diff --git a/nebula-dns-register.yml b/nebula-dns-register.yml index ae58aad..c97791e 100644 --- a/nebula-dns-register.yml +++ b/nebula-dns-register.yml @@ -23,8 +23,8 @@ # -e api_token=$API_TOKEN # ============================================================= -- name: Nebula DNS-Einträge in Technitium registrieren - hosts: all +- name: Nebula DNS-Einträge registrieren + hosts: localhost gather_facts: false become: false @@ -35,128 +35,95 @@ tasks: - # ------------------------------------------------------------------ - # 1) LIGHTHOUSES – Multi-Lighthouse-Modus (nebula_lighthouses Liste) - # ------------------------------------------------------------------ - - name: "[Lighthouse] DNS-Eintrag setzen (Multi-LH-Modus)" - when: - - inventory_hostname in groups['nebula_lighthouse'] - - nebula_lighthouses is defined - - nebula_lighthouses | length > 0 + - name: "[Lighthouse] DNS-Einträge setzen (Multi-LH-Modus)" + uri: + url: >- + http://{{ dns_server }}:5380/api/zones/records/add + ?domain={{ item.hostname }}.{{ dns_zone }} + &zone={{ dns_zone }} + &type=A + &overwrite=true + &IPAddress={{ item.internal_ip }} + &token={{ api_token }} + method: GET + return_content: true + timeout: 10 + loop: >- + {{ + groups['nebula_lighthouse'] + | map('extract', hostvars) + | selectattr('nebula_lighthouses', 'defined') + | map(attribute='nebula_lighthouses') + | flatten + | unique(attribute='hostname') + | list + }} + loop_control: + label: "{{ item.hostname }}.{{ dns_zone }} → {{ item.internal_ip }}" + failed_when: > + _lh_result.status != 200 or + ('status' in (_lh_result.content | from_json) and + (_lh_result.content | from_json).status != 'ok') + register: _lh_result + + - name: "[Lighthouse] DNS-Einträge setzen (Legacy-Modus)" + uri: + url: >- + http://{{ dns_server }}:5380/api/zones/records/add + ?domain={{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }} + &zone={{ dns_zone }} + &type=A + &overwrite=true + &IPAddress={{ hostvars[item].nebula_lighthouse_internal_ip_addr }} + &token={{ api_token }} + method: GET + return_content: true + timeout: 10 + loop: "{{ groups['nebula_lighthouse'] }}" + when: >- + hostvars[item].nebula_lighthouses is not defined or + hostvars[item].nebula_lighthouses | length == 0 + loop_control: + label: "{{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}" + register: _lh_legacy_result + + - name: "[Server] DNS-Einträge setzen" + uri: + url: >- + http://{{ dns_server }}:5380/api/zones/records/add + ?domain={{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} + &zone={{ dns_zone }} + &type=A + &overwrite=true + &IPAddress={{ hostvars[item].nebula_internal_ip_addr }} + &token={{ api_token }} + method: GET + return_content: true + timeout: 10 + loop: >- + {{ + groups.get('servers', []) + | select('in', hostvars) + | selectattr('nebula_internal_ip_addr', 'defined') + | list + }} + loop_control: + label: "{{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} → {{ hostvars[item].nebula_internal_ip_addr }}" vars: - # Suche den passenden Lighthouse-Eintrag anhand des inventory_hostname - _lh: >- - {{ - nebula_lighthouses - | selectattr('hostname', 'equalto', inventory_hostname) - | list - | first - | default({}) - }} - uri: - url: >- - http://{{ dns_server }}:5380/api/zones/records/add - ?domain={{ _lh.hostname }}.{{ dns_zone }} - &zone={{ dns_zone }} - &type=A - &overwrite=true - &IPAddress={{ _lh.internal_ip }} - &token={{ api_token }} - method: GET - return_content: true - timeout: 10 - register: _lh_dns_result - failed_when: > - _lh_dns_result.status != 200 or - ('status' in (_lh_dns_result.content | from_json) and - (_lh_dns_result.content | from_json).status != 'ok') - delegate_to: localhost + nebula_internal_ip_addr: "{{ hostvars[item].nebula_internal_ip_addr }}" + register: _srv_result - - name: "[Lighthouse] DNS-Rückmeldung anzeigen (Multi-LH-Modus)" - when: - - inventory_hostname in groups['nebula_lighthouse'] - - nebula_lighthouses is defined - - nebula_lighthouses | length > 0 - - _lh_dns_result is defined + - name: "⚠ Hosts ohne nebula_internal_ip_addr" debug: - msg: "✅ DNS gesetzt: {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).hostname }}.