Try SpotterManage tunnel
| "added in version" 1.0.0 of ubika.waap"
Authors: UBIKA team (@ubika_team)
Install with ansible-galaxy collection install ubika.waap:==1.0.3
collections:
- name: ubika.waap
version: 1.0.3Manage tunnel.
- name: Have tunnel
ubika.waap.tunnel:
credentials:
host: 192.168.254.183:3001
username: superadmin
password: "Denyall@1"
verify_ssl: false
name: "tun-test"
reverse_proxy: "d1942d0f00548f6cac6a45708cd7d44f"
workflow: "WAAP ICX Default"
network:
incoming:
interface: "753db29c09364e6b25dc3867a092b65e"
port: 15000
server_name: "tun-test"
outgoing:
address: "test"
port: 8080
filter:
label:
name: "test"
logs:
description:
- The log configuraiton of the tunnel
required: false
suboptions:
access:
description:
- The access logs options
required: false
suboptions:
database:
default: false
description:
- Enable access log database
required: false
type: bool
file_format_profile:
description:
- The uid of access log profiles of log files
required: false
type: str
type: dict
debug:
description:
- Enable debug logs.
required: false
type: bool
filter:
description:
- The uid of log filter options
required: false
type: str
realtime:
description:
- The realtime options
required: false
suboptions:
syslog_destination_profiles:
description:
- List of the realtime alerting destinations.
elements: dict
required: false
suboptions:
name:
description:
- Name of the realtime alerting destination.
required: false
type: str
uid:
description:
- Uid of the realtime alerting destination.
required: false
type: str
type: list
type: dict
type: dict
name:
description:
- Name of the tunnel.
required: true
type: str
state:
choices:
- present
- absent
default: present
description:
- State of the tunnel.
type: str
filter:
description:
- Enable filter
required: false
suboptions:
label:
description:
- Label object to filter
suboptions:
name:
description:
- Name of the label.
required: false
type: str
type: dict
type: dict
labels:
description:
- Labels list.
elements: str
required: false
type: list
monitor:
description:
- The monitor options of the tunnel
required: false
suboptions:
backend:
description:
- Backend of monitoring
required: false
suboptions:
enabled:
default: true
description:
- Enable Backend monitor check
required: false
type: bool
frequency:
default: 1
description:
- Backend monitor frequancy (min)
required: false
type: int
http_host:
description:
- Backend monitor host
required: false
type: str
method:
choices:
- head
- get
default: head
description:
- Backend monitor method
required: false
type: str
return_code:
default: '!5**'
description:
- Backend monitor return code
required: false
type: str
timeout:
default: 2
description:
- Backend monitor timeout (s)
required: false
type: int
url:
default: /
description:
- Backend monitor URL
required: false
type: str
type: dict
enabled:
default: true
description:
- Enable tunnel monitoring
required: false
type: bool
type: dict
network:
description:
- Network of the tunnel
required: true
suboptions:
incoming:
description:
- Incoming of the tunnel
required: true
suboptions:
interface:
description:
- Object describing of the used interface
required: true
type: str
port:
description:
- Incoming port
required: false
type: int
server_alias:
description:
- Server alias
elements: str
required: false
type: list
server_name:
description:
- Server name
required: false
type: str
ssl:
description:
- The incoming ssl.
required: false
suboptions:
certificate:
description:
- The incoming proxy certificate (Server)
required: false
type: str
profile:
description:
- The uif of incoming ssl profile.
required: false
type: str
sni_vhost_check:
description:
- Force SNI verification
required: false
type: bool
sslhsts_enable:
description:
- Force HTTP Strict transport security
required: false
type: bool
verify_client_certificate:
description:
- The presence of verifyClientCertificate activates the incoming SSl verify
client certificates.
required: false
suboptions:
bundle:
description:
- Bundle of the incoming ssl verifyClientCertificate configuration.
required: false
suboptions:
name:
description:
- Name of the bundle.
required: false
type: str
uid:
description:
- Uid of the bundle.
required: false
type: str
type: dict
ca:
description:
- CA bundle of the incoming ssl verifyClientCertificate configuration.
required: false
suboptions:
name:
description:
- Name of the ca bundle.
required: false
type: str
uid:
description:
- Uid of the ca bundle.
required: false
type: str
type: dict
depth:
default: 1
description:
- Incoming client certificate verification depth.
required: false
type: int
ocsp:
description:
- OCSP bundle of the incoming ssl verifyClientCertificate configuration.
required: false
suboptions:
name:
description:
- Name of the ocsp bundle.
required: false
type: str
uid:
description:
- Uid of the ocsp bundle.
required: false
type: str
type: dict
ssl_redirect_enable:
description:
- The HTTP redirect on a https
required: false
type: bool
ssl_redirect_port_in:
description:
- The port of clear traffic to be redirected to HTTPS
required: false
type: int
type:
default: require
description:
- Incoming client certificate verification type.
required: false
type: str
type: dict
type: dict
type: dict
outgoing:
description:
- Outgoing of the tunnel
required: true
suboptions:
address:
description:
- Backend IP/Host. Mandatory if loadBalancer is not used.
required: false
type: str
port:
description:
- Backend port
required: false
type: int
ssl:
description:
- The outgoing ssl
required: false
suboptions:
ajp_enable:
description:
- Enable AJP for outgoing connections
required: false
type: bool
profile:
description:
- The uid of outgoing ssl profile.
required: false
type: str
type: dict
type: dict
type: dict
advanced:
description:
- Advanced configuration of the tunnel
required: false
suboptions:
geo_ip_enabled:
default: false
description:
- Enable geolocation.
required: false
type: bool
limit_request_body:
default: 0
description:
- Request body size limit
required: false
type: int
priority:
default: 50
description:
- Tunnel priority
required: false
type: int
workflow_body:
default: false
description:
- Enable advanced body fetching
required: false
type: bool
workflow_url_decode_body_plus_as_space:
default: true
description:
- Enable URL decode + as space.
required: false
type: bool
type: dict
workflow:
description:
- The Workflow of the tunnel
required: true
type: str
credentials:
description:
- Credentials for UBIKA WAAP Gateway
required: true
suboptions:
host:
description:
- UBIKA WAAP Gateway host
required: true
type: str
password:
description:
- Administrator password
required: true
type: str
username:
description:
- Administrator user name
required: true
type: str
verify_ssl:
default: true
description:
- Set to false to disable SSL verification
type: bool
type: dict
performance:
description:
- The perfomance of the tunnel
required: false
suboptions:
compression_profile:
description:
- The uid of compression profile.
required: false
type: str
keep_alive_timeout:
description:
- Keepalive timout (s)
required: false
type: int
proxy_timeout:
default: 60
description:
- Proxy timeout(s)
required: false
type: int
ramdisk_cache:
description:
- Object describing the ramdisk cache options
required: false
suboptions:
profile:
description:
- Object describing of the used ramdisk cache profile
required: true
type: str
type: dict
request_timeout_profile:
description:
- The uid of request timeout profile.
required: false
type: str
timeout:
description:
- Timeout (s)
required: false
type: int
workflow_preserve_deflate:
default: true
description:
- Enable Forward gzip encoding
required: false
type: bool
type: dict
reverse_proxy:
description:
- Reverse proxy of the tunnel
required: true
type: str
workflow_parameters:
description:
- Array of workflow parameters
required: false
type: dict