--- - name: Test dnsrecord hosts: ipaserver become: yes gather_facts: yes tasks: - name: Setup testing environment. include_tasks: env_setup.yml # tests - name: Ensure that dns record 'host01' is present ipadnsrecord: ipaadmin_password: SomeADMINpassword name: host01 zone_name: "{{ testzone }}" record_type: AAAA record_value: ::1 register: result failed_when: not result.changed - name: Ensure that dns record 'host01' is present, again ipadnsrecord: ipaadmin_password: SomeADMINpassword name: host01 zone_name: "{{ testzone }}" record_type: AAAA record_value: ::1 register: result failed_when: result.changed - name: Ensure that dns record 'host02' is present ipadnsrecord: ipaadmin_password: SomeADMINpassword name: host02 zone_name: "{{ testzone }}" record_type: A record_value: "{{ ipv4_prefix }}.102" register: result failed_when: not result.changed - name: Ensure that dns record 'host02' is present, again ipadnsrecord: ipaadmin_password: SomeADMINpassword name: host02 zone_name: "{{ testzone }}" record_type: A record_value: "{{ ipv4_prefix }}.102" register: result failed_when: result.changed - name: Modify record 'host02' with multiple A and AAAA record. ipadnsrecord: ipaadmin_password: SomeADMINpassword records: - name: host02 zone_name: "{{ testzone }}" record_type: A record_value: - "{{ ipv4_prefix }}.112" - "{{ ipv4_prefix }}.122" - name: host02 zone_name: "{{ testzone }}" record_type: AAAA record_value: ::1 register: result failed_when: not result.changed - name: Modify record 'host02' with multiple A and AAAA record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword records: - name: host02 zone_name: "{{ testzone }}" record_type: A record_value: - "{{ ipv4_prefix }}.112" - "{{ ipv4_prefix }}.122" - name: host02 zone_name: "{{ testzone }}" record_type: AAAA record_value: ::1 register: result failed_when: result.changed - name: Ensure 'host02' A6 record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host02 a6_data: ::1 register: result failed_when: not result.changed - name: Ensure 'host02' A6 record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host02 a6_rec: ::1 register: result failed_when: result.changed - name: Ensure 'host02' A6 record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host02 a6_rec: ::1 state: absent register: result failed_when: not result.changed - name: Ensure 'host02' A6 record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host02 a6_rec: ::1 state: absent register: result failed_when: result.changed - name: Ensure that dns record 'host03' is present, with reverse record. ipadnsrecord: ipaadmin_password: SomeADMINpassword name: host03 zone_name: "{{ testzone }}" a_ip_address: "{{ ipv4_prefix }}.103" a_create_reverse: yes register: result failed_when: not result.changed - name: Ensure that dns record 'host03' is present, with reverse record, again ipadnsrecord: ipaadmin_password: SomeADMINpassword name: host03 zone_name: "{{ testzone }}" record_type: A record_value: "{{ ipv4_prefix }}.103" create_reverse: yes register: result failed_when: result.changed - name: Delete all entries associated with host03 ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host03 del_all: yes state: absent register: result failed_when: not result.changed - name: Delete all entries associated with host03, again ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host03 del_all: yes state: absent register: result failed_when: result.changed - name: Ensure that 'host04' has CNAME ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 record_type: CNAME record_value: "host04.{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' has CNAME, again ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cname_hostname: "host04.{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' CNAME is absent ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cname_rec: "host04.{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' CNAME is absent, again ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 record_type: CNAME record_value: "host04.{{ testzone }}" state: absent register: result failed_when: result.changed - name: Ensure that 'host04' and 'host03' have CNAME, with cname_hostname ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" records: - name: host04 cname_hostname: "host04.{{ testzone }}" - name: host03 cname_hostname: "host03.{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' has CNAME, with cname_hostname, again ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cname_hostname: "host04.{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' CNAME is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cname_rec: "host04.{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' has A record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: "{{ ipv4_prefix }}.104" register: result failed_when: not result.changed - name: Ensure that 'host04' has A record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: "{{ ipv4_prefix }}.104" register: result failed_when: result.changed - name: Ensure that 'host04' has the same A record with reverse. