From 4e13bd3bc52c9541d5786a1f05a3e3018005e9fe Mon Sep 17 00:00:00 2001 From: AnsibleGuy Date: Sat, 7 Dec 2024 14:17:59 +0100 Subject: [PATCH] remove deprecated unbound_domain API (fix #117) --- README.md | 1 - docs/source/modules/2_list.rst | 2 +- docs/source/modules/unbound_domain.rst | 123 ----------- docs/source/modules/unbound_forwarding.rst | 1 + meta/runtime.yml | 1 - plugins/module_utils/main/unbound_forward.py | 5 +- plugins/modules/list.py | 6 +- plugins/modules/unbound_domain.py | 71 ------- plugins/modules/unbound_forward.py | 6 + scripts/test.sh | 1 - tests/cleanup.yml | 13 -- tests/list.yml | 2 +- tests/unbound_domain.yml | 209 ------------------- tests/unbound_forward.yml | 12 ++ 14 files changed, 25 insertions(+), 428 deletions(-) delete mode 100644 docs/source/modules/unbound_domain.rst delete mode 100644 plugins/modules/unbound_domain.py delete mode 100644 tests/unbound_domain.yml diff --git a/README.md b/README.md index e6215d4c..db952008 100644 --- a/README.md +++ b/README.md @@ -113,7 +113,6 @@ not implemented => development => [testing](https://github.com/ansibleguy/collec | **DNS** | ansibleguy.opnsense.unbound_forward | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/unbound_forwarding.html) | stable | | **DNS** | ansibleguy.opnsense.unbound_dot | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/unbound_dot.html) | stable | | **DNS** | ansibleguy.opnsense.unbound_host | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/unbound_host.html) | stable | -| **DNS** | ansibleguy.opnsense.unbound_domain | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/unbound_domain.html) | stable | | **DNS** | ansibleguy.opnsense.unbound_host_alias | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/unbound_host_alias.html) | stable | | **DNS** | ansibleguy.opnsense.unbound_dnsbl | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/unbound_host_alias.html) | unstable || **Syslog** | ansibleguy.opnsense.syslog | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/syslog.html) | stable | | **IPSec** | ansibleguy.opnsense.ipsec_connection, ansibleguy.opnsense.ipsec_tunnel | [Docs](https://opnsense.ansibleguy.net/en/latest/modules/ipsec.html) | stable | diff --git a/docs/source/modules/2_list.rst b/docs/source/modules/2_list.rst index 79d25872..36482b0a 100644 --- a/docs/source/modules/2_list.rst +++ b/docs/source/modules/2_list.rst @@ -21,7 +21,7 @@ In most cases the returned type of this module ist a list of dictionaries. :header: "Parameter", "Type", "Required", "Default", "Aliases", "Comment" :widths: 15 10 10 10 10 45 - "target","string","true","\-","tgt, t","What part of the running config should be queried/listed. One of: 'alias', 'rule', 'route', 'cron', 'syslog', 'package', 'unbound_general', 'unbound_acl', 'unbound_host', 'unbound_domain', 'unbound_dot', 'unbound_forward', 'unbound_host_alias', 'ipsec_cert', 'shaper_pipe', 'shaper_queue', 'shaper_rule', 'monit_service', 'monit_test', 'monit_alert', 'wireguard_server', 'wireguard_peer', 'interface_lagg', 'interface_vlan', 'interface_vxlan', 'source_nat', 'frr_bfd', 'frr_bgp_general', 'frr_bgp_neighbor', 'frr_bgp_prefix_list', 'frr_bgp_community_list', 'frr_bgp_as_path', 'frr_bgp_route_map', 'frr_ospf_general', 'frr_ospf_prefix_list', 'frr_ospf_interface', 'frr_ospf_route_map', 'frr_ospf_network', 'frr_ospf3_general', 'frr_ospf3_interface', 'frr_rip', 'bind_general', 'bind_blocklist', 'bind_acl', 'bind_domain', 'bind_record', 'interface_vip', 'webproxy_general', 'webproxy_cache', 'webproxy_parent', 'webproxy_traffic', 'webproxy_forward', 'webproxy_acl', 'webproxy_icap', 'webproxy_auth', 'webproxy_remote_acl', 'webproxy_pac_proxy', 'webproxy_pac_match', 