forked from Nosmoht/ansible-module-powerdns
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpowerdns_zone.py
264 lines (232 loc) · 9.14 KB
/
powerdns_zone.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
#!/usr/bin/env python
# -*- coding: utf-8 -*-
from requests.models import HTTPBasicAuth
DOCUMENTATION = '''
---
module: powerdns_zone
short_description: Manage PowerDNS zones
description:
- Create, update or delete a PowerDNS zone using API
options:
kind:
description:
- Zone kind
required: False
default: master
choices: ['native', 'master', 'slave']
name:
description:
- Zone name
required: true
nameservers:
description:
- List of nameservers
required: False
default: None
pdns_host:
description:
- Name or ip address of PowerDNS host
required: false
default: 127.0.0.1
pdns_port:
description:
- Port used by PowerDNS API
required: false
default: 8081
pdns_prot:
description:
- Protocol used to connect to PowerDNS API
required: false
default: http
choices: ['http', 'https']
pdns_api_key:
description:
- API Key to authenticate through PowerDNS API
pdns_api_username:
description:
- API Username to authenticate through PowerDNS API with basic auth
pdns_api_password:
description:
- API Password to authenticate through PowerDNS API with basic auth
strict_ssl_checking:
description:
- Disables strict certificate checking
default: true
author: "Thomas Krahn (@nosmoht)"
'''
EXAMPLES = '''
# Ensure a zone is present
- powerdns_zone:
name: zone01.internal.example.com
kind: master
nameservers:
- ns-01.internal.example.com
- ns-02.internal.example.com
state: present
pdns_host: powerdns.example.cm
pdns_port: 8080
pdns_api_key: topsecret
# Ensure a zone is absent
- powerdns_zone:
name: old-zone.internal.example.com
state: absent
pdns_host: powerdns.example.cm
pdns_port: 8080
pdns_api_key: topsecret
'''
try:
import requests
from requests.auth import HTTPBasicAuth
HAS_REQUESTS = True
except ImportError:
HAS_REQUESTS = False
class PowerDNSError(Exception):
def __init__(self, url, status_code, message):
self.url = url
self.status_code = status_code
self.message = message
super(PowerDNSError, self).__init__()
class PowerDNSClient:
def __init__(self, host, port, prot, api_key, api_username, api_password, verify):
self.url = '{prot}://{host}:{port}/api/v1'.format(prot=prot, host=host, port=port)
self.session = requests.Session()
if api_key:
self.session.headers.update({'X-API-Key': api_key})
elif (api_username and api_password):
self.session.auth = HTTPBasicAuth(api_username, api_password)
self.session.verify = verify
def _handle_request(self, req):
if req.status_code in [200, 201, 204]:
if req.text:
try:
return req.json()
except Exception as e:
print(e) # same as yield
return dict()
elif req.status_code == 404:
error_message = 'Not found'
else:
error_message = self._get_request_error_message(data=req)
raise PowerDNSError(url=req.url,
status_code=req.status_code,
message=error_message)
def _get_request_error_message(self, data):
try:
request_json = data.json()
if 'error' in request_json:
request_error = request_json.get('error')
elif 'errors' in request_json:
request_error = request_json.get('errors')
else:
request_error = 'No error message found'
return request_error
except Exception:
pass
return data.text
def _get_zones_url(self, server):
return '{url}/servers/{server}/zones'.format(url=self.url, server=server)
def _get_zone_url(self, server, name):
return '{url}/{name}'.format(url=self._get_zones_url(server), name=name)
def get_zone(self, server, name):
req = self.session.get(url=self._get_zone_url(server, name))
if req.status_code in [404, 422]: # zone does not exist
return None
return self._handle_request(req)
def create_zone(self, server, data):
req = self.session.post(url=self._get_zones_url(server), json=data)
return self._handle_request(req)
def delete_zone(self, server, name):
req = self.session.delete(url=self._get_zone_url(server, name))
return self._handle_request(req)
def update_zone(self, server, zone):
req = self.session.patch(url=self._get_zone_url(server=server, name=zone.get('name')), data=zone)
return self._handle_request(req)
def diff(list1, list2):
c = set(list1).union(set(list2))
d = set(list1).intersection(set(list2))
return list(c - d)
def ensure(module, pdns_client):
kind = module.params['kind']
masters = module.params['masters']
name = module.params['name']
nameservers = module.params['nameservers']
server = module.params['server']
state = module.params['state']
try:
zone = pdns_client.get_zone(server, name)
except PowerDNSError as e:
module.fail_json(
msg='Could not get zone {name}: HTTP {code}: {err}'.format(name=name, code=e.status_code, err=e.message))
if not zone:
if state == 'present':
try:
zone = dict(name=name, kind=kind, nameservers=nameservers, masters=masters)
if module.check_mode:
module.exit_json(changed=True, zone=zone)
pdns_client.create_zone(server, zone)
return True, pdns_client.get_zone(server, name)
except PowerDNSError as e:
module.fail_json(
msg='Could not create zone {name}: HTTP {code}: {err}'.format(name=name, code=e.status_code,
err=e.message))
else:
if state == 'absent':
try:
if module.check_mode:
module.exit_json(changed=True, zone=zone)
pdns_client.delete_zone(server, name) # zone.get('id'))
return True, None
except PowerDNSError as e:
module.fail_json(
msg='Could not delete zone {name}: HTTP {code}: {err}'.format(name=name, code=e.status_code,
err=e.message))
# Compare nameservers
# ns_diff = diff(nameservers if nameservers else list(), zone.get('nameservers', list()))
# if ns_diff:
# try:
# if module.check_mode:
# module.exit_json(changed=True, zone=zone)
# pdns_client.update_zone(server, zone)
# return True, pdns_client.get_zone(name)
# except PowerDNSError as e:
# module.fail_json(
# msg='Could not update zone {name}: HTTP {code}: {err}'.format(name=name, code=e.status_code,
# err=e.message))
return False, zone
def main():
module = AnsibleModule(
argument_spec=dict(
kind=dict(type='str', required=False, default='master', choices=['native', 'master', 'slave']),
masters=dict(type='list', required=False),
name=dict(type='str', required=True),
nameservers=dict(type='list', required=False),
server=dict(type='str', required=False, default='localhost'),
state=dict(type='str', default='present', choices=['present', 'absent']),
pdns_host=dict(type='str', default='127.0.0.1'),
pdns_port=dict(type='int', default=8081),
pdns_prot=dict(type='str', default='http', choices=['http', 'https']),
pdns_api_key=dict(type='str', required=False),
pdns_api_username=dict(type='str', required=False),
pdns_api_password=dict(type='str', required=False),
strict_ssl_checking=dict(type='bool', default=True),
),
supports_check_mode=True,
)
if not HAS_REQUESTS:
module.fail_json(msg="requests must be installed to use this module.")
pdns_client = PowerDNSClient(host=module.params['pdns_host'],
port=module.params['pdns_port'],
prot=module.params['pdns_prot'],
api_key=module.params['pdns_api_key'],
api_username=module.params['pdns_api_username'],
api_password=module.params['pdns_api_password'],
verify=module.params['strict_ssl_checking'])
try:
changed, zone = ensure(module, pdns_client)
module.exit_json(changed=changed, zone=zone)
except Exception as e:
module.fail_json(msg='Error: {0}'.format(str(e)))
# import module snippets
from ansible.module_utils.basic import *
if __name__ == '__main__':
main()