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 a_rec: "{{ ipv4_prefix }}.104" reverse: yes register: result failed_when: not result.changed - name: Ensure that 'host04' has the same A record with reverse, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 a_rec: "{{ ipv4_prefix }}.104" reverse: yes register: result failed_when: result.changed - name: Ensure that 'host04' has an A record with reverse, for NS record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: "{{ ipv4_prefix }}.114" reverse: yes - name: Ensure that 'host04' has an A record with reverse, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: "{{ ipv4_prefix }}.114" reverse: yes register: result failed_when: result.changed - name: Ensure that 'host04' has AAAA record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 aaaa_ip_address: fd00::0004 aaaa_create_reverse: yes register: result failed_when: not result.changed - name: Ensure that 'host04' has AAAA record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: fd00::0004 reverse: yes register: result failed_when: result.changed - name: Ensure that 'host04' has AAAA record, without reverse. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: fd00::0014 register: result failed_when: not result.changed - name: Ensure that 'host04' previous AAAA record, now has a reverse record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 aaaa_rec: fd00::0014 reverse: yes register: result failed_when: not result.changed - name: Ensure that 'host04' previous AAAA record, now has a reverse record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 aaaa_rec: fd00::0014 reverse: yes register: result failed_when: result.changed - name: Ensure that 'host04' has PTR record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ zone_prefix_reverse_24 }}" name: "124" ptr_hostname: "host04.{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' has PTR record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ zone_prefix_reverse_24 }}" name: "124" ptr_hostname: "host04.{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' has PTR record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ zone_prefix_reverse_24 }}" name: "124" ptr_rec: "host04.{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' has PTR record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ zone_prefix_reverse_24 }}" name: "124" ptr_rec: "host04.{{ testzone }}" state: absent register: result failed_when: result.changed - name: Ensure that 'host04' has DNAME record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dname_target: "ipa.{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' has DNAME record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dname_target: "ipa.{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' DNAME record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dname_rec: "ipa.{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' DNAME record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dname_rec: "ipa.{{ testzone }}" state: absent register: result failed_when: result.changed - name: Ensure that 'host04' has a A record with reverse, for NS record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ip_address: "{{ ipv4_prefix }}.114" reverse: yes - name: Ensure that 'host04' has NS record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ns_hostname: host04 register: result failed_when: not result.changed - name: Ensure that 'host04' has NS record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ns_hostname: host04 register: result failed_when: result.changed - name: Ensure that 'host04' NS record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ns_rec: host04 state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' NS record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 ns_rec: host04 state: absent register: result failed_when: result.changed - name: Ensure that 'host04' DLV record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dlv_key_tag: 12345 dlv_algorithm: 3 dlv_digest_type: 1 # digest is sha1sum of 'host04."{{ testzone }}"' dlv_digest: 08ff468cb25ccd21642989294cc33570da5eb2ba register: result failed_when: not result.changed - name: Ensure that 'host04' DLV record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dlv_key_tag: 12345 dlv_algorithm: 3 dlv_digest_type: 1 dlv_digest: 08ff468cb25ccd21642989294cc33570da5eb2ba register: result failed_when: result.changed - name: Ensure that 'host04' DLV record is present, with a different key tag. