Commit graph

988 commits

Author SHA1 Message Date
Leo Antunes
d54905ecee Allow multiple keys per host + minor improvements (#716)
* known_hosts: clarify key format in documentation

Add a small clarification to the documentation about the format of the
"key" parameter.
Should make #664 less of a issue for newcomers.

* known_hosts: normalize key entry to simplify input

Keys are normalized before comparing input with present keys. This
should make it easier to deal with some corner cases, such as having a
hashed entry for some host and trying to add it as non-hashed.

* known_hosts: allow multiple entries per host

In order to support multiple key types and allow the installed ssh
version to decide which is more secure, the module now only overwrites
an existing entry in known_hosts if the provided key is of the same
type.
Old keys of different types must be explicitly removed. Setting
state to "absent" and providing no key will remove all entries for the
host.
2016-05-23 10:33:52 -04:00
Brian Coca
29be1310e1 add missing author info 2016-05-20 09:19:23 -04:00
Michael Scherer
c8864c3220 Use a python3 compatible notation for octal (#2238) 2016-05-17 10:33:12 -07:00
Daniel Vigueras
735c1b6219 Add insert support to iptables. (#1180)
Add insert support to iptables.
2016-05-16 16:25:52 -04:00
Adrian Likins
240afc0344 Merge pull request #2146 from ke3vin/interfacezone
Fix the interface handling code to allow immediate changes.  Also fixes switching an interface between zones.
2016-05-16 10:42:17 -04:00
Adrian Likins
ae6b3ac71d Merge pull request #2225 from rusaksoft/iptables-add-icmp-type
Iptables add icmp type
2016-05-16 10:38:26 -04:00
Dag Wieers
7618fd8749 Fix check-mode incorrectly returning changed (#2220)
The lvol module has a different logic in check-mode for knowing when a change is induced. And this logic is *only* based on a size check. However during a normal run, it is the lvreduce or lvextend tool that decides when a change is performed (or when the requested and existing sizes differ). So while in check-mode the module reports a change, in real run-mode it does not in fact changes anything an reports ok.

One solution would be to implement the exact size-comparison logic that is implemented in lvextend and lvreduce, but we opted to use the `--test` option to each command to verify if a change is induced or not. In effect both check-mode and run-mode use the exact same logic and conclusion.
2016-05-14 10:40:49 +02:00
Pavel Samokha
a0566037b4 iptables module - icmp-type better doc style 2016-05-13 17:14:44 +03:00
Pavel Samokha
7092118119 fix icmp-type 2016-05-13 16:49:58 +03:00
Pavel Samokha
747f6f6736 iptables module - add icmp_type 2016-05-13 15:52:49 +03:00
Yannig
bbd53572af New lvol option: shrink. (#2135)
If shrink is set to false and size is lower than current lv size, dont try to shrink logical volume.
2016-05-13 11:28:41 +02:00
Michael Scherer
557d37d3f1 Use type='path' rather than str, so path is expanded correctly 2016-05-08 11:33:54 +02:00
Kevin Hildebrand
9f2bc2853d Fix the interface handling code to allow permanent and non-permanent operations.
Also avoid using add_interface because it breaks in cases where the interface is already bound to a different zone.
2016-05-02 11:16:07 -04:00
Brian Coca
fbd00675f0 updated version added for pvs 2016-04-28 17:42:41 -04:00
Matt Davis
238af47a9d Merge pull request #2007 from p53/devel
Added pvs parameter to lvol module
2016-04-28 10:15:54 -07:00
Toshio Kuratomi
71d83b77bc Recategorize git_config and shift version to 2.1 2016-04-28 08:27:21 -07:00
Brian Coca
09a1015bd7 updated version added 2016-04-27 14:36:56 -04:00
Matthew
d91baee7c9 Add git_config module (#1945)
* Add git_config module

This module can be used for reading and writing git configuration at all
three scopes (local, global and system). It supports --diff and --check
out of the box.

This module is based off of the following gist:
https://gist.github.com/mgedmin/b38c74e2d25cb4f47908
I tidied it up and added support for the following:
- Reading values on top of writing them
- Reading and writing values at any scope
The original author is credited in the documentation for the module.

* Respond to review feedback

- Improve documentation by adding choices for parameters, requirements
  for module, and add missing description for scope parameter.
- Fail gracefully when git is not installed (followed example of puppet
  module).
- Remove trailing whitespace.

* Change repo parameter to type 'path'

This ensures that all paths are automatically expanded appropriately.

* Set locale to C before running commands to ensure consistent error messages

This is important to ensure error message parsing occurs correctly.

* Adjust comment
2016-04-27 14:36:11 -04:00
René Moser
344dff4350 docs: fix make docs (#2107) 2016-04-26 09:10:46 -04:00
Chris Lamb
8d7d070201 system/ufw.py: Add security warning re. removing ufw application prof…
It's not particularly obvious that removing an application will remove it
from ufw's own state, potentially leaving ports open on your box if you
upload your configuration.

Whilst this applies to a lot of things in Ansible, firewall rules might
cross some sort of line that justifies such a warning in his instance.