'webproxy_pac_rule', 'unbound_dnsbl'" + "target","string","true","\-","tgt, t","What part of the running config should be queried/listed. One of: 'alias', 'rule', 'route', 'cron', 'syslog', 'package', 'unbound_general', 'unbound_acl', 'unbound_host', 'unbound_dot', 'unbound_forward', 'unbound_host_alias', 'ipsec_cert', 'shaper_pipe', 'shaper_queue', 'shaper_rule', 'monit_service', 'monit_test', 'monit_alert', 'wireguard_server', 'wireguard_peer', 'interface_lagg', 'interface_vlan', 'interface_vxlan', 'source_nat', 'frr_bfd', 'frr_bgp_general', 'frr_bgp_neighbor', 'frr_bgp_prefix_list', 'frr_bgp_community_list', 'frr_bgp_as_path', 'frr_bgp_route_map', 'frr_ospf_general', 'frr_ospf_prefix_list', 'frr_ospf_interface', 'frr_ospf_route_map', 'frr_ospf_network', 'frr_ospf3_general', 'frr_ospf3_interface', 'frr_rip', 'bind_general', 'bind_blocklist', 'bind_acl', 'bind_domain', 'bind_record', 'interface_vip', 'webproxy_general', 'webproxy_cache', 'webproxy_parent', 'webproxy_traffic', 'webproxy_forward', 'webproxy_acl', 'webproxy_icap', 'webproxy_auth', 'webproxy_remote_acl', 'webproxy_pac_proxy', 'webproxy_pac_match', 'webproxy_pac_rule', 'unbound_dnsbl'" .. include:: ../_include/param_basic.rst diff --git a/docs/source/modules/unbound_domain.rst b/docs/source/modules/unbound_domain.rst deleted file mode 100644 index 9b00ba7f..00000000 --- a/docs/source/modules/unbound_domain.rst +++ /dev/null @@ -1,123 +0,0 @@ -.. _modules_unbound_domain: - -.. include:: ../_include/head.rst - -=============================== -DNS - Unbound - Domain Override -=============================== - - -**STATE**: stable - -**TESTS**: `Playbook `_ - -**API Docs**: `Core - Unbound `_ - -**Service Docs**: `Unbound `_ - -Definition -********** - -.. csv-table:: Definition - :header: "Parameter", "Type", "Required", "Default", "Aliases", "Comment" - :widths: 15 10 10 10 10 45 - - "match_fields","string","false","['domain', 'server']","\-","Fields that are used to match configured domain-overrides with the running config - if any of those fields are changed, the module will think it's a new entry. At least one of: 'domain', 'server', 'description'" - "domain","string","true","\-","dom, d","Domain to override" - "server","string","true","\-","value, srv","IP address of the authoritative DNS server for this domain. To use a non-default port for communication, append an '@' with the port number" - "description","string","false","\-","desc","Optional description for the domain-override. Could be used as unique-identifier when set as only 'match_field'." - "reload","boolean","false","true","\-", .. include:: ../_include/param_reload.rst - -.. include:: ../_include/param_basic.rst - -Info -**** - -This module manages DNS domain-overrides configuration that can be found in the WEB-UI menu: 'Services - Unbound DNS - Overrides - Domain overrides' - -Entries like these override an entire domain by specifying an authoritative DNS server to be queried for that domain. - -.. warning:: - - Unbound service actions like :code:`reload` can take long. Please be aware of the **possible downtime**! - - You may also need to increase the module :code:`timeout`. - -Usage -***** - -First you will have to know about **domain-matching**. - -The module somehow needs to link the configured and existing domain-overrides to manage them. - -You can to set how this matching is done by setting the 'match_fields' parameter! - -The default behaviour is that a domain-override is matched by its 'domain' and 'server' fields. - -However - it is **recommended** to use/set 'description' as **unique identifier** if many overrides are used. - -.. include:: ../_include/unbound_mass.rst - -Examples -******** - -.. code-block:: yaml - - - hosts: localhost - gather_facts: no - module_defaults: - group/ansibleguy.opnsense.all: - firewall: 'opnsense.template.ansibleguy.net' - api_credential_file: '/home/guy/.secret/opn.key' - - ansibleguy.opnsense.unbound_domain: - match_fields: ['description'] - - ansibleguy.opnsense.list: - target: 'unbound_domain' - - tasks: - - name: Example - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.template.ansibleguy.net' - server: '192.168.0.1' - # match_fields: ['description'] - # description: 'example' - # state: 'present' - # reload: true - # enabled: true - # debug: false - - - name: Adding - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.template.ansibleguy.net' - server: '192.168.0.1' - match_fields: ['description'] - description: 'test1' - # match_fields: ['description'] - - - name: Disabling - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.template.ansibleguy.net' - server: '192.168.0.1' - match_fields: ['description'] - description: 'test1' - enabled: false - # match_fields: ['description'] - - - name: Removing - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.template.ansibleguy.net' - server: '192.168.0.1' - state: 'absent' - description: 'test1' - # match_fields: ['description'] - - - name: Listing - ansibleguy.opnsense.list: - # target: 'unbound_domain' - register: existing_entries - - - name: Printing domains - ansible.builtin.debug: - var: existing_entries.data diff --git a/docs/source/modules/unbound_forwarding.rst b/docs/source/modules/unbound_forwarding.rst index 216b122a..63203c79 100644 --- a/docs/source/modules/unbound_forwarding.rst +++ b/docs/source/modules/unbound_forwarding.rst @@ -25,6 +25,7 @@ Definition "domain","string","false","\-","dom, d","Domain of the host. All queries for this domain will be forwarded to the nameserver specified. Leave empty to catch all queries and forward them to the nameserver" "target","string","true","\-","server, srv, tgt","Server to forward the dns queries to" "port","string","false","53","p","DNS port of the target server" + "forward_tcp","boolean","false","false","forward_tcp_upstream, fwd_tcp","Upstream queries use TCP only for transport regardless of global flag tcp-upstream. Please note this setting applies to the domain, so when multiple forwarders are defined for the same domain, all are assumed to use tcp only." "reload","boolean","false","true","\-", .. include:: ../_include/param_reload.rst .. include:: ../_include/param_basic.rst diff --git a/meta/runtime.yml b/meta/runtime.yml index 807d9281..0e1ac017 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -18,7 +18,6 @@ action_groups: - ansibleguy.opnsense.unbound_forward - ansibleguy.opnsense.unbound_dot - ansibleguy.opnsense.unbound_host - - ansibleguy.opnsense.unbound_domain - ansibleguy.opnsense.unbound_host_alias - ansibleguy.opnsense.unbound_dnsbl ipsec: diff --git a/plugins/module_utils/main/unbound_forward.py b/plugins/module_utils/main/unbound_forward.py index 9d6b4058..df01c9fd 100644 --- a/plugins/module_utils/main/unbound_forward.py +++ b/plugins/module_utils/main/unbound_forward.py @@ -22,14 +22,15 @@ class Forward(BaseModule): API_CONT = 'settings' API_CONT_REL = 'service' API_CMD_REL = 'reconfigure' - FIELDS_CHANGE = ['domain', 'target', 'port'] + FIELDS_CHANGE = ['domain', 'target', 'port', 'forward_tcp'] FIELDS_ALL = ['type', 'enabled'] FIELDS_ALL.extend(FIELDS_CHANGE) FIELDS_TRANSLATE = { 'target': 'server', + 'forward_tcp': 'forward_tcp_upstream', } FIELDS_TYPING = { - 'bool': ['enabled'], + 'bool': ['enabled', 'forward_tcp'], 'int': ['port'], } EXIST_ATTR = 'fwd' diff --git a/plugins/modules/list.py b/plugins/modules/list.py index 5c527913..b447d41a 