mirror of
https://github.com/famedly/ansible-collection-base
synced 2024-11-10 06:24:17 +00:00
chore(dns): remove role
This commit is contained in:
Jan Christian Grünhage
parent
35bc21a0c0
commit
1fe2cd4c31
5 changed files with 0 additions and 171 deletions
|
|
@ -11,7 +11,6 @@ to build services on.
|
|||
|
||||
## Roles
|
||||
|
||||
- [`roles/dns`](roles/dns/README.md) for setting DNS records with ansible, currently only cloudflare as a backend is supported
|
||||
- [`roles/dropbear-luks-unlock`](roles/dropbear-luks-unlock/README.md) for setting up dropbear to unlock LUKS volumes using a SSH connection at boot
|
||||
- [`roles/hostname`](roles/hostname/README.md) for setting `/etc/hostname` and `/etc/hosts`
|
||||
- [`roles/ldap`](roles/ldap/README.md) to deploy openldap in a docker container
|
||||
|
|
|
|||
|
|
@ -1,42 +0,0 @@
|
|||
# `famedly.base.dns` ansible role for DNS management
|
||||
|
||||
## Currently supported
|
||||
|
||||
- CloudFlare, via `community.general.cloudflare_dns` module. The cloudflare API token is passed in `dns_cloudflare_api_key`.
|
||||
|
||||
## Usage
|
||||
|
||||
You can pass in one or more zones in the `dns_zones` variable and set `dns_host_name_short` to your targets name.
|
||||
All combinations of `dns_host_name_short`.`dns_zone` will be created as A/AAAA records,
|
||||
if `dns_host_ipv4`/`dns_host_ipv6` were specified.
|
||||
|
||||
A `SSHFP` record can also be created for each zone, by adding an
|
||||
entry of the form `{ algorithm: ECDSA, hash_type: SHA-256, fingerprint: $fingerprint }` to the
|
||||
`dns_host_sshfp` array (multiple entries with different algorithms / hash_types are possible).
|
||||
|
||||
Additional host names can be specified in the `dns_host_names` array, with entries in the form
|
||||
of `{ name: "mail", target: { ipv4: 0.0.0.0, ipv6: fe80::1 }, only: "myzone.tld" }`.
|
||||
The `target.[ipv4|ipv6]` and `only` entries are optional, and, if omitted, target defaults to `dns_host_ipv4`+`dns_host_ipv6`
|
||||
and `only` sets the record only in the specified zone, if omitted, the record will be created in all zones.
|
||||
|
||||
### CNAME records
|
||||
|
||||
CNAME entries can be specified in a list of dicts in `dns_cnames`, and each entry consists of an object
|
||||
with the keys `zone` and `names`.
|
||||
`zone` is the zone where the CNAMEs should be created, and `names` is an array of dicts describing each CNAME.
|
||||
This dict has a mandatory entry called `name`, which is the CNAME itself.
|
||||
It is supported to also have a key called `target`, which can be used to point the CNAME to `target` directly,
|
||||
the default is `dns_host_name_short`.`zone`.
|
||||
|
||||
### SRV records
|
||||
|
||||
Similar to CNAMEs, `SRV` records may be specified in `dns_services`. The mandatory keys are `name` and `port`,
|
||||
other keys are `protocol` (default `tcp`), `weight` (default `10`),
|
||||
`priority` (default `10`) and `target` (default `dns_host_name_short`.`zone`).
|
||||
The `record` may also be specified to override the default `dns_host_name_short`.`zone`, if needed.
|
||||
`{ name: matrix, port: 443}` would create f.ex. `_matrix._tcp.$dns_host_name_short.$zone 10 10 443`.
|
||||
|
||||
### TXT records
|
||||
|
||||
To create TXT records, the `dns_text_records` dict needs to be populated with `{ zone, records[] }` entries.
|
||||
The specified records are then created in the given zone, and have the structure of `{ name, content }`.
