Support the ssl_cert_reqs directive (#1122)
This commit is contained in:
Lujeni
Adrian Likins
parent
b13b954085
commit
e032aeaedd
1 changed files with 15 additions and 2 deletions
|
|
@ -79,6 +79,13 @@ options:
|
||||||
description:
|
description:
|
||||||
- Whether to use an SSL connection when connecting to the database
|
- Whether to use an SSL connection when connecting to the database
|
||||||
default: False
|
default: False
|
||||||
|
ssl_cert_reqs:
|
||||||
|
version_added: "2.2"
|
||||||
|
description:
|
||||||
|
- Specifies whether a certificate is required from the other side of the connection, and whether it will be validated if provided.
|
||||||
|
required: false
|
||||||
|
default: "CERT_REQUIRED"
|
||||||
|
choices: ["CERT_REQUIRED", "CERT_OPTIONAL", "CERT_NONE"]
|
||||||
roles:
|
roles:
|
||||||
version_added: "1.3"
|
version_added: "1.3"
|
||||||
description:
|
description:
|
||||||
|
|
@ -144,6 +151,7 @@ EXAMPLES = '''
|
||||||
|
|
||||||
'''
|
'''
|
||||||
|
|
||||||
|
import ssl as ssl_lib
|
||||||
import ConfigParser
|
import ConfigParser
|
||||||
from distutils.version import LooseVersion
|
from distutils.version import LooseVersion
|
||||||
try:
|
try:
|
||||||
|
|
@ -279,6 +287,7 @@ def main():
|
||||||
roles=dict(default=None, type='list'),
|
roles=dict(default=None, type='list'),
|
||||||
state=dict(default='present', choices=['absent', 'present']),
|
state=dict(default='present', choices=['absent', 'present']),
|
||||||
update_password=dict(default="always", choices=["always", "on_create"]),
|
update_password=dict(default="always", choices=["always", "on_create"]),
|
||||||
|
ssl_cert_reqs=dict(default='CERT_REQUIRED', choices=['CERT_NONE', 'CERT_OPTIONAL', 'CERT_REQUIRED']),
|
||||||
),
|
),
|
||||||
supports_check_mode=True
|
supports_check_mode=True
|
||||||
)
|
)
|
||||||
|
|
@ -297,15 +306,19 @@ def main():
|
||||||
user = module.params['name']
|
user = module.params['name']
|
||||||
password = module.params['password']
|
password = module.params['password']
|
||||||
ssl = module.params['ssl']
|
ssl = module.params['ssl']
|
||||||
|
ssl_cert_reqs = getattr(ssl_lib, module.params['ssl_cert_reqs'])
|
||||||
roles = module.params['roles']
|
roles = module.params['roles']
|
||||||
state = module.params['state']
|
state = module.params['state']
|
||||||
update_password = module.params['update_password']
|
update_password = module.params['update_password']
|
||||||
|
|
||||||
try:
|
try:
|
||||||
if replica_set:
|
if replica_set:
|
||||||
client = MongoClient(login_host, int(login_port), replicaset=replica_set, ssl=ssl)
|
client = MongoClient(login_host, int(login_port),
|
||||||
|
replicaset=replica_set, ssl=ssl,
|
||||||
|
ssl_cert_reqs=ssl_cert_reqs)
|
||||||
else:
|
else:
|
||||||
client = MongoClient(login_host, int(login_port), ssl=ssl)
|
client = MongoClient(login_host, int(login_port), ssl=ssl,
|
||||||
|
ssl_cert_reqs=ssl_cert_reqs)
|
||||||
|
|
||||||
if login_user is None and login_password is None:
|
if login_user is None and login_password is None:
|
||||||
mongocnf_creds = load_mongocnf()
|
mongocnf_creds = load_mongocnf()
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue