a-c-m
/
community.general
mirror of https://github.com/ansible-collections/community.general.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

utm*: normalize docs (#9335) 

* utm*: normalize docs

* Update plugins/modules/utm_aaa_group.py

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Felix Fontein <felix@fontein.de>
pull/9322/head
Alexei Znamensky 2024-12-24 09:30:11 +13:00 committed by GitHub
parent d5237ee486
commit c141f86883
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
13 changed files with 1487 additions and 1525 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

311
plugins/modules/utm_aaa_group.py
View File

@ -8,120 +8,117 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_aaa_group
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy an aaa group object in Sophos UTM
description:
- Create, update or destroy an aaa group object in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy an aaa group object in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
description:
- The name of the object. Will be used to identify the entry.
type: str
required: true
adirectory_groups:
description:
- List of adirectory group strings.
type: list
elements: str
default: []
adirectory_groups_sids:
description:
- Dictionary of group sids.
type: dict
default: {}
backend_match:
description:
- The backend for the group.
type: str
choices:
- none
- adirectory
- edirectory
- radius
- tacacs
- ldap
default: none
comment:
description:
- Comment that describes the AAA group.
type: str
default: ''
dynamic:
description:
- Group type. Is static if none is selected.
type: str
default: none
choices:
- none
- ipsec_dn
- directory_groups
edirectory_groups:
description:
- List of edirectory group strings.
type: list
elements: str
default: []
ipsec_dn:
description:
- The ipsec dn string.
type: str
default: ''
ldap_attribute:
description:
- The ldap attribute to check against.
type: str
default: ''
ldap_attribute_value:
description:
- The ldap attribute value to check against.
type: str
default: ''
members:
description:
- A list of user ref names (aaa/user).
type: list
elements: str
default: []
network:
description:
- The network reference name. The objects contains the known ip addresses for the authentication object (network/aaa).
type: str
default: ""
radius_groups:
description:
- A list of radius group strings.
type: list
elements: str
default: []
tacacs_groups:
description:
- A list of tacacs group strings.
type: list
elements: str
default: []
name:
description:
- The name of the object. Will be used to identify the entry.
type: str
required: true
adirectory_groups:
description:
- List of adirectory group strings.
type: list
elements: str
default: []
adirectory_groups_sids:
description:
- Dictionary of group sids.
type: dict
default: {}
backend_match:
description:
- The backend for the group.
type: str
choices:
- none
- adirectory
- edirectory
- radius
- tacacs
- ldap
default: none
comment:
description:
- Comment that describes the AAA group.
type: str
default: ''
dynamic:
description:
- Group type. Is static if none is selected.
type: str
default: none
choices:
- none
- ipsec_dn
- directory_groups
edirectory_groups:
description:
- List of edirectory group strings.
type: list
elements: str
default: []
ipsec_dn:
description:
- The ipsec dn string.
type: str
default: ''
ldap_attribute:
description:
- The ldap attribute to check against.
type: str
default: ''
ldap_attribute_value:
description:
- The ldap attribute value to check against.
type: str
default: ''
members:
description:
- A list of user ref names (aaa/user).
type: list
elements: str
default: []
network:
description:
- The network reference name. The objects contains the known IP addresses for the authentication object (network/aaa).
type: str
default: ""
radius_groups:
description:
- A list of radius group strings.
type: list
elements: str
default: []
tacacs_groups:
description:
- A list of tacacs group strings.
type: list
elements: str
default: []
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create UTM aaa_group
community.general.utm_aaa_group:
utm_host: sophos.host.name
@ -142,63 +139,63 @@ EXAMPLES = """
state: absent
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
adirectory_groups:
description: List of Active Directory Groups.
type: str
adirectory_groups_sids:
description: List of Active Directory Groups SIDS.
type: list
backend_match:
description: The backend to use.
type: str
comment:
description: The comment string.
type: str
dynamic:
description: Whether the group match is ipsec_dn or directory_group.
type: str
edirectory_groups:
description: List of eDirectory Groups.
type: str
ipsec_dn:
description: ipsec_dn identifier to match.
type: str
ldap_attribute:
description: The LDAP Attribute to match against.
type: str
ldap_attribute_value:
description: The LDAP Attribute Value to match against.
type: str
members:
description: List of member identifiers of the group.
type: list
network:
description: The identifier of the network (network/aaa).
type: str
radius_group:
description: The radius group identifier.
type: str
tacacs_group:
description: The tacacs group identifier.
type: str
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
adirectory_groups:
description: List of Active Directory Groups.
type: str
adirectory_groups_sids:
description: List of Active Directory Groups SIDS.
type: list
backend_match:
description: The backend to use.
type: str
comment:
description: The comment string.
type: str
dynamic:
description: Whether the group match is ipsec_dn or directory_group.
type: str
edirectory_groups:
description: List of eDirectory Groups.
type: str
ipsec_dn:
description: Ipsec_dn identifier to match.
type: str
ldap_attribute:
description: The LDAP Attribute to match against.
type: str
ldap_attribute_value:
description: The LDAP Attribute Value to match against.
type: str
members:
description: List of member identifiers of the group.
type: list
network:
description: The identifier of the network (network/aaa).
type: str
radius_group:
description: The radius group identifier.
type: str
tacacs_group:
description: The tacacs group identifier.
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