100644 --- a/plugins/modules/list.py +++ b/plugins/modules/list.py @@ -23,7 +23,7 @@ # EXAMPLES = 'https://opnsense.ansibleguy.net/en/latest/modules/list.html' TARGETS = [ - 'alias', 'rule', 'rule_interface_group', 'route', 'gateway', 'syslog', 'package', 'unbound_host', 'unbound_domain', + 'alias', 'rule', 'rule_interface_group', 'route', 'gateway', 'syslog', 'package', 'unbound_host', 'frr_ospf_general', 'frr_ospf3_general', 'unbound_forward', 'shaper_pipe', 'shaper_queue', 'shaper_rule', 'monit_service', 'monit_test', 'monit_alert', 'wireguard_server', 'bind_domain', 'wireguard_peer', 'interface_vlan', 'unbound_host_alias', 'interface_vxlan', 'frr_bfd_neighbor', 'frr_bgp_general', 'frr_bgp_neighbor', @@ -107,10 +107,6 @@ def run_module(): from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.unbound_host_alias \ import Alias as Target_Obj - elif target == 'unbound_domain': - from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.unbound_domain import \ - Domain as Target_Obj - elif target == 'unbound_dot': from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.unbound_dot \ import DnsOverTls as Target_Obj diff --git a/plugins/modules/unbound_domain.py b/plugins/modules/unbound_domain.py deleted file mode 100644 index 704a71fd..00000000 --- a/plugins/modules/unbound_domain.py +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- - -# Copyright: (C) 2024, AnsibleGuy -# GNU General Public License v3.0+ (see https://www.gnu.org/licenses/gpl-3.0.txt) - -# see: https://docs.opnsense.org/development/api/core/unbound.html - -from ansible.module_utils.basic import AnsibleModule - -from ansible_collections.ansibleguy.opnsense.plugins.module_utils.base.handler import \ - module_dependency_error, MODULE_EXCEPTIONS - -try: - from ansible_collections.ansibleguy.opnsense.plugins.module_utils.helper.wrapper import module_wrapper - from ansible_collections.ansibleguy.opnsense.plugins.module_utils.defaults.main import \ - OPN_MOD_ARGS, STATE_MOD_ARG, RELOAD_MOD_ARG - from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.unbound_domain import Domain - -except MODULE_EXCEPTIONS: - module_dependency_error() - - -# DOCUMENTATION = 'https://opnsense.ansibleguy.net/en/latest/modules/unbound_domain.html' -# EXAMPLES = 'https://opnsense.ansibleguy.net/en/latest/modules/unbound_domain.html' - - -def run_module(): - module_args = dict( - domain=dict(type='str', required=True, aliases=['dom', 'd']), - server=dict( - type='str', required=True, aliases=['value', 'srv'], - description='IP address of the authoritative DNS server for this domain. ' - "To use a non-default port for communication, append an '@' with the port number", - ), - description=dict(type='str', required=False, aliases=['desc']), - match_fields=dict( - type='list', required=False, elements='str', - description='Fields that are used to match configured domain-overrides with the running config - ' - "if any of those fields are changed, the module will think it's a new entry", - choices=['domain', 'server', 'description'], - default=['domain', 'server'], - ), - **RELOAD_MOD_ARG, - **STATE_MOD_ARG, - **OPN_MOD_ARGS, - ) - - result = dict( - changed=False, - diff={ - 'before': {}, - 'after': {}, - } - ) - - module = AnsibleModule( - argument_spec=module_args, - supports_check_mode=True, - ) - - module_wrapper(Domain(module=module, result=result)) - module.exit_json(**result) - - -def main(): - run_module() - - -if __name__ == '__main__': - main() diff --git a/plugins/modules/unbound_forward.py b/plugins/modules/unbound_forward.py index d51673f9..7e3c0409 100644 --- a/plugins/modules/unbound_forward.py +++ b/plugins/modules/unbound_forward.py @@ -41,6 +41,12 @@ def