Added module tsig_interpreter

In preperation to use nsupdate module
4 years ago · 213864f32e
parent 17cb2fdac5
commit 213864f32e
1 changed files with 115 additions and 0 deletions
--- a/library/tsig_interpreter.py
+++ b/library/tsig_interpreter.py
@ -0,0 +1,115 @@
+#!/usr/bin/python
+
+# Copyright: (c) 2018, Terry Jones <terry.jones@example.org>
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+from __future__ import (absolute_import, division, print_function)
+__metaclass__ = type
+
+DOCUMENTATION = r'''
+---
+module: tsig_interpreter
+
+short_description: Reads BIND9 tsig key files and outputs content to register
+
+# If this is part of a collection, you need to use semantic versioning,
+# i.e. the version is of the form "2.5.0" and not "2.4".
+version_added: "1.0.0"
+
+description: This is my longer description explaining my test module.
+
+options:
+    path:
+        description: Path the keyfile should be found
+        required: true
+        type: str
+        aliases:
+            - file
+            - key_file
+
+author:
+    - Felix Stupp (@zocker1999net)
+'''
+
+EXAMPLES = r'''
+# Gain and use key
+- name: Gain key
+  my_namespace.my_collection.tsig_interpreter:
+    path: '/etc/bind/rndc.key'
+  register: key_data
+
+- name: Use key
+  nsupdate:
+    key_algorithm: key_data.key_algorithm
+    key_name: key_data.key_name
+    key_secret: key_data.key_secret
+'''
+
+RETURN = r'''
+key_algorithm:
+    description: The algorithm used for the key
+    type: str
+    returned: always
+    sample: 'hmac-md5'
+key_file:
+    description: The file that contained the extracted key
+    type: str
+    returned: always
+    sample: '/my/path/my.key'
+key_name:
+    description: The name of the key
+    type: str
+    returned: always
+    sample: 'key.example.com'
+key_secret:
+    description: The secret of the key
+    type: str
+    returned: always
+    sample: 'ABCDEFG=='
+'''
+
+import os
+import re
+
+from ansible.module_utils.basic import AnsibleModule
+
+def main():
+    content_regex = re.compile(r'^\s*key\s+"?(?P<name>[^"\s{};]+)"?\s+\{\s*algorithm\s+"?(?P<algo>[^"\s{};]+)"?\s*;\s*secret\s+"?(?P<secret>[^"\s{};]+)"?\s*;\s*}\s*;\s*$')
+    module_args = {
+        "path": {
+            "type": "str",
+            "required": True,
+            "aliases": ["file", "key_file"],
+        },
+    }
+    module = AnsibleModule(
+        argument_spec=module_args,
+        supports_check_mode=True, # ignored because only data is retrieved
+    )
+    # get params
+    path = module.params["path"]
+    # prepare result
+    result = {
+        "changed": False,
+        "key_file": path,
+    }
+    # check file
+    if not os.path.exists(path):
+        module.fail_json(msg="file not found: %s" % path)
+    if not os.access(path, os.R_OK):
+        module.fail_json(msg="file is not readable: %s" % path)
+    # gain content
+    with open(path, 'r') as fh:
+        content = fh.read()
+    # interpret content
+    content = content.replace("\n", " ")
+    match = content_regex.match(content)
+    if not match:
+        module.fail_json(msg="content of file not in expected syntax: %s" % path)
+    result["key_algorithm"] = match.group("algo")
+    result["key_name"] = match.group("name")
+    result["key_secret"] = match.group("secret")
+    # exit
+    module.exit_json(**result)
+
+if __name__ == '__main__':
+    main()