Skip to content
This repository has been archived by the owner on May 14, 2020. It is now read-only.

Commit

Permalink
Adapt to 0.7.2 and allow to do GET/MONIT based on customer demands
Browse files Browse the repository at this point in the history
  • Loading branch information
@thomnico
thomnico committed Aug 30, 2017
1 parent de61b66 commit c9667f0
Show file tree
Hide file tree
Showing 2 changed files with 151 additions and 55 deletions.
184 changes: 131 additions & 53 deletions library/fortiosconfig.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,25 @@
# under the License.
#

#the lib use python logging can get it if the following is set in your Ansible config.
#log_path = /var/log/ansible.log in your conf..
# the lib use python logging can get it if the following is set in your
# Ansible config.
# log_path = /var/log/ansible.log in your conf..

from ansible.module_utils.basic import *
from fortiosapi import FortiOSAPI
import json
from argparse import Namespace
import logging
import requests
import sys
import pprint


DOCUMENTATION = '''
---
module: fortiosconfig
short_description: Module to configure all aspects of fortinet products using the REST API
short_description: Module to configure all aspects of \
fortinet products using the REST API
'''

EXAMPLES = '''
Expand All @@ -38,48 +50,42 @@
- name: Set static route on the fortigate
fortiosconfig:
action: "set"
host: "{{ host }}"
username: "{{ username}}"
password: "{{ password }}"
vdom: "{{ vdom }}"
host: "{{ host }}"
username: "{{ username}}"
password: "{{ password }}"
vdom: "{{ vdom }}"
config: "router static"
config_parameters:
seq-num: "8"
dst: "10.10.32.0 255.255.255.0"
device: "port2"
gateway: "192.168.40.252"
- name: Delete firewall address
- name: Delete firewall address
fortiosconfig:
config: "firewall address"
action: "delete"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
config_parameters:
wildcard-fqdn: "*.test.ansible.com"
name: "test-ansible"
type: "wildcard-fqdn"
'''
from ansible.module_utils.basic import *
import requests
from fortiosapi import FortiOSAPI
import sys
import json
import pprint
from argparse import Namespace
import logging

fos = FortiOSAPI()
formatter = logging.Formatter(
'%(asctime)s %(name)-12s %(levelname)-8s %(message)s')
logger = logging.getLogger('fortiosapi')
hdlr = logging.FileHandler('/var/tmp/ansible-fortiosconfig.log')
hdlr.setFormatter(formatter)
logger.addHandler(hdlr)
logger.addHandler(hdlr)
logger.setLevel(logging.DEBUG)

AVAILABLE_CONF=[ 'alertemail setting',
AVAILABLE_CONF = [
'system resource',
'alertemail setting',
'antivirus heuristic',
'antivirus profile',
'antivirus quarantine',
Expand Down Expand Up @@ -432,43 +438,60 @@
'wireless-controller wtp-group',
'wireless-controller wtp-profile']


def json2obj(data):
return json.loads(data, object_hook=lambda d: Namespace(**d))

def get( name, action=None, mkey=None, parameters=None):
return json.loads(fos.get('cmdb',name, action, mkey, parameters))

def get(name, action=None, mkey=None, parameters=None):
return json.loads(fos.get('cmdb', name, action, mkey, parameters))


def login(data):
host = data['host']
username = data['username']
fos.debug('off')
fos.login(host,username,'')
fos.debug('on')
fos.login(host, username, '')


def logout():
fos.logout()

def fortios_status(data):

login(data)

def fortios_status(data):
login(data)
resp = json.loads(fos.get('system', 'interface'))
fos.logout()
fos.logout()

# default: something went wrong
meta = {"status": resp['status'], 'response': resp['version']}
return False, False, meta


def fortigate_config_put(data):
host = data['host']
username = data['username']
password = data['password']
fos.login(host,username,password)
fos.login(host, username, password)

functions = data['config'].split()

resp = fos.put(functions[0], functions[1], vdom=data['vdom'], data=data['config_parameters'])
fos.logout()

meta = {"status": resp['status'],'reason': resp['reason'], 'version': resp['version'], }
schema = fos.schema(functions[0], functions[1])
dataconf = data['config_parameters']

mkey = None
if schema and ('mkey' in schema):
keyname = schema['mkey']
if dataconf and (keyname in dataconf):
mkey = dataconf[keyname]

resp = fos.put(functions[0], functions[1], vdom=data['vdom'],
mkey=mkey, data=data['config_parameters'])

fos.logout()

meta = {"status": resp['status'], 'reason': resp['reason'],
'version': resp['version'], }
if resp['status'] == "success":
return False, True, meta
else:
Expand All @@ -479,51 +502,104 @@ def fortigate_config_post(data):
host = data['host']
username = data['username']
password = data['password']
fos.login(host,username,password)
fos.login(host, username, password)

functions = data['config'].split()

resp = fos.post(functions[0], functions[1], vdom=data['vdom'], data=data['config_parameters'])
fos.logout()

