#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
---
- hosts: all
  gather_facts: no
  become: no
  serial: 1
  module_defaults:
    amazon.aws.route53:
      # These credentials are specific to this playbook
      aws_access_key: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          32333663353432653161386337326538346563393832643238313438326138326462336535616232
          3534313938383965666537363839346138633232326138300a326366393861343038633162663435
          36313937663136313532613533653966623436313939343864383534616233343961313337626630
          3232633035303634390a653230643934616534343033393138343861356364623037616661623363
          65363165656461366236366632356363616264666439333133643162626535346561
      aws_secret_key: !vault |
          $ANSIBLE_VAULT;1.1;AES256
          31333563386431636333343363623235353537356262626635613636663561343262383338306164
          3435376366326330663563366631353138616163623766660a383533663333646431373733356564
          31333966303062636136343163363136383465303362333435383830323739333736343164663235
          6134393337636461610a346463386566653563353466386333623866303661646564356166363033
          35326337636464376566393764663261346339633035613732633134656233393130646161326361
          6231653638613061373734373539313933343739346537373961
      zone: desu.ltd
      overwrite: yes
  tasks:
    - name: clear host errors before dns loop
      ansible.builtin.meta: clear_host_errors
    - name: configure dns
      block:
        - name: configure main mgmt dns
          amazon.aws.route53:
            record: "{{ inventory_hostname }}"
            type: A
            ttl: 3600
            state: present
            value:
              - "{{ ansible_host }}"
          tags: [ route53, dns, main ]
        - name: configure interface dns
          amazon.aws.route53:
            record: "{{ item.name }}.{{ inventory_hostname }}"
            type: A
            ttl: 3600
            state: present
            value:
              - "{{ item.ip_addresses[0].address | regex_replace('/.*', '') }}"
          with_items: "{{ interfaces }}"
          when: item.ip_addresses[0].address is defined
          loop_control:
            label: "{{ item.display }}"
          tags: [ route53, dns, interface ]
        - name: configure root a record
          run_once: yes
          amazon.aws.route53:
            record: desu.ltd
            type: A
            ttl: 3600
            state: present
            value: 5.161.106.16
          tags: [ route53, dns ]
      delegate_to: localhost
      when: status.value == "active" and inventory_hostname is match(".*\.desu\.ltd")
      tags: [ route53, dns ]
    - name: configure legacy dns
      amazon.aws.route53:
        record: "{{ item.record }}"
        type: "{{ item.type | default('CNAME', true) }}"
        ttl: 3600
        state: "{{ item.state | default('present', true) }}"
        value: [ "{{ item.value }}" ]
      with_items:
        - record: dsk-ryzen-0.desu.ltd
          value: dsk-ryzen-1.ws.mgmt.desu.ltd
        - record: lap-s76-lemp9-0.desu.ltd
          value: lap-s76-lemp9-1.ws.mgmt.desu.ltd
        - record: pi-homeauto-1.desu.ltd
          value: pi-homeauto-1.home.mgmt.desu.ltd
      loop_control:
        label: "{{ item.record }}"
      delegate_to: localhost
      run_once: true
      tags: [ route53, dns, legacy ]
    - name: configure site dns
      amazon.aws.route53:
        record: "{{ item.record }}"
        type: "{{ item.type | default('CNAME', true) }}"
        ttl: 3600
        state: "{{ item.state | default('present', true) }}"
        value: [ "{{ item.value }}" ]
      with_items:
        # Public
        - record: git.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: grafana.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: matrix.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: movie.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: nagios.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: nc.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: netbox.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: prometheus.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        # Public media stuff
        - record: music.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: lidarr.media.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: prowlarr.media.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: sonarr.media.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: radarr.media.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
        - record: transmission.media.desu.ltd
          value: vm-general-1.ashburn.mgmt.desu.ltd
      loop_control:
        label: "{{ item.record }}"
      delegate_to: localhost
      run_once: true
      tags: [ route53, dns, site ]