fmgr_system_dhcp_server – Configure DHCP servers.
Added in version 2.0.0.
Warning
Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case).
Argument name before 3.0.0:
var-name
,var name
,var.name
New argument name starting in 3.0.0:
var_name
FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg.
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v7.x.
Requirements
The below requirements are needed on the host that executes this module.
ansible>=2.15.0
FortiManager Version Compatibility
Supported Version Ranges: v6.0.0 -> latest
Parameters
- access_token -The token to access FortiManager without using username and password. type: str required: false
- bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
- proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
- adom - The parameter in requested url type: str required: true
- system_dhcp_server - Configure DHCP servers. type: dict
- auto_configuration (Alias name: auto-configuration) Enable/disable auto configuration. type: str choices: [disable, enable] more...
- conflicted_ip_timeout (Alias name: conflicted-ip-timeout) Time in seconds to wait after a conflicted ip address is removed from the dhcp range before it can be reused. type: int more...
- ddns_auth (Alias name: ddns-auth) Ddns authentication mode. type: str choices: [disable, tsig] more...
- ddns_key (Alias name: ddns-key) Ddns update key (base 64 encoding). type: list or str more...
- ddns_keyname (Alias name: ddns-keyname) Ddns update key name. type: str more...
- ddns_server_ip (Alias name: ddns-server-ip) Ddns server ip. type: str more...
- ddns_ttl (Alias name: ddns-ttl) Ttl. type: int more...
- ddns_update (Alias name: ddns-update) Enable/disable ddns update for dhcp. type: str choices: [disable, enable] more...
- ddns_update_override (Alias name: ddns-update-override) Enable/disable ddns update override for dhcp. type: str choices: [disable, enable] more...
- ddns_zone (Alias name: ddns-zone) Zone of your domain name (ex. type: str more...
- default_gateway (Alias name: default-gateway) Default gateway ip address assigned by the dhcp server. type: str more...
- dns_server1 (Alias name: dns-server1) Dns server 1. type: str more...
- dns_server2 (Alias name: dns-server2) Dns server 2. type: str more...
- dns_server3 (Alias name: dns-server3) Dns server 3. type: str more...
- dns_service (Alias name: dns-service) Options for assigning dns servers to dhcp clients. type: str choices: [default, specify, local] more...
- domain Domain name suffix for the ip addresses that the dhcp server assigns to clients. type: str more...
- exclude_range (Alias name: exclude-range) Exclude range. type: list
more...
- end_ip (Alias name: end-ip) End of ip range. type: str more...
- id Id. type: int more...
- start_ip (Alias name: start-ip) Start of ip range. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) One or more vci strings in quotes separated by spaces. type: list more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means default lease time. type: int more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) One or more uci strings in quotes separated by spaces. type: list more...
- filename Name of the boot file on the tftp server. type: str more...
- forticlient_on_net_status (Alias name: forticlient-on-net-status) Enable/disable forticlient-on-net service for this dhcp server. type: str choices: [disable, enable] more...
- id Id. type: int more...
- interface Dhcp server can assign ip configurations to clients connected to this interface. type: str more...
- ip_mode (Alias name: ip-mode) Method used to assign client ip. type: str choices: [range, usrgrp] more...
- ip_range (Alias name: ip-range) Ip range. type: list
more...
- end_ip (Alias name: end-ip) End of ip range. type: str more...
- id Id. type: int more...
- start_ip (Alias name: start-ip) Start of ip range. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) One or more vci strings in quotes separated by spaces. type: list more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means default lease time. type: int more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) One or more uci strings in quotes separated by spaces. type: list more...
- ipsec_lease_hold (Alias name: ipsec-lease-hold) Dhcp over ipsec leases expire this many seconds after tunnel down (0 to disable forced-expiry). type: int more...
- lease_time (Alias name: lease-time) Lease time in seconds, 0 means unlimited. type: int more...
- mac_acl_default_action (Alias name: mac-acl-default-action) Mac access control default action (allow or block assigning ip settings). type: str choices: [assign, block] more...
- netmask Netmask assigned by the dhcp server. type: str more...
- next_server (Alias name: next-server) Ip address of a server (for example, a tftp sever) that dhcp clients can download a boot file from. type: str more...
- ntp_server1 (Alias name: ntp-server1) Ntp server 1. type: str more...
- ntp_server2 (Alias name: ntp-server2) Ntp server 2. type: str more...
- ntp_server3 (Alias name: ntp-server3) Ntp server 3. type: str more...
- ntp_service (Alias name: ntp-service) Options for assigning network time protocol (ntp) servers to dhcp clients. type: str choices: [default, specify, local] more...
- options Options. type: list
more...
- code Dhcp option code. type: int more...
- id Id. type: int more...
- ip Dhcp option ips. type: list more...
- type Dhcp option type. type: str choices: [hex, string, ip, fqdn] more...
- value Dhcp option value. type: str more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) One or more vci strings in quotes separated by spaces. type: list more...
- uci_match (Alias name: uci-match) Enable/disable user class identifier (uci) matching. type: str choices: [disable, enable] more...
- uci_string (Alias name: uci-string) One or more uci strings in quotes separated by spaces. type: list more...
- reserved_address (Alias name: reserved-address) Reserved address. type: list
more...
- action Options for the dhcp server to configure the client with the reserved mac address. type: str choices: [assign, block, reserved] more...
- description Description. type: str more...
- id Id. type: int more...
- ip Ip address to be reserved for the mac address. type: str more...
- mac Mac address of the client that will get the reserved ip address. type: str more...
- circuit_id (Alias name: circuit-id) Option 82 circuit-id of the client that will get the reserved ip address. type: str more...
- circuit_id_type (Alias name: circuit-id-type) Dhcp option type. type: str choices: [hex, string] more...
- remote_id (Alias name: remote-id) Option 82 remote-id of the client that will get the reserved ip address. type: str more...
- remote_id_type (Alias name: remote-id-type) Dhcp option type. type: str choices: [hex, string] more...
- type Dhcp reserved-address type. type: str choices: [mac, option82] more...
- server_type (Alias name: server-type) Dhcp server can be a normal dhcp server or an ipsec dhcp server. type: str choices: [regular, ipsec] more...
- status Enable/disable this dhcp configuration. type: str choices: [disable, enable] more...
- tftp_server (Alias name: tftp-server) One or more hostnames or ip addresses of the tftp servers in quotes separated by spaces. type: list more...
- timezone Select the time zone to be assigned to dhcp clients. type: str choices: [00, 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87] more...
- timezone_option (Alias name: timezone-option) Options for the dhcp server to set the clients time zone. type: str choices: [disable, default, specify] more...
- vci_match (Alias name: vci-match) Enable/disable vendor class identifier (vci) matching. type: str choices: [disable, enable] more...
- vci_string (Alias name: vci-string) One or more vci strings in quotes separated by spaces. type: list more...
- wifi_ac1 (Alias name: wifi-ac1) Wifi access controller 1 ip address (dhcp option 138, rfc 5417). type: str more...
- wifi_ac2 (Alias name: wifi-ac2) Wifi access controller 2 ip address (dhcp option 138, rfc 5417). type: str more...
- wifi_ac3 (Alias name: wifi-ac3) Wifi access controller 3 ip address (dhcp option 138, rfc 5417). type: str more...
- wins_server1 (Alias name: wins-server1) Wins server 1. type: str more...
- wins_server2 (Alias name: wins-server2) Wins server 2. type: str more...
- dns_server4 (Alias name: dns-server4) Dns server 4. type: str more...
- wifi_ac_service (Alias name: wifi-ac-service) Options for assigning wifi access controllers to dhcp clients type: str choices: [specify, local] more...
- auto_managed_status (Alias name: auto-managed-status) Enable/disable use of this dhcp server once this interface has been assigned an ip address from fortiipam. type: str choices: [disable, enable] more...
- dhcp_settings_from_fortiipam (Alias name: dhcp-settings-from-fortiipam) Enable/disable populating of dhcp server settings from fortiipam. type: str choices: [disable, enable] more...
- relay_agent (Alias name: relay-agent) Relay agent ip. type: str more...
- shared_subnet (Alias name: shared-subnet) Enable/disable shared subnet. type: str choices: [disable, enable] more...
Notes
Note
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure DHCP servers.
fortinet.fortimanager.fmgr_system_dhcp_server:
bypass_validation: false
adom: ansible
state: present
system_dhcp_server:
auto-configuration: enable # <value in [disable, enable]>
default-gateway: "222.222.222.1"
filename: ansible-file
id: 1
interface: any
ip-mode: range # <value in [range, usrgrp]>
ip-range:
- end-ip: 222.222.222.22
id: 1
start-ip: 222.222.222.2
netmask: 255.255.255.0
server-type: regular # <value in [regular, ipsec]>
status: disable # <value in [disable, enable]>
- name: Gathering fortimanager facts
hosts: fortimanagers
gather_facts: false
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Retrieve all the DHCP servers
fortinet.fortimanager.fmgr_fact:
facts:
selector: "system_dhcp_server"
params:
adom: "ansible"
server: "your_value"
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta - The result of the request.returned: always type: dict
- request_url - The full url requested. returned: always type: str sample: /sys/login/user
- response_code - The status of api request. returned: always type: int sample: 0
- response_data - The data body of the api response. returned: optional type: list or dict
- response_message - The descriptive message of the api response. returned: always type: str sample: OK
- system_information - The information of the target system. returned: always type: dict
- rc - The status the request. returned: always type: int sample: 0
- version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status
This module is not guaranteed to have a backwards compatible interface.