cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
26405 commits 47 branches 390 tags 440 MiB
Commit graph

13020 commits

Author SHA1 Message Date
Michael Scherer
5d2063aa38 Remove the +x from crypttab and cronvar (#2039) 
While this change nothing, it is better to enforce consistency
 2016-12-08 11:34:06 -05:00
Michael Scherer
d79c427722 Set api_key as no_log, since that's likely something that should be kept private (#2038) 2016-12-08 11:34:06 -05:00
Fernando José Pando
94c5e16fe3 Add SQS queue policy attachment functionality (#1716) 
* Add SQS queue policy attachment functionality

SQS queue has no attribute 'Policy' until one is attached, so this special
case must be handled uniquely

SQS queue Policy can now be passed in as json
 2016-12-08 11:34:06 -05:00
Michael Scherer
ad54180d17 Do not use a default value for -n parameter, fix #1400 (#1417) 2016-12-08 11:34:06 -05:00
Michael Scherer
a7b843ca80 Use type=path for pem_file, since that's a file (#1934) 2016-12-08 11:34:06 -05:00
Evgeni Golov
3bbef8dc24 fix handling of config options that share the same prefix 
container_config:
      - "lxc.network.ipv4.gateway=auto"
      - "lxc.network.ipv4=192.0.2.1"

might try to override lxc.network.ipv4.gateway in the second entry as both
start with "lxc.network.ipv4".
use a regular expression to find a line that contains (optional) whitespace
and an = after the key.

Signed-off-by: Evgeni Golov <evgeni@golov.de>
 2016-12-08 11:34:06 -05:00
Evgeni Golov
317ca77193 strip whitespace from key and value before inserting it into the config 
before the following would produce four entries:

    container_config:
      - "lxc.network.flags=up"
      - "lxc.network.flags =up"
      - "lxc.network.flags= up"
      - "lxc.network.flags = up"

let's strip the whitespace and insert only one "lxc.network.flags = up"
into the final config

Signed-off-by: Evgeni Golov <evgeni@golov.de>
 2016-12-08 11:34:06 -05:00
Michael Scherer
b4c3d32366 Mark conf_file as a path, for various user expansion 2016-12-08 11:34:06 -05:00
Christopher M. Fuhrman
310b7ce3d8 pkgin: Fix bad regexp which did not catch packages such as p5-SVN-Notify 
The previous version of my regexp did not take into account packages
such as 'p5-Perl-Tidy' or 'p5-Test-Output', so use a greedy match up to
the last occurrance of '-' for matching the package.  This regex has
been extensively tested using all packages as provided by pkgsrc-2016Q1[1].

Footnotes:
[1]  http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/?only_with_tag=pkgsrc-2016Q1
 2016-12-08 11:34:06 -05:00
Michael Scherer
7c19002f34 Fix arguments for pushover module 
Since user_key and app_token are used for authentication, I
suspect both of them should be kept secret.

According to the API manual, https://pushover.net/api
priority go from -2 to 2, so the argument should be constrained.
 2016-12-08 11:34:06 -05:00
Ricardo Carrillo Cruz
eda5e2f571 Add os_project_facts module 
This module gathers facts about OpenStack projects
 2016-12-08 11:34:05 -05:00
Jasper Lievisse Adriaanse
0fb01e45fb Sprinkle some LANG/LC_* where command output is parsed (#2019) 2016-12-08 11:34:05 -05:00
Jasper Lievisse Adriaanse
8913f1a11d Tweak and extend the pkgin module 
- make path to pkgin a global and stop passing it around; it's not going
  to change while ansible is running
- add support for several new options:
  * upgrade
  * full_upgrade
  * force
  * clean
- allow for update_cache to be run in the same task as upgrading/installing
  packages instead of needing a separate task for that
 2016-12-08 11:34:05 -05:00
Jens Carl
cf804fb0b8 Fix code example (#2018) 2016-12-08 11:34:05 -05:00
Werner Dijkerman
1bcc43ca4e New module for creating gitlab projects (#968) 2016-12-08 11:34:05 -05:00
Werner Dijkerman
37b7c1d0cd New module for creating gitlab groups (#967) 2016-12-08 11:34:05 -05:00
Werner Dijkerman
22c62debb5 New module for creating gitlab users (#966) 2016-12-08 11:34:05 -05:00
René Moser
5197654437 cloudstack, cs_firewall: fix network not found error in return results (#2006) 
Only a small issue in results.

