bodsch · bodsch · Feb 11, 2025 · Feb 5, 2025 · Feb 6, 2025 · Feb 11, 2025
diff --git a/.gitignore b/.gitignore
@@ -4,3 +4,4 @@
 __pycache__
 .cache
 .directory
+.ansible
diff --git a/galaxy.yml b/galaxy.yml
@@ -3,7 +3,7 @@
 namespace: bodsch
 name: dns
 
-version: 0.12.0
+version: 0.13.0
 
 readme: README.md
 
@@ -22,6 +22,8 @@ tags:
   - dns
 
 dependencies:
+  community.general: ">=10.3.0"
+  ansible.utils: "*"
   bodsch.core: ">=1.1.2"
 
 repository: https://github.com/bodsch/ansible-collection-dns

diff --git a/hooks/molecule.rc b/hooks/molecule.rc
@@ -9,3 +9,123 @@ then
 fi
 
 TOX_OPTS="-e ${TOX_ANSIBLE}"
+
+vercomp() {
+
+  [[ $1 == $2 ]] && return 0
+  v1=$(echo "$1" | sed -e 's|-|.|g')
+  v2=$(echo "$2" | sed -e 's|-|.|g')
+
+  local IFS=.
+  local i ver1=($1) ver2=($2)
+  # fill empty fields in ver1 with zeros
+  for ((i=${#ver1[@]}; i<${#ver2[@]}; i++))
+  do
+    ver1[i]=0
+  done
+
+  for ((i=0; i<${#ver1[@]}; i++))
+  do
+    if [[ -z ${ver2[i]} ]]
+    then
+      # fill empty fields in ver2 with zeros
+      ver2[i]=0
+    fi
+    if ((10#${ver1[i]} > 10#${ver2[i]}))
+    then
+      return 1
+    fi
+    if ((10#${ver1[i]} < 10#${ver2[i]}))
+    then
+      return 2
+    fi
+  done
+  return 0
+}
+
+list_collections() {
+
+  if [ -f collections.yml ]
+  then
+    echo "required collection(s)"
+
+    collections=$(ansible-galaxy collection list --format json | grep -v -E "starting run|Validate TLS")
+
+    is_installed="false"
+
+    for collection in $(grep -v "#" collections.yml | grep "^  - name: " | awk -F ': ' '{print $2}')
+    do
+      required_version="$(grep -v "#" collections.yml | grep -A1 "^  - name: ${collection}" | grep "version: " 2> /dev/null | awk -F ': ' '{print $2}' | sed -e 's|=||' -e 's|>||' -e 's|"||g')"
+
+      while read repository
+      do
+        version=
+        installed_version=
+        required_version=
+
+        REPOSITORY=${repository}
+        COLLECTION=${collection}
+
+        repo=$(echo ${collections} | \
+          jq -r \
+            --arg REPOSITORY "$REPOSITORY" \
+            'to_entries | map(select(.key == $REPOSITORY)) | from_entries')
+
+        # echo "$repo"
+
+        installed_version=$(echo ${repo} | \
+          jq -r \
+            --arg COLLECTION "$COLLECTION" \
+            '.[] | with_entries(select(.key | contains($COLLECTION))) | select(.key != {}) | .[].version')
+
+        if [[ ! -z "${installed_version}" ]]
+        then
+          echo "  - '${collection}' is installed in version ${installed_version} (in ${repository})."
+        fi
+      done < <(echo "${collections}" | jq -r 'keys[]')
+    done
+  fi
+}
+
+ansible_collection() {
+
+  if [ -f collections.yml ]
+  then
+    list_collections
+
+    # force install of all collections
+    ansible-galaxy collection install --force --requirements-file collections.yml > /dev/null
+  fi
+}
+
+install_collection() {
+  local collection="${1}"
+
+  echo "Install the required collection '${collection}'"
+  ansible-galaxy collection install ${collection} > /dev/null
+}
+
+remove_collection() {
+
+  local collection="${1}"
+
+  namespace="$(echo "${collection}" | cut -d '.' -f1)"
+  name="$(echo "${collection}" | cut -d '.' -f2)"
+
+  collection="${HOME}/.ansible/collections/ansible_collections/${namespace}/${name}"
+
+  rm \
+    --recursive \
+    --force \
+    "${collection}" > /dev/null
+}
+
+publish() {
+
+  TOKEN="${HOME}/.ansible/galaxy_token"
+
+  if [ -e "${TOKEN}" ]
+  then
+    ansible-galaxy import --token=$(cat "${TOKEN}") bodsch # "???"
+  fi
+}
diff --git a/hooks/run_tox.sh b/hooks/run_tox.sh
@@ -3,7 +3,7 @@
 . hooks/molecule.rc
 