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dlv_key_tag: 54321 dlv_record: 12345 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba register: result failed_when: not result.changed - name: Ensure that 'host04' DLV record is present, with a different key tag, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dlv_key_tag: 54321 dlv_record: 12345 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba register: result failed_when: result.changed - name: Ensure that 'host04' DLV record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dlv_record: 54321 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' DLV record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 dlv_record: 54321 3 1 08ff468cb25ccd21642989294cc33570da5eb2ba state: absent register: result failed_when: result.changed - name: Ensure that dns record 'iron01' is present ipadnsrecord: ipaadmin_password: SomeADMINpassword name: iron01 zone_name: "{{ safezone }}" ip_address: "{{ ansible_default_ipv4.address }}" register: result failed_when: not result.changed - name: Ensure that NS record for "{{ safezone }}" is present ipadnsrecord: ipaadmin_password: SomeADMINpassword name: iron01 zone_name: "{{ safezone }}" ns_hostname: iron01 register: result failed_when: not result.changed - name: Ensure that 'iron01' DS record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ safezone }}" name: iron01 ds_key_tag: 12345 ds_algorithm: 3 ds_digest_type: 1 # digest is sha1sum of 'iron01."{{ safezone }}"' ds_digest: 84763786e4213cca9a6938dba5dacd64f87ec216 register: result failed_when: not result.changed - name: Ensure that 'iron01' DS record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ safezone }}" name: iron01 ds_key_tag: 12345 ds_algorithm: 3 ds_digest_type: 1 ds_digest: 84763786e4213cca9a6938dba5dacd64f87ec216 register: result failed_when: result.changed - name: Ensure that 'iron01' DS record is present, with a different key tag. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ safezone }}" name: iron01 ds_key_tag: 54321 ds_rec: 12345 3 1 84763786e4213cca9a6938dba5dacd64f87ec216 register: result failed_when: not result.changed - name: Ensure that 'iron01' DS record is present, with a different key tag, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ safezone }}" name: iron01 ds_key_tag: 54321 ds_rec: 12345 3 1 84763786e4213cca9a6938dba5dacd64f87ec216 register: result failed_when: result.changed - name: Ensure that 'iron01' DS record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ safezone }}" name: iron01 ds_rec: 54321 3 1 84763786e4213cca9a6938dba5dacd64f87ec216 state: absent register: result failed_when: not result.changed - name: Ensure that 'iron01' DS record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ safezone }}" name: iron01 ds_rec: 54321 3 1 84763786e4213cca9a6938dba5dacd64f87ec216 state: absent register: result failed_when: result.changed - name: Ensure that 'host04' AFSDB record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 afsdb_subtype: 1 afsdb_hostname: host04."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' AFSDB record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 afsdb_subtype: 1 afsdb_hostname: host04."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' AFSDB record subtype is 2. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 afsdb_subtype: 2 afsdb_rec: 1 host04."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' AFSDB record subtype is 2, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 afsdb_subtype: 2 afsdb_rec: 1 host04."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' AFSDB record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 afsdb_rec: 2 host04."{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' AFSDB record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 afsdb_rec: 2 host04."{{ testzone }}" state: absent register: result failed_when: result.changed # Certificate created with: # - openssl req -x509 -newkey rsa:512 -days 3650 -nodes -keyout private1.key -out cert1.pem -subj '/CN=test' # - openssl x509 -outform der -in cert1.pem -out cert1.der # - base64 cert1.der -w5000 - name: Ensure that 'host04' CERT record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cert_type: 1 cert_key_tag: 1234 cert_algorithm: 3 cert_certificate_or_crl: MIIBdTCCAR+gAwIBAgIUb14+Oug2nPy1fOFF5US+uiJ1LfIwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAzMjMxODMzNDNaFw0zMDAzMjExODMzNDNaMA8xDTALBgNVBAMMBHRlc3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAv/yGOgQbtUZbiQMjVly7bWuUX1oBGZAkCvumYpvsep3o1eJJ6HlREbLUlJmgibuNsjqE0FyrXueMjsD8D4juWQIDAQABo1MwUTAdBgNVHQ4EFgQUNtEmJqasXgN7Sh/huB5tx0ONblYwHwYDVR0jBBgwFoAUNtEmJqasXgN7Sh/huB5tx0ONblYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAANBAKhPWPK5+pkT9NLLSZm3ASQJcDkU9asrSoc7MsiHIqSUju/YQgjdHgX0ljS8hnlo1scCITW09UXcNRUYFxwEuoQ= register: result failed_when: not result.changed - name: Ensure that 'host04' CERT record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cert_type: 1 cert_key_tag: 1234 cert_algorithm: 3 cert_certificate_or_crl: MIIBdTCCAR+gAwIBAgIUb14+Oug2nPy1fOFF5US+uiJ1LfIwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAzMjMxODMzNDNaFw0zMDAzMjExODMzNDNaMA8xDTALBgNVBAMMBHRlc3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAv/yGOgQbtUZbiQMjVly7bWuUX1oBGZAkCvumYpvsep3o1eJJ6HlREbLUlJmgibuNsjqE0FyrXueMjsD8D4juWQIDAQABo1MwUTAdBgNVHQ4EFgQUNtEmJqasXgN7Sh/huB5tx0ONblYwHwYDVR0jBBgwFoAUNtEmJqasXgN7Sh/huB5tx0ONblYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAANBAKhPWPK5+pkT9NLLSZm3ASQJcDkU9asrSoc7MsiHIqSUju/YQgjdHgX0ljS8hnlo1scCITW09UXcNRUYFxwEuoQ= register: result failed_when: result.changed - name: Ensure that 'host04' CERT record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cert_rec: 1 1234 3 MIIBdTCCAR+gAwIBAgIUb14+Oug2nPy1fOFF5US+uiJ1LfIwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAzMjMxODMzNDNaFw0zMDAzMjExODMzNDNaMA8xDTALBgNVBAMMBHRlc3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAv/yGOgQbtUZbiQMjVly7bWuUX1oBGZAkCvumYpvsep3o1eJJ6HlREbLUlJmgibuNsjqE0FyrXueMjsD8D4juWQIDAQABo1MwUTAdBgNVHQ4EFgQUNtEmJqasXgN7Sh/huB5tx0ONblYwHwYDVR0jBBgwFoAUNtEmJqasXgN7Sh/huB5tx0ONblYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAANBAKhPWPK5+pkT9NLLSZm3ASQJcDkU9asrSoc7MsiHIqSUju/YQgjdHgX0ljS8hnlo1scCITW09UXcNRUYFxwEuoQ= state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' CERT record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 cert_rec: 1 1234 3 MIIBdTCCAR+gAwIBAgIUb14+Oug2nPy1fOFF5US+uiJ1LfIwDQYJKoZIhvcNAQELBQAwDzENMAsGA1UEAwwEdGVzdDAeFw0yMDAzMjMxODMzNDNaFw0zMDAzMjExODMzNDNaMA8xDTALBgNVBAMMBHRlc3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAv/yGOgQbtUZbiQMjVly7bWuUX1oBGZAkCvumYpvsep3o1eJJ6HlREbLUlJmgibuNsjqE0FyrXueMjsD8D4juWQIDAQABo1MwUTAdBgNVHQ4EFgQUNtEmJqasXgN7Sh/huB5tx0ONblYwHwYDVR0jBBgwFoAUNtEmJqasXgN7Sh/huB5tx0ONblYwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAANBAKhPWPK5+pkT9NLLSZm3ASQJcDkU9asrSoc7MsiHIqSUju/YQgjdHgX0ljS8hnlo1scCITW09UXcNRUYFxwEuoQ= state: absent register: result failed_when: result.changed - name: Ensure that 'host04' KX record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_preference: 10 kx_exchanger: keyex."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' KX record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_preference: 10 kx_exchanger: keyex."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' KX record is present with preference set to 20. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_preference: 20 kx_rec: 10 keyex."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' KX record is present with preference set to 20, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_preference: 20 kx_rec: 10 keyex."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' KX record is present with preference set to 20, one more time. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_preference: 20 kx_rec: 20 keyex."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' KX record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_rec: 20 keyex."{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' KX record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 kx_rec: 20 keyex."{{ testzone }}" state: absent register: result failed_when: result.changed - name: Ensure that 'host04' MX record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 mx_preference: 10 mx_exchanger: mail."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' MX record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 mx_preference: 10 mx_exchanger: mail."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that 'host04' MX record is present with preference set to 20. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 mx_preference: 20 mx_rec: 10 mail."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that 'host04' MX record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 mx_rec: 20 mail."{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' MX record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 mx_rec: 20 mail."{{ testzone }}" state: absent register: result failed_when: result.changed - name: Ensure that '_sip._udp' service has NAPTR record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp record_type: NAPTR record_value: '100 10 U SIP+D2U !^.*$!sip:customer-service@example.com! .' state: absent register: result failed_when: result.changed - name: Ensure that 'host04' LOC record is present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 loc_lat_deg: 52 loc_lat_min: 22 loc_lat_sec: 23.000 loc_lat_dir: N loc_lon_deg: 4 loc_lon_min: 53 loc_lon_sec: 32.00 loc_lon_dir: E loc_altitude: -2.00 loc_size: 0.00 loc_h_precision: 10000 loc_v_precision: 10 register: result failed_when: not result.changed - name: Ensure that 'host04' LOC record is present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 loc_lat_deg: 52 loc_lat_min: 22 loc_lat_sec: 23.000 loc_lat_dir: N loc_lon_deg: 4 loc_lon_min: 53 loc_lon_sec: 32.000 loc_lon_dir: E loc_altitude: -2.00 loc_size: 0.00 loc_h_precision: 10000 loc_v_precision: 10 register: result failed_when: result.changed - name: Ensure that 'host04' LOC record is present, with loc_size 1.00. