:55 +00:00
314 lines
9.8 KiB
Python
314 lines
9.8 KiB
Python
#!/usr/bin/python
|
|
|
|
# This module is proudly sponsored by CGI (www.cgi.com) and
|
|
# KPN (www.kpn.com).
|
|
# Copyright (c) Ansible project
|
|
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
from __future__ import annotations
|
|
|
|
|
|
DOCUMENTATION = r"""
|
|
module: icinga2_host
|
|
short_description: Manage a host in Icinga2
|
|
description:
|
|
- Add or remove a host to Icinga2 through the API.
|
|
- See U(https://www.icinga.com/docs/icinga2/latest/doc/12-icinga2-api/).
|
|
author: "Jurgen Brand (@t794104)"
|
|
attributes:
|
|
check_mode:
|
|
support: full
|
|
diff_mode:
|
|
support: none
|
|
options:
|
|
url:
|
|
type: str
|
|
description:
|
|
- HTTP, HTTPS, or FTP URL in the form V((http|https|ftp\)://[user[:pass]]@host.domain[:port]/path).
|
|
use_proxy:
|
|
description:
|
|
- If V(false), it does not use a proxy, even if one is defined in an environment variable on the target hosts.
|
|
type: bool
|
|
default: true
|
|
validate_certs:
|
|
description:
|
|
- If V(false), SSL certificates are not validated. This should only be used on personally controlled sites using self-signed
|
|
certificates.
|
|
type: bool
|
|
default: true
|
|
url_username:
|
|
type: str
|
|
description:
|
|
- The username for use in HTTP basic authentication.
|
|
- This parameter can be used without O(url_password) for sites that allow empty passwords.
|
|
url_password:
|
|
type: str
|
|
description:
|
|
- The password for use in HTTP basic authentication.
|
|
- If the O(url_username) parameter is not specified, the O(url_password) parameter is not used.
|
|
force_basic_auth:
|
|
description:
|
|
- C(httplib2), the library used by Ansible's HTTP request code only sends authentication information when a webservice
|
|
responds to an initial request with a 401 status. Since some basic auth services do not properly send a 401, logins
|
|
may fail. This option forces the sending of the Basic authentication header upon initial request.
|
|
type: bool
|
|
default: false
|
|
client_cert:
|
|
type: path
|
|
description:
|
|
- PEM formatted certificate chain file to be used for SSL client authentication. This file can also include the key
|
|
as well, and if the key is included, O(client_key) is not required.
|
|
client_key:
|
|
type: path
|
|
description:
|
|
- PEM formatted file that contains your private key to be used for SSL client authentication. If O(client_cert) contains
|
|
both the certificate and key, this option is not required.
|
|
state:
|
|
type: str
|
|
description:
|
|
- Apply feature state.
|
|
choices: ["present", "absent"]
|
|
default: present
|
|
name:
|
|
type: str
|
|
description:
|
|
- Name used to create / delete the host. This does not need to be the FQDN, but does needs to be unique.
|
|
required: true
|
|
aliases: [host]
|
|
zone:
|
|
type: str
|
|
description:
|
|
- The zone from where this host should be polled.
|
|
template:
|
|
type: str
|
|
description:
|
|
- The template used to define the host.
|
|
- Template cannot be modified after object creation.
|
|
check_command:
|
|
type: str
|
|
description:
|
|
- The command used to check if the host is alive.
|
|
default: "hostalive"
|
|
display_name:
|
|
type: str
|
|
description:
|
|
- The name used to display the host.
|
|
- If not specified, it defaults to the value of the O(name) parameter.
|
|
ip:
|
|
type: str
|
|
description:
|
|
- The IP address of the host.
|
|
- This is no longer required since community.general 8.0.0.
|
|
variables:
|
|
type: dict
|
|
description:
|
|
- Dictionary of variables.
|
|
extends_documentation_fragment:
|
|
- ansible.builtin.url
|
|
- community.general.attributes
|
|
"""
|
|
|
|
EXAMPLES = r"""
|
|
- name: Add host to icinga
|
|
community.general.icinga2_host:
|
|
url: "https://icinga2.example.com"
|
|
url_username: "ansible"
|
|
url_password: "a_secret"
|
|
state: present
|
|
name: "{{ ansible_fqdn }}"
|
|
ip: "{{ ansible_default_ipv4.address }}"
|
|
variables:
|
|
foo: "bar"
|
|
delegate_to: 127.0.0.1
|
|
"""
|
|
|
|
RETURN = r"""
|
|
name:
|
|
description: The name used to create, modify or delete the host.
|
|
type: str
|
|
returned: always
|
|
data:
|
|
description: The data structure used for create, modify or delete of the host.