147
plugins/modules/utm_aaa_group_info.py
View File

@ -10,38 +10,35 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_aaa_group_info
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Get info for reverse_proxy frontend entry in Sophos UTM
description:
- get info for a reverse_proxy frontend entry in SOPHOS UTM.
- Get info for a reverse_proxy frontend entry in SOPHOS UTM.
attributes:
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Remove UTM aaa_group
community.general.utm_aaa_group_info:
utm_host: sophos.host.name
@ -49,63 +46,63 @@ EXAMPLES = """
name: TestAAAGroupEntry
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
adirectory_groups:
description: List of Active Directory Groups
type: str
adirectory_groups_sids:
description: List of Active Directory Groups SIDS
type: list
backend_match:
description: The backend to use
type: str
comment:
description: The comment string
type: str
dynamic:
description: Whether the group match is ipsec_dn or directory_group
type: str
edirectory_groups:
description: List of eDirectory Groups
type: str
ipsec_dn:
description: ipsec_dn identifier to match
type: str
ldap_attribute:
description: The LDAP Attribute to match against
type: str
ldap_attribute_value:
description: The LDAP Attribute Value to match against
type: str
members:
description: List of member identifiers of the group
type: list
network:
description: The identifier of the network (network/aaa)
type: str
radius_group:
description: The radius group identifier
type: str
tacacs_group:
description: The tacacs group identifier
type: str
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
adirectory_groups:
description: List of Active Directory Groups.
type: str
adirectory_groups_sids:
description: List of Active Directory Groups SIDS.
type: list
backend_match:
description: The backend to use.
type: str
comment:
description: The comment string.
type: str
dynamic:
description: Whether the group match is ipsec_dn or directory_group.
type: str
edirectory_groups:
description: List of eDirectory Groups.
type: str
ipsec_dn:
description: Ipsec_dn identifier to match.
type: str
ldap_attribute:
description: The LDAP Attribute to match against.
type: str
ldap_attribute_value:
description: The LDAP Attribute Value to match against.
type: str
members:
description: List of member identifiers of the group.
type: list
network:
description: The identifier of the network (network/aaa).
type: str
radius_group:
description: The radius group identifier.
type: str
tacacs_group:
description: The tacacs group identifier.
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

164
plugins/modules/utm_ca_host_key_cert.py
View File

@ -9,67 +9,64 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_ca_host_key_cert
author:
- Stephan Schwarz (@stearz)
- Stephan Schwarz (@stearz)
short_description: Create, update or destroy ca host_key_cert entry in Sophos UTM
description:
- Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a ca host_key_cert entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
description:
- The name of the object. Will be used to identify the entry.
required: true
type: str
ca:
description:
- A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
required: true
type: str
meta:
description:
- A reference to an existing utm_ca_meta_x509 object.
required: true
type: str
certificate:
description:
- The certificate in PEM format.
required: true
type: str
comment:
description:
- Optional comment string.
type: str
encrypted:
description:
- Optionally enable encryption.
default: false
type: bool
key:
description:
- Optional private key in PEM format.
type: str
name:
description:
- The name of the object. Will be used to identify the entry.
required: true
type: str
ca:
description:
- A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
required: true
type: str
meta:
description:
- A reference to an existing utm_ca_meta_x509 object.
required: true
type: str
certificate:
description:
- The certificate in PEM format.
required: true
type: str
comment:
description:
- Optional comment string.
type: str
encrypted:
description:
- Optionally enable encryption.
default: false
type: bool
key:
description:
- Optional private key in PEM format.
type: str
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create a ca_host_key_cert entry
community.general.utm_ca_host_key_cert:
utm_host: sophos.host.name
@ -98,45 +95,44 @@ EXAMPLES = """
utm_token: abcdefghijklmno1234
name: TestHostKeyCertEntry
state: info
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
ca:
description: A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
type: str
meta:
description: A reference to an existing utm_ca_meta_x509 object.
type: str
certificate:
description: The certificate in PEM format
type: str
comment:
description: Comment string (may be empty string)
type: str
encrypted:
description: If encryption is enabled
type: bool
key:
description: Private key in PEM format (may be empty string)
type: str
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
ca:
description: A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
type: str
meta:
description: A reference to an existing utm_ca_meta_x509 object.
type: str
certificate:
description: The certificate in PEM format.
type: str
comment:
description: Comment string (may be empty string).
type: str
encrypted:
description: If encryption is enabled.
type: bool
key:
description: Private key in PEM format (may be empty string).
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

104
plugins/modules/utm_ca_host_key_cert_info.py
View File

@ -9,37 +9,35 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_ca_host_key_cert_info
author:
- Stephan Schwarz (@stearz)
- Stephan Schwarz (@stearz)
short_description: Get info for a ca host_key_cert entry in Sophos UTM
description:
- Get info for a ca host_key_cert entry in SOPHOS UTM.
- Get info for a ca host_key_cert entry in SOPHOS UTM.
attributes:
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
'''
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
"""
EXAMPLES = """
EXAMPLES = r"""
- name: Get info for a ca host_key_cert entry
community.general.utm_ca_host_key_cert_info:
utm_host: sophos.host.name
@ -47,42 +45,42 @@ EXAMPLES = """
name: TestHostKeyCertEntry
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
ca:
description: A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
type: str
meta:
description: A reference to an existing utm_ca_meta_x509 object.
type: str
certificate:
description: The certificate in PEM format
type: str
comment:
description: Comment string (may be empty string)
type: str
encrypted:
description: If encryption is enabled
type: bool
key:
description: Private key in PEM format (may be empty string)
type: str
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
ca:
description: A reference to an existing utm_ca_signing_ca or utm_ca_verification_ca object.
type: str
meta:
description: A reference to an existing utm_ca_meta_x509 object.
type: str
certificate:
description: The certificate in PEM format.
type: str
comment:
description: Comment string (may be empty string).
type: str
encrypted:
description: If encryption is enabled.
type: bool
key:
description: Private key in PEM format (may be empty string).
type: str
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

