From 77f135227945c3170973f815d24f7cfddf72cd5f Mon Sep 17 00:00:00 2001 From: Webster Mudge Date: Sat, 18 Jun 2022 16:04:50 -0400 Subject: [PATCH] Add Route53 Dynamic DNS role Signed-off-by: Webster Mudge --- README.md | 1 + docs/applications/route53_ddns.md | 34 +++++++++++++++++++++++++ nas.yml | 5 ++++ roles/route53_ddns/defaults/main.yml | 22 ++++++++++++++++ roles/route53_ddns/tasks/main.yml | 23 +++++++++++++++++ roles/route53_ddns/templates/config.yml | 12 +++++++++ 6 files changed, 97 insertions(+) create mode 100644 docs/applications/route53_ddns.md create mode 100644 roles/route53_ddns/defaults/main.yml create mode 100644 roles/route53_ddns/tasks/main.yml create mode 100644 roles/route53_ddns/templates/config.yml diff --git a/README.md b/README.md index be8b126d..365be61a 100644 --- a/README.md +++ b/README.md @@ -70,6 +70,7 @@ If you have a spare domain name you can configure applications to be accessible * [pyLoad](https://pyload.net/) - A download manager with a friendly web-interface * [PyTivo](http://pytivo.org) - An HMO and GoBack server for TiVos. * [Radarr](https://radarr.video/) - for organising and downloading movies +* [Route53 DDNS](https://crazymax.dev/ddns-route53/) - Automatically update AWS Route53 with your IP address * [RSS-Bridge](https://rss-bridge.github.io/rss-bridge/) - The RSS feed for websites missing it * [Sabnzbd](https://sabnzbd.org/) - A powerful usenet downloader that FreeNAS provides * [Serposcope](https://serposcope.serphacker.com/en/) - tracker to monitor website ranking diff --git a/docs/applications/route53_ddns.md b/docs/applications/route53_ddns.md new file mode 100644 index 00000000..86ad9846 --- /dev/null +++ b/docs/applications/route53_ddns.md @@ -0,0 +1,34 @@ +# AWS Route53 Dynamic DNS Updater + +ddns-route53: [https://crazymax.dev/ddns-route53/](https://crazymax.dev/ddns-route53/) + +AWS Route53: [https://aws.amazon.com/route53/](https://aws.amazon.com/route53/) + +If you want your Ansible-NAS accessible externally then you need a domain name. You will also need to set a wildcard host `A` record to point to your static IP, or enable this container to automatically update AWS Route53 with your dynamic IP address. + +## Usage + +Set `route53_ddns_enabled: true` in your `inventories//nas.yml` file. + +Set required AWS access credentials from the AWS Console. (See below.) + +## Specific Configuration + +Make sure you set your domain (if different than the `ansible-nas` default) and access details within your `inventories//nas.yml` file. + +To set up Route53 to work with the service, please review the [Prerequisites](https://crazymax.dev/ddns-route53/usage/prerequisites/) page. In short, you will need to set up a Route53 [Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-working-with.html), an [IAM Policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html), and an [IAM User](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html) with API credentials. + +### AWS Access Credentials + +| Parameter | Description | Status | +|--------------------|-------------------|-----------| +| route53_key_id | AWS access key ID | mandatory | +| route53_secret_key | AWS secret key | mandatory | + +### Networking + +| Parameter | Description | Status | +|------------------------|--------------------------------|-----------| +| route53_hosted_zone_id | Route53 hosted zone ID | mandatory | +| route53_ttl | Time-to-live for the DNS entry | | +| route53_host | Wildcard domain to update | | diff --git a/nas.yml b/nas.yml index 459ef764..99cc005a 100644 --- a/nas.yml +++ b/nas.yml @@ -283,6 +283,11 @@ - sabnzbd when: (sabnzbd_enabled | default(False)) + - role: route53_ddns + tags: + - route53_ddns + when: (route53_ddns_enabled | default(False)) + - role: rssbridge tags: - rssbridge diff --git a/roles/route53_ddns/defaults/main.yml b/roles/route53_ddns/defaults/main.yml new file mode 100644 index 00000000..6a3746ec --- /dev/null +++ b/roles/route53_ddns/defaults/main.yml @@ -0,0 +1,22 @@ +--- + +route53_ddns_enabled: false + +# Data directory for config file +route53_data_directory: "{{ docker_home }}/route53_ddns" + +# AWS access credentials +route53_key_id: "{{ mandatory }}" +route53_secret_key: "{{ mandatory }}" + +# Managed DNS zone ID +route53_hosted_zone_id: "{{ mandatory }}" + +# The hostname to update +route53_host: "*.{{ ansible_nas_domain }}" + +# The Time-To-Live for the DNS entry +route53_ttl: 600 + +# Container +route53_memory: 512MB diff --git a/roles/route53_ddns/tasks/main.yml b/roles/route53_ddns/tasks/main.yml new file mode 100644 index 00000000..374ce998 --- /dev/null +++ b/roles/route53_ddns/tasks/main.yml @@ -0,0 +1,23 @@ +--- + +- name: Create AWS Route53 Dynamic DNS Directories + file: + path: "{{ route53_data_directory }}" + state: directory + +- name: Generate AWS Route53 Dynamic DNS config file + template: + src: config.yml + dest: "{{ route53_data_directory }}/ddns-route53.yml" + register: template_config + +- name: AWS Route53 Dynamic DNS Container + docker_container: + name: route53-ddns + image: crazymax/ddns-route53:latest + pull: true + volumes: + - "{{ route53_data_directory }}/ddns-route53.yml:/etc/ddns-route53/ddns-route53.yml" + restart_policy: unless-stopped + memory: "{{ route53_memory }}" + recreate: "{{ template_config is changed }}" diff --git a/roles/route53_ddns/templates/config.yml b/roles/route53_ddns/templates/config.yml new file mode 100644 index 00000000..7f1c0941 --- /dev/null +++ b/roles/route53_ddns/templates/config.yml @@ -0,0 +1,12 @@ +--- + +credentials: + accessKeyId: "{{ route53_key_id }}" + secretAccessKey: "{{ route53_secret_key }}" + +route53: + hostedZoneID: "{{ route53_hosted_zone_id }}" + recordsSet: + - name: "{{ route53_host }}." + type: "A" + ttl: "{{ route53_ttl }}"