@@ -80,94 +80,58 @@ def run(self):
8080 level = self .params .get ("level" )
8181 rules = self .params .get ("rules" )
8282
83- # if rules is not None:
84- # rules = [rules.get('icmp_type')
83+ if level == "vm" :
84+ vm = self .get_vm (vmid = self .params .get ('vmid' ))
85+ node = getattr (self .proxmox_api .nodes (), vm ['node' ])
86+ virt = getattr (node (), vm ['type' ])
87+ vm = getattr (virt (), vm ['vmid' ])
88+ firewall_obj = vm ().firewall
89+ rules_obj = firewall_obj ().rules
8590
86- if state == "present" :
87- if level == "vm" :
88- pass
89- elif level == "node" :
90- pass
91- elif level == "vnet" :
92- pass
93- elif level == "group" :
94- pass
95- else :
96- if rules is not None :
97- self .create_cluster_fw_rules (rules = rules )
98- else :
99- if level == "vm" :
100- rules = self .get_vmid_fw_rules (vmid = self .params ['vmid' ])
101- elif level == "node" :
102- rules = self .get_node_fw_rules (node = self .params ['node' ])
103- elif level == "vnet" :
104- rules = self .get_vnet_fw_rules (vnet = self .params ['vnet' ])
105- elif level == "group" :
106- rules = self .get_group_fw_rules (group = self .params ['group' ])
107- else :
108- rules = self .get_cluster_fw_rules ()
109- self .module .exit_json (
110- changed = False , firewall_rules = rules , msg = f'successfully retrieved firewall rules'
111- )
91+ elif level == "node" :
92+ node = getattr (self .proxmox_api .nodes (), self .params .get ('node' ))
93+ firewall_obj = node ().firewall
94+ rules_obj = firewall_obj ().rules
11295
113- def get_group_fw_rules (self , group , pos = None ):
114- try :
115- group = getattr (self .proxmox_api .cluster ().firewall ().groups (), group )
116- return group ().get (pos = pos )
117- except Exception as e :
118- self .module .fail_json (
119- msg = f'Failed to retrieve security group level firewall rules: { e }
120- )
96+ elif level == "vnet" :
97+ vnet = getattr (self .proxmox_api .cluster ().sdn ().vnets (), self .params .get ('vnet' ))
98+ firewall_obj = vnet ().firewall
99+ rules_obj = firewall_obj ().rules
121100
122- def get_vnet_fw_rules (self , vnet , pos = None ):
123- try :
124- vnet = getattr (self .proxmox_api .cluster ().sdn ().vnets (), vnet )
125- return vnet ().firewall ().rules ().get (pos = pos )
126- except Exception as e :
127- self .module .fail_json (
128- msg = f'Failed to retrieve vnet level firewall rules: { e }
129- )
101+ elif level == "group" :
102+ rules_obj = getattr (self .proxmox_api .cluster ().firewall ().groups (), self .params .get ('group' ))
130103
131- def get_cluster_fw_rules (self , pos = None ):
132- try :
133- return self .proxmox_api .cluster ().firewall ().rules ().get (pos = pos )
134- except Exception as e :
135- self .module .fail_json (
136- msg = f'Failed to retrieve cluster level firewall rules: { e }
137- )
104+ else :
105+ firewall_obj = self .proxmox_api .cluster ().firewall
106+ rules_obj = firewall_obj ().rules
138107
139- def get_node_fw_rules ( self , node , pos = None ) :
140- try :
141- node = getattr ( self .proxmox_api . nodes (), node )
142- return node (). firewall (). rules (). get ( pos = pos )
143- except Exception as e :
144- self .module .fail_json (
145- msg = f'Failed to retrieve cluster level firewall rules: { e }
108+ if state == "present" :
109+ if rules is not None :
110+ self .create_fw_rules ( rules_obj = rules_obj , rules = rules )
111+ else :
112+ rules = self . get_fw_rules ( rules_obj )
113+ self .module .exit_json (
114+ changed = False , firewall_rules = rules , msg = f'successfully retrieved firewall rules'
146115 )
147116
148- def get_vmid_fw_rules (self , vmid , pos = None ):
117+ def get_fw_rules (self , rules_obj , pos = None ):
118+ if pos is not None :
119+ rules_obj = getattr (rules_obj (), str (pos ))
149120 try :
150- vm = self .get_vm (vmid = vmid )
151-
152- node = getattr (self .proxmox_api .nodes (), vm ['node' ])
153- virt = getattr (node (), vm ['type' ])
154- vm = getattr (virt (), vmid )
155-
156- return vm ().firewall ().rules ().get (pos = pos )
121+ return rules_obj .get ()
157122 except Exception as e :
158123 self .module .fail_json (
159- msg = f'Failed to retrieve firewall rules for vmid - { vmid } { e }
124+ msg = f'Failed to retrieve firewall rules: { e }
160125 )
161126
162- def create_cluster_fw_rules (self , rules ):
127+ def create_fw_rules (self , rules_obj , rules ):
163128 for rule in rules :
164129 rule ['icmp-type' ] = rule .get ('icmp_type' )
165130 rule ['enable' ] = ansible_to_proxmox_bool (rule .get ('enable' ))
166131 del rule ['icmp_type' ]
167132 try :
168- firewall_obj = self .proxmox_api .cluster ().firewall
169- firewall_obj ().rules ().post (** rule )
170- self .move_rule_to_correct_pos (firewall_obj , rule )
133+ rules_obj ().post (** rule )
134+ self .move_rule_to_correct_pos (rules_obj , rule )
171135
172136 except Exception as e :
173137 self .module .fail_json (
@@ -178,7 +142,7 @@ def create_cluster_fw_rules(self, rules):
178142 changed = True , msg = f'successfully created firewall rules'
179143 )
180144
181- def move_rule_to_correct_pos (self , firewall_obj , rule ):
145+ def move_rule_to_correct_pos (self , rules_obj , rule ):
182146 ##################################################################################################
183147 # TODO: Once below mentioned issue is fixed. Remove this workaround. #
184148 # Currently Proxmox API doesn't honor pos. All new rules are created at pos 0 #
@@ -191,7 +155,7 @@ def move_rule_to_correct_pos(self, firewall_obj, rule):
191155 rule = {k : v for k , v in rule .items () if v is not None }
192156 if pos is not None and pos != 0 :
193157 try :
194- fw_rule_at0 = getattr (firewall_obj (). rules (), str (0 ))
158+ fw_rule_at0 = getattr (rules_obj (), str (0 ))
195159 for param , value , in fw_rule_at0 .get ().items ():
196160 if param in rule .keys () and param != 'pos' and value != rule .get (param ):
197161 self .module .warn (
0 commit comments