You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ansible/library/tsig_interpreter.py

116 lines
3.0 KiB
Python

#!/usr/bin/python
# Copyright: (c) 2018, Terry Jones <terry.jones@example.org>
# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
from __future__ import (absolute_import, division, print_function)
__metaclass__ = type
DOCUMENTATION = r'''
---
module: tsig_interpreter
short_description: Reads BIND9 tsig key files and outputs content to register
# If this is part of a collection, you need to use semantic versioning,
# i.e. the version is of the form "2.5.0" and not "2.4".
version_added: "1.0.0"
description: This is my longer description explaining my test module.
options:
path:
description: Path the keyfile should be found
required: true
type: str
aliases:
- file
- key_file
author:
- Felix Stupp (@zocker1999net)
'''
EXAMPLES = r'''
# Gain and use key
- name: Gain key
my_namespace.my_collection.tsig_interpreter:
path: '/etc/bind/rndc.key'
register: key_data
- name: Use key
nsupdate:
key_algorithm: key_data.key_algorithm
key_name: key_data.key_name
key_secret: key_data.key_secret
'''
RETURN = r'''
key_algorithm:
description: The algorithm used for the key
type: str
returned: always
sample: 'hmac-md5'
key_file:
description: The file that contained the extracted key
type: str
returned: always
sample: '/my/path/my.key'
key_name:
description: The name of the key
type: str
returned: always
sample: 'key.example.com'
key_secret:
description: The secret of the key
type: str
returned: always
sample: 'ABCDEFG=='
'''
import os
import re
from ansible.module_utils.basic import AnsibleModule
def main():
content_regex = re.compile(r'^\s*key\s+"?(?P<name>[^"\s{};]+)"?\s+\{\s*algorithm\s+"?(?P<algo>[^"\s{};]+)"?\s*;\s*secret\s+"?(?P<secret>[^"\s{};]+)"?\s*;\s*}\s*;\s*$')
module_args = {
"path": {
"type": "str",
"required": True,
"aliases": ["file", "key_file"],
},
}
module = AnsibleModule(
argument_spec=module_args,
supports_check_mode=True, # ignored because only data is retrieved
)
# get params
path = module.params["path"]
# prepare result
result = {
"changed": False,
"key_file": path,
}
# check file
if not os.path.exists(path):
module.fail_json(msg="file not found: %s" % path)
if not os.access(path, os.R_OK):
module.fail_json(msg="file is not readable: %s" % path)
# gain content
with open(path, 'r') as fh:
content = fh.read()
# interpret content
content = content.replace("\n", " ")
match = content_regex.match(content)
if not match:
module.fail_json(msg="content of file not in expected syntax: %s" % path)
result["key_algorithm"] = match.group("algo")
result["key_name"] = match.group("name")
result["key_secret"] = match.group("secret")
# exit
module.exit_json(**result)
if __name__ == '__main__':
main()