You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
116 lines
3.0 KiB
Python
116 lines
3.0 KiB
Python
4 years ago
|
#!/usr/bin/python
|
||
|
|
||
|
# Copyright: (c) 2018, Terry Jones <terry.jones@example.org>
|
||
|
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
||
|
from __future__ import (absolute_import, division, print_function)
|
||
|
__metaclass__ = type
|
||
|
|
||
|
DOCUMENTATION = r'''
|
||
|
---
|
||
|
module: tsig_interpreter
|
||
|
|
||
|
short_description: Reads BIND9 tsig key files and outputs content to register
|
||
|
|
||
|
# If this is part of a collection, you need to use semantic versioning,
|
||
|
# i.e. the version is of the form "2.5.0" and not "2.4".
|
||
|
version_added: "1.0.0"
|
||
|
|
||
|
description: This is my longer description explaining my test module.
|
||
|
|
||
|
options:
|
||
|
path:
|
||
|
description: Path the keyfile should be found
|
||
|
required: true
|
||
|
type: str
|
||
|
aliases:
|
||
|
- file
|
||
|
- key_file
|
||
|
|
||
|
author:
|
||
|
- Felix Stupp (@zocker1999net)
|
||
|
'''
|
||
|
|
||
|
EXAMPLES = r'''
|
||
|
# Gain and use key
|
||
|
- name: Gain key
|
||
|
my_namespace.my_collection.tsig_interpreter:
|
||
|
path: '/etc/bind/rndc.key'
|
||
|
register: key_data
|
||
|
|
||
|
- name: Use key
|
||
|
nsupdate:
|
||
|
key_algorithm: key_data.key_algorithm
|
||
|
key_name: key_data.key_name
|
||
|
key_secret: key_data.key_secret
|
||
|
'''
|
||
|
|
||
|
RETURN = r'''
|
||
|
key_algorithm:
|
||
|
description: The algorithm used for the key
|
||
|
type: str
|
||
|
returned: always
|
||
|
sample: 'hmac-md5'
|
||
|
key_file:
|
||
|
description: The file that contained the extracted key
|
||
|
type: str
|
||
|
returned: always
|
||
|
sample: '/my/path/my.key'
|
||
|
key_name:
|
||
|
description: The name of the key
|
||
|
type: str
|
||
|
returned: always
|
||
|
sample: 'key.example.com'
|
||
|
key_secret:
|
||
|
description: The secret of the key
|
||
|
type: str
|
||
|
returned: always
|
||
|
sample: 'ABCDEFG=='
|
||
|
'''
|
||
|
|
||
|
import os
|
||
|
import re
|
||
|
|
||
|
from ansible.module_utils.basic import AnsibleModule
|
||
|
|
||
|
def main():
|
||
|
content_regex = re.compile(r'^\s*key\s+"?(?P<name>[^"\s{};]+)"?\s+\{\s*algorithm\s+"?(?P<algo>[^"\s{};]+)"?\s*;\s*secret\s+"?(?P<secret>[^"\s{};]+)"?\s*;\s*}\s*;\s*$')
|
||
|
module_args = {
|
||
|
"path": {
|
||
|
"type": "str",
|
||
|
"required": True,
|
||
|
"aliases": ["file", "key_file"],
|
||
|
},
|
||
|
}
|
||
|
module = AnsibleModule(
|
||
|
argument_spec=module_args,
|
||
|
supports_check_mode=True, # ignored because only data is retrieved
|
||
|
)
|
||
|
# get params
|
||
|
path = module.params["path"]
|
||
|
# prepare result
|
||
|
result = {
|
||
|
"changed": False,
|
||
|
"key_file": path,
|
||
|
}
|
||
|
# check file
|
||
|
if not os.path.exists(path):
|
||
|
module.fail_json(msg="file not found: %s" % path)
|
||
|
if not os.access(path, os.R_OK):
|
||
|
module.fail_json(msg="file is not readable: %s" % path)
|
||
|
# gain content
|
||
|
with open(path, 'r') as fh:
|
||
|
content = fh.read()
|
||
|
# interpret content
|
||
|
content = content.replace("\n", " ")
|
||
|
match = content_regex.match(content)
|
||
|
if not match:
|
||
|
module.fail_json(msg="content of file not in expected syntax: %s" % path)
|
||
|
result["key_algorithm"] = match.group("algo")
|
||
|
result["key_name"] = match.group("name")
|
||
|
result["key_secret"] = match.group("secret")
|
||
|
# exit
|
||
|
module.exit_json(**result)
|
||
|
|
||
|
if __name__ == '__main__':
|
||
|
main()
|