inwx / ansible-collection Goto Github PK

View Code? Open in Web Editor NEW

28.0 6.0 6.0 94 KB

Collection of modules, playbooks and roles for the INWX api.

Home Page: https://inwx.com

License: MIT License

Python 100.00%

inwx ansible domrobot dns ansible-galaxy ansible-module hacktoberfest internetworx

ansible-collection's People

Contributors

Stargazers

Watchers

Forkers

rbnis dragetd black-forest-software markuman qsolutionsde migu

ansible-collection's Issues

diff support

Ansible diff support would be awesome. So you can run in check_mode to see what will happen.

ap issue1.yml --check --diff

TASK [add record] ****************************************************************************************************************
--- before
+++ after
@@ -1,5 +1,5 @@
 record: test
-ttl: 300
+ttl: 60
 type: A
 domain: example.com

changed: [localhost]

add inwx to the official ansible-modules

To make it easier to use and find this module, it would be handy, if it was included in the official repository like cloudflare does.

dns_info module

inwx.collection.dns_info module to read our all existing records or single requested records from nameserver.

Could not find imported module support code

Hey ho,

Just tried your collection. without success. :)
I think it is an helpful collection, unfortunately not for me - at least for now.

Anyway, thanks for the ability to manage INWX DNS straight through Ansible!

--
I installed the collection with ansible-galaxy collection install inwx.collection

Playbook:

---
- hosts: localhost

  tasks:
    - name: Ensure A record 'test' exists
      inwx.collection.dns:
        domain: example.com
        type: TXT
        record: test
        value: 'hello world'
        username: user
        password: secret

Result:

TASK [Ensure A record 'test' exists] ********************************************************************************************************************************************************************************************************
task path: /opt/ansible/playbook/inwx_test.yml:6
Friday 22 October 2021  01:02:55 +0200 (0:00:00.027)       0:00:00.027 ********
fatal: [localhost]: FAILED! => {
    "msg": "Could not find imported module support code for inwx.collection.dns.  Looked for either probe_interpreters_for_module.py or respawn.py"
}

I am behind a proxy but setting the env changed nothing.

---
- hosts: localhost

  tasks:
    - name: Ensure A record 'test' exists
      inwx.collection.dns:
        domain: example.com
        type: TXT
        record: test
        value: 'hello world'
        username: user
        password: secret
      environment:
        http_proxy: "{{ http_proxy }}"
        https_proxy: "{{ https_proxy }}"

System:

NAME="Red Hat Enterprise Linux"
VERSION="8.4 (Ootpa)"
ID="rhel"
ID_LIKE="fedora"
VERSION_ID="8.4"
PLATFORM_ID="platform:el8"
PRETTY_NAME="Red Hat Enterprise Linux 8.4 (Ootpa)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:redhat:enterprise_linux:8.4:GA"
HOME_URL="https://www.redhat.com/"
DOCUMENTATION_URL="https://access.redhat.com/documentation/red_hat_enterprise_linux/8/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"

REDHAT_BUGZILLA_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_BUGZILLA_PRODUCT_VERSION=8.4
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux"
REDHAT_SUPPORT_PRODUCT_VERSION="8.4"

Ansible:

ansible 2.9.27
  config file = /opt/ansible/ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.6/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.6.8 (default, Aug 12 2021, 07:06:15) [GCC 8.4.1 20200928 (Red Hat 8.4.1-1)]

If you need any more information - i will try to provide them.

Thanks in advice.

Using the module causes systemd WALL messages

I have a very strange behavior. Every time the module is run, Ansible/python3 uses SystemD to print out the message as a WALL message, i.e. it gets printed into every console of every logged in user.

It is probably some Ansible mechanism, but I am unable to find anything on the internet that describes this behavior. Maybe anyone else is experiencing this and can tell me, why it happens?

If not, I will close this issue again.

Broadcast message from systemd-journald@evo (Wed 2021-05-12 22:10:14 CEST):

python3[3172258]: ansible-inwx.collection.dns Invoked with domain=x.de type=MX record= state=present priority=0 value=x.uberspace.de ttl=900 username=x password=NOT_LOGGING_PARAMETER api_env=live solo=False weight=1 algorithm=None flag=None tag=None cert_usage=None hash_type=None regex=None port=None selector=None service=None substitution=None

Deleting record not working?

Hi,

I'm using the latest inwx module (1.3.0) from Ansible galaxy but seems deleting records is not working?

A sample playbook:

- hosts: localhost
  vars:
    domains:
      - domain1:
        tld: "my.domain.com"

  tasks:
    - name: delete acme challenge dns
      inwx.collection.dns:
        domain: "{{ item.tld }}"
        type: TXT  
        record: "_acme_challenge"
        username: "username"
        value: "removed"
        password: 'somepass'
        state: absent
      loop: "{{ domains | flatten(levels=1) }}"

If the parameter does not specify value, the module will return a

 "result": {
        "api_response": {
            "code": 2005,
            "msg": "Parameter value syntax error",
            "reason": "The given parameter value for 'content' does not match the expected parameter type 'text1024'",
            "reasonCode": "The given parameter value for 'content' does not match the expected parameter type 'text1024'"
        }
    }

which does not match what the documentation said - when state is absent it should not need a value.

