Server IP : 85.214.239.14 / Your IP : 52.14.121.12 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /lib/python3/dist-packages/ansible_collections/cisco/ios/plugins/modules/ |
Upload File : |
#!/usr/bin/python # # This file is part of Ansible # # Ansible is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # Ansible is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Ansible. If not, see <http://www.gnu.org/licenses/>. # from __future__ import absolute_import, division, print_function __metaclass__ = type DOCUMENTATION = """ module: ios_ntp extends_documentation_fragment: - cisco.ios.ios short_description: (deprecated, removed after 2024-01-01) Manages core NTP configuration. description: - Manages core NTP configuration. version_added: 1.0.0 deprecated: alternative: ios_ntp_global why: Updated module released with more functionality. removed_at_date: "2024-01-01" author: - Federico Olivieri (@Federico87) - Joanie Sylvain (@JoanieAda) options: server: description: - Network address of NTP server. type: str source_int: description: - Source interface for NTP packets. type: str acl: description: - ACL for peer/server access restricition. type: str logging: description: - Enable NTP logs. Data type boolean. type: bool default: false auth: description: - Enable NTP authentication. Data type boolean. type: bool default: false auth_key: description: - md5 NTP authentication key of tye 7. type: str key_id: description: - auth_key id. Data type string type: str state: description: - Manage the state of the resource. default: present choices: - present - absent type: str vrf: description: - VRF configuration for NTP servers type: str """ EXAMPLES = """ # Set new NTP server and source interface - name: Example ntp play cisco.ios.ios_ntp: server: 10.0.255.10 source_int: Loopback0 logging: false state: present # Remove NTP ACL and logging - name: Example ntp play absent cisco.ios.ios_ntp: acl: NTP_ACL logging: true state: absent # Set NTP authentication - name: Example ntp play auth cisco.ios.ios_ntp: key_id: 10 auth_key: 15435A030726242723273C21181319000A auth: true state: present # Set new NTP configuration - name: Example ntp play auth cisco.ios.ios_ntp: server: 10.0.255.10 source_int: Loopback0 acl: NTP_ACL logging: true vrf: mgmt key_id: 10 auth_key: 15435A030726242723273C21181319000A auth: true state: present """ RETURN = """ commands: description: command sent to the device returned: always type: list sample: ["no ntp server 10.0.255.10", "no ntp source Loopback0"] """ import re from ansible.module_utils.basic import AnsibleModule from ansible_collections.cisco.ios.plugins.module_utils.network.ios.ios import ( get_config, load_config, ) def parse_server(line, dest): if dest == "server": vrf, server = None, None match = re.search( "(ntp\\sserver\\s)(vrf\\s\\w+\\s)?(\\d+\\.\\d+\\.\\d+\\.\\d+)", line, re.M, ) if match and match.group(2) and match.group(3): vrf = match.group(2) server = match.group(3) return vrf, server if match and match.group(3): server = match.group(3) return vrf, server def parse_source_int(line, dest): if dest == "source": match = re.search("(ntp\\ssource\\s)(\\S+)", line, re.M) if match: source = match.group(2) return source def parse_acl(line, dest): if dest == "access-group": match = re.search("ntp\\saccess-group\\s(?:peer|serve)(?:\\s+)(\\S+)", line, re.M) if match: acl = match.group(1) return acl def parse_logging(line, dest): if dest == "logging": logging = dest return logging def parse_auth_key(line, dest): if dest == "authentication-key": match = re.search("(ntp\\sauthentication-key\\s\\d+\\smd5\\s)(\\w+)", line, re.M) if match: auth_key = match.group(2) return auth_key def parse_key_id(line, dest): if dest == "trusted-key": match = re.search("(ntp\\strusted-key\\s)(\\d+)", line, re.M) if match: auth_key = match.group(2) return auth_key def parse_auth(dest): if dest == "authenticate": return dest def map_config_to_obj(module): obj_dict = dict() obj = list() server_list = list() config = get_config(module, flags=["| include ntp"]) for line in config.splitlines(): match = re.search("ntp\\s(\\S+)", line, re.M) if