191
plugins/modules/utm_dns_host.py
View File

@ -8,78 +8,75 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_dns_host
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy dns entry in Sophos UTM
description:
- Create, update or destroy a dns entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a dns entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
address:
type: str
description:
- The IPV4 Address of the entry. Can be left empty for automatic resolving.
default: 0.0.0.0
address6:
type: str
description:
- The IPV6 Address of the entry. Can be left empty for automatic resolving.
default: "::"
comment:
type: str
description:
- An optional comment to add to the dns host object
default: ''
hostname:
type: str
description:
- The hostname for the dns host object
interface:
type: str
description:
- The reference name of the interface to use. If not provided the default interface will be used
default: ''
resolved:
description:
- whether the hostname's ipv4 address is already resolved or not
default: false
type: bool
resolved6:
description:
- whether the hostname's ipv6 address is already resolved or not
default: false
type: bool
timeout:
type: int
description:
- the timeout for the utm to resolve the ip address for the hostname again
default: 0
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
address:
type: str
description:
- The IPV4 Address of the entry. Can be left empty for automatic resolving.
default: 0.0.0.0
address6:
type: str
description:
- The IPV6 Address of the entry. Can be left empty for automatic resolving.
default: "::"
comment:
type: str
description:
- An optional comment to add to the dns host object.
default: ''
hostname:
type: str
description:
- The hostname for the dns host object.
interface:
type: str
description:
- The reference name of the interface to use. If not provided the default interface will be used.
default: ''
resolved:
description:
- Whether the hostname's ipv4 address is already resolved or not.
default: false
type: bool
resolved6:
description:
- Whether the hostname's ipv6 address is already resolved or not.
default: false
type: bool
timeout:
type: int
description:
- The timeout for the utm to resolve the ip address for the hostname again.
default: 0
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create UTM dns host entry
community.general.utm_dns_host:
utm_host: sophos.host.name
@ -96,45 +93,45 @@ EXAMPLES = """
state: absent
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
name:
description: The name of the object
type: str
address:
description: The ipv4 address of the object
type: str
address6:
description: The ipv6 address of the object
type: str
comment:
description: The comment string
type: str
hostname:
description: The hostname of the object
type: str
interface:
description: The reference name of the interface the object is associated with
type: str
resolved:
description: Whether the ipv4 address is resolved or not
type: bool
resolved6:
description: Whether the ipv6 address is resolved or not
type: bool
timeout:
description: The timeout until a new resolving will be attempted
type: int
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
name:
description: The name of the object.
type: str
address:
description: The ipv4 address of the object.
type: str
address6:
description: The ipv6 address of the object.
type: str
comment:
description: The comment string.
type: str
hostname:
description: The hostname of the object.
type: str
interface:
description: The reference name of the interface the object is associated with.
type: str
resolved:
description: Whether the ipv4 address is resolved or not.
type: bool
resolved6:
description: Whether the ipv6 address is resolved or not.
type: bool
timeout:
description: The timeout until a new resolving will be attempted.
type: int
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

148
plugins/modules/utm_network_interface_address.py
View File

@ -8,62 +8,58 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_network_interface_address
author:
- Juergen Wiebe (@steamx)
- Juergen Wiebe (@steamx)
short_description: Create, update or destroy network/interface_address object
description:
- Create, update or destroy a network/interface_address object in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a network/interface_address object in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
address:
type: str
description:
- The ip4 address of the network/interface_address object.
required: true
address6:
type: str
description:
- The ip6 address of the network/interface_address object.
required: false
comment:
type: str
description:
- An optional comment to add to the object
default: ''
resolved:
type: bool
description:
- Whether or not the object is resolved
resolved6:
type: bool
description:
- Whether or not the object is resolved
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
address:
type: str
description:
- The ip4 address of the network/interface_address object.
required: true
address6:
type: str
description:
- The ip6 address of the network/interface_address object.
required: false
comment:
type: str
description:
- An optional comment to add to the object.
default: ''
resolved:
type: bool
description:
- Whether or not the object is resolved.
resolved6:
type: bool
description:
- Whether or not the object is resolved.
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create a network interface address
utm_proxy_backend:
utm_host: sophos.host.name
@ -81,39 +77,39 @@ EXAMPLES = """
state: absent
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
address:
description: The ip4 address of the network/interface_address object
type: str
address6:
description: The ip6 address of the network/interface_address object
type: str
comment:
description: The comment string
type: str
resolved:
description: Whether or not the object is resolved
type: bool
resolved6:
description: Whether or not the object is resolved
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
address:
description: The ip4 address of the network/interface_address object.
type: str
address6:
description: The ip6 address of the network/interface_address object.
type: str
comment:
description: The comment string.
type: str
resolved:
description: Whether or not the object is resolved.
type: bool
resolved6:
description: Whether or not the object is resolved.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

98
plugins/modules/utm_network_interface_address_info.py
View File

@ -8,37 +8,35 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_network_interface_address_info
author:
- Juergen Wiebe (@steamx)
- Juergen Wiebe (@steamx)
short_description: Get info for a network/interface_address object
description:
- Get info for a network/interface_address object in SOPHOS UTM.
- Get info for a network/interface_address object in SOPHOS UTM.
attributes:
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
'''
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
"""
EXAMPLES = """
EXAMPLES = r"""
- name: Get network interface address info
utm_proxy_interface_address_info:
utm_host: sophos.host.name
@ -46,39 +44,39 @@ EXAMPLES = """
name: TestNetworkInterfaceAddress
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
address:
description: The ip4 address of the network/interface_address object
type: str
address6:
description: The ip6 address of the network/interface_address object
type: str
comment:
description: The comment string
type: str
resolved:
description: Whether or not the object is resolved
type: bool
resolved6:
description: Whether or not the object is resolved
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
address:
description: The ip4 address of the network/interface_address object.
type: str
address6:
description: The ip6 address of the network/interface_address object.
type: str
comment:
description: The comment string.
type: str
resolved:
description: Whether or not the object is resolved.
type: bool
resolved6:
description: Whether or not the object is resolved.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