|
|
type: dict
|
|
returned: always
|
|
"""
|
|
|
|
import json
|
|
|
|
from ansible.module_utils.basic import AnsibleModule
|
|
from ansible.module_utils.urls import fetch_url, url_argument_spec
|
|
|
|
|
|
# ===========================================
|
|
# Icinga2 API class
|
|
#
|
|
class icinga2_api:
|
|
module = None
|
|
|
|
def __init__(self, module):
|
|
self.module = module
|
|
|
|
def call_url(self, path, data="", method="GET"):
|
|
headers = {
|
|
"Accept": "application/json",
|
|
"X-HTTP-Method-Override": method,
|
|
}
|
|
url = f"{self.module.params.get('url')}/{path}"
|
|
rsp, info = fetch_url(
|
|
module=self.module,
|
|
url=url,
|
|
data=data,
|
|
headers=headers,
|
|
method=method,
|
|
use_proxy=self.module.params["use_proxy"],
|
|
)
|
|
body = ""
|
|
if rsp:
|
|
body = json.loads(rsp.read())
|
|
if info["status"] >= 400:
|
|
body = info["body"]
|
|
return {"code": info["status"], "data": body}
|
|
|
|
def check_connection(self):
|
|
ret = self.call_url("v1/status")
|
|
if ret["code"] == 200:
|
|
return True
|
|
return False
|
|
|
|
def exists(self, hostname):
|
|
data = {
|
|
"filter": f'match("{hostname}", host.name)',
|
|
}
|
|
ret = self.call_url(path="v1/objects/hosts", data=self.module.jsonify(data))
|
|
if ret["code"] == 200:
|
|
if len(ret["data"]["results"]) == 1:
|
|
return True
|
|
return False
|
|
|
|
def create(self, hostname, data):
|
|
ret = self.call_url(path=f"v1/objects/hosts/{hostname}", data=self.module.jsonify(data), method="PUT")
|
|
return ret
|
|
|
|
def delete(self, hostname):
|
|
data = {"cascade": 1}
|
|
ret = self.call_url(path=f"v1/objects/hosts/{hostname}", data=self.module.jsonify(data), method="DELETE")
|
|
return ret
|
|
|
|
def modify(self, hostname, data):
|
|
ret = self.call_url(path=f"v1/objects/hosts/{hostname}", data=self.module.jsonify(data), method="POST")
|
|
return ret
|
|
|
|
def diff(self, hostname, data):
|
|
ret = self.call_url(path=f"v1/objects/hosts/{hostname}", method="GET")
|
|
changed = False
|
|
ic_data = ret["data"]["results"][0]
|
|
for key in data["attrs"]:
|
|
if key not in ic_data["attrs"].keys():
|
|
changed = True
|
|
elif data["attrs"][key] != ic_data["attrs"][key]:
|
|
changed = True
|
|
return changed
|
|
|
|
|
|
# ===========================================
|
|
# Module execution.
|
|
#
|
|
def main():
|
|
# use the predefined argument spec for url
|
|
argument_spec = url_argument_spec()
|
|
# add our own arguments
|
|
argument_spec.update(
|
|
state=dict(default="present", choices=["absent", "present"]),
|
|
name=dict(required=True, aliases=["host"]),
|
|
zone=dict(),
|
|
template=dict(),
|
|
check_command=dict(default="hostalive"),
|
|
display_name=dict(),
|
|
ip=dict(),
|
|
variables=dict(type="dict"),
|
|
)
|
|
|
|
# Define the main module
|
|
module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True)
|
|
|
|
state = module.params["state"]
|
|
name = module.params["name"]
|
|
zone = module.params["zone"]
|
|
template = []
|
|
if module.params["template"]:
|
|
template = [module.params["template"]]
|
|
check_command = module.params["check_command"]
|
|
ip = module.params["ip"]
|
|
display_name = module.params["display_name"]
|
|
if not display_name:
|
|
display_name = name
|
|
variables = module.params["variables"]
|
|
|
|
try:
|
|
icinga = icinga2_api(module=module)
|
|
icinga.check_connection()
|
|
except Exception as e:
|
|
module.fail_json(msg=f"unable to connect to Icinga. Exception message: {e}")
|
|
|
|
data = {
|
|
"templates": template,
|
|
"attrs": {
|
|
"address": ip,
|
|
"display_name": display_name,
|
|
"check_command": check_command,
|
|
"zone": zone,
|
|
"vars.made_by": "ansible",
|
|
},
|
|
}
|
|
data["attrs"].update({f"vars.{key}": value for key, value in variables.items()})
|
|
|
|
changed = False
|
|
if icinga.exists(name):
|
|
if state == "absent":
|
|
if module.check_mode:
|
|
module.exit_json(changed=True, name=name, data=data)
|
|
else:
|
|
try:
|
|
ret = icinga.delete(name)
|
|
if ret["code"] == 200:
|
|
changed = True
|
|
else:
|
|
module.fail_json(msg=f"bad return code ({ret['code']}) deleting host: '{ret['data']}'")
|
|
except Exception as e:
|
|
module.fail_json(msg=f"exception deleting host: {e}")
|
|
|
|
elif icinga.diff(name, data):
|
|
if module.check_mode:
|
|
module.exit_json(changed=False, name=name, data=data)
|
|
|
|
# Template attribute is not allowed in modification
|
|
del data["templates"]
|
|
|
|
ret = icinga.modify(name, data)
|
|
|
|
if ret["code"] == 200:
|
|
changed = True
|
|
else:
|
|
module.fail_json(msg=f"bad return code ({ret['code']}) modifying host: '{ret['data']}'")
|
|
|
|
else:
|
|
if state == "present":
|
|
if module.check_mode:
|
|
changed = True
|
|
else:
|
|
try:
|
|
ret = icinga.create(name, data)
|
|
if ret["code"] == 200:
|
|
changed = True
|
|
else:
|
|
module.fail_json(msg=f"bad return code ({ret['code']}) creating host: '{ret['data']}'")
|
|
except Exception as e:
|
|
module.fail_json(msg=f"exception creating host: {e}")
|
|
|
|
module.exit_json(changed=changed, name=name, data=data)
|
|
|
|
|
|
# import module snippets
|
|
if __name__ == "__main__":
|
|
main()
|