match: dest = match.group(1) server = parse_server(line, dest) source_int = parse_source_int(line, dest) acl = parse_acl(line, dest) logging = parse_logging(line, dest) auth = parse_auth(dest) auth_key = parse_auth_key(line, dest) key_id = parse_key_id(line, dest) if server: if server[0] is None: server_list.append((server[0], server[1])) else: server_list.append((server[0].split()[1], server[1])) if source_int: obj_dict["source_int"] = source_int if acl: obj_dict["acl"] = acl if logging: obj_dict["logging"] = True if auth: obj_dict["auth"] = True if auth_key: obj_dict["auth_key"] = auth_key if key_id: obj_dict["key_id"] = key_id obj_dict["server"] = server_list obj.append(obj_dict) return obj def map_params_to_obj(module): obj = list() obj.append( { "state": module.params["state"], "server": module.params["server"], "source_int": module.params["source_int"], "logging": module.params["logging"], "acl": module.params["acl"], "auth": module.params["auth"], "auth_key": module.params["auth_key"], "key_id": module.params["key_id"], "vrf": module.params["vrf"], }, ) return obj def map_obj_to_commands(want, have, module): commands = list() server_have = have[0].get("server", None) source_int_have = have[0].get("source_int", None) acl_have = have[0].get("acl", None) logging_have = have[0].get("logging", None) auth_have = have[0].get("auth", None) auth_key_have = have[0].get("auth_key", None) key_id_have = have[0].get("key_id", None) for w in want: server = w["server"] source_int = w["source_int"] acl = w["acl"] logging = w["logging"] state = w["state"] auth = w["auth"] auth_key = w["auth_key"] key_id = w["key_id"] vrf = w["vrf"] if vrf == "": vrf = None if state == "absent": if server_have and (vrf, server) in server_have: if vrf is not None: commands.append("no ntp server vrf {0} {1}".format(vrf, server)) else: commands.append("no ntp server {0}".format(server)) if source_int and source_int_have: commands.append("no ntp source {0}".format(source_int)) if acl and acl_have: commands.append("no ntp access-group peer {0}".format(acl)) if logging is True and logging_have: commands.append("no ntp logging") if auth is True and auth_have: commands.append("no ntp authenticate") if key_id and key_id_have: commands.append("no ntp trusted-key {0}".format(key_id)) if auth_key and auth_key_have: if key_id and key_id_have: commands.append( "no ntp authentication-key {0} md5 {1} 7".format(key_id, auth_key), ) elif state == "present": if server is not None and (vrf, server) not in server_have: if vrf is not None: commands.append("ntp server vrf {0} {1}".format(vrf, server)) else: commands.append("ntp server {0}".format(server)) if source_int is not None and source_int != source_int_have: commands.append("ntp source {0}".format(source_int)) if acl is not None and acl != acl_have: commands.append("ntp access-group peer {0}".format(acl)) if logging is not None and logging != logging_have and logging is not False: commands.append("ntp logging") if auth is not None and auth != auth_have and auth is not False: commands.append("ntp authenticate") if key_id is not None and key_id != key_id_have: commands.append("ntp trusted-key {0}".format(key_id)) if auth_key is not None and auth_key != auth_key_have: if key_id is not None: commands.append("ntp authentication-key {0} md5 {1} 7".format(key_id, auth_key)) return commands def main(): argument_spec = dict( server=dict(), source_int=dict(), acl=dict(), logging=dict(type="bool", default=False), auth=dict(type="bool", default=False), auth_key=dict(no_log=True), key_id=dict(), state=dict(choices=["absent", "present"], default="present"), vrf=dict(), ) module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=True) result = {"changed": False} warnings = list() if warnings: result["warnings"] = warnings want = map_params_to_obj(module) have = map_config_to_obj(module) commands = map_obj_to_commands(want, have, module) result["commands"] = commands if commands: if not module.check_mode: load_config(module, commands) result["changed"] = True module.exit_json(**result) if __name__ == "__main__": main()