Try SpotterManage FreeIPA DNS records
Authors: Rafael Guterres Jeffman (@rjeffman), Thomas Woerner (@t-woerner)
preview | supported by community
Install with ansible-galaxy collection install freeipa.ansible_freeipa:==1.11.1
collections:
- name: freeipa.ansible_freeipa
version: 1.11.1Manage FreeIPA DNS records
# Ensure dns record is present
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: vm-001
zone_name: example.com
record_type: 'AAAA'
record_value: '::1'
# Ensure that dns record exists with a TTL
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host01
zone_name: example.com
record_type: 'AAAA'
record_value: '::1'
record_ttl: 300
# Ensure that dns record exists with a reverse record
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host02
zone_name: example.com
record_type: 'AAAA'
record_value: 'fd00::0002'
create_reverse: yes
# Ensure a PTR record is present
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: 5
zone_name: 2.168.192.in-addr.arpa
record_type: 'PTR'
record_value: 'internal.ipa.example.com'
# Ensure a TXT record is present
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: _kerberos
zone_name: example.com
record_type: 'TXT'
record_value: 'EXAMPLE.COM'
# Ensure a SRV record is present
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: _kerberos._udp.example.com
zone_name: example.com
record_type: 'SRV'
record_value: '10 50 88 ipa.example.com'
# Ensure an MX record is present
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: '@'
zone_name: example.com
record_type: 'MX'
record_value: '1 mailserver.example.com'
# Ensure that dns record is absent
- freeipa.ansible_freeipa.ipadnsrecord:
ipaadmin_password: SomeADMINpassword
name: host01
zone_name: example.com
record_type: 'AAAA'
record_value: '::1'
state: absent
name:
aliases:
- record_name
description: The DNS record name to manage.
elements: str
required: false
type: list
a_rec:
aliases:
- a_record
description: Raw A record.
elements: str
required: false
type: list
state:
choices:
- present
- absent
- disabled
default: present
description: State to ensure
type: str
a6_rec:
aliases:
- a6_record
description: Raw A6 record.
elements: str
required: false
type: list
ds_rec:
aliases:
- ds_record
description: Raw DS record.
elements: str
required: false
type: list
kx_rec:
aliases:
- kx_record
description: Raw KX record.
elements: str
required: false
type: list
mx_rec:
aliases:
- mx_record
description: Raw MX record.
elements: str
required: false
type: list
ns_rec:
aliases:
- ns_record
description: Raw NS record.
elements: str
required: false
type: list
a6_data:
description: A6 record data.
required: false
type: str
del_all:
description: Delete all associated records.
required: false
type: bool
dlv_rec:
aliases:
- dlv_record
description: Raw DLV record.
elements: str
required: false
type: list
loc_rec:
aliases:
- loc_record
description: Raw LOC record.
elements: str
required: false
type: list
ptr_rec:
aliases:
- ptr_record
description: Raw PTR record.
elements: str
required: false
type: list
records:
description: The list of user dns records dicts
elements: dict
required: false
suboptions:
a6_data:
description: A6 record data.
required: false
type: str
a6_rec:
aliases:
- a6_record
description: Raw A6 record.
elements: str
required: false
type: list
a_create_reverse:
description: 'Create reverse record for A records.
There is no equivalent to remove reverse records.
'
required: false
type: bool
a_ip_address:
description: IP adresses for A records.
required: false
type: str
a_rec:
aliases:
- a_record
description: Raw A record.
elements: str
required: false
type: list
aaaa_create_reverse:
description: 'Create reverse record for AAAA records.
There is no equivalent to remove reverse records.
'
required: false
type: bool
aaaa_ip_address:
description: IP adresses for AAAA records.
required: false
type: str
aaaa_rec:
aliases:
- aaaa_record
description: Raw AAAA record.
elements: str
required: false
type: list
afsdb_hostname:
description: AFSDB Hostname
required: false
type: str
afsdb_rec:
aliases:
- afsdb_record
description: Raw AFSDB record.
elements: str
required: false
type: list
afsdb_subtype:
description: AFSDB Subtype
required: false
type: int
cert_algorithm:
description: CERT Algorithm
required: false
type: int
cert_certificate_or_crl:
description: CERT Certificate or Certificate Revocation List (CRL).
required: false
type: str
cert_key_tag:
description: CERT Key Tag
required: false
type: int
cert_rec:
aliases:
- cert_record
description: Raw CERT record.
elements: str
required: false
type: list
cert_type:
description: CERT Certificate Type
required: false
type: int
cname_hostname:
description: A hostname which this alias hostname points to.
required: false
type: str
cname_rec:
aliases:
- cname_record
description: Raw CNAME record.
elements: str
required: false
type: list
create_reverse:
aliases:
- reverse
description: 'Create reverse record for A or AAAA record types.