494
plugins/modules/utm_proxy_auth_profile.py
View File

@ -9,183 +9,180 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_proxy_auth_profile
author:
- Stephan Schwarz (@stearz)
- Stephan Schwarz (@stearz)
short_description: Create, update or destroy reverse_proxy auth_profile entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a reverse_proxy auth_profile entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
aaa:
type: list
elements: str
description:
- List of references to utm_aaa objects (allowed users or groups)
required: true
basic_prompt:
type: str
description:
- The message in the basic authentication prompt
required: true
backend_mode:
type: str
description:
- Specifies if the backend server needs authentication ([Basic|None])
default: None
choices:
- Basic
- None
backend_strip_basic_auth:
description:
- Should the login data be stripped when proxying the request to the backend host
type: bool
default: true
backend_user_prefix:
type: str
description:
- Prefix string to prepend to the username for backend authentication
default: ""
backend_user_suffix:
type: str
description:
- Suffix string to append to the username for backend authentication
default: ""
comment:
type: str
description:
- Optional comment string
default: ""
frontend_cookie:
type: str
description:
- Frontend cookie name
frontend_cookie_secret:
type: str
description:
- Frontend cookie secret
frontend_form:
type: str
description:
- Frontend authentication form name
frontend_form_template:
type: str
description:
- Frontend authentication form template
default: ""
frontend_login:
type: str
description:
- Frontend login name
frontend_logout:
type: str
description:
- Frontend logout name
frontend_mode:
type: str
description:
- Frontend authentication mode (Form|Basic)
default: Basic
choices:
- Basic
- Form
frontend_realm:
type: str
description:
- Frontend authentication realm
frontend_session_allow_persistency:
description:
- Allow session persistency
type: bool
default: false
frontend_session_lifetime:
type: int
description:
- session lifetime
required: true
frontend_session_lifetime_limited:
description:
- Specifies if limitation of session lifetime is active
type: bool
default: true
frontend_session_lifetime_scope:
type: str
description:
- scope for frontend_session_lifetime (days|hours|minutes)
default: hours
choices:
- days
- hours
- minutes
frontend_session_timeout:
type: int
description:
- session timeout
required: true
frontend_session_timeout_enabled:
description:
- Specifies if session timeout is active
type: bool
default: true
frontend_session_timeout_scope:
type: str
description:
- scope for frontend_session_timeout (days|hours|minutes)
default: minutes
choices:
- days
- hours
- minutes
logout_delegation_urls:
type: list
elements: str
description:
- List of logout URLs that logouts are delegated to
default: []
logout_mode:
type: str
description:
- Mode of logout (None|Delegation)
default: None
choices:
- None
- Delegation
redirect_to_requested_url:
description:
- Should a redirect to the requested URL be made
type: bool
default: false
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
aaa:
type: list
elements: str
description:
- List of references to utm_aaa objects (allowed users or groups).
required: true
basic_prompt:
type: str
description:
- The message in the basic authentication prompt.
required: true
backend_mode:
type: str
description:
- Specifies if the backend server needs authentication ([Basic|None]).
default: None
choices:
- Basic
- None
backend_strip_basic_auth:
description:
- Should the login data be stripped when proxying the request to the backend host.
type: bool
default: true
backend_user_prefix:
type: str
description:
- Prefix string to prepend to the username for backend authentication.
default: ""
backend_user_suffix:
type: str
description:
- Suffix string to append to the username for backend authentication.
default: ""
comment:
type: str
description:
- Optional comment string.
default: ""
frontend_cookie:
type: str
description:
- Frontend cookie name.
frontend_cookie_secret:
type: str
description:
- Frontend cookie secret.
frontend_form:
type: str
description:
- Frontend authentication form name.
frontend_form_template:
type: str
description:
- Frontend authentication form template.
default: ""
frontend_login:
type: str
description:
- Frontend login name.
frontend_logout:
type: str
description:
- Frontend logout name.
frontend_mode:
type: str
description:
- Frontend authentication mode (Form|Basic).
default: Basic
choices:
- Basic
- Form
frontend_realm:
type: str
description:
- Frontend authentication realm.
frontend_session_allow_persistency:
description:
- Allow session persistency.
type: bool
default: false
frontend_session_lifetime:
type: int
description:
- Session lifetime.
required: true
frontend_session_lifetime_limited:
description:
- Specifies if limitation of session lifetime is active.
type: bool
default: true
frontend_session_lifetime_scope:
type: str
description:
- Scope for frontend_session_lifetime (days|hours|minutes).
default: hours
choices:
- days
- hours
- minutes
frontend_session_timeout:
type: int
description:
- Session timeout.
required: true
frontend_session_timeout_enabled:
description:
- Specifies if session timeout is active.
type: bool
default: true
frontend_session_timeout_scope:
type: str
description:
- Scope for frontend_session_timeout (days|hours|minutes).
default: minutes
choices:
- days
- hours
- minutes
logout_delegation_urls:
type: list
elements: str
description:
- List of logout URLs that logouts are delegated to.
default: []
logout_mode:
type: str
description:
- Mode of logout (None|Delegation).
default: None
choices:
- None
- Delegation
redirect_to_requested_url:
description:
- Should a redirect to the requested URL be made.
type: bool
default: false
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create UTM proxy_auth_profile
community.general.utm_proxy_auth_profile:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
aaa: [REF_OBJECT_STRING,REF_ANOTHEROBJECT_STRING]
aaa: [REF_OBJECT_STRING, REF_ANOTHEROBJECT_STRING]
basic_prompt: "Authentication required: Please login"
frontend_session_lifetime: 1
frontend_session_timeout: 1
@ -204,99 +201,98 @@ EXAMPLES = """
utm_token: abcdefghijklmno1234
name: TestAuthProfileEntry
state: info
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
aaa:
description: List of references to utm_aaa objects (allowed users or groups)
type: list
basic_prompt:
description: The message in the basic authentication prompt
type: str
backend_mode:
description: Specifies if the backend server needs authentication ([Basic|None])
type: str
backend_strip_basic_auth:
description: Should the login data be stripped when proxying the request to the backend host
type: bool
backend_user_prefix:
description: Prefix string to prepend to the username for backend authentication
type: str
backend_user_suffix:
description: Suffix string to append to the username for backend authentication
type: str
comment:
description: Optional comment string
type: str
frontend_cookie:
description: Frontend cookie name
type: str
frontend_form:
description: Frontend authentication form name
type: str
frontend_form_template:
description: Frontend authentication form template
type: str
frontend_login:
description: Frontend login name
type: str
frontend_logout:
description: Frontend logout name
type: str
frontend_mode:
description: Frontend authentication mode (Form|Basic)
type: str
frontend_realm:
description: Frontend authentication realm
type: str
frontend_session_allow_persistency:
description: Allow session persistency
type: bool
frontend_session_lifetime:
description: session lifetime
type: int
frontend_session_lifetime_limited:
description: Specifies if limitation of session lifetime is active
type: bool
frontend_session_lifetime_scope:
description: scope for frontend_session_lifetime (days|hours|minutes)
type: str
frontend_session_timeout:
description: session timeout
type: int
frontend_session_timeout_enabled:
description: Specifies if session timeout is active
type: bool
frontend_session_timeout_scope:
description: scope for frontend_session_timeout (days|hours|minutes)
type: str
logout_delegation_urls:
description: List of logout URLs that logouts are delegated to
type: list
logout_mode:
description: Mode of logout (None|Delegation)
type: str
redirect_to_requested_url:
description: Should a redirect to the requested URL be made
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
aaa:
description: List of references to utm_aaa objects (allowed users or groups).
type: list
basic_prompt:
description: The message in the basic authentication prompt.
type: str
backend_mode:
description: Specifies if the backend server needs authentication ([Basic|None]).
type: str
backend_strip_basic_auth:
description: Should the login data be stripped when proxying the request to the backend host.
type: bool
backend_user_prefix:
description: Prefix string to prepend to the username for backend authentication.
type: str
backend_user_suffix:
description: Suffix string to append to the username for backend authentication.
type: str
comment:
description: Optional comment string.
type: str
frontend_cookie:
description: Frontend cookie name.
type: str
frontend_form:
description: Frontend authentication form name.
type: str
frontend_form_template:
description: Frontend authentication form template.
type: str
frontend_login:
description: Frontend login name.
type: str
frontend_logout:
description: Frontend logout name.
type: str
frontend_mode:
description: Frontend authentication mode (Form|Basic).
type: str
frontend_realm:
description: Frontend authentication realm.
type: str
frontend_session_allow_persistency:
description: Allow session persistency.
type: bool
frontend_session_lifetime:
description: Session lifetime.
type: int
frontend_session_lifetime_limited:
description: Specifies if limitation of session lifetime is active.
type: bool
frontend_session_lifetime_scope:
description: Scope for frontend_session_lifetime (days|hours|minutes).
type: str
frontend_session_timeout:
description: Session timeout.
type: int
frontend_session_timeout_enabled:
description: Specifies if session timeout is active.
type: bool
frontend_session_timeout_scope:
description: Scope for frontend_session_timeout (days|hours|minutes).
type: str
logout_delegation_urls:
description: List of logout URLs that logouts are delegated to.
type: list
logout_mode:
description: Mode of logout (None|Delegation).
type: str
redirect_to_requested_url:
description: Should a redirect to the requested URL be made.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