Signed-off-by: Chris Lamb <chris@chris-lamb.co.uk>
2016-04-23 08:01:19 +02:00
p53
706cbf69ca Add pvs parameter to documentation
Add pvs parameter to documentation
2016-04-19 19:31:23 +02:00
codehopper-uk
aa29a4fd9c Basic ability to set masquerade options from ansible, according to current code design/layout (mostly) (#2017)
* Support for masquerade settings

Ability to enable and disable masquerade settings from ansible via:
- firewalld: mapping=masquerade state=disabled permanent=true zone=dmz

Placeholder added (mapping) to support masquerade and port_forward
choices initially - port_forward not implemented yet.

* Permanent and Immediate zone handling differentiated

* Corrected naming abstraction for masquerading functionality

Removed mapping tag with port_forward choices - not applicable!

* Added version info for new masquerade option

Pull Request #2017 failing due to missing version info
2016-04-16 14:15:00 +02:00
Pavol Ipoth
14057da87c Removing, unwanted pull 2016-04-15 21:22:03 +02:00
Pavol Ipoth
e3ca2c7aeb Adding new ansible module lvol_cache 2016-04-15 21:14:21 +02:00
Pavol Ipoth
2be58bf100 Merge branch 'devel' of https://github.com/ansible/ansible-modules-extras into devel 2016-04-15 21:11:46 +02:00
Michael Scherer
ff74fc0072 Remove the +x from crypttab and cronvar (#2039)
While this change nothing, it is better to enforce consistency
2016-04-15 10:18:05 -04:00
Jasper Lievisse Adriaanse
2b8debbc2b Sprinkle some LANG/LC_* where command output is parsed (#2019) 2016-04-13 10:03:26 -04:00
Michael Scherer
2dbfdaa88b Remove dead code (#1303)
The review on https://github.com/ansible/ansible-modules-extras/pull/1303
show the problem was already fixed, so we just need to remove the
code.
2016-04-12 08:13:24 +02:00
Pavol Ipoth
7be55e188a Fixes #2008 Lvol module is not indempodent for cache lv's 2016-04-11 21:55:40 +02:00
Pavol Ipoth
ac9a48ad1e Added pvs parameter to lvol module 2016-04-11 20:18:14 +02:00
kubilus1
773d402eac Unchecked index causes IndexError. 2016-04-11 07:55:07 +02:00
Monty Taylor
38c8fec277 Merge pull request #1149 from Jmainguy/puppet_stdout
Enable stdout and stderr on sucessful runs, making show_diff useable
2016-04-10 08:43:39 -07:00
René Moser
fc79c8820e Merge pull request #1971 from insom/devel
Add `to_destination` parameter to iptables
2016-04-10 11:18:49 +02:00
Vlad Gusev
f1175693f6 system/puppet: add --tags parameter (#1916)
* system/puppet: add --tags parameter

--tags [1] is used to apply a part of the node’s catalog.

In puppet:
puppet agent --tags update,monitoring

In ansible:
puppet: tags=update,monitoring

[1] https://docs.puppetlabs.com/puppet/latest/reference/lang_tags.html#restricting-catalog-runs

* Add example of tag usage.

* system/puppet: add list type for a tags dict.
2016-04-10 11:14:48 +02:00
Aaron Brady
e2138c7e14 Add to_destination parameter 2016-04-06 11:30:59 +01:00
Chulki Lee
f3c168594a osx_defaults: fix datetime
Fix #1742
2016-04-01 20:45:33 -04:00
René Moser
daddc7caf4 Merge pull request #1478 from m0/firewalld_interface
Extends firewalld module with ability to add/remove interfaces to/from zones
2016-04-01 13:35:47 +02:00
David Hocky
031f98e86c fix dscp marking documentation in iptables module 2016-03-31 18:37:37 -04:00
René Moser
241dba1ee7 Merge pull request #1555 from LuckyGeck/devel
Added reject_with and uid_owner support to iptables module
2016-03-25 23:01:39 +01:00
Linus Unnebäck
7def4b01f5 make: move down ansible import 2016-03-25 12:42:45 +01:00
Linus Unnebäck
b328feccb1 make: add empty return docs 2016-03-25 12:18:58 +01:00
Linus Unnebäck
a0aef208b6 module: system/make 2016-03-24 20:28:29 +01:00
Pavel Sychev
eda178a988 Added version restriction for uid_owner and reject_with. 2016-03-23 13:46:50 +03:00
Pavel Sychev
c15dcf888b Added docs for reject_with and uid_owner. 2016-03-23 10:48:31 +03:00
Pavel Sychev
12890b14b2 Added reject_with and uid_owner support. 2016-03-23 10:46:53 +03:00
René Moser
0a65ddb3b1 Merge pull request #1641 from EmilienM/puppet/execute
system/puppet: allow to run puppet -e
2016-03-21 18:58:32 +01:00
Brian Coca
10e70b5f48 Merge pull request #1874 from mscherer/better_verif_alternatives
Add proper type to path and link
2016-03-19 17:01:40 -07:00
Michael Scherer
8c53e654f7 Add proper type to path and link
Since both of them are path, it should be checked using the
proper type.
2016-03-20 00:41:14 +01:00
Rene Moser
87599fd2ee osx_defaults: doc fix, add version_added for host agrument
See #1364
2016-03-19 13:17:43 +01:00
René Moser
4543d5838f Merge pull request #1364 from wincent/os-x-defaults-host
osx_defaults: add "host" attribute
2016-03-19 13:14:30 +01:00