Merge pull request #537 from wmudge/feature/route53-ddns

Add Route53 Dynamic DNS role

README.md

@@ -70,6 +70,7 @@ If you have a spare domain name you can configure applications to be accessible
 * [pyLoad](https://pyload.net/) - A download manager with a friendly web-interface
 * [PyTivo](http://pytivo.org) - An HMO and GoBack server for TiVos.
 * [Radarr](https://radarr.video/) - for organising and downloading movies
+* [Route53 DDNS](https://crazymax.dev/ddns-route53/) - Automatically update AWS Route53 with your IP address
 * [RSS-Bridge](https://rss-bridge.github.io/rss-bridge/) - The RSS feed for websites missing it
 * [Sabnzbd](https://sabnzbd.org/) - A powerful usenet downloader that FreeNAS provides
 * [Serposcope](https://serposcope.serphacker.com/en/) - tracker to monitor website ranking

docs/applications/route53_ddns.md

@@ -0,0 +1,34 @@
+# AWS Route53 Dynamic DNS Updater
+
+ddns-route53: [https://crazymax.dev/ddns-route53/](https://crazymax.dev/ddns-route53/)
+
+AWS Route53: [https://aws.amazon.com/route53/](https://aws.amazon.com/route53/)
+
+If you want your Ansible-NAS accessible externally then you need a domain name. You will also need to set a wildcard host `A` record to point to your static IP, or enable this container to automatically update AWS Route53 with your dynamic IP address.
+
+## Usage
+
+Set `route53_ddns_enabled: true` in your `inventories/<your_inventory>/nas.yml` file.
+
+Set required AWS access credentials from the AWS Console. (See below.)
+
+## Specific Configuration
+
+Make sure you set your domain (if different than the `ansible-nas` default) and access details within your `inventories/<your_inventory>/nas.yml` file.
+
+To set up Route53 to work with the service, please review the [Prerequisites](https://crazymax.dev/ddns-route53/usage/prerequisites/) page. In short, you will need to set up a Route53 [Hosted Zone](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-working-with.html), an [IAM Policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html), and an [IAM User](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html) with API credentials.
+
+### AWS Access Credentials
+
+| Parameter          | Description       | Status    |
+|--------------------|-------------------|-----------|
+| route53_key_id     | AWS access key ID | mandatory |
+| route53_secret_key | AWS secret key    | mandatory |
+
+### Networking
+
+| Parameter              | Description                    | Status    |
+|------------------------|--------------------------------|-----------|
+| route53_hosted_zone_id | Route53 hosted zone ID         | mandatory |
+| route53_ttl            | Time-to-live for the DNS entry |           |
+| route53_host           | Wildcard domain to update      |           |

nas.yml

@@ -283,6 +283,11 @@
         - sabnzbd
       when: (sabnzbd_enabled | default(False))
 
+    - role: route53_ddns
+      tags:
+        - route53_ddns
+      when: (route53_ddns_enabled | default(False))
+
     - role: rssbridge
       tags:
         - rssbridge

roles/route53_ddns/defaults/main.yml

@@ -0,0 +1,22 @@
+---
+
+route53_ddns_enabled: false
+
+# Data directory for config file
+route53_data_directory: "{{ docker_home }}/route53_ddns"
+
+# AWS access credentials
+route53_key_id: "{{ mandatory }}"
+route53_secret_key: "{{ mandatory }}"
+
+# Managed DNS zone ID
+route53_hosted_zone_id: "{{ mandatory }}"
+
+# The hostname to update
+route53_host: "*.{{ ansible_nas_domain }}"
+
+# The Time-To-Live for the DNS entry
+route53_ttl: 600
+
+# Container
+route53_memory: 512MB

roles/route53_ddns/tasks/main.yml

@@ -0,0 +1,23 @@
+---
+
+- name: Create AWS Route53 Dynamic DNS Directories
+  file:
+    path: "{{ route53_data_directory }}"
+    state: directory
+
+- name: Generate AWS Route53 Dynamic DNS config file
+  template:
+    src: config.yml
+    dest: "{{ route53_data_directory }}/ddns-route53.yml"
+  register: template_config
+
+- name: AWS Route53 Dynamic DNS Container
+  docker_container:
+    name: route53-ddns
+    image: crazymax/ddns-route53:latest
+    pull: true
+    volumes:
+      - "{{ route53_data_directory }}/ddns-route53.yml:/etc/ddns-route53/ddns-route53.yml"
+    restart_policy: unless-stopped
+    memory: "{{ route53_memory }}"
+    recreate: "{{ template_config is changed }}"

roles/route53_ddns/templates/config.yml

@@ -0,0 +1,12 @@
+---
+
+credentials:
+  accessKeyId: "{{ route53_key_id }}"
+  secretAccessKey: "{{ route53_secret_key }}"
+
+route53:
+  hostedZoneID: "{{ route53_hosted_zone_id }}"
+  recordsSet:
+    - name: "{{ route53_host }}."
+      type: "A"
+      ttl: "{{ route53_ttl }}"