 # set -x
-set -e
+# set -e
 
 TOX_TEST="${1}"
 
@@ -16,6 +16,11 @@ then
 
     pushd "roles/${COLLECTION_ROLE}" > /dev/null
 
+    if [ -e collections.yml ]
+    then
+      ansible_collection
+    fi
+
     tox "${TOX_OPTS}" -- molecule ${TOX_TEST} --scenario-name ${COLLECTION_SCENARIO}
 
     echo ""
@@ -31,6 +36,11 @@ else
 
     pushd roles/${role} > /dev/null
 
+    if [ -e collections.yml ]
+    then
+      ansible_collection
+    fi
+
     if [ "${TOX_TEST}" = "lint" ]
     then
       set +e

diff --git a/meta/runtime.yml b/meta/runtime.yml
@@ -1,3 +1,3 @@
 ---
 
-requires_ansible: '>=2.10.0'
+requires_ansible: '>=2.15.0'
diff --git a/plugins/modules/bind_zone_data.py b/plugins/modules/bind_zone_data.py
@@ -83,76 +83,77 @@ def run(self):
     def forward_zone_data(self, forward_zones):
         """
         """
-        # self.module.log(msg=f"forward_zone_data({forward_zones})")
+        self.module.log(msg=f"forward_zone_data({forward_zones})")
         result = []
         for name in forward_zones:
-            # self.module.log(msg=f" - '{name}'")
+            self.module.log(msg=f" - '{name}'")
 
             res = {}
             res[name] = {}
 
-            line, hash, serial = self.read_zone_file(name)
+            hash, serial = self.read_zone_file(name)
 
             res[name] = dict(
                 filename=str(name),
-                # hash=line,
                 sha256=str(hash),
                 serial=str(serial)
             )
 
             result.append(res)
 
-        # self.module.log(msg=f" = '{result}'")
+        self.module.log(msg=f" = '{result}'")
 
         return result
 
     def reverse_zone_data(self, reverse_zones):
         """
         """
-        # self.module.log(msg=f"reverse_zone_data({reverse_zones})")
+        self.module.log(msg=f"reverse_zone_data({reverse_zones})")
 
         result = []
         for name in reverse_zones:
-            # self.module.log(msg=f" - '{name}'")
+            self.module.log(msg=f" - '{name}'")
 
             filename = self.reverse_zone_names(name)
 
             res = {}
             res[name] = {}
 
-            line, hash, serial = self.read_zone_file(filename)
+            hash, serial = self.read_zone_file(filename)
 
             res[name] = dict(
                 filename=str(filename),
-                # hash=line,
                 sha256=str(hash),
                 serial=str(serial),
                 network=str(name)
             )
 
             result.append(res)
 
-        # self.module.log(msg=f" = '{result}'")
+        self.module.log(msg=f" = '{result}'")
 
         return result
 
     def read_zone_file(self, zone_file):
-
+        """
+        """
         # self.module.log(msg=f"read_zone_file({zone_file})")
-
-        line = None
+        # line = None
         hash = None
         serial = None
         _file_name = os.path.join(self.zone_directory, zone_file)
 
-        # self.module.log(msg=f"'{_file_name}'")
+        # self.module.log(msg=f"   zone_directory: '{self.zone_directory}'")
+        # self.module.log(msg=f"   zone_file     : '{zone_file}'")
+        # self.module.log(msg=f"   file_name     : '{_file_name}'")
+        # self.module.log(msg=f"                 : '{os.path.join(self.zone_directory, _file_name)}'")
 
-        if os.path.exists(self.zone_directory) and os.path.exists(_file_name):
-            with open(os.path.join(self.zone_directory, _file_name), "r") as f:
-                zone_data = f.readlines()
+        if os.path.exists(_file_name):
+            with open(_file_name, "r") as f:
+                # zone_data = f.readlines()
                 # read first 4 lines from file
-                # zone_data = [next(f) for _ in range(14)]
-
+                zone_data = [next(f) for _ in range(5)]
+                # self.module.log(msg=f"                 : {zone_data}")
                 pattern = re.compile(
                     r'; Hash:.*(?P<hash>[0-9A-Za-z]{64}) (?P<timestamp>[0-9]+)', re.MULTILINE)
 
@@ -167,9 +168,9 @@ def read_zone_file(self, zone_file):
                         hash = arr[2]
                         serial = arr[3]
 
-        # self.module.log(msg=f"= line: {line}, hash: {hash}, serial: {serial}")
+        self.module.log(msg=f"= hash: {hash}, serial: {serial}")
 
-        return (line, hash, serial)
+        return (hash, serial)
 
     def define_zone_forward_names(self):
         """

diff --git a/roles/bind/README.md b/roles/bind/README.md
@@ -193,8 +193,14 @@ bind_logging:
 ```yaml
 bind_zones:
   - name: 'example.com'
-    primaries:
-      - 10.11.0.4
+    # default: primary [primary, secondary, forward]
+    # type: 
+    create_forward_zones: true
+    # Skip creation of reverse zones
+    create_reverse_zones: false
+    # fpr type: secondary
+    #primaries:
+    #  - 10.11.0.4
     networks:
       - '192.0.2'
     ipv6_networks:

diff --git a/roles/bind/collections.yml b/roles/bind/collections.yml
@@ -0,0 +1,8 @@
+---
+
+collections:
+  - name: community.general
+    version: ">=10.3.0"
+  - name: ansible.utils
+  - name: bodsch.core
+    version: ">=2.0.0"
diff --git a/roles/bind/molecule/configured/group_vars/all/vars.yml b/roles/bind/molecule/configured/group_vars/all/vars.yml
@@ -114,6 +114,7 @@ bind_zone_soa:
 bind_zones:
   - name: 'acme-inc.com'
     type: primary
+    create_forward_zones: true
     create_reverse_zones: true
     #primaries:
     #  - 10.11.0.1
@@ -179,8 +180,9 @@ bind_zones:
           - 'more text'
 
   - name: cm.local
-    type: primary
-    create_reverse_zones: true  # Skip creation of reverse zones
+    # type: primary               # default: primary [primary, secondary, forward]
+    # create_forward_zones: true
+    # create_reverse_zones: true  # Skip creation of reverse zones
     primaries:
       - "{{ ansible_default_ipv4.address }}" # Primary server(s) for this zone
     name_servers:

diff --git a/roles/bind/molecule/configured/prepare.yml b/roles/bind/molecule/configured/prepare.yml
@@ -11,8 +11,14 @@
           ansible_os_family | lower == 'artix linux'
       block:
         - name: update pacman system
-          ansible.builtin.command: |
-            pacman --refresh --sync --sysupgrade --noconfirm
+          become: true
+          ansible.builtin.command:
+            argv:
+              - pacman
+              - --refresh
+              - --sync
+              - --sysupgrade
+              - --noconfirm
           register: pacman
           changed_when: pacman.rc != 0
           failed_when: pacman.rc != 0

diff --git a/roles/bind/tasks/configure/main.yml b/roles/bind/tasks/configure/main.yml
@@ -44,7 +44,7 @@
   become: true
   ansible.builtin.template:
     src: etc/auth_transfer.j2
-    dest: "{{ bind_conf_dir }}/{{ auth_file }}"
+    dest: "{{ bind_auth_file }}"
     owner: root
     group: "{{ bind_group }}"
     mode: "0640"
@@ -70,7 +70,6 @@
     backup: true
     validate: 'named-checkconf %s'
   notify:
-    # - validate configuration
     - reload bind
 
 ...