{{ dns_zone }} → {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).internal_ip }}" - - # ------------------------------------------------------------------ - # 2) LIGHTHOUSES – Legacy-Modus (einzelne nebula_lighthouse_* Variablen) - # ------------------------------------------------------------------ - - name: "[Lighthouse] DNS-Eintrag setzen (Legacy-Modus)" - when: - - inventory_hostname in groups['nebula_lighthouse'] - - nebula_lighthouses is not defined or nebula_lighthouses | length == 0 - - nebula_lighthouse_hostname is defined - - nebula_lighthouse_internal_ip_addr is defined - uri: - url: >- - http://{{ dns_server }}:5380/api/zones/records/add - ?domain={{ nebula_lighthouse_hostname }}.{{ dns_zone }} - &zone={{ dns_zone }} - &type=A - &overwrite=true - &IPAddress={{ nebula_lighthouse_internal_ip_addr }} - &token={{ api_token }} - method: GET - return_content: true - timeout: 10 - register: _lh_legacy_dns_result - failed_when: > - _lh_legacy_dns_result.status != 200 or - ('status' in (_lh_legacy_dns_result.content | from_json) and - (_lh_legacy_dns_result.content | from_json).status != 'ok') - delegate_to: localhost - - - name: "[Lighthouse] DNS-Rückmeldung anzeigen (Legacy-Modus)" - when: - - inventory_hostname in groups['nebula_lighthouse'] - - nebula_lighthouses is not defined or nebula_lighthouses | length == 0 - - _lh_legacy_dns_result is defined - debug: - msg: "✅ DNS gesetzt: {{ nebula_lighthouse_hostname }}.{{ dns_zone }} → {{ nebula_lighthouse_internal_ip_addr }}" - - # ------------------------------------------------------------------ - # 3) SERVER – DNS-Eintrag via nebula_internal_ip_addr - # ------------------------------------------------------------------ - - name: "[Server] DNS-Eintrag setzen" - when: - - inventory_hostname in groups.get('servers', []) - - nebula_internal_ip_addr is defined - uri: - url: >- - http://{{ dns_server }}:5380/api/zones/records/add - ?domain={{ inventory_hostname_short }}.{{ dns_zone }} - &zone={{ dns_zone }} - &type=A - &overwrite=true - &IPAddress={{ nebula_internal_ip_addr }} - &token={{ api_token }} - method: GET - return_content: true - timeout: 10 - register: _srv_dns_result - failed_when: > - _srv_dns_result.status != 200 or - ('status' in (_srv_dns_result.content | from_json) and - (_srv_dns_result.content | from_json).status != 'ok') - delegate_to: localhost - - - name: "[Server] DNS-Rückmeldung anzeigen" - when: - - inventory_hostname in groups.get('servers', []) - - nebula_internal_ip_addr is defined - - _srv_dns_result is defined - debug: - msg: "✅ DNS gesetzt: {{ inventory_hostname_short }}.{{ dns_zone }} → {{ nebula_internal_ip_addr }}" - - # ------------------------------------------------------------------ - # 4) Warnung für Hosts ohne Nebula-IP - # ------------------------------------------------------------------ - - name: "⚠️ Kein Nebula-Eintrag – nebula_internal_ip_addr fehlt" - when: - - inventory_hostname in groups.get('servers', []) - - nebula_internal_ip_addr is not defined - debug: - msg: "⚠️ Host {{ inventory_hostname }} hat keine nebula_internal_ip_addr – übersprungen." \ No newline at end of file + msg: "⚠ {{ item }} hat keine nebula_internal_ip_addr – übersprungen." + loop: >- + {{ + groups.get('servers', []) + | reject('in', + groups.get('servers', []) + | select('in', hostvars) + | selectattr('nebula_internal_ip_addr', 'defined') + | list + ) + | list + }} \ No newline at end of file