In case of type is ingress, we rely on ip address, but in results we also return the network.
Resolving the ip address works without zone params. If the ip address is not located in the default zone and zone param is not set,
the network won't be found because default zone was used for the network query listing.

However since network param is not used for type ingress we skip the return of the network in results.
 2016-12-08 11:34:05 -05:00
René Moser
d7e8dd22df cloudstack: cs_instance: fix template not found (#2005) 
Let users decide which filter should be used to find the template.
 2016-12-08 11:34:05 -05:00
Rene Moser
b5e4edd9f9 cloudstack: cs_template: fix state=extracted 
* url arg is optional but we enforced it
* url is in a required together, but args only relevant while registering
 2016-12-08 11:34:05 -05:00
Rene Moser
1b99ae4ac1 cloudstack: fix doc, display_text not required 2016-12-08 11:34:05 -05:00
Rene Moser
871f586378 cloudstack: cs_template: fix cross_zones template removal 2016-12-08 11:34:05 -05:00
David Shrewsbury
b928ffb5ac New OpenStack module os_port_facts (#1986) 2016-12-08 11:34:05 -05:00
Michael Scherer
1d1fba5476 Mark token as no_log, since that's used for auth (#2011) 2016-12-08 11:34:05 -05:00
Andrea Scarpino
b4064a352e The enable parameter is a boolean, then convert to a boolean. (#1607) 
At the moment, this only works when 'enable' is equals to 'yes' or 'no'.

While I'm on it, I also fixed a typo in the example and added a required
parameter.
 2016-12-08 11:34:05 -05:00
Kamil Szczygieł
26fe35fd0c VMware datacenter module shouldn't hold pyvmomi context in Ansible module object (#1568) 
* VMware datacenter module rewritten to don't hold pyvmomi context and objects in Ansible module object

fixed exceptions handling

added datacenter destroy result, moved checks

changed wrong value

wrong value again... need some sleep

* check_mode fixes

* state defaults to present, default changed to true

* module check fixes
 2016-12-08 11:34:04 -05:00
Michael Scherer
e986aad9aa Remove dead code (#1303) 
The review on https://github.com/ansible/ansible-modules-extras/pull/1303
show the problem was already fixed, so we just need to remove the
code.
 2016-12-08 11:34:04 -05:00
stoned
6a77e62df4 cpanm: search both its stderr and its stdout for the message 'is up t… 
Note that since cpanm version 1.6926 its messages are sent to stdout
when previously they were sent to stderr.

Also there is no need to initialize out_cpanm and err_cpanm and
check for their truthiness as module.run_command() and str.find()
take care of that.
 2016-12-08 11:34:04 -05:00
Evgeni Golov
ab07c9c7e8 do not set LXC default config 
this was accidentally re-introduced in 7120fb4b

Signed-off-by: Evgeni Golov <evgeni@golov.de>
 2016-12-08 11:34:04 -05:00
Ricardo Carrillo Cruz
079a7dc490 Add os_user_facts module 
This module gather facts about one or more OpenStack users
 2016-12-08 11:34:04 -05:00
Ricardo Carrillo Cruz
aba0597e45 Add os_keystone_domain_facts module 
This module gathers one or more OpenStack domains facts
 2016-12-08 11:34:04 -05:00
Matt Hite
a0b483746e Fixes issue #1992 -- fixes issue adding and deleting pools (#1994) 2016-12-08 11:34:04 -05:00
Michael Scherer
7a704ac600 Auth_toekn is a secret, shouldn't be logged (#1999) 2016-12-08 11:34:04 -05:00
Joerg Fiedler
518b03d73f add chroot flag to pkgng in order to allow installation of packages into chroot environments, e.g. jails (#1218) 2016-12-08 11:34:04 -05:00
Him You Ten
87ce503767 added stdout and stderr outputs (#1900) 
* added stdout and stderr outputs

Added stdout and stderr outputs of the results from composer as the current msg output strips \n so very hard to read when debugging