But even with value defined, it returns changed = False and the TXT records are not deleted. Also tried record: "_acme_challenge.my.domain.com" but still the records are not deleted.

Add support for 2FA

Hello,

I currently use 2FA for my account and would prefer to not disable it.
Unfortunatly 2FA is currently unsupported, as stated here: https://github.com/inwx/ansible-collection/blob/master/plugins/modules/dns.py#L27

Are there any plans to support this in the near future?

Also, I'm happy to help out with this if you like.

type SRV api failed

I try this task:

…
  tasks:
    - name: Manage DNS on INWX
      inwx.collection.dns:
        username: "{{ inxw_username }}"
        password: "{{ inwx_password }}"
        domain: waima.nu
        record: _mumble._tcp
        type: SRV
        value: mumble.lxc.waima.nu
        port: 64738
        priority: 10
        weight: 10
        state:    "{{ item.state    | default('present') }}"
      loop: "{{ waimanu_domains }}"
      when: waimanu_domains is defined

And have this responce:

failed: [localhost] (
  item={'domain': 'waima.nu', 'record': '_mumble._tcp', 'type': 'SRV', 'value': 'mumble.lxc.waima.nu', 'priority': '10', 'weight': '10', 'port': '64738'}
) => {
  "ansible_loop_var": "item", "changed": false, "item": {
    "domain": "waima.nu", "port": "64738", "priority": "10", "record": "_mumble._tcp", "type": "SRV", "value": "mumble.lxc.waima.nu", "weight": "10"
  }, "msg": "API error.", "result": {
    "api_response": {
      "code": 2005, "details": [{
        "code": "PARAM_INVALID", "location": "request.content", "locationValue": "1 None mumble.lxc.waima.nu", "msg": "The parameter '' is invalid"
      }], "msg": "Parameter value syntax error"
    }
  }
}

I think here handle the api this wrong, also i have no idea what.

Feature request: Multiple values

Hello,

I would like to be able to define a record with multiple values, e.g. an "A" record with multiple IP addresses.

I know this means multiple records in the nameserver and I could use a loop in Ansible to create those records.
However, doing it that way means I can't use the "solo" option because it would leave only a single record.

Therefore it would be helpful if the INWX module allowed to define a list of values.
For example:

    - name: Create multiple A records
      inwx.collection.dns:
        domain: example.com
        record: test
        solo: true
        type: A
        value:
          - 1.1.1.1
          - 2.2.2.2

I would expect this to create two A records for test.example.com with values 1.1.1.1 and 2.2.2.2, and remove all other A records for test.example.com.

Support for API keys

Currently, inwx.collection.dns requires the username and password and a deactivated 2FA to work. These credentials are however also used to:

Buy/sell/cancel/transfer new domains
View previous invoices
View invoice addresses
(de)activate DNSSEC
Transfer money from the account
Buy/renew TLS certificates
Enable 2FA to lock out the original user from the account
... and many more things

Those are all things I'd usually not want to do with the inwx.collection.dns ansible module.

The solution is support API keys, just like they are supported by other companies offering similar solutions. The workflow would be:

Generate an API key in the inwx.de webfrontend
Set fine-grained permissions to what the API key can and cannot do
Add the API key to the ansible-vault to be used there
Use the API key non-interactively for the use case

Documented TTL limits do not match API

ansible-collection/plugins/modules/dns.py

Line 150 in 8fb57af

- Must be between 3600 and 2,147,483,647 seconds.

Did not find it in the API documentation (https://www.inwx.de/de/help/apidoc/f/ch02s13.html#nameserver.createRecord), but the API says that only values between 300 and 864000 are valid.

Also, the linked API doc uses a default of 3600. Maybe the Ansible module should also default to this?

PR to discuss incoming. :)

Can't install with ansible-galaxy collection

I tried several things:

ansible-galaxy collection instal inwx.collection
ansible-galazy collection install https://github.com/inwx/ansible-collection
ansible-galaxy collection install https://github.com/inwx/ansible-collection/archive/master.tar.gz

The last one I think were closest to success but fails with "does not contain the required file MANIFEST.json"

Galaxy URL in README is no longer optimal

Due to the Ansible Galaxy codebase change, https://galaxy.ansible.com/inwx/collection now points to a 404 page which contains search results (with the inwx.collection URL). Better change the URL in the README to https://galaxy.ansible.com/ui/repo/published/inwx/collection/.

Ref: ansible-collections/news-for-maintainers#59

inwx.collection.session results always in 2200 Authentication error

- debug:
    var: VENDOR.inwx.username

- debug:
    var: VENDOR.inwx.password

- debug:
    var: VENDOR.inwx.shared_secret

- name: INWX | Retrieve session for account with two factor authentication
  inwx.collection.session:
    username: "{{ VENDOR.inwx.username }}"
    password: "{{ VENDOR.inwx.password }}"
    shared_secret: "{{ VENDOR.inwx.shared_secret }}"
  register: temp_session_output

with vars

    VENDOR:
      inwx:
        username: "{{ lookup('markuman.nextcloud.passwords', 'inwx') }}"
        password: markusbergholz
        shared_secret: "{{lookup('community.general.keyring', 'totp inwx') }}"

the values are correct. I can login with it, but not with the ansible module.
are there any changes in the api?