ipa_host - Manage FreeIPA host
New in version 2.3.
Synopsis
- Add, modify and delete an IPA host using IPA API
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| description | no | A description of this host. | ||
| force | no | Force host name even if not in DNS. | ||
| fqdn | yes | Full qualified domain name. Can not be changed as it is the unique identifier. aliases: name | ||
| ip_address | no | Add the host to DNS with this IP address. | ||
| ipa_host | no | ipa.example.com | IP or hostname of IPA server | |
| ipa_pass | yes | Password of administrative user | ||
| ipa_port | no | 443 | Port of IPA server | |
| ipa_prot | no | https |
| Protocol used by IPA server |
| ipa_user | no | admin | Administrative account used on IPA server | |
| mac_address | no | List of Hardware MAC address(es) off this host. If option is omitted MAC addresses will not be checked or changed. If an empty list is passed all assigned MAC addresses will be removed. MAC addresses that are already assigned but not passed will be removed. aliases: macaddress | ||
| ns_hardware_platform | no | Host hardware platform (e.g. "Lenovo T61") aliases: nshardwareplatform | ||
| ns_host_location | no | Host location (e.g. "Lab 2") aliases: nshostlocation | ||
| ns_os_version | no | Host operating system and version (e.g. "Fedora 9") aliases: nsosversion | ||
| state | no | present |
| State to ensure |
| user_certificate | no | List of Base-64 encoded server certificates. If option is omitted certificates will not be checked or changed. If an empty list is passed all assigned certificates will be removed. Certificates already assigned but not passed will be removed. aliases: usercertificate | ||
| validate_certs | no | True | This only applies if ipa_prot is https.If set to no, the SSL certificates will not be validated.This should only set to no used on personally controlled sites using self-signed certificates. |
Examples
# Ensure host is present
- ipa_host:
name: host01.example.com
description: Example host
ip_address: 192.168.0.123
ns_host_location: Lab
ns_os_version: CentOS 7
ns_hardware_platform: Lenovo T61
mac_address:
- "08:00:27:E3:B1:2D"
- "52:54:00:BD:97:1E"
state: present
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
# Ensure host is disabled
- ipa_host:
name: host01.example.com
state: disabled
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
# Ensure that all user certificates are removed
- ipa_host:
name: host01.example.com
user_certificate: []
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
# Ensure host is absent
- ipa_host:
name: host01.example.com
state: absent
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
Return Values
Common return values are documented here Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| host | Host as returned by IPA API. | always | dict | |
| host_diff | List of options that differ and would be changed | if check mode and a difference is found | list |
Status
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/ipa_host_module.html