--- # ============================================================= # nebula-dns-register.yml # # Registriert alle Nebula-Nodes (Lighthouses + Server) aus dem # Inventory im Technitium DNS-Server unter der Zone nebula.network. # # Variablen (z. B. via Semaphore oder -e): # dns_server - IP/Hostname des Technitium DNS-Servers (Default: 192.168.0.51) # dns_zone - DNS-Zone (Default: nebula.network) # api_token - API-Token für Technitium (als Secret übergeben) # # Voraussetzung im Inventory: # - Lighthouses: als Liste nebula_lighthouses mit Feldern # hostname und internal_ip (Multi-LH-Modus) # ODER nebula_lighthouse_hostname + nebula_lighthouse_internal_ip_addr (Legacy) # - Server: Host-Variable nebula_internal_ip_addr gesetzt # # Beispiel-Aufruf: # ansible-playbook -i inventory nebula-dns-register.yml \ # -e dns_server=192.168.0.51 \ # -e dns_zone=nebula.network \ # -e api_token=$API_TOKEN # ============================================================= - name: Nebula DNS-Einträge registrieren hosts: localhost gather_facts: false become: false vars: dns_server: "192.168.0.51" dns_zone: "nebula.network" api_token: "CHANGEME" tasks: - name: "[Lighthouse] DNS-Einträge setzen (Multi-LH-Modus)" uri: url: >- http://{{ dns_server }}:5380/api/zones/records/add ?domain={{ item.hostname }}.{{ dns_zone }} &zone={{ dns_zone }} &type=A &overwrite=true &IPAddress={{ item.internal_ip }} &token={{ api_token }} method: GET return_content: true timeout: 10 loop: >- {{ groups['nebula_lighthouse'] | map('extract', hostvars) | selectattr('nebula_lighthouses', 'defined') | map(attribute='nebula_lighthouses') | flatten | unique(attribute='hostname') | list }} loop_control: label: "{{ item.hostname }}.{{ dns_zone }} → {{ item.internal_ip }}" failed_when: > _lh_result.status != 200 or ('status' in (_lh_result.content | from_json) and (_lh_result.content | from_json).status != 'ok') register: _lh_result - name: "[Lighthouse] DNS-Einträge setzen (Legacy-Modus)" uri: url: >- http://{{ dns_server }}:5380/api/zones/records/add ?domain={{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }} &zone={{ dns_zone }} &type=A &overwrite=true &IPAddress={{ hostvars[item].nebula_lighthouse_internal_ip_addr }} &token={{ api_token }} method: GET return_content: true timeout: 10 loop: "{{ groups['nebula_lighthouse'] }}" when: >- hostvars[item].nebula_lighthouses is not defined or hostvars[item].nebula_lighthouses | length == 0 loop_control: label: "{{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}" register: _lh_legacy_result - name: "[Server] DNS-Einträge setzen" uri: url: >- http://{{ dns_server }}:5380/api/zones/records/add ?domain={{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} &zone={{ dns_zone }} &type=A &overwrite=true &IPAddress={{ hostvars[item].nebula_internal_ip_addr }} &token={{ api_token }} method: GET return_content: true timeout: 10 loop: >- {{ groups.get('servers', []) | select('in', hostvars) | selectattr('nebula_internal_ip_addr', 'defined') | list }} loop_control: label: "{{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} → {{ hostvars[item].nebula_internal_ip_addr }}" vars: nebula_internal_ip_addr: "{{ hostvars[item].nebula_internal_ip_addr }}" register: _srv_result - name: "⚠ Hosts ohne nebula_internal_ip_addr" debug: msg: "⚠ {{ item }} hat keine nebula_internal_ip_addr – übersprungen." loop: >- {{ groups.get('servers', []) | reject('in', groups.get('servers', []) | select('in', hostvars) | selectattr('nebula_internal_ip_addr', 'defined') | list ) | list }}