StefanMewes/Nebula-Ansible-Role
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
20a0887fe8f43132013da029c610f38d4b078889
Nebula-Ansible-Role/nebula-dns-register.yml

129 lines
4.3 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
# =============================================================
# nebula-dns-register.yml
#
# Registriert alle Nebula-Nodes (Lighthouses + Server) aus dem
# Inventory im Technitium DNS-Server unter der Zone nebula.network.
#
# Variablen (z. B. via Semaphore oder -e):
# dns_server - IP/Hostname des Technitium DNS-Servers (Default: 192.168.0.51)
# dns_zone - DNS-Zone (Default: nebula.network)
# api_token - API-Token für Technitium (als Secret übergeben)
#
# Voraussetzung im Inventory:
# - Lighthouses: als Liste nebula_lighthouses mit Feldern
# hostname und internal_ip (Multi-LH-Modus)
# ODER nebula_lighthouse_hostname + nebula_lighthouse_internal_ip_addr (Legacy)
# - Server: Host-Variable nebula_internal_ip_addr gesetzt
#
# Beispiel-Aufruf:
# ansible-playbook -i inventory nebula-dns-register.yml \
# -e dns_server=192.168.0.51 \
# -e dns_zone=nebula.network \
# -e api_token=$API_TOKEN
# =============================================================
- name: Nebula DNS-Einträge registrieren
hosts: localhost
gather_facts: false
become: false
vars:
dns_server: "192.168.0.51"
dns_zone: "nebula.network"
api_token: "CHANGEME"
tasks:
- name: "[Lighthouse] DNS-Einträge setzen (Multi-LH-Modus)"
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ item.hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ item.internal_ip }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
loop: >-
{{
groups['nebula_lighthouse']
| map('extract', hostvars)
| selectattr('nebula_lighthouses', 'defined')
| map(attribute='nebula_lighthouses')
| flatten
| unique(attribute='hostname')
| list
}}
loop_control:
label: "{{ item.hostname }}.{{ dns_zone }} → {{ item.internal_ip }}"
failed_when: >
_lh_result.status != 200 or
('status' in (_lh_result.content | from_json) and
(_lh_result.content | from_json).status != 'ok')
register: _lh_result
- name: "[Lighthouse] DNS-Einträge setzen (Legacy-Modus)"
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ hostvars[item].nebula_lighthouse_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
loop: "{{ groups['nebula_lighthouse'] }}"
when: >-
hostvars[item].nebula_lighthouses is not defined or
hostvars[item].nebula_lighthouses | length == 0
loop_control:
label: "{{ hostvars[item].nebula_lighthouse_hostname }}.{{ dns_zone }}"
register: _lh_legacy_result
- name: "[Server] DNS-Einträge setzen"
uri:
url: >-
http://{{ dns_server }}:5380/api/zones/records/add
?domain={{ item | regex_replace('\\..*', '') }}.{{ dns_zone }}
&zone={{ dns_zone }}
&type=A
&overwrite=true
&IPAddress={{ hostvars[item].nebula_internal_ip_addr }}
&token={{ api_token }}
method: GET
return_content: true
timeout: 10
loop: >-
{{
groups.get('servers', [])
| select('in', hostvars)
| selectattr('nebula_internal_ip_addr', 'defined')
| list
}}
loop_control:
label: "{{ item | regex_replace('\\..*', '') }}.{{ dns_zone }} → {{ hostvars[item].nebula_internal_ip_addr }}"
vars:
nebula_internal_ip_addr: "{{ hostvars[item].nebula_internal_ip_addr }}"
register: _srv_result
- name: "⚠ Hosts ohne nebula_internal_ip_addr"
debug:
msg: "⚠ {{ item }} hat keine nebula_internal_ip_addr übersprungen."
loop: >-
{{
groups.get('servers', [])
| reject('in',
groups.get('servers', [])
| select('in', hostvars)
| selectattr('nebula_internal_ip_addr', 'defined')
| list
)
| list
}}
Reference in New Issue View Git Blame Copy Permalink