|
||||
|
|
@ -1,34 +0,0 @@
|
|||
---
|
||||
|
||||
dns_management_method: "cloudflare"
|
||||
|
||||
#dns_zones: [ localdomain ]
|
||||
#dns_host_name_short: localhost
|
||||
|
||||
# Additional hostnames to set which point to hostname.zone -> host_ipv4/6
|
||||
dns_host_names: []
|
||||
#dns_host_names:
|
||||
# - name: mail
|
||||
# target:
|
||||
# ipv4: ipv4_mail
|
||||
# ipv6: ipv6_mail
|
||||
|
||||
#dns_host_ipv4: ~
|
||||
#dns_host_ipv6: ~
|
||||
|
||||
dns_host_sshfp: []
|
||||
#dns_host_sshfp:
|
||||
# - algorithm: ECDSA
|
||||
# hash_type: SHA-256
|
||||
# fingerprint: ~
|
||||
|
||||
dns_cnames: []
|
||||
dns_services: []
|
||||
dns_text_records: []
|
||||
## Allow some-server.example-org to send mail from
|
||||
## all servers listed in MX some-server.example.org
|
||||
#dns_text_records:
|
||||
# - zone: example.org
|
||||
# records:
|
||||
# - name: "some-server"
|
||||
# content: "v=spf1 mx -all"
|
||||
|
|
@ -1,80 +0,0 @@
|
|||
---
|
||||
|
||||
- name: Set SSHFP records
|
||||
cloudflare_dns:
|
||||
type: SSHFP
|
||||
zone: "{{ item[0] }}"
|
||||
record: "{{ dns_host_name_short }}"
|
||||
value: "{{ item[1].fingerprint }}"
|
||||
algorithm: "{{ dns_sshfp_algorithm[ item[1].algorithm ] }}"
|
||||
hash_type: "{{ dns_sshfp_type[ item[1].hash_type ] }}"
|
||||
api_token: "{{ dns_cloudflare_api_key }}"
|
||||
loop: "{{ dns_zones | product(dns_host_sshfp) | list }}"
|
||||
when: dns_management_method == "cloudflare" and dns_host_sshfp is defined
|
||||
|
||||
- name: Set A records
|
||||
cloudflare_dns:
|
||||
type: A
|
||||
zone: "{{ item[0] }}"
|
||||
record: "{{ item[1].name }}"
|
||||
value: "{{ item[1].target.ipv4 | default(dns_host_ipv4) }}"
|
||||
api_token: "{{ dns_cloudflare_api_key }}"
|
||||
loop: "{{ dns_zones | product(dns_all_hostnames) | list }}"
|
||||
when: >
|
||||
dns_management_method == "cloudflare"
|
||||
and ((
|
||||
item[1].target is defined
|
||||
and item[1].target.ipv4 is defined)
|
||||
or (dns_host_ipv4 is defined and item[1].target is undefined))
|
||||
and (item[1].only is undefined or item[1].only == item[0])
|
||||
|
||||
- name: Set AAAA records
|
||||
cloudflare_dns:
|
||||
type: AAAA
|
||||
zone: "{{ item[0] }}"
|
||||
record: "{{ item[1].name }}"
|
||||
value: "{{ item[1].target.ipv6 | default(dns_host_ipv6) }}"
|
||||
api_token: "{{ dns_cloudflare_api_key }}"
|
||||
loop: "{{ dns_zones | product(dns_all_hostnames) | list }}"
|
||||
when: >
|
||||
dns_management_method == "cloudflare"
|
||||
and ((
|
||||
item[1].target is defined
|
||||
and item[1].target.ipv6 is defined)
|
||||
or (dns_host_ipv6 is defined and item[1].target is undefined ))
|
||||
and (item[1].only is undefined or item[1].only == item[0])
|
||||
|
||||
- name: Set CNAME records
|
||||
cloudflare_dns:
|
||||
type: CNAME
|
||||
zone: "{{ item.0.zone }}"
|
||||
record: "{{ item.1.name }}"
|
||||
value: "{{ item.1.target|default([dns_host_name_short, item.0.zone]|join('.')) }}"
|
||||
api_token: "{{ dns_cloudflare_api_key }}"
|
||||
loop: "{{ dns_cnames | subelements('names') }}"
|
||||
when: dns_management_method == "cloudflare"
|
||||
|
||||
- name: Set SRV records
|
||||
cloudflare_dns:
|
||||
type: SRV
|
||||
zone: "{{ item.0.zone }}"
|
||||
record: "{{ item.1.record|default(dns_host_name_short) }}"
|
||||
value: "{{ item.1.target|default([ dns_host_name_short, item.0.zone ]|join('.')) }}"
|
||||
service: "{{ item.1.name }}"
|
||||
proto: "{{ item.1.protocol|default('tcp') }}"
|
||||
port: "{{ item.1.port }}"
|
||||
priority: "{{ item.1.priority|default(10) }}"
|
||||
weight: "{{ item.1.weight|default(10) }}"
|
||||
api_token: "{{ dns_cloudflare_api_key }}"
|
||||
loop: "{{ dns_services | subelements('services') }}"
|
||||
when: dns_management_method == "cloudflare"
|
||||
|
||||
- name: Set TXT records
|
||||
cloudflare_dns:
|
||||
type: TXT
|
||||
zone: "{{ item.0.zone }}"
|
||||
record: "{{ item.1.name }}"
|
||||
value: "{{ item.1.content }}"
|
||||
api_token: "{{ dns_cloudflare_api_key }}"
|
||||
loop: "{{ dns_text_records | subelements('records') }}"
|
||||
when: dns_management_method == "cloudflare"
|
||||
|
|
@ -1,14 +0,0 @@
|
|||
---
|
||||
|
||||
dns_sshfp_algorithm:
|
||||
"RSA": 1
|
||||
"DSA": 2
|
||||
"ECDSA": 3
|
||||
"ED25519": 4
|
||||
|
||||
dns_sshfp_type:
|
||||
"SHA-1": 1
|
||||
"SHA-256": 2
|
||||
"SHA-2": 2
|
||||
|
||||
dns_all_hostnames: "{{ [ { 'name': dns_host_name_short } ] + dns_host_names }}"
|
||||
Loading…
Reference in a new issue