There is no equivalent to remove reverse records.
'
required: false
type: bool
del_all:
description: Delete all associated records.
required: false
type: bool
dlv_algorithm:
description: DLV Algorithm
required: false
type: int
dlv_digest:
description: DLV Digest
required: false
type: str
dlv_digest_type:
description: DLV Digest Type
required: false
type: int
dlv_key_tag:
description: DLV Key Tag
required: false
type: int
dlv_rec:
aliases:
- dlv_record
description: Raw DLV record.
elements: str
required: false
type: list
dname_rec:
aliases:
- dname_record
description: Raw DNAM record.
elements: str
required: false
type: list
dname_target:
description: DNAME Target
required: false
type: str
ds_algorithm:
description: DS Algorithm
required: false
type: int
ds_digest:
description: DS Digest
required: false
type: str
ds_digest_type:
description: DS Digest Type
required: false
type: int
ds_key_tag:
description: DS Key Tag
required: false
type: int
ds_rec:
aliases:
- ds_record
description: Raw DS record.
elements: str
required: false
type: list
ip_address:
description: IP adresses for A or AAAA records.
required: false
type: str
kx_exchanger:
description: A host willing to act as a key exchanger.
required: false
type: str
kx_preference:
description: 'Preference given to this exchanger. Lower values are more preferred.
'
required: false
type: int
kx_rec:
aliases:
- kx_record
description: Raw KX record.
elements: str
required: false
type: list
loc_altitude:
description: LOC Altitude
required: false
type: float
loc_h_precision:
description: LOC Horizontal Precision
required: false
type: float
loc_lat_deg:
description: LOC Degrees Latitude
required: false
type: int
loc_lat_dir:
choices:
- N
- S
description: LOC Direction Latitude
required: false
type: str
loc_lat_min:
description: LOC Minutes Latitude
required: false
type: int
loc_lat_sec:
description: LOC Seconds Latitude
required: false
type: float
loc_lon_deg:
description: LOC Degrees Longitude
required: false
type: int
loc_lon_dir:
choices:
- E
- W
description: LOC Direction Longitude
required: false
type: str
loc_lon_min:
description: LOC Minutes Longitude
required: false
type: int
loc_lon_sec:
description: LOC Seconds Longitude
required: false
type: float
loc_rec:
aliases:
- loc_record
description: Raw LOC record.
elements: str
required: false
type: list
loc_size:
description: LOC Size
required: false
type: float
loc_v_precision:
description: LOC Vertical Precision
required: false
type: float
mx_exchanger:
description: A host willing to act as a mail exchanger.
required: false
type: str
mx_preference:
description: 'Preference given to this exchanger. Lower values are more preferred.
'
required: false
type: int
mx_rec:
aliases:
- mx_record
description: Raw MX record.
elements: str
required: false
type: list
name:
aliases:
- record_name
description: The DNS record name to manage.
required: true
type: str
naptr_flags:
description: NAPTR Flags
required: false
type: str
naptr_order:
description: NAPTR Order
required: false
type: int
naptr_preference:
description: NAPTR Preference
required: false
type: int
naptr_rec:
aliases:
- naptr_record
description: Raw NAPTR record.
elements: str
required: false
type: list
naptr_regexp:
description: NAPTR Regular Expression
required: false
type: str
naptr_replacement:
description: NAPTR Replacement
required: false
type: str
naptr_service:
description: NAPTR Service
required: false
type: str
ns_hostname:
description: NS Hostname
required: false
type: str
ns_rec:
aliases:
- ns_record
description: Raw NS record.
elements: str
required: false
type: list
ptr_hostname:
description: The hostname this reverse record points to.
required: false
type: str
ptr_rec:
aliases:
- ptr_record
description: Raw PTR record.
elements: str
required: false
type: list
record_ttl:
description: Set the TTL for the record.
required: false
type: int
record_type:
choices:
- A
- AAAA
- A6
- AFSDB
- CERT
- CNAME
- DLV
- DNAME
- DS
- KX
- LOC
- MX
- NAPTR
- NS
- PTR
- SRV
- SSHFP
- TLSA
- TXT
- URI
default: A
description: The type of DNS record.
type: str
record_value:
description: Manage DNS record name with these values.
elements: str
required: false
type: list
srv_port:
description: SRV Port
required: false
type: int
srv_priority:
description: 'Lower number means higher priority. Clients will attempt to contact
the server with the lowest-numbered priority they can reach.