337
plugins/modules/utm_proxy_exception.py
View File

@ -9,130 +9,127 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_proxy_exception
author:
- Sebastian Schenzel (@RickS-C137)
- Sebastian Schenzel (@RickS-C137)
short_description: Create, update or destroy reverse_proxy exception entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
description:
- The name of the object. Will be used to identify the entry
required: true
type: str
op:
description:
- The operand to be used with the entries of the path parameter
default: 'AND'
choices:
- 'AND'
- 'OR'
required: false
type: str
path:
description:
- The paths the exception in the reverse proxy is defined for
type: list
elements: str
default: []
required: false
skip_custom_threats_filters:
description:
- A list of threats to be skipped
type: list
elements: str
default: []
required: false
skip_threats_filter_categories:
description:
- Define which categories of threats are skipped
type: list
elements: str
default: []
required: false
skipav:
description:
- Skip the Antivirus Scanning
default: false
type: bool
required: false
skipbadclients:
description:
- Block clients with bad reputation
default: false
type: bool
required: false
skipcookie:
description:
- Skip the Cookie Signing check
default: false
type: bool
required: false
skipform:
description:
- Enable form hardening
default: false
type: bool
required: false
skipform_missingtoken:
description:
- Enable form hardening with missing tokens
default: false
type: bool
required: false
skiphtmlrewrite:
description:
- Protection against SQL
default: false
type: bool
required: false
skiptft:
description:
- Enable true file type control
default: false
type: bool
required: false
skipurl:
description:
- Enable static URL hardening
default: false
type: bool
required: false
source:
description:
- Define which categories of threats are skipped
type: list
elements: str
default: []
required: false
status:
description:
- Status of the exception rule set
default: true
type: bool
required: false
name:
description:
- The name of the object. Will be used to identify the entry.
required: true
type: str
op:
description:
- The operand to be used with the entries of the path parameter.
default: 'AND'
choices:
- 'AND'
- 'OR'
required: false
type: str
path:
description:
- The paths the exception in the reverse proxy is defined for.
type: list
elements: str
default: []
required: false
skip_custom_threats_filters:
description:
- A list of threats to be skipped.
type: list
elements: str
default: []
required: false
skip_threats_filter_categories:
description:
- Define which categories of threats are skipped.
type: list
elements: str
default: []
required: false
skipav:
description:
- Skip the Antivirus Scanning.
default: false
type: bool
required: false
skipbadclients:
description:
- Block clients with bad reputation.
default: false
type: bool
required: false
skipcookie:
description:
- Skip the Cookie Signing check.
default: false
type: bool
required: false
skipform:
description:
- Enable form hardening.
default: false
type: bool
required: false
skipform_missingtoken:
description:
- Enable form hardening with missing tokens.
default: false
type: bool
required: false
skiphtmlrewrite:
description:
- Protection against SQL.
default: false
type: bool
required: false
skiptft:
description:
- Enable true file type control.
default: false
type: bool
required: false
skipurl:
description:
- Enable static URL hardening.
default: false
type: bool
required: false
source:
description:
- Define which categories of threats are skipped.
type: list
elements: str
default: []
required: false
status:
description:
- Status of the exception rule set.
default: true
type: bool
required: false
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create UTM proxy_exception
community.general.utm_proxy_exception:
utm_host: sophos.host.name
@ -149,66 +146,66 @@ EXAMPLES = """
state: absent
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
comment:
description: The optional comment string
type: str
op:
description: The operand to be used with the entries of the path parameter
type: str
path:
description: The paths the exception in the reverse proxy is defined for
type: list
skip_custom_threats_filters:
description: A list of threats to be skipped
type: list
skip_threats_filter_categories:
description: Define which categories of threats are skipped
type: list
skipav:
description: Skip the Antivirus Scanning
type: bool
skipbadclients:
description: Block clients with bad reputation
type: bool
skipcookie:
description: Skip the Cookie Signing check
type: bool
skipform:
description: Enable form hardening
type: bool
skipform_missingtoken:
description: Enable form hardening with missing tokens
type: bool
skiphtmlrewrite:
description: Protection against SQL
type: bool
skiptft:
description: Enable true file type control
type: bool
skipurl:
description: Enable static URL hardening
type: bool
source:
description: Define which categories of threats are skipped
type: list
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
comment:
description: The optional comment string.
type: str
op:
description: The operand to be used with the entries of the path parameter.
type: str
path:
description: The paths the exception in the reverse proxy is defined for.
type: list
skip_custom_threats_filters:
description: A list of threats to be skipped.
type: list
skip_threats_filter_categories:
description: Define which categories of threats are skipped.
type: list
skipav:
description: Skip the Antivirus Scanning.
type: bool
skipbadclients:
description: Block clients with bad reputation.
type: bool
skipcookie:
description: Skip the Cookie Signing check.
type: bool
skipform:
description: Enable form hardening.
type: bool
skipform_missingtoken:
description: Enable form hardening with missing tokens.
type: bool
skiphtmlrewrite:
description: Protection against SQL.
type: bool
skiptft:
description: Enable true file type control.
type: bool
skipurl:
description: Enable static URL hardening.
type: bool
source:
description: Define which categories of threats are skipped.
type: list
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