* using stdout for fail_json

using stdout for fail_json so we get the stdout_lines array
 2016-12-08 11:34:04 -05:00
Matt Hite
d2d4001dc5 New preserve_node parameter to skip unreferenced node removal 2016-12-08 11:34:04 -05:00
kubilus1
bcfab26d78 Unchecked index causes IndexError. 2016-12-08 11:34:04 -05:00
Jasper Lievisse Adriaanse
3a319b9a84 support for 'update_cache' in pkgin module 2016-12-08 11:34:04 -05:00
Michael Scherer
971b570b67 Do not leak passwords in case of error in cloudstack modules 2016-12-08 11:34:04 -05:00
Jonathan Mainguy
4b948af706 Enable stdout and stderr on sucessful runs, making show_diff useable 
omit color symbols as ansible makes them illegible
 2016-12-08 11:34:04 -05:00
Brian Beggs
75b172c706 hipchat api v2 rooms are now url escaped 2016-12-08 11:34:04 -05:00
Aaron Brady
7e1a538b93 Add to_destination parameter 2016-12-08 11:34:04 -05:00
Vlad Gusev
317fe95be0 system/puppet: add --tags parameter (#1916) 
* system/puppet: add --tags parameter

--tags [1] is used to apply a part of the node’s catalog.

In puppet:
puppet agent --tags update,monitoring

In ansible:
puppet: tags=update,monitoring

[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#restricting-catalog-runs

* Add example of tag usage.

* system/puppet: add list type for a tags dict.
 2016-12-08 11:34:03 -05:00
Michael Scherer
817335ae0d Client_secret is supposed to be kept secret, so mark it as no_log (#1995) 2016-12-08 11:34:03 -05:00
nitzmahone
bd3172b2e8 win_updates fix to use documented InstanceGuid property name 2016-12-08 11:34:03 -05:00
nitzmahone
e20eac089f win_updates shouldn't install hidden updates 2016-12-08 11:34:03 -05:00
Michael Scherer
e7e1a8bfea Avoid token leak by marking it as sensitive with no_log (#1966) 2016-12-08 11:34:03 -05:00
Michael Scherer
ed69d8335e Properly label path argument with type='path' (#1940) 2016-12-08 11:34:03 -05:00
Michael Scherer
b8706a1f95 Do not leak mail password by error 2016-12-08 11:34:03 -05:00
Michael Scherer
0dd3296ddd Mark password as 'no_log', to avoid leaking it 2016-12-08 11:34:03 -05:00
Rob
b93fda8573 Updated Amazon module guidelines regarding boto3 
* Updated Amazon module guidelines regarding boto3

* Spelling correction
 2016-12-08 11:34:03 -05:00
Andy Baker
c0d281e290 type should be 'list' not the default of 'string' 2016-12-08 11:34:03 -05:00
Evgeni Golov
1847f19e41 don't create world-readable archives of LXC containers 
with the default umask tar will create a world-readable archive of the

container, which may contain sensitive data

Signed-off-by: Evgeni Golov <evgeni@golov.de>
 2016-12-08 11:34:03 -05:00
Michael Scherer
3b79c1621b Prevent password leaks in notification/irc 2016-12-08 11:34:03 -05:00
Michael Scherer
67b2623e92 Use no_log=True for campfire module to avoid leaks 2016-12-08 11:34:03 -05:00
Michael Scherer
f2bf444395 Set no log for jabber.py password 2016-12-08 11:34:03 -05:00
Evgeni Golov
16b2d85d34 do not use a predictable filenames in the LXC plugin 
* do not use a predictable filename for the LXC attach script

* don't use predictable filenames for LXC attach script logging

* don't set a predictable archive_path

this should prevent symlink attacks which could result in

* data corruption

* data leakage

* privilege escalation
 2016-12-08 11:34:03 -05:00
Michael Scherer
f47a756c46 Add proper type to cpanm arguments 
from_path, locallib, executable should be path to benefits
from path expansion for ~user.
 2016-12-08 11:34:03 -05:00
Chulki Lee
432a9a31ca osx_defaults: fix datetime 
Fix #1742
 2016-12-08 11:34:02 -05:00
Matt Martz
c8bd27f1e8 Rebase PRs against $TRAVIS_BRANCH before performing tests 2016-12-08 11:34:02 -05:00
mo@oclab.net
20fd04b9e7 firewalld: fixes documentation 
- removes warning, aligning to existing documentation
- adds version
 2016-12-08 11:34:02 -05:00
mo@oclab.net
8b2d484032 firewalld: add/remove interfaces to/from zones 2016-12-08 11:34:02 -05:00
David Hocky
aabd6390d4 fix dscp marking documentation in iptables module 2016-12-08 11:34:02 -05:00
Evgeni Golov
88d8820f1b explicitly set "default: null" in the docs 2016-12-08 11:34:02 -05:00
Evgeni Golov
e1846d2e4b do not set a default config for lxc containers 
otherwise deploying user-containers fail as these require information
from ~/.config/lxc/default.conf that the LXC tools will load if no
--config was supplied