'
required: false
type: int
srv_rec:
aliases:
- srv_record
description: Raw SRV record.
elements: str
required: false
type: list
srv_target:
description: 'The domain name of the target host or ''.'' if the service is decidedly
not available at this domain.
'
required: false
type: str
srv_weight:
description: Relative weight for entries with the same priority.
required: false
type: int
sshfp_algorithm:
description: SSHFP Algorithm
required: false
type: int
sshfp_fingerprint:
description: SSHFP Fingerprint
required: false
type: str
sshfp_fp_type:
description: SSHFP Fingerprint Type
required: false
type: int
sshfp_rec:
aliases:
- sshfp_record
description: Raw SSHFP record.
elements: str
required: false
type: list
tlsa_cert_association_data:
description: TLSA Certificate Association Data
required: false
type: str
tlsa_cert_usage:
description: TLSA Certificate Usage
required: false
type: int
tlsa_matching_type:
description: TLSA Matching Type
required: false
type: int
tlsa_rec:
aliases:
- tlsa_record
description: Raw TLSA record.
elements: str
required: false
type: list
tlsa_selector:
description: TLSA Selector
required: false
type: int
txt_data:
description: TXT Text Data
required: false
type: str
txt_rec:
aliases:
- txt_record
description: Raw TXT record.
elements: str
required: false
type: list
uri_priority:
description: 'Lower number means higher priority. Clients will attempt to contact
the URI with the lowest-numbered priority they can reach.
'
required: false
type: int
uri_rec:
aliases:
- uri_record
description: Raw URI record.
elements: str
required: false
type: list
uri_target:
description: Target Uniform Resource Identifier according to RFC 3986.
required: false
type: str
uri_weight:
description: Relative weight for entries with the same priority.
required: false
type: int
zone_name:
aliases:
- dnszone
description: 'The DNS zone name to which DNS record needs to be managed.
Required if not provided globally.
'
required: false
type: str
type: list
srv_rec:
aliases:
- srv_record
description: Raw SRV record.
elements: str
required: false
type: list
txt_rec:
aliases:
- txt_record
description: Raw TXT record.
elements: str
required: false
type: list
uri_rec:
aliases:
- uri_record
description: Raw URI record.
elements: str
required: false
type: list
aaaa_rec:
aliases:
- aaaa_record
description: Raw AAAA record.
elements: str
required: false
type: list
cert_rec:
aliases:
- cert_record
description: Raw CERT record.
elements: str
required: false
type: list
loc_size:
description: LOC Size
required: false
type: float
srv_port:
description: SRV Port
required: false
type: int
tlsa_rec:
aliases:
- tlsa_record
description: Raw TLSA record.
elements: str
required: false
type: list
txt_data:
description: TXT Text Data
required: false
type: str
afsdb_rec:
aliases:
- afsdb_record
description: Raw AFSDB record.
elements: str
required: false
type: list
cert_type:
description: CERT Certificate Type
required: false
type: int
cname_rec:
aliases:
- cname_record
description: Raw CNAME record.
elements: str
required: false
type: list
dname_rec:
aliases:
- dname_record
description: Raw DNAM record.
elements: str
required: false
type: list
ds_digest:
description: DS Digest
required: false
type: str
naptr_rec:
aliases:
- naptr_record
description: Raw NAPTR record.
elements: str
required: false
type: list
sshfp_rec:
aliases:
- sshfp_record
description: Raw SSHFP record.
elements: str
required: false
type: list
zone_name:
aliases:
- dnszone
description: 'The DNS zone name to which DNS record needs to be managed.
Required if not provided globally.
'
required: false
type: str
dlv_digest:
description: DLV Digest
required: false
type: str
ds_key_tag:
description: DS Key Tag
required: false
type: int
ip_address:
description: IP adresses for A or AAAA records.
required: false
type: str
record_ttl:
description: Set the TTL for the record.
required: false
type: int
srv_target:
description: 'The domain name of the target host or ''.'' if the service is decidedly
not available at this domain.
'
required: false
type: str
srv_weight:
description: Relative weight for entries with the same priority.
required: false
type: int
uri_target:
description: Target Uniform Resource Identifier according to RFC 3986.
required: false
type: str
uri_weight:
description: Relative weight for entries with the same priority.