397
plugins/modules/utm_proxy_frontend.py
View File

@ -9,145 +9,142 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_proxy_frontend
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy reverse_proxy frontend entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy frontend entry in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a reverse_proxy frontend entry in Sophos UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
add_content_type_header :
description:
- Whether to add the content type header or not
type: bool
default: false
address:
type: str
description:
- The reference name of the network/interface_address object.
default: REF_DefaultInternalAddress
allowed_networks:
type: list
elements: str
description:
- A list of reference names for the allowed networks.
default: ['REF_NetworkAny']
certificate:
type: str
description:
- The reference name of the ca/host_key_cert object.
default: ""
comment:
type: str
description:
- An optional comment to add to the object
default: ""
disable_compression:
description:
- Whether to enable the compression
type: bool
default: false
domain:
type: list
elements: str
description:
- A list of domain names for the frontend object
exceptions:
type: list
elements: str
description:
- A list of exception ref names (reverse_proxy/exception)
default: []
htmlrewrite:
description:
- Whether to enable html rewrite or not
type: bool
default: false
htmlrewrite_cookies:
description:
- Whether to enable html rewrite cookie or not
type: bool
default: false
implicitredirect:
description:
- Whether to enable implicit redirection or not
type: bool
default: false
lbmethod:
type: str
description:
- Which loadbalancer method should be used
choices:
- ""
- bybusyness
- bytraffic
- byrequests
default: bybusyness
locations:
type: list
elements: str
description:
- A list of location ref names (reverse_proxy/location)
default: []
port:
type: int
description:
- The frontend http port
default: 80
preservehost:
description:
- Whether to preserve host header
type: bool
default: false
profile:
type: str
description:
- The reference string of the reverse_proxy/profile
default: ""
status:
description:
- Whether to activate the frontend entry or not
type: bool
default: true
type:
type: str
description:
- Which protocol should be used
choices:
- http
- https
default: http
xheaders:
description:
- Whether to pass the host header or not
type: bool
default: false
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
add_content_type_header:
description:
- Whether to add the content type header or not.
type: bool
default: false
address:
type: str
description:
- The reference name of the network/interface_address object.
default: REF_DefaultInternalAddress
allowed_networks:
type: list
elements: str
description:
- A list of reference names for the allowed networks.
default: ['REF_NetworkAny']
certificate:
type: str
description:
- The reference name of the ca/host_key_cert object.
default: ""
comment:
type: str
description:
- An optional comment to add to the object.
default: ""
disable_compression:
description:
- Whether to enable the compression.
type: bool
default: false
domain:
type: list
elements: str
description:
- A list of domain names for the frontend object.
exceptions:
type: list
elements: str
description:
- A list of exception ref names (reverse_proxy/exception).
default: []
htmlrewrite:
description:
- Whether to enable html rewrite or not.
type: bool
default: false
htmlrewrite_cookies:
description:
- Whether to enable html rewrite cookie or not.
type: bool
default: false
implicitredirect:
description:
- Whether to enable implicit redirection or not.
type: bool
default: false
lbmethod:
type: str
description:
- Which loadbalancer method should be used.
choices:
- ""
- bybusyness
- bytraffic
- byrequests
default: bybusyness
locations:
type: list
elements: str
description:
- A list of location ref names (reverse_proxy/location).
default: []
port:
type: int
description:
- The frontend http port.
default: 80
preservehost:
description:
- Whether to preserve host header.
type: bool
default: false
profile:
type: str
description:
- The reference string of the reverse_proxy/profile.
default: ""
status:
description:
- Whether to activate the frontend entry or not.
type: bool
default: true
type:
type: str
description:
- Which protocol should be used.
choices:
- http
- https
default: http
xheaders:
description:
- Whether to pass the host header or not.
type: bool
default: false
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create utm proxy_frontend
community.general.utm_proxy_frontend:
utm_host: sophos.host.name
@ -164,81 +161,81 @@ EXAMPLES = """
state: absent
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
add_content_type_header:
description: Whether to add the content type header
type: bool
address:
description: The reference name of the address
type: str
allowed_networks:
description: List of reference names of networks associated
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert)
type: str
comment:
description: The comment string
type: str
disable_compression:
description: State of compression support
type: bool
domain:
description: List of hostnames
type: list
exceptions:
description: List of associated proxy exceptions
type: list
htmlrewrite:
description: State of html rewrite
type: bool
htmlrewrite_cookies:
description: Whether the html rewrite cookie will be set
type: bool
implicitredirect:
description: Whether to use implicit redirection
type: bool
lbmethod:
description: The method of loadbalancer to use
type: str
locations:
description: The reference names of reverse_proxy/locations associated with the object
type: list
port:
description: The port of the frontend connection
type: int
preservehost:
description: Preserve host header
type: bool
profile:
description: The associated reverse_proxy/profile
type: str
status:
description: Whether the frontend object is active or not
type: bool
type:
description: The connection type
type: str
xheaders:
description: The xheaders state
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
add_content_type_header:
description: Whether to add the content type header.
type: bool
address:
description: The reference name of the address.
type: str
allowed_networks:
description: List of reference names of networks associated.
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert).
type: str
comment:
description: The comment string.
type: str
disable_compression:
description: State of compression support.
type: bool
domain:
description: List of hostnames.
type: list
exceptions:
description: List of associated proxy exceptions.
type: list
htmlrewrite:
description: State of html rewrite.
type: bool
htmlrewrite_cookies:
description: Whether the html rewrite cookie will be set.
type: bool
implicitredirect:
description: Whether to use implicit redirection.
type: bool
lbmethod:
description: The method of loadbalancer to use.
type: str
locations:
description: The reference names of reverse_proxy/locations associated with the object.
type: list
port:
description: The port of the frontend connection.
type: int
preservehost:
description: Preserve host header.
type: bool
profile:
description: The associated reverse_proxy/profile.
type: str
status:
description: Whether the frontend object is active or not.
type: bool
type:
description: The connection type.
type: str
xheaders:
description: The xheaders state.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