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 loc_size: 1.00 loc_rec: 52 22 23 N 4 53 32 E -2 0 10000 10 register: result failed_when: not result.changed - name: Ensure that 'host04' LOC record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000 10 state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' LOC record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 loc_rec: 52 22 23.000 N 4 53 32.000 E -2.00 1.00 10000 10 state: absent register: result failed_when: result.changed - name: Ensure that '_sip._udp' service has NAPTR record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp naptr_order: 100 naptr_preference: 10 naptr_flags: "U" naptr_service: "SIP+D2U" naptr_regexp: "!^.*$!sip:customer-service@example.com!" naptr_replacement: "." register: result failed_when: not result.changed - name: Ensure that '_sip._udp' service has NAPTR record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp naptr_order: 100 naptr_preference: 10 naptr_flags: "U" naptr_service: "SIP+D2U" naptr_regexp: "!^.*$!sip:customer-service@example.com!" naptr_replacement: "." register: result failed_when: result.changed - name: Change '_sip._udp' service NAPTR record `preference` to 20. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp naptr_preference: 20 naptr_rec: '100 10 U SIP+D2U !^.*$!sip:customer-service@example.com! .' register: result failed_when: not result.changed - name: Ensure that '_sip._udp' service has NAPTR record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp record_type: NAPTR record_value: '100 20 U SIP+D2U !^.*$!sip:customer-service@example.com! .' state: absent register: result failed_when: not result.changed - name: Ensure that '_sip._udp' service has NAPTR record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp record_type: NAPTR record_value: '100 20 U SIP+D2U !^.*$!sip:customer-service@example.com! .' state: absent register: result failed_when: result.changed - name: Ensure that '_sip._udp' service has SRV record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_priority: 10 srv_weight: 10 srv_port: 5060 srv_target: sip-server."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure that '_sip._udp' service has SRV record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_priority: 10 srv_weight: 10 srv_port: 5060 srv_target: sip-server."{{ testzone }}" register: result failed_when: result.changed - name: Ensure '_sip._udp' SRV record has priority equals to 4. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_priority: 4 srv_weight: 10 srv_port: 5060 srv_target: sip-server."{{ testzone }}" srv_rec: 10 10 5060 sip-server."{{ testzone }}" register: result failed_when: not result.changed - name: Ensure '_sip._udp' SRV record has priority equals to 4, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_priority: 4 srv_weight: 10 srv_port: 5060 srv_target: sip-server."{{ testzone }}" srv_rec: 10 10 5060 sip-server."{{ testzone }}" register: result failed_when: result.changed - name: Ensurer '_sip._udp' SRV record has priority 2, weight 20 ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_priority: 2 srv_weight: 20 srv_port: 5060 srv_target: sip-server."{{ testzone }}" register: result failed_when: not result.changed - name: Ensurer '_sip._udp' SRV record has priority 2, weight 20, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_priority: 2 srv_weight: 20 srv_port: 5060 srv_target: sip-server."{{ testzone }}" register: result failed_when: result.changed - name: Ensure that '_sip._udp' SRV record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_record: 2 20 5060 sip-server."{{ testzone }}" state: absent register: result failed_when: not result.changed - name: Ensure that '_sip._udp' SRV record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _sip._udp srv_record: 2 20 5060 sip-server."{{ testzone }}" state: absent register: result failed_when: result.changed # SSHFP fingerprint generated with `ssh-keygen -r host04."{{ testzone }}"` - name: Ensure that 'host04' has SSHFP record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 sshfp_algorithm: 1 sshfp_fp_type: 1 sshfp_fingerprint: d21802c61733e055b8d16296cbce300efb8a167a register: result failed_when: not result.changed - name: Ensure that 'host04' has SSHFP record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 sshfp_algorithm: 1 sshfp_fp_type: 1 sshfp_fingerprint: d21802c61733e055b8d16296cbce300efb8a167a register: result failed_when: result.changed - name: Ensure that 'host04' SSHFP record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 sshfp_rec: 1 1 d21802c61733e055b8d16296cbce300efb8a167a state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' SSHFP record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 sshfp_rec: 1 1 d21802c61733e055b8d16296cbce300efb8a167a state: absent register: result failed_when: result.changed # Data is sha356sum of 'Some Text to Test', it should be created from # a real certificate. - name: Ensure that 