peter.babic
/
ansible-role-nginx
Archived
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
36 Commits
1 Branch
50 Tags
4.6 MiB
 
Tag: Branch: Tree: b5d4acb7db
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b5d4acb7db'
${ noResults }
ansible-role-nginx/riak/library/ufw

100 lines
2.5 KiB
Raw Blame History

#!/usr/bin/python
# -*- coding: utf-8 -*-
# (c) 2013, James Martin <jmartin@basho.com>
#
# This file is part of Ansible
#
# Ansible is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# Ansible is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
#
DOCUMENTATION = '''
---
module: uffw
short_description: This module handles some basic ubuntu ufw operations
description:
- This module handles some basic ubuntu ufw operations
version_added: "1.2"
options:
allow:
description:
- The application you want to allow. Must have a ufw app definiation already defined.
required: false
default: OpenSSH
aliases: []
enable:
description:
- Enable the firewall
required: false
default: False
aliases: []
'''
def main():
ansible_facts = {}
arg_spec = dict(
allow=dict( default='OpenSSH'),
enable=dict(default=False, type='bool')
)
result = {}
module = AnsibleModule(argument_spec=arg_spec)
enable = module.params.get('enable')
app = module.params.get('allow')
#we always need ssh for ansible
rc, out, err = module.run_command("ufw allow OpenSSH")
if rc == 1:
module.fail_json(msg=out + err)
rc, out, err = module.run_command("ufw allow %s" % app)
if rc == 1:
module.fail_json(msg=out + err)
if out.find('Skipping') != -1:
result['changed'] = False
else:
result['changed'] = True
result['output'] = out
rc, out, err = module.run_command("ufw status|grep Status|cut -f2 -d ' '")
out=out.strip()
result['status'] = out
if rc == 1:
module.fail_json(msg=out + err)
if out == 'inactive' and enable == True:
rc, out, err = module.run_command("ufw -f enable")
result['changed'] = True
if out == 'active' and enable == False:
rc, out, err = module.run_command("ufw disable")
result['changed'] = True
result['status'] = out
module.exit_json(**result)
# this is magic, see lib/ansible/module_common.py
#<<INCLUDE_ANSIBLE_MODULE_COMMON>>
main()