182
plugins/modules/utm_proxy_frontend_info.py
View File

@ -9,38 +9,36 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_proxy_frontend_info
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy reverse_proxy frontend entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy frontend entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a reverse_proxy frontend entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
version_added: 3.3.0
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
'''
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
"""
EXAMPLES = """
EXAMPLES = r"""
- name: Get utm proxy_frontend
community.general.utm_proxy_frontend_info:
utm_host: sophos.host.name
@ -49,81 +47,81 @@ EXAMPLES = """
host: REF_OBJECT_STRING
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
add_content_type_header:
description: Whether to add the content type header
type: bool
address:
description: The reference name of the address
type: str
allowed_networks:
description: List of reference names of networks associated
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert)
type: str
comment:
description: The comment string
type: str
disable_compression:
description: State of compression support
type: bool
domain:
description: List of hostnames
type: list
exceptions:
description: List of associated proxy exceptions
type: list
htmlrewrite:
description: State of html rewrite
type: bool
htmlrewrite_cookies:
description: whether the html rewrite cookie will be set
type: bool
implicitredirect:
description: whether to use implicit redirection
type: bool
lbmethod:
description: The method of loadbalancer to use
type: str
locations:
description: The reference names of reverse_proxy/locations associated with the object
type: list
port:
description: The port of the frontend connection
type: int
preservehost:
description: Preserve host header
type: bool
profile:
description: The associated reverse_proxy/profile
type: str
status:
description: Whether the frontend object is active or not
type: bool
type:
description: The connection type
type: str
xheaders:
description: The xheaders state
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
add_content_type_header:
description: Whether to add the content type header.
type: bool
address:
description: The reference name of the address.
type: str
allowed_networks:
description: List of reference names of networks associated.
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert).
type: str
comment:
description: The comment string.
type: str
disable_compression:
description: State of compression support.
type: bool
domain:
description: List of hostnames.
type: list
exceptions:
description: List of associated proxy exceptions.
type: list
htmlrewrite:
description: State of html rewrite.
type: bool
htmlrewrite_cookies:
description: Whether the html rewrite cookie will be set.
type: bool
implicitredirect:
description: Whether to use implicit redirection.
type: bool
lbmethod:
description: The method of loadbalancer to use.
type: str
locations:
description: The reference names of reverse_proxy/locations associated with the object.
type: list
port:
description: The port of the frontend connection.
type: int
preservehost:
description: Preserve host header.
type: bool
profile:
description: The associated reverse_proxy/profile.
type: str
status:
description: Whether the frontend object is active or not.
type: bool
type:
description: The connection type.
type: str
xheaders:
description: The xheaders state.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