meta = {"status": resp['status'],'reason': resp['reason'], 'version': resp['version'], }
resp = fos.post(functions[0], functions[1], vdom=data['vdom'],
data=data['config_parameters'])
fos.logout()

meta = {"status": resp['status'], 'reason': resp['reason'],
'version': resp['version'], }
if resp['status'] == "success":
return False, True, meta
else:
return True, False, meta


def fortigate_config_set(data):
host = data['host']
username = data['username']
password = data['password']
fos.login(host,username,password)
fos.login(host, username, password)

functions = data['config'].split()

resp = fos.set(functions[0], functions[1], vdom=data['vdom'], data=data['config_parameters'])
fos.logout()

meta = {"status": resp['status'],'reason': resp['reason'], 'version': resp['version'], }
resp = fos.set(functions[0], functions[1], vdom=data['vdom'],
data=data['config_parameters'])
fos.logout()

meta = {"status": resp['status'], 'reason': resp['reason'],
'version': resp['version'], }
if resp['status'] == "success":
return False, True, meta
else:
return True, False, meta


def fortigate_config_get(data):
host = data['host']
username = data['username']
password = data['password']
fos.login(host, username, password)

functions = data['config'].split()
schema = fos.schema(functions[0], functions[1])
dataconf = data['config_parameters']

mkey = None
if schema and ('mkey' in schema):
keyname = schema['mkey']
if dataconf and (keyname in dataconf):
mkey = dataconf[keyname]

resp = fos.get(functions[0], functions[1], mkey=mkey, vdom=data['vdom'])
fos.logout()

meta = {"status": resp['status'], 'reason': resp['status'],
'version': resp['version'], 'full_response': resp}
if resp['status'] == "success":
return False, True, meta
else:
return True, False, meta

def fortigate_config_monitor(data):
host = data['host']
username = data['username']
password = data['password']
fos.login(host, username, password)

functions = data['config'].split()
resp = fos.monitor(functions[0], functions[1], vdom=data['vdom'])
fos.logout()

meta = {"status": resp['status'], 'reason': resp['status'],
'version': resp['version'], 'full_response': resp}
if resp['status'] == "success":
return False, True, meta
else:
return True, False, meta


def fortigate_config_del(data):
host = data['host']
username = data['username']
password = data['password']
vdom=data['vdom']
fos.login(host,username,password)
vdom = data['vdom']
fos.login(host, username, password)

functions = data['config'].split()
schema = fos.schema(functions[0], functions[1])
keyname = schema['mkey']
dataconf = data['config_parameters']
mkey = dataconf[keyname]

resp = fos.delete(functions[0], functions[1], mkey=mkey, vdom=vdom)
fos.logout()
meta = {"status": resp['status'],'reason': resp['reason'], 'version': resp['version'], }
fos.logout()

meta = {"status": resp['status'], 'reason': resp['reason'],
'version': resp['version'], }
if resp['status'] == "success":
return False, True, meta
else:
Expand All @@ -532,19 +608,19 @@ def fortigate_config_del(data):
else:
return True, False, meta


def main():

def main():
fields = {
"host": {"required": True, "type": "str"},
"password": {"required": False, "type": "str"},
"username": {"required": True, "type": "str"},
"description": {"required": False, "type": "str"},
"vdom": {"required": False, "type": "str", "default":"root"},
"config": {"required": True,"choices":AVAILABLE_CONF , "type": "str"},
"vdom": {"required": False, "type": "str", "default": "root"},
"config": {"required": True, "choices": AVAILABLE_CONF, "type": "str"},
"mkey": {"required": False, "type": "str"},
"action": {
"default": "set",
"choices": ['set', 'delete','put','post'],
"choices": ['set', 'delete', 'put', 'post', 'get', 'monitor'],
"type": 'str'
},
"config_parameters": {"required": False, "type": "dict"},
Expand All @@ -555,6 +631,8 @@ def main():
"delete": fortigate_config_del,
"put": fortigate_config_put,
"post": fortigate_config_post,
"get": fortigate_config_get,
"monitor": fortigate_config_monitor,
}

module = AnsibleModule(argument_spec=fields)
Expand Down
22 changes: 20 additions & 2 deletions play.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@
# here to ensure update/downgrade if needed (optional)
- pip:
name: fortiosapi
version: 0.6.2
version: 0.7.2
- name: Set static route on the fortigate
fortiosconfig:
action: "set"
Expand Down Expand Up @@ -42,7 +42,7 @@
- name: firewall policy
fortiosconfig:
config: "firewall policy"
action: "post"
action: "set"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
Expand Down Expand Up @@ -72,3 +72,21 @@
config_parameters:
"type": "fortimanager"
fmg: "10.210.67.18"
- name: system resource
fortiosconfig:
config: "system resource"
action: "monitor"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "global"
- name: Get information
fortiosconfig:
config: "system global"
action: "get"
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "global"
config_parameters:
name: "global"

0 comments on commit c9667f0

Please sign in to comment.