StefanMewes/Nebula-Ansible-Role
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DNS Skript läuft auf localhost

Browse Source
This commit is contained in:
Stefan Mewes
2026-04-12 11:22:52 +02:00
parent 0cb69194e3
commit 20a0887fe8
1 changed files with 91 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

169
nebula-dns-register.yml
View File

@@ -23,8 +23,8 @@
# -e api_token=$API_TOKEN # -e api_token=$API_TOKEN
# ============================================================= # =============================================================
- name: Nebula DNS-Einträge in Technitium registrieren - name: Nebula DNS-Einträge registrieren
hosts: all hosts: localhost
gather_facts: false gather_facts: false
become: false become: false
@@ -35,128 +35,95 @@
tasks: tasks:
# ------------------------------------------------------------------ - name: "[Lighthouse] DNS-Einträge setzen (Multi-LH-Modus)"
# 1) LIGHTHOUSES Multi-Lighthouse-Modus (nebula_lighthouses Liste) uri:
# ------------------------------------------------------------------ url: >-
- name: "[Lighthouse] DNS-Eintrag setzen (Multi-LH-Modus)" http://{{ dns_server }}:5380/api/zones/records/add
when: ?domain={{ item.hostname }}.{{ dns_zone }}
- inventory_hostname in groups['nebula_lighthouse'] &zone={{ dns_zone }}
- nebula_lighthouses is defined &type=A
- nebula_lighthouses | length > 0 &overwrite=true
vars: &IPAddress={{ item.internal_ip }}
# Suche den passenden Lighthouse-Eintrag anhand des inventory_hostname &token={{ api_token }}
_lh: >- method: GET
return_content: true
timeout: 10
loop: >-
{{ {{
nebula_lighthouses groups['nebula_lighthouse']
| selectattr('hostname', 'equalto', inventory_hostname) | map('extract', hostvars)
| selectattr('nebula_lighthouses', 'defined')
| map(attribute='nebula_lighthouses')
| flatten
| unique(attribute='hostname')
| list | list
| first
| default({})
}} }}
loop_control:
label: "{{ item.hostname }}.{{ dns_zone }} → {{ item.internal_ip }}"
failed_when: >
_lh_result.status != 200 or
('status' in (_lh_result.content | from_json) and
(_lh_result.content | from_json).status != 'ok')
register: _lh_result
- name: "[Lighthouse] DNS-Einträge setzen (Legacy-Modus)"
uri: uri:
url: >- url: >-
http://{{ dns_server }}:5380/api/zones/records/add http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ _lh.hostname }}.{{ dns_zone }} ?domain={{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}
&zone={{ dns_zone }} &zone={{ dns_zone }}
&type=A &type=A
&overwrite=true &overwrite=true
&IPAddress={{ _lh.internal_ip }} &IPAddress={{ hostvars[item].nebula_lighthouse_internal_ip_addr }}
&token={{ api_token }} &token={{ api_token }}
method: GET method: GET
return_content: true return_content: true
timeout: 10 timeout: 10
register: _lh_dns_result loop: "{{ groups['nebula_lighthouse'] }}"
failed_when: > when: >-
_lh_dns_result.status != 200 or hostvars[item].nebula_lighthouses is not defined or
('status' in (_lh_dns_result.content | from_json) and hostvars[item].nebula_lighthouses | length == 0
(_lh_dns_result.content | from_json).status != 'ok') loop_control:
delegate_to: localhost label: "{{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}"
register: _lh_legacy_result
- name: "[Lighthouse] DNS-Rückmeldung anzeigen (Multi-LH-Modus)" - name: "[Server] DNS-Einträge setzen"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is defined
- nebula_lighthouses | length > 0
- _lh_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).hostname }}.{{ dns_zone }} → {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).internal_ip }}"
# ------------------------------------------------------------------
# 2) LIGHTHOUSES Legacy-Modus (einzelne nebula_lighthouse_* Variablen)
# ------------------------------------------------------------------
- name: "[Lighthouse] DNS-Eintrag setzen (Legacy-Modus)"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is not defined or nebula_lighthouses | length == 0
- nebula_lighthouse_hostname is defined
- nebula_lighthouse_internal_ip_addr is defined
uri: uri:
url: >- url: >-
http://{{ dns_server }}:5380/api/zones/records/add http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ nebula_lighthouse_hostname }}.{{ dns_zone }} ?domain={{ item | regex_replace('\\..*', '') }}.{{ dns_zone }}
&zone={{ dns_zone }} &zone={{ dns_zone }}
&type=A &type=A
&overwrite=true &overwrite=true
&IPAddress={{ nebula_lighthouse_internal_ip_addr }} &IPAddress={{ hostvars[item].nebula_internal_ip_addr }}
&token={{ api_token }} &token={{ api_token }}
method: GET method: GET
return_content: true return_content: true
timeout: 10 timeout: 10
register: _lh_legacy_dns_result loop: >-
failed_when: > {{
_lh_legacy_dns_result.status != 200 or groups.get('servers', [])
('status' in (_lh_legacy_dns_result.content | from_json) and | select('in', hostvars)
(_lh_legacy_dns_result.content | from_json).status != 'ok') | selectattr('nebula_internal_ip_addr', 'defined')
delegate_to: localhost | list
}}
loop_control:
label: "{{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} → {{ hostvars[item].nebula_internal_ip_addr }}"
vars:
nebula_internal_ip_addr: "{{ hostvars[item].nebula_internal_ip_addr }}"
register: _srv_result
- name: "[Lighthouse] DNS-Rückmeldung anzeigen (Legacy-Modus)" - name: "⚠ Hosts ohne nebula_internal_ip_addr"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is not defined or nebula_lighthouses | length == 0
- _lh_legacy_dns_result is defined
debug: debug:
msg: "✅ DNS gesetzt: {{ nebula_lighthouse_hostname }}.{{ dns_zone }} → {{ nebula_lighthouse_internal_ip_addr }}" msg: "⚠ {{ item }} hat keine nebula_internal_ip_addr übersprungen."
loop: >-
# ------------------------------------------------------------------ {{
# 3) SERVER DNS-Eintrag via nebula_internal_ip_addr groups.get('servers', [])
# ------------------------------------------------------------------ | reject('in',
- name: "[Server] DNS-Eintrag setzen" groups.get('servers', [])
when: | select('in', hostvars)
- inventory_hostname in groups.get('servers', []) | selectattr('nebula_internal_ip_addr', 'defined')
- nebula_internal_ip_addr is defined | list
uri: )
url: >- | list
http://{{ dns_server }}:5380/api/zones/records/add }}
?domain={{ inventory_hostname_short }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ nebula_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _srv_dns_result
failed_when: >
_srv_dns_result.status != 200 or
('status' in (_srv_dns_result.content | from_json) and
(_srv_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Server] DNS-Rückmeldung anzeigen"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is defined
- _srv_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ inventory_hostname_short }}.{{ dns_zone }} → {{ nebula_internal_ip_addr }}"
# ------------------------------------------------------------------
# 4) Warnung für Hosts ohne Nebula-IP
# ------------------------------------------------------------------
- name: "⚠️ Kein Nebula-Eintrag nebula_internal_ip_addr fehlt"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is not defined
debug:
msg: "⚠️ Host {{ inventory_hostname }} hat keine nebula_internal_ip_addr übersprungen."