Signed-off-by: Evgeni Golov <evgeni@golov.de>
 2016-12-08 11:34:02 -05:00
Chris Porter
2b8b04638d fix security vulnerability in lxc module 
octal/decimal confusion makes file world-writable before executing it
 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
e3d8facc7f fixxed tests 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
c82d72e12a fixed problems related to userpricincipalname (user@domain) and undefined variables fixed variable capitalization 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
186197397c fixxed problem with match @ 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
9ba30d2cea only call set-acl if necessary 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
700ca56c61 as suggested by @marcind, convert to boolean 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
404483ea83 fixed documentation 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
de4a271dd0 added userprincipal support 2016-12-08 11:34:02 -05:00
Hans-Joachim Kliemeck
65d5658553 added separate module to change owner, since win_acl is ACL only and should not be more complex 2016-12-08 11:34:02 -05:00
Marcos Diez
1aec0a3ffb mongodb_user.py: changes on comments 2016-12-08 11:34:01 -05:00
Marcos Diez
37ba9a3fe1 mongodb_user: fix checking if the roles of an oplog reader user changed 2016-12-08 11:34:01 -05:00
Guillaume Dufour
dc83f2c6d7 use python fallback to avoid error on old mongo version without roles 2016-12-08 11:34:01 -05:00
Guillaume Dufour
467d9a8090 avoid problem with old mongo version without roles 2016-12-08 11:34:01 -05:00
Guillaume Dufour
b07e1c13f7 fix #1731 : mongodb_user always says changed 2016-12-08 11:34:01 -05:00
John Barker
d20b7ee6e6 restore version_added in dynamodb_table.py 2016-12-08 11:34:01 -05:00
Matt Hite
846a538648 Allow port 0 as a valid pool member port 2016-12-08 11:34:01 -05:00
Jason Witkowski
48931065e5 The current module supporting F5 BIGIP pool creation does not support a setup where the port number must be zero to signify the pool will listen on multiple ports. This change implements that functionality and fixes an illogical conditional. 2016-12-08 11:34:01 -05:00
Michael Scherer
a21ab5b990 Use type='path' for reposdir, since that's a path 2016-12-08 11:34:01 -05:00
Rene Moser
051b11b983 openstack: doc: add return doc, fixes build 2016-12-08 11:34:01 -05:00
Paul Seiffert
48223fd268 Allow Datadog metric alerts to define multiple thresholds 2016-12-08 11:34:01 -05:00
David Shrewsbury
33d3616bab Add OpenStack os_user_role module 2016-12-08 11:34:01 -05:00
Michael Scherer
dc94ce72c7 Use boolean instead of "yes" + choice for most option 
This enable a more standard behavior with others modules
 2016-12-08 11:34:01 -05:00
Michael Scherer
2a0c9bb3a2 Use type 'path' for rootdir, for pkgng 2016-12-08 11:34:01 -05:00
Michael Gruener
bdeb5af740 cloudflare_dns: Cosmetic cleanup 2016-12-08 11:34:01 -05:00
Michael Gruener
90503c9f2a cloudflare_dns: normalize return value and docs 2016-12-08 11:34:00 -05:00
Michael Gruener
95f270089b cloudflare_dns: Cleanup record update handling 2016-12-08 11:34:00 -05:00
Michael Gruener
78640328cb cloudflare_dns: Allow CNAME content updates 2016-12-08 11:34:00 -05:00
Michael Gruener
41ed47d66e cloudflare_dns: Fix solo SRV record creation 2016-12-08 11:34:00 -05:00
Michael Gruener
85d41db922 cloudflare_dns: Fix SRV record idempotency 2016-12-08 11:34:00 -05:00
Pavel Sychev
594c9ff217 Added version restriction for uid_owner and reject_with. 2016-12-08 11:34:00 -05:00
Pavel Sychev
0c888bd19f Added docs for reject_with and uid_owner. 2016-12-08 11:34:00 -05:00
Pavel Sychev
30bd75e3ae Added reject_with and uid_owner support. 2016-12-08 11:34:00 -05:00
Julien Recurt
5d68e4fe06 Add option to use ZabbixApi via auth basic protection 2016-12-08 11:34:00 -05:00
Linus Unnebäck
5f9d5c1403 make: move down ansible import 2016-12-08 11:34:00 -05:00
Linus Unnebäck
e79e024016 make: add empty return docs 2016-12-08 11:34:00 -05:00