Skip to content
Snippets Groups Projects
Unverified Commit 4dc3b20d authored by Nico's avatar Nico
Browse files

restructure inventory and add role to create dns records

parent cc2a8716
Branches
Tags
No related merge requests found
--- ---
dns_secondary: role_dns_secondary:
hosts: hosts:
dns02.as208772.net: dns02.as208772.net:
ansible_ssh_user: root
dns03.freifunk-stuttgart.eu: dns03.freifunk-stuttgart.eu:
ansible_ssh_host: 3201.ffs11
ansible_ssh_user: root
--- ---
revproxy: role_revproxy:
hosts: hosts:
revproxy-05.freifunk-stuttgart.de: revproxy-05.freifunk-stuttgart.de:
revproxy-03.freifunk-stuttgart.de: revproxy-03.freifunk-stuttgart.de:
revproxy.as208772.net: revproxy.as208772.net:
ansible_ssh_user: root
--- ---
roles: roles:
- name: hifis.unattended_upgrades - name: hifis.unattended_upgrades
- name: community.general.nsupdate
- name: lihas_apache - name: lihas_apache
src: https://github.com/LinuxHaus/ansible_lihas_apache.git src: https://github.com/LinuxHaus/ansible_lihas_apache.git
version: origin/master version: origin/master
......
--- ---
- hosts: backbone - hosts: role_backbone
roles: roles:
- backbone - backbone
--- ---
- hosts: backbone_babel - hosts: role_backbone_babel
roles: roles:
- backbone_babel - backbone_babel
File moved
--- ---
- hosts: dns_secondary - hosts: role_dns_secondary
roles: roles:
- dns - dns
- hosts: dns01.freifunk-stuttgart.net - hosts: role_dns_primary
roles: roles:
- dns - dns
---
- hosts: ffspveguests
roles:
- dns_records
--- ---
- hosts: revproxy - hosts: role_revproxy
roles: roles:
- revproxy - revproxy
---
dns_records_nsupdate_key_algorithm: hmac-sha512
---
argument_specs:
main:
short_description: Create DNSv6 records for hosts
description:
- This will create forward and in the future also reverse lookup records for the discovered IPv6 addresses of the targeted host.
author:
- Nico Boehr
options:
dns_records_nsupdate_key_name:
type: str
required: true
description:
- The name of the nsupdate TSIG key to use for signing DNS update messages.
dns_records_nsupdate_key_secret:
type: str
required: true
description:
- The secret of the nsupdate TSIG key to use for signing DNS update messages.
dns_records_nsupdate_key_algorithm:
type: str
default: hmac-sha512
description:
- The algorithm of the TSIG key.
dns_records_nsupdate_server:
type: str
required: true
description:
- The server to send nsupdates to.
---
- name: "Create DNS forward record for {{ inventory_hostname }}"
community.general.nsupdate:
key_name: "{{ dns_records_nsupdate_key_name }}"
key_secret: "{{ dns_records_nsupdate_key_secret }}"
key_algorithm: "{{ dns_records_nsupdate_key_algorithm }}"
server: "{{ dns_records_nsupdate_server }}"
# The dot at the end of the record is important
record: "{{ inventory_hostname }}."
type: "AAAA"
value: "{{ ansible_facts['locally_reachable_ips']['ipv6'] | ansible.utils.ipaddr('public') }}"
delegate_to: localhost
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment