StefanMewes/Nebula-Ansible-Role
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

DNS Einträge für Nebula Nodes

Browse Source
This commit is contained in:
Stefan Mewes
2026-04-11 20:17:32 +02:00
parent 71d811d087
commit f6996a0139
1 changed files with 162 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

162
nebula-dns-register.yml Normal file
View File

@@ -0,0 +1,162 @@
---
# =============================================================
# nebula-dns-register.yml
#
# Registriert alle Nebula-Nodes (Lighthouses + Server) aus dem
# Inventory im Technitium DNS-Server unter der Zone nebula.network.
#
# Variablen (z. B. via Semaphore oder -e):
# dns_server - IP/Hostname des Technitium DNS-Servers (Default: 192.168.0.51)
# dns_zone - DNS-Zone (Default: nebula.network)
# api_token - API-Token für Technitium (als Secret übergeben)
#
# Voraussetzung im Inventory:
# - Lighthouses: als Liste nebula_lighthouses mit Feldern
# hostname und internal_ip (Multi-LH-Modus)
# ODER nebula_lighthouse_hostname + nebula_lighthouse_internal_ip_addr (Legacy)
# - Server: Host-Variable nebula_internal_ip_addr gesetzt
#
# Beispiel-Aufruf:
# ansible-playbook -i inventory nebula-dns-register.yml \
# -e dns_server=192.168.0.51 \
# -e dns_zone=nebula.network \
# -e api_token=$API_TOKEN
# =============================================================
- name: Nebula DNS-Einträge in Technitium registrieren
hosts: all
gather_facts: false
become: false
vars:
dns_server: "192.168.0.51"
dns_zone: "nebula.network"
api_token: "CHANGEME"
tasks:
# ------------------------------------------------------------------
# 1) LIGHTHOUSES Multi-Lighthouse-Modus (nebula_lighthouses Liste)
# ------------------------------------------------------------------
- name: "[Lighthouse] DNS-Eintrag setzen (Multi-LH-Modus)"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is defined
- nebula_lighthouses | length > 0
vars:
# Suche den passenden Lighthouse-Eintrag anhand des inventory_hostname
_lh: >-
{{
nebula_lighthouses
| selectattr('hostname', 'equalto', inventory_hostname)
| list
| first
| default({})
}}
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ _lh.hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ _lh.internal_ip }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _lh_dns_result
failed_when: >
_lh_dns_result.status != 200 or
('status' in (_lh_dns_result.content | from_json) and
(_lh_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Lighthouse] DNS-Rückmeldung anzeigen (Multi-LH-Modus)"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is defined
- nebula_lighthouses | length > 0
- _lh_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).hostname }}.{{ dns_zone }} → {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).internal_ip }}"
# ------------------------------------------------------------------
# 2) LIGHTHOUSES Legacy-Modus (einzelne nebula_lighthouse_* Variablen)
# ------------------------------------------------------------------
- name: "[Lighthouse] DNS-Eintrag setzen (Legacy-Modus)"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is not defined or nebula_lighthouses | length == 0
- nebula_lighthouse_hostname is defined
- nebula_lighthouse_internal_ip_addr is defined
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ nebula_lighthouse_hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ nebula_lighthouse_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _lh_legacy_dns_result
failed_when: >
_lh_legacy_dns_result.status != 200 or
('status' in (_lh_legacy_dns_result.content | from_json) and
(_lh_legacy_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Lighthouse] DNS-Rückmeldung anzeigen (Legacy-Modus)"
when:
- inventory_hostname in groups['nebula_lighthouse']
- nebula_lighthouses is not defined or nebula_lighthouses | length == 0
- _lh_legacy_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ nebula_lighthouse_hostname }}.{{ dns_zone }} → {{ nebula_lighthouse_internal_ip_addr }}"
# ------------------------------------------------------------------
# 3) SERVER DNS-Eintrag via nebula_internal_ip_addr
# ------------------------------------------------------------------
- name: "[Server] DNS-Eintrag setzen"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is defined
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ inventory_hostname_short }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ nebula_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
register: _srv_dns_result
failed_when: >
_srv_dns_result.status != 200 or
('status' in (_srv_dns_result.content | from_json) and
(_srv_dns_result.content | from_json).status != 'ok')
delegate_to: localhost
- name: "[Server] DNS-Rückmeldung anzeigen"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is defined
- _srv_dns_result is defined
debug:
msg: "✅ DNS gesetzt: {{ inventory_hostname_short }}.{{ dns_zone }} → {{ nebula_internal_ip_addr }}"
# ------------------------------------------------------------------
# 4) Warnung für Hosts ohne Nebula-IP
# ------------------------------------------------------------------
- name: "⚠️ Kein Nebula-Eintrag nebula_internal_ip_addr fehlt"
when:
- inventory_hostname in groups.get('servers', [])
- nebula_internal_ip_addr is not defined
debug:
msg: "⚠️ Host {{ inventory_hostname }} hat keine nebula_internal_ip_addr übersprungen."