'host04' has TLSA record present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 tlsa_cert_usage: 3 tlsa_selector: 1 tlsa_matching_type: 1 tlsa_cert_association_data: 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2 register: result failed_when: not result.changed - name: Ensure that 'host04' has TLSA record present, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 tlsa_cert_usage: 3 tlsa_selector: 1 tlsa_matching_type: 1 tlsa_cert_association_data: 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2 register: result failed_when: result.changed - name: Modify 'host04' has TLSA record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 tlsa_matching_type: 0 tlsa_rec: 3 1 1 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2 register: result failed_when: not result.changed - name: Modify 'host04' has TLSA record, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 tlsa_matching_type: 0 tlsa_rec: 3 1 1 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2 register: result failed_when: result.changed - name: Ensure that 'host04' TLSA record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 tlsa_rec: 3 1 0 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2 state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' TLSA record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 tlsa_rec: 3 1 0 9c0ad776dbeae8d9d55b0ad42899d30235c114d5f918fd69746e4279e47bdaa2 state: absent register: result failed_when: result.changed - name: Ensure that 'host04' has TXT record present. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_data: Some Text register: result failed_when: not result.changed # - name: Ensure that 'host04' has TXT record present, again. # ipadnsrecord: # ipaadmin_password: SomeADMINpassword # zone_name: "{{ testzone }}" # name: host04 # txt_data: Some Text # register: result # failed_when: result.changed - name: Change value of 'host04' TXT record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_data: Some new Text txt_rec: Some Text register: result failed_when: not result.changed - name: Add a second TXT record to 'host04'. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_rec: Some Other Text register: result failed_when: not result.changed - name: Add a second TXT record to 'host04', again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_rec: Some Other Text register: result failed_when: result.changed - name: Ensure that one of 'host04' TXT record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_rec: Some new Text state: absent register: result failed_when: not result.changed - name: Ensure that one of 'host04' TXT record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_rec: Some new Text state: absent register: result failed_when: result.changed - name: Ensure that 'host04' TXT record are all absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_rec: - Some new Text - Some Other Text state: absent register: result failed_when: not result.changed - name: Ensure that 'host04' TXT record are all absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: host04 txt_rec: - Some new Text - Some Other Text state: absent register: result failed_when: result.changed - name: Ensure that '_ftp._tcp' has URI record. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _ftp._tcp uri_priority: 10 uri_weight: 1 uri_target: ftp://ftp.host04."{{ testzone }}"/public register: result failed_when: not result.changed - name: Ensure that '_ftp._tcp' has URI record, again ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _ftp._tcp uri_priority: 10 uri_weight: 1 uri_target: ftp://ftp.host04."{{ testzone }}"/public register: result failed_when: result.changed - name: Change '_ftp._tcp' URI record weight to 3 and priority to 5. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _ftp._tcp uri_priority: 5 uri_weight: 3 uri_rec: 10 1 ftp://ftp.host04."{{ testzone }}"/public register: result failed_when: not result.changed - name: Verify if modification worked. ipadnsrecord: uri_rec: 10 1 ftp://ftp.host04."{{ testzone }}"/public state: absent register: result failed_when: result.changed - name: Change '_ftp._tcp' URI record weight to 3 and priority to 5, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _ftp._tcp uri_priority: 5 uri_weight: 3 uri_rec: 5 3 ftp://ftp.host04."{{ testzone }}"/public register: result failed_when: result.changed - name: Ensure that '_ftp._tcp' URI record is absent. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _ftp._tcp uri_rec: 5 3 ftp://ftp.host04."{{ testzone }}"/public state: absent register: result failed_when: not result.changed - name: Ensure that '_ftp._tcp' URI record is absent, again. ipadnsrecord: ipaadmin_password: SomeADMINpassword zone_name: "{{ testzone }}" name: _ftp._tcp uri_rec: 5 3 ftp://ftp.host04."{{ testzone }}"/public state: absent register: result failed_when: result.changed # cleanup - name: Cleanup test environment. include_tasks: env_cleanup.yml