293
plugins/modules/utm_proxy_location.py
View File

@ -9,111 +9,108 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_proxy_location
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy reverse_proxy location entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy location entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a reverse_proxy location entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
support: none
diff_mode:
support: none
check_mode:
support: none
diff_mode:
support: none
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
access_control:
description:
- whether to activate the access control for the location
type: str
default: '0'
choices:
- '0'
- '1'
allowed_networks:
description:
- A list of allowed networks
type: list
elements: str
default:
- REF_NetworkAny
auth_profile:
type: str
description:
- The reference name of the auth profile
default: ''
backend:
type: list
elements: str
description:
- A list of backends that are connected with this location declaration
default: []
be_path:
type: str
description:
- The path of the backend
default: ''
comment:
type: str
description:
- The optional comment string
default: ''
denied_networks:
type: list
elements: str
description:
- A list of denied network references
default: []
hot_standby:
description:
- Activate hot standby mode
type: bool
default: false
path:
type: str
description:
- The path of the location
default: "/"
status:
description:
- Whether the location is active or not
type: bool
default: true
stickysession_id:
type: str
description:
- The stickysession id
default: ROUTEID
stickysession_status:
description:
- Enable the stickysession
type: bool
default: false
websocket_passthrough:
description:
- Enable the websocket passthrough
type: bool
default: false
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
access_control:
description:
- Whether to activate the access control for the location.
type: str
default: '0'
choices:
- '0'
- '1'
allowed_networks:
description:
- A list of allowed networks.
type: list
elements: str
default:
- REF_NetworkAny
auth_profile:
type: str
description:
- The reference name of the auth profile.
default: ''
backend:
type: list
elements: str
description:
- A list of backends that are connected with this location declaration.
default: []
be_path:
type: str
description:
- The path of the backend.
default: ''
comment:
type: str
description:
- The optional comment string.
default: ''
denied_networks:
type: list
elements: str
description:
- A list of denied network references.
default: []
hot_standby:
description:
- Activate hot standby mode.
type: bool
default: false
path:
type: str
description:
- The path of the location.
default: "/"
status:
description:
- Whether the location is active or not.
type: bool
default: true
stickysession_id:
type: str
description:
- The stickysession id.
default: ROUTEID
stickysession_status:
description:
- Enable the stickysession.
type: bool
default: false
websocket_passthrough:
description:
- Enable the websocket passthrough.
type: bool
default: false
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.utm
- community.general.attributes
"""
'''
EXAMPLES = """
EXAMPLES = r"""
- name: Create UTM proxy_location
utm_proxy_backend:
utm_host: sophos.host.name
@ -130,63 +127,63 @@ EXAMPLES = """
state: absent
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
access_control:
description: Whether to use access control state
type: str
allowed_networks:
description: List of allowed network reference names
type: list
auth_profile:
description: The auth profile reference name
type: str
backend:
description: The backend reference name
type: str
be_path:
description: The backend path
type: str
comment:
description: The comment string
type: str
denied_networks:
description: The list of the denied network names
type: list
hot_standby:
description: Use hot standby
type: bool
path:
description: Path name
type: str
status:
description: Whether the object is active or not
type: bool
stickysession_id:
description: The identifier of the stickysession
type: str
stickysession_status:
description: Whether to use stickysession or not
type: bool
websocket_passthrough:
description: Whether websocket passthrough will be used or not
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
access_control:
description: Whether to use access control state.
type: str
allowed_networks:
description: List of allowed network reference names.
type: list
auth_profile:
description: The auth profile reference name.
type: str
backend:
description: The backend reference name.
type: str
be_path:
description: The backend path.
type: str
comment:
description: The comment string.
type: str
denied_networks:
description: The list of the denied network names.
type: list
hot_standby:
description: Use hot standby.
type: bool
path:
description: Path name.
type: str
status:
description: Whether the object is active or not.
type: bool
stickysession_id:
description: The identifier of the stickysession.
type: str
stickysession_status:
description: Whether to use stickysession or not.
type: bool
websocket_passthrough:
description: Whether websocket passthrough will be used or not.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule

146
plugins/modules/utm_proxy_location_info.py
View File

@ -9,38 +9,36 @@ from __future__ import absolute_import, division, print_function
__metaclass__ = type
DOCUMENTATION = '''
---
DOCUMENTATION = r"""
module: utm_proxy_location_info
author:
- Johannes Brunswicker (@MatrixCrawler)
- Johannes Brunswicker (@MatrixCrawler)
short_description: Create, update or destroy reverse_proxy location entry in Sophos UTM
description:
- Create, update or destroy a reverse_proxy location entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
- Create, update or destroy a reverse_proxy location entry in SOPHOS UTM.
- This module needs to have the REST Ability of the UTM to be activated.
attributes:
check_mode:
version_added: 3.3.0
check_mode:
version_added: 3.3.0
# This was backported to 2.5.4 and 1.3.11 as well, since this was a bugfix
options:
name:
type: str
description:
- The name of the object. Will be used to identify the entry
required: true
name:
type: str
description:
- The name of the object. Will be used to identify the entry.
required: true
extends_documentation_fragment:
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
'''
- community.general.utm
- community.general.attributes
- community.general.attributes.info_module
"""
EXAMPLES = """
EXAMPLES = r"""
- name: Remove UTM proxy_location
community.general.utm_proxy_location_info:
utm_host: sophos.host.name
@ -48,63 +46,63 @@ EXAMPLES = """
name: TestLocationEntry
"""
RETURN = """
RETURN = r"""
result:
description: The utm object that was created
returned: success
type: complex
contains:
_ref:
description: The reference name of the object
type: str
_locked:
description: Whether or not the object is currently locked
type: bool
_type:
description: The type of the object
type: str
name:
description: The name of the object
type: str
access_control:
description: Whether to use access control state
type: str
allowed_networks:
description: List of allowed network reference names
type: list
auth_profile:
description: The auth profile reference name
type: str
backend:
description: The backend reference name
type: str
be_path:
description: The backend path
type: str
comment:
description: The comment string
type: str
denied_networks:
description: The list of the denied network names
type: list
hot_standby:
description: Use hot standby
type: bool
path:
description: Path name
type: str
status:
description: Whether the object is active or not
type: bool
stickysession_id:
description: The identifier of the stickysession
type: str
stickysession_status:
description: Whether to use stickysession or not
type: bool
websocket_passthrough:
description: Whether websocket passthrough will be used or not
type: bool
description: The utm object that was created.
returned: success
type: complex
contains:
_ref:
description: The reference name of the object.
type: str
_locked:
description: Whether or not the object is currently locked.
type: bool
_type:
description: The type of the object.
type: str
name:
description: The name of the object.
type: str
access_control:
description: Whether to use access control state.
type: str
allowed_networks:
description: List of allowed network reference names.
type: list
auth_profile:
description: The auth profile reference name.
type: str
backend:
description: The backend reference name.
type: str
be_path:
description: The backend path.
type: str
comment:
description: The comment string.
type: str
denied_networks:
description: The list of the denied network names.
type: list
hot_standby:
description: Use hot standby.
type: bool
path:
description: Path name.
type: str
status:
description: Whether the object is active or not.
type: bool
stickysession_id:
description: The identifier of the stickysession.
type: str
stickysession_status:
description: Whether to use stickysession or not.
type: bool
websocket_passthrough:
description: Whether websocket passthrough will be used or not.
type: bool
"""
from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule