Try SpotterCreate, update or destroy reverse_proxy frontend entry in Sophos UTM
Authors: Johannes Brunswicker (@MatrixCrawler)
Install with ansible-galaxy collection install community.general:==8.5.0
collections:
- name: community.general
version: 8.5.0Create, update or destroy a reverse_proxy frontend entry in Sophos UTM.
This module needs to have the REST Ability of the UTM to be activated.
- name: Create utm proxy_frontend
community.general.utm_proxy_frontend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestFrontendEntry
host: REF_OBJECT_STRING
state: present
- name: Remove utm proxy_frontend
community.general.utm_proxy_frontend:
utm_host: sophos.host.name
utm_token: abcdefghijklmno1234
name: TestFrontendEntry
state: absent
name:
description:
- The name of the object. Will be used to identify the entry
required: true
type: str
port:
default: 80
description:
- The frontend http port
type: int
type:
choices:
- http
- https
default: http
description:
- Which protocol should be used
type: str
state:
choices:
- absent
- present
default: present
description:
- The desired state of the object.
- V(present) will create or update an object.
- V(absent) will delete an object if it was present.
type: str
domain:
description:
- A list of domain names for the frontend object
elements: str
type: list
status:
default: true
description:
- Whether to activate the frontend entry or not
type: bool
address:
default: REF_DefaultInternalAddress
description:
- The reference name of the network/interface_address object.
type: str
comment:
default: ''
description:
- An optional comment to add to the object
type: str
headers:
default: {}
description:
- A dictionary of additional headers to be sent to POST and PUT requests.
- Is needed for some modules.
required: false
type: dict
profile:
default: ''
description:
- The reference string of the reverse_proxy/profile
type: str
lbmethod:
choices:
- ''
- bybusyness
- bytraffic
- byrequests
default: bybusyness
description:
- Which loadbalancer method should be used
type: str
utm_host:
description:
- The REST Endpoint of the Sophos UTM.
required: true
type: str
utm_port:
default: 4444
description:
- The port of the REST interface.
type: int
xheaders:
default: false
description:
- Whether to pass the host header or not
type: bool
locations:
default: []
description:
- A list of location ref names (reverse_proxy/location)
elements: str
type: list
utm_token:
description:
- The token used to identify at the REST-API. See U(https://www.sophos.com/en-us/medialibrary/PDFs/documentation/UTMonAWS/Sophos-UTM-RESTful-API.pdf?la=en),
Chapter 2.4.2.
required: true
type: str
exceptions:
default: []
description:
- A list of exception ref names (reverse_proxy/exception)
elements: str
type: list
certificate:
default: ''
description:
- The reference name of the ca/host_key_cert object.
type: str
htmlrewrite:
default: false
description:
- Whether to enable html rewrite or not
type: bool
preservehost:
default: false
description:
- Whether to preserve host header
type: bool
utm_protocol:
choices:
- http
- https
default: https
description:
- The protocol of the REST Endpoint.
type: str
validate_certs:
default: true
description:
- Whether the REST interface's ssl certificate should be verified or not.
type: bool
allowed_networks:
default:
- REF_NetworkAny
description:
- A list of reference names for the allowed networks.
elements: str
type: list
implicitredirect:
default: false
description:
- Whether to enable implicit redirection or not
type: bool
disable_compression:
default: false
description:
- Whether to enable the compression
type: bool
htmlrewrite_cookies:
default: false
description:
- Whether to enable html rewrite cookie or not
type: bool
add_content_type_header:
default: false
description:
- Whether to add the content type header or not
type: bool
result:
contains:
_locked:
description: Whether or not the object is currently locked
type: bool
_ref:
description: The reference name of the object
type: str
_type:
description: The type of the object
type: str
add_content_type_header:
description: Whether to add the content type header
type: bool
address:
description: The reference name of the address
type: str
allowed_networks:
description: List of reference names of networks associated
type: list
certificate:
description: Reference name of certificate (ca/host_key_cert)
type: str
comment:
description: The comment string
type: str
disable_compression:
description: State of compression support
type: bool
domain:
description: List of hostnames
type: list
exceptions:
description: List of associated proxy exceptions
type: list
htmlrewrite:
description: State of html rewrite
type: bool
htmlrewrite_cookies:
description: Whether the html rewrite cookie will be set
type: bool
implicitredirect:
description: Whether to use implicit redirection
type: bool
lbmethod:
description: The method of loadbalancer to use
type: str
locations:
description: The reference names of reverse_proxy/locations associated with
the object
type: list
name:
description: The name of the object
type: str
port:
description: The port of the frontend connection
type: int
preservehost:
description: Preserve host header
type: bool
profile:
description: The associated reverse_proxy/profile
type: str
status:
description: Whether the frontend object is active or not
type: bool
type:
description: The connection type
type: str
xheaders:
description: The xheaders state
type: bool
description: The utm object that was created
returned: success
type: complex