run_module(): description='DNS port of the target server' ), type=dict(type='str', required=False, choices=['forward'], default='forward'), + forward_tcp=dict( + type='bool', required=False, default=False, aliases=['forward_tcp_upstream', 'fwd_tcp'], + description='Upstream queries use TCP only for transport regardless of global flag tcp-upstream. ' + 'Please note this setting applies to the domain, so when multiple forwarders are ' + 'defined for the same domain, all are assumed to use tcp only.' + ), **RELOAD_MOD_ARG, **STATE_MOD_ARG, **OPN_MOD_ARGS, diff --git a/scripts/test.sh b/scripts/test.sh index ca91ff1e..982719c9 100755 --- a/scripts/test.sh +++ b/scripts/test.sh @@ -70,7 +70,6 @@ run_test 'unbound_acl' 1 run_test 'unbound_dot' 1 run_test 'unbound_forward' 1 run_test 'unbound_host' 1 -run_test 'unbound_domain' 1 run_test 'unbound_host_alias' 1 run_test 'unbound_dnsbl' 1 run_test 'syslog' 1 diff --git a/tests/cleanup.yml b/tests/cleanup.yml index b936ad98..1012579f 100644 --- a/tests/cleanup.yml +++ b/tests/cleanup.yml @@ -111,19 +111,6 @@ ' - 'ANSIBLE_TEST_2_1' - - name: Cleanup Unbound DNS domain-overrides - ansibleguy.opnsense.unbound_domain: - description: "{{ item }}" - domain: 'dummy.local' - server: '192.168.0.1' - state: 'absent' - match_fields: ['description'] - reload: false # speed - loop: - - 'ANSIBLE_TEST_1_1' - - 'ANSIBLE_TEST_1_2' - - 'ANSIBLE_TEST_1_3' - - name: Cleanup syslog ansibleguy.opnsense.syslog: description: "{{ item }}" diff --git a/tests/list.yml b/tests/list.yml index 2920ede2..00299e26 100644 --- a/tests/list.yml +++ b/tests/list.yml @@ -20,7 +20,7 @@ ansibleguy.opnsense.list: target: "{{ item }}" when: not ansible_check_mode - loop: ['unbound_general', 'unbound_acl', 'unbound_host', 'unbound_domain', 'unbound_forward', 'unbound_host_alias', 'unbound_dot'] + loop: ['unbound_general', 'unbound_acl', 'unbound_host', 'unbound_forward', 'unbound_host_alias', 'unbound_dot'] - name: Querying config - Traffic shaper ansibleguy.opnsense.list: diff --git a/tests/unbound_domain.yml b/tests/unbound_domain.yml deleted file mode 100644 index 88a08baa..00000000 --- a/tests/unbound_domain.yml +++ /dev/null @@ -1,209 +0,0 @@ ---- - -# todo: test default matching - -- name: Testing Unbound Domain overrides - hosts: localhost - gather_facts: no - module_defaults: - group/ansibleguy.opnsense.all: - firewall: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL') }}" - api_credential_file: "{{ lookup('ansible.builtin.env', 'TEST_API_KEY') }}" - ssl_verify: false - - ansibleguy.opnsense.unbound_domain: - match_fields: ['description'] - timeout: 60 - - ansibleguy.opnsense.list: - target: 'unbound_domain' - - tasks: - - name: Listing - ansibleguy.opnsense.list: - register: opn10 - failed_when: > - 'data' not in opn10 or - opn10.data | length != 0 - - - name: Removing - does not exist - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.0.1' - state: 'absent' - description: 'ANSIBLE_TEST_1_1' - reload: false - register: opn1 - failed_when: > - opn1.failed or - opn1.changed - - - name: Adding 1 - failing because of invalid value - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: 'INVALID-IP' - description: 'ANSIBLE_TEST_1_1' - reload: false - register: opn11 - failed_when: not opn11.failed - - - name: Adding 1 - failing because of invalid domain - ansibleguy.opnsense.unbound_domain: - domain: '!INVALID-DOMAIN!' - server: 'INVALID-IP' - description: 'ANSIBLE_TEST_1_1' - reload: false - register: opn12 - failed_when: not opn12.failed - - - name: Adding 1 - failing because of invalid ip-port combinations - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: "{{ item }}" - description: 'ANSIBLE_TEST_1_1' - reload: false - register: opn14 - failed_when: not opn14.failed - loop: - - 'INVALID-IP@INVALID-PORT' - - '192.168.0.1@INVALID-PORT' - - '192.168.0.1@53530@' - - '192.168.X.1@53530' - - '192.168.0.1@535300' - - - name: Adding 1 - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.0.1' - description: 'ANSIBLE_TEST_1_1' - reload: false # speed - register: opn4 - failed_when: > - opn4.failed or - not opn4.changed - - - name: Disabling 1 - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.0.1' - description: 'ANSIBLE_TEST_1_1' - enabled: false - reload: false # speed - register: opn6 - failed_when: > - opn6.failed or - not opn6.changed - when: not ansible_check_mode - - - name: Disabling 1 - nothing changed - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.0.1' - description: 'ANSIBLE_TEST_1_1' - enabled: false - reload: false # speed - register: opn9 - failed_when: > - opn9.failed or - opn9.changed - when: not ansible_check_mode - - - name: Enabling 1 - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.0.1' - description: 'ANSIBLE_TEST_1_1' - reload: false # speed - register: opn7 - failed_when: > - opn7.failed or - not opn7.changed - when: not ansible_check_mode - - - name: Adding 2 - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.1.1' - description: 'ANSIBLE_TEST_1_2' - reload: false # speed - register: opn5 - failed_when: > - opn5.failed or - not opn5.changed - - - name: Adding 2 - nothing changed - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.1.1' - description: 'ANSIBLE_TEST_1_2' - reload: false # speed - register: opn13 - failed_when: > - opn13.failed or - opn13.changed - when: not ansible_check_mode - - - name: Changing 2 - server with port - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.1.1@1053' - description: 'ANSIBLE_TEST_1_2' - reload: false # speed - register: opn15 - failed_when: > - opn15.failed or - not opn15.changed - when: not ansible_check_mode - - - name: Adding 2 - nothing changed - ansibleguy.opnsense.unbound_domain: - domain: 'opnsense.test.ansibleguy.net' - server: '192.168.1.1@1053' - description: 'ANSIBLE_TEST_1_2' - reload: false # speed - register: opn16 - failed_when: > - opn16.failed or - opn16.changed - when: not ansible_check_mode - - - name: Removing 2 - ansibleguy.opnsense.unbound_domain: - description: 'ANSIBLE_TEST_1_2' - domain: 'dummy.local' - server: '192.168.1.1' - state: 'absent' - reload: false # speed - register: opn8 - failed_when: > - opn8.failed or - not opn8.changed - when: not ansible_check_mode - - - name: Listing - ansibleguy.opnsense.list: - register: opn3 - failed_when: > - 'data' not in opn3 or - opn3.data | length != 1 - when: not ansible_check_mode - - - name: Cleanup - ansibleguy.opnsense.unbound_domain: - description: "{{ item }}" - domain: 'dummy.local' - server: '192.168.0.1' - state: 'absent' - reload: false - loop: - - 'ANSIBLE_TEST_1_1' - - 'ANSIBLE_TEST_1_2' - when: not ansible_check_mode - - - name: Listing - ansibleguy.opnsense.list: - register: opn2 - failed_when: > - 'data' not in opn2 or - opn2.data | length != 0 - when: not ansible_check_mode diff --git a/tests/unbound_forward.yml b/tests/unbound_forward.yml index cf79a656..f19d8683 100644 --- a/tests/unbound_forward.yml +++ b/tests/unbound_forward.yml @@ -100,6 +100,18 @@ not opn7.changed when: not ansible_check_mode + - name: Channging 2 - tcp-forward + ansibleguy.opnsense.unbound_forward: + domain: 'fwd.opnsense.test.ansibleguy.net' + target: '1.1.1.2' + forward_tcp: true + reload: false # speed + register: opn12 + failed_when: > + opn12.failed or + not opn12.changed + when: not ansible_check_mode + - name: Removing 2 ansibleguy.opnsense.unbound_forward: domain: 'fwd.opnsense.test.ansibleguy.net'