StefanMewes/Nebula-Ansible-Role
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DNS Skript läuft auf localhost

Browse Source
This commit is contained in:
Stefan Mewes
2026-04-12 11:22:52 +02:00
parent 0cb69194e3
commit 20a0887fe8
1 changed files with 91 additions and 124 deletions
Download Patch File Download Diff File Expand all files Collapse all files

215
nebula-dns-register.yml
View File

@@ -23,8 +23,8 @@
# -e api_token=$API_TOKEN # -e api_token=$API_TOKEN
# ============================================================= # =============================================================
- name: Nebula DNS-Einträge in Technitium registrieren - name: Nebula DNS-Einträge registrieren
hosts: all hosts: localhost
gather_facts: false gather_facts: false
become: false become: false
@@ -35,128 +35,95 @@
tasks: tasks:
# ------------------------------------------------------------------ - name: "[Lighthouse] DNS-Einträge setzen (Multi-LH-Modus)"
# 1) LIGHTHOUSES Multi-Lighthouse-Modus (nebula_lighthouses Liste) uri:
# ------------------------------------------------------------------ url: >-
- name: "[Lighthouse] DNS-Eintrag setzen (Multi-LH-Modus)" http://{{ dns_server }}:5380/api/zones/records/add
when: ?domain={{ item.hostname }}.{{ dns_zone }}
- inventory_hostname in groups['nebula_lighthouse'] &zone={{ dns_zone }}
- nebula_lighthouses is defined &type=A
- nebula_lighthouses | length > 0 &overwrite=true
&IPAddress={{ item.internal_ip }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
loop: >-
{{
groups['nebula_lighthouse']
| map('extract', hostvars)
| selectattr('nebula_lighthouses', 'defined')
| map(attribute='nebula_lighthouses')
| flatten
| unique(attribute='hostname')
| list
}}
loop_control:
label: "{{ item.hostname }}.{{ dns_zone }} → {{ item.internal_ip }}"
failed_when: >
_lh_result.status != 200 or
('status' in (_lh_result.content | from_json) and
(_lh_result.content | from_json).status != 'ok')
register: _lh_result
- name: "[Lighthouse] DNS-Einträge setzen (Legacy-Modus)"
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ hostvars[item].nebula_lighthouse_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
loop: "{{ groups['nebula_lighthouse'] }}"
when: >-
hostvars[item].nebula_lighthouses is not defined or
hostvars[item].nebula_lighthouses | length == 0
loop_control:
label: "{{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}"
register: _lh_legacy_result
- name: "[Server] DNS-Einträge setzen"
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ item | regex_replace('\\..*', '') }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ hostvars[item].nebula_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
loop: >-
{{
groups.get('servers', [])
| select('in', hostvars)
| selectattr('nebula_internal_ip_addr', 'defined')
| list
}}
loop_control:
label: "{{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} → {{ hostvars[item].nebula_internal_ip_addr }}"
vars: vars:
# Suche den passenden Lighthouse-Eintrag anhand des inventory_hostname nebula_internal_ip_addr: "{{ hostvars[item].nebula_internal_ip_addr }}"
_lh: >- register: _srv_result
{{
nebula_lighthouses
| selectattr('hostname', 'equalto', inventory_hostname)
| list
| first
| default({})
}}
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ _lh.hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ _lh.internal_ip }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _lh_dns_result
failed_when: >
_lh_dns_result.status != 200 or
('status' in (_lh_dns_result.content | from_json) and
(_lh_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Lighthouse] DNS-Rückmeldung anzeigen (Multi-LH-Modus)" - name: "⚠ Hosts ohne nebula_internal_ip_addr"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is defined
- nebula_lighthouses | length > 0
- _lh_dns_result is defined
debug: debug:
msg: "✅ DNS gesetzt: {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).hostname }}.{{ dns_zone }} → {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).internal_ip }}" msg: "⚠ {{ item }} hat keine nebula_internal_ip_addr übersprungen."
loop: >-
# ------------------------------------------------------------------ {{
# 2) LIGHTHOUSES Legacy-Modus (einzelne nebula_lighthouse_* Variablen) groups.get('servers', [])
# ------------------------------------------------------------------ | reject('in',
- name: "[Lighthouse] DNS-Eintrag setzen (Legacy-Modus)" groups.get('servers', [])
when: | select('in', hostvars)
- inventory_hostname in groups['nebula_lighthouse'] | selectattr('nebula_internal_ip_addr', 'defined')
- nebula_lighthouses is not defined or nebula_lighthouses | length == 0 | list
- nebula_lighthouse_hostname is defined )
- nebula_lighthouse_internal_ip_addr is defined | list
uri: }}
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ nebula_lighthouse_hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ nebula_lighthouse_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _lh_legacy_dns_result
failed_when: >
_lh_legacy_dns_result.status != 200 or
('status' in (_lh_legacy_dns_result.content | from_json) and
(_lh_legacy_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Lighthouse] DNS-Rückmeldung anzeigen (Legacy-Modus)"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is not defined or nebula_lighthouses | length == 0
- _lh_legacy_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ nebula_lighthouse_hostname }}.{{ dns_zone }} → {{ nebula_lighthouse_internal_ip_addr }}"
# ------------------------------------------------------------------
# 3) SERVER DNS-Eintrag via nebula_internal_ip_addr
# ------------------------------------------------------------------
- name: "[Server] DNS-Eintrag setzen"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is defined
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ inventory_hostname_short }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ nebula_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _srv_dns_result
failed_when: >
_srv_dns_result.status != 200 or
('status' in (_srv_dns_result.content | from_json) and
(_srv_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Server] DNS-Rückmeldung anzeigen"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is defined
- _srv_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ inventory_hostname_short }}.{{ dns_zone }} → {{ nebula_internal_ip_addr }}"
# ------------------------------------------------------------------
# 4) Warnung für Hosts ohne Nebula-IP
# ------------------------------------------------------------------
- name: "⚠️ Kein Nebula-Eintrag nebula_internal_ip_addr fehlt"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is not defined
debug:
msg: "⚠️ Host {{ inventory_hostname }} hat keine nebula_internal_ip_addr übersprungen."