#!/usr/bin/env ansible-playbook # vim:ft=ansible: --- - hosts: all gather_facts: no become: no serial: 1 module_defaults: amazon.aws.route53: # These credentials are specific to this playbook aws_access_key: !vault | $ANSIBLE_VAULT;1.1;AES256 32333663353432653161386337326538346563393832643238313438326138326462336535616232 3534313938383965666537363839346138633232326138300a326366393861343038633162663435 36313937663136313532613533653966623436313939343864383534616233343961313337626630 3232633035303634390a653230643934616534343033393138343861356364623037616661623363 65363165656461366236366632356363616264666439333133643162626535346561 aws_secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 31333563386431636333343363623235353537356262626635613636663561343262383338306164 3435376366326330663563366631353138616163623766660a383533663333646431373733356564 31333966303062636136343163363136383465303362333435383830323739333736343164663235 6134393337636461610a346463386566653563353466386333623866303661646564356166363033 35326337636464376566393764663261346339633035613732633134656233393130646161326361 6231653638613061373734373539313933343739346537373961 zone: desu.ltd overwrite: yes tasks: - name: clear host errors before dns loop ansible.builtin.meta: clear_host_errors - name: configure dns block: - name: configure main mgmt dns amazon.aws.route53: record: "{{ inventory_hostname }}" type: A ttl: 3600 state: present value: - "{{ ansible_host }}" tags: [ route53, dns, main ] - name: configure interface dns amazon.aws.route53: record: "{{ item.name }}.{{ inventory_hostname }}" type: A ttl: 3600 state: present value: - "{{ item.ip_addresses[0].address | regex_replace('/.*', '') }}" with_items: "{{ interfaces }}" when: item.ip_addresses[0].address is defined loop_control: label: "{{ item.display }}" tags: [ route53, dns, interface ] - name: configure root a record run_once: yes amazon.aws.route53: record: desu.ltd type: A ttl: 3600 state: present value: 5.161.106.16 tags: [ route53, dns ] delegate_to: localhost when: status.value == "active" and inventory_hostname is match(".*\.desu\.ltd") tags: [ route53, dns ] - name: configure legacy dns amazon.aws.route53: record: "{{ item.record }}" type: "{{ item.type | default('CNAME', true) }}" ttl: 3600 state: "{{ item.state | default('present', true) }}" value: [ "{{ item.value }}" ] with_items: - record: dsk-ryzen-0.desu.ltd value: dsk-ryzen-1.ws.mgmt.desu.ltd - record: lap-s76-lemp9-0.desu.ltd value: lap-s76-lemp9-1.ws.mgmt.desu.ltd - record: pi-homeauto-1.desu.ltd value: pi-homeauto-1.home.mgmt.desu.ltd loop_control: label: "{{ item.record }}" delegate_to: localhost run_once: true tags: [ route53, dns, legacy ] - name: configure site dns amazon.aws.route53: record: "{{ item.record }}" type: "{{ item.type | default('CNAME', true) }}" ttl: 3600 state: "{{ item.state | default('present', true) }}" value: [ "{{ item.value }}" ] with_items: # Public - record: git.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: grafana.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: matrix.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: movie.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: nagios.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: nc.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: netbox.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: prometheus.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd # Public media stuff - record: lidarr.media.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: prowlarr.media.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: sonarr.media.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: radarr.media.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd - record: transmission.media.desu.ltd value: vm-general-1.ashburn.mgmt.desu.ltd loop_control: label: "{{ item.record }}" delegate_to: localhost run_once: true tags: [ route53, dns, site ]