--- # ============================================================= # nebula-dns-register.yml # # Registriert alle Nebula-Nodes (Lighthouses + Server) aus dem # Inventory im Technitium DNS-Server unter der Zone nebula.network. # # Variablen (z. B. via Semaphore oder -e): # dns_server - IP/Hostname des Technitium DNS-Servers (Default: 192.168.0.51) # dns_zone - DNS-Zone (Default: nebula.network) # api_token - API-Token für Technitium (als Secret übergeben) # # Voraussetzung im Inventory: # - Lighthouses: als Liste nebula_lighthouses mit Feldern # hostname und internal_ip (Multi-LH-Modus) # ODER nebula_lighthouse_hostname + nebula_lighthouse_internal_ip_addr (Legacy) # - Server: Host-Variable nebula_internal_ip_addr gesetzt # # Beispiel-Aufruf: # ansible-playbook -i inventory nebula-dns-register.yml \ # -e dns_server=192.168.0.51 \ # -e dns_zone=nebula.network \ # -e api_token=$API_TOKEN # ============================================================= - name: Nebula DNS-Einträge in Technitium registrieren hosts: all gather_facts: false become: false vars: dns_server: "192.168.0.51" dns_zone: "nebula.network" api_token: "CHANGEME" tasks: # ------------------------------------------------------------------ # 1) LIGHTHOUSES – Multi-Lighthouse-Modus (nebula_lighthouses Liste) # ------------------------------------------------------------------ - name: "[Lighthouse] DNS-Eintrag setzen (Multi-LH-Modus)" when: - inventory_hostname in groups['nebula_lighthouse'] - nebula_lighthouses is defined - nebula_lighthouses | length > 0 vars: # Suche den passenden Lighthouse-Eintrag anhand des inventory_hostname _lh: >- {{ nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({}) }} uri: url: >- http://{{ dns_server }}:5380/api/zones/records/add ?domain={{ _lh.hostname }}.{{ dns_zone }} &zone={{ dns_zone }} &type=A &overwrite=true &IPAddress={{ _lh.internal_ip }} &token={{ api_token }} method: GET return_content: true timeout: 10 register: _lh_dns_result failed_when: > _lh_dns_result.status != 200 or ('status' in (_lh_dns_result.content | from_json) and (_lh_dns_result.content | from_json).status != 'ok') delegate_to: localhost - name: "[Lighthouse] DNS-Rückmeldung anzeigen (Multi-LH-Modus)" when: - inventory_hostname in groups['nebula_lighthouse'] - nebula_lighthouses is defined - nebula_lighthouses | length > 0 - _lh_dns_result is defined debug: msg: "✅ DNS gesetzt: {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).hostname }}.{{ dns_zone }} → {{ (nebula_lighthouses | selectattr('hostname', 'equalto', inventory_hostname) | list | first | default({})).internal_ip }}" # ------------------------------------------------------------------ # 2) LIGHTHOUSES – Legacy-Modus (einzelne nebula_lighthouse_* Variablen) # ------------------------------------------------------------------ - name: "[Lighthouse] DNS-Eintrag setzen (Legacy-Modus)" when: - inventory_hostname in groups['nebula_lighthouse'] - nebula_lighthouses is not defined or nebula_lighthouses | length == 0 - nebula_lighthouse_hostname is defined - nebula_lighthouse_internal_ip_addr is defined uri: url: >- http://{{ dns_server }}:5380/api/zones/records/add ?domain={{ nebula_lighthouse_hostname }}.{{ dns_zone }} &zone={{ dns_zone }} &type=A &overwrite=true &IPAddress={{ nebula_lighthouse_internal_ip_addr }} &token={{ api_token }} method: GET return_content: true timeout: 10 register: _lh_legacy_dns_result failed_when: > _lh_legacy_dns_result.status != 200 or ('status' in (_lh_legacy_dns_result.content | from_json) and (_lh_legacy_dns_result.content | from_json).status != 'ok') delegate_to: localhost - name: "[Lighthouse] DNS-Rückmeldung anzeigen (Legacy-Modus)" when: - inventory_hostname in groups['nebula_lighthouse'] - nebula_lighthouses is not defined or nebula_lighthouses | length == 0 - _lh_legacy_dns_result is defined debug: msg: "✅ DNS gesetzt: {{ nebula_lighthouse_hostname }}.{{ dns_zone }} → {{ nebula_lighthouse_internal_ip_addr }}" # ------------------------------------------------------------------ # 3) SERVER – DNS-Eintrag via nebula_internal_ip_addr # ------------------------------------------------------------------ - name: "[Server] DNS-Eintrag setzen" when: - inventory_hostname in groups.get('servers', []) - nebula_internal_ip_addr is defined uri: url: >- http://{{ dns_server }}:5380/api/zones/records/add ?domain={{ inventory_hostname_short }}.{{ dns_zone }} &zone={{ dns_zone }} &type=A &overwrite=true &IPAddress={{ nebula_internal_ip_addr }} &token={{ api_token }} method: GET return_content: true timeout: 10 register: _srv_dns_result failed_when: > _srv_dns_result.status != 200 or ('status' in (_srv_dns_result.content | from_json) and (_srv_dns_result.content | from_json).status != 'ok') delegate_to: localhost - name: "[Server] DNS-Rückmeldung anzeigen" when: - inventory_hostname in groups.get('servers', []) - nebula_internal_ip_addr is defined - _srv_dns_result is defined debug: msg: "✅ DNS gesetzt: {{ inventory_hostname_short }}.{{ dns_zone }} → {{ nebula_internal_ip_addr }}" # ------------------------------------------------------------------ # 4) Warnung für Hosts ohne Nebula-IP # ------------------------------------------------------------------ - name: "⚠️ Kein Nebula-Eintrag – nebula_internal_ip_addr fehlt" when: - inventory_hostname in groups.get('servers', []) - nebula_internal_ip_addr is not defined debug: msg: "⚠️ Host {{ inventory_hostname }} hat keine nebula_internal_ip_addr – übersprungen."