required: false
type: int
dlv_key_tag:
description: DS Key Tag
required: false
type: int
loc_lat_deg:
description: LOC Degrees Latitude
required: false
type: int
loc_lat_dir:
choices:
- N
- S
description: LOC Direction Latitude
required: false
type: str
loc_lat_min:
description: LOC Minutes Latitude
required: false
type: int
loc_lat_sec:
description: LOC Seconds Latitude
required: false
type: float
loc_lon_deg:
description: LOC Degrees Longitude
required: false
type: int
loc_lon_dir:
choices:
- E
- W
description: LOC Direction Longitude
required: false
type: str
loc_lon_min:
description: LOC Minutes Longitude
required: false
type: int
loc_lon_sec:
description: LOC Seconds Longitude
required: false
type: float
naptr_flags:
description: NAPTR Flags
required: false
type: str
naptr_order:
description: NAPTR Order
required: false
type: int
ns_hostname:
description: NS Hostname
required: false
type: str
record_type:
choices:
- A
- AAAA
- A6
- AFSDB
- CERT
- CNAME
- DLV
- DNAME
- DS
- KX
- LOC
- MX
- NAPTR
- NS
- PTR
- SRV
- SSHFP
- TLSA
- TXT
- URI
default: A
description: The type of DNS record.
type: str
a_ip_address:
description: IP adresses for A records.
required: false
type: str
cert_key_tag:
description: CERT Key Tag
required: false
type: int
dname_target:
description: DNAME Target
required: false
type: str
ds_algorithm:
description: DS Algorithm
required: false
type: int
kx_exchanger:
description: A host willing to act as a key exchanger.
required: false
type: str
loc_altitude:
description: LOC Altitude
required: false
type: float
mx_exchanger:
description: A host willing to act as a mail exchanger.
required: false
type: str
naptr_regexp:
description: NAPTR Regular Expression
required: false
type: str
ptr_hostname:
description: The hostname this reverse record points to.
required: false
type: str
record_value:
description: Manage DNS record name with these values.
elements: str
required: false
type: list
srv_priority:
description: 'Lower number means higher priority. Clients will attempt to contact
the server with the lowest-numbered priority they can reach.
'
required: false
type: int
uri_priority:
description: 'Lower number means higher priority. Clients will attempt to contact
the URI with the lowest-numbered priority they can reach.
'
required: false
type: int
afsdb_subtype:
description: AFSDB Subtype
required: false
type: int
dlv_algorithm:
description: DLV Algorithm
required: false
type: int
kx_preference:
description: 'Preference given to this exchanger. Lower values are more preferred.
'
required: false
type: int
mx_preference:
description: 'Preference given to this exchanger. Lower values are more preferred.
'
required: false
type: int
naptr_service:
description: NAPTR Service
required: false
type: str
sshfp_fp_type:
description: SSHFP Fingerprint Type
required: false
type: int
tlsa_selector:
description: TLSA Selector
required: false
type: int
afsdb_hostname:
description: AFSDB Hostname
required: false
type: str
cert_algorithm:
description: CERT Algorithm
required: false
type: int
cname_hostname:
description: A hostname which this alias hostname points to.
required: false
type: str
create_reverse:
aliases:
- reverse
description: 'Create reverse record for A or AAAA record types.
There is no equivalent to remove reverse records.
'
required: false
type: bool
ds_digest_type:
description: DS Digest Type
required: false
type: int
ipaapi_context:
choices:
- server
- client
description: 'The context in which the module will execute. Executing in a
server context is preferred. If not provided context will be
determined by the execution environment.
'
required: false
type: str
aaaa_ip_address:
description: IP adresses for AAAA records.
required: false
type: str
dlv_digest_type:
description: DLV Digest Type
required: false
type: int
loc_h_precision:
description: LOC Horizontal Precision
required: false
type: float
loc_v_precision:
description: LOC Vertical Precision
required: false
type: float
sshfp_algorithm:
description: SSHFP Algorithm
required: false
type: int
tlsa_cert_usage:
description: TLSA Certificate Usage
required: false
type: int
a_create_reverse:
description: 'Create reverse record for A records.
There is no equivalent to remove reverse records.
'
required: false
type: bool
naptr_preference:
description: NAPTR Preference
required: false
type: int
ipaadmin_password:
description: The admin password.
required: false
type: str
ipaapi_ldap_cache:
default: true
description: Use LDAP cache for IPA connection.
type: bool
naptr_replacement:
description: NAPTR Replacement
required: false
type: str
sshfp_fingerprint:
description: SSHFP Fingerprint
required: false
type: str
ipaadmin_principal:
default: admin
description: The admin principal.
type: str
tlsa_matching_type:
description: TLSA Matching Type
required: false
type: int
aaaa_create_reverse:
description: 'Create reverse record for AAAA records.
There is no equivalent to remove reverse records.
'
required: false
type: bool
cert_certificate_or_crl:
description: CERT Certificate or Certificate Revocation List (CRL).
required: false
type: str
tlsa_cert_association_data:
description: TLSA Certificate Association Data
required: false
type: str