Salt
3701ed678f
This is so we don't have to wait for ZT to start up every time the pi flips its shit
148 lines
5.7 KiB
YAML
Executable File
148 lines
5.7 KiB
YAML
Executable File
#!/usr/bin/env ansible-playbook
|
|
# vim:ft=ansible:
|
|
---
|
|
- hosts: all
|
|
gather_facts: no
|
|
module_defaults:
|
|
community.aws.route53:
|
|
# These credentials are specific to this playbook
|
|
aws_access_key: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
32333663353432653161386337326538346563393832643238313438326138326462336535616232
|
|
3534313938383965666537363839346138633232326138300a326366393861343038633162663435
|
|
36313937663136313532613533653966623436313939343864383534616233343961313337626630
|
|
3232633035303634390a653230643934616534343033393138343861356364623037616661623363
|
|
65363165656461366236366632356363616264666439333133643162626535346561
|
|
aws_secret_key: !vault |
|
|
$ANSIBLE_VAULT;1.1;AES256
|
|
31333563386431636333343363623235353537356262626635613636663561343262383338306164
|
|
3435376366326330663563366631353138616163623766660a383533663333646431373733356564
|
|
31333966303062636136343163363136383465303362333435383830323739333736343164663235
|
|
6134393337636461610a346463386566653563353466386333623866303661646564356166363033
|
|
35326337636464376566393764663261346339633035613732633134656233393130646161326361
|
|
6231653638613061373734373539313933343739346537373961
|
|
zone: desu.ltd
|
|
overwrite: yes
|
|
tasks:
|
|
- name: clear host errors before dns loop
|
|
meta: clear_host_errors
|
|
- name: configure dns
|
|
block:
|
|
- name: configure main mgmt dns
|
|
community.aws.route53:
|
|
record: "{{ inventory_hostname }}"
|
|
type: A
|
|
ttl: 3600
|
|
state: present
|
|
value:
|
|
- "{{ ansible_host }}"
|
|
tags: [ route53, dns, main ]
|
|
- name: configure interface dns
|
|
community.aws.route53:
|
|
record: "{{ item.name }}.{{ inventory_hostname }}"
|
|
type: A
|
|
ttl: 3600
|
|
state: present
|
|
value:
|
|
- "{{ item.ip_addresses[0].address | regex_replace('/.*', '') }}"
|
|
with_items: "{{ interfaces }}"
|
|
when: item.ip_addresses[0].address is defined
|
|
loop_control:
|
|
label: "{{ item.display }}"
|
|
tags: [ route53, dns, interface ]
|
|
- name: configure root a record
|
|
run_once: yes
|
|
community.aws.route53:
|
|
record: desu.ltd
|
|
type: A
|
|
ttl: 3600
|
|
state: present
|
|
value: 45.79.23.133
|
|
tags: [ route53, dns ]
|
|
delegate_to: localhost
|
|
when: status.value == "active" and inventory_hostname is match(".*\.desu\.ltd")
|
|
tags: [ route53, dns ]
|
|
- name: configure legacy dns
|
|
community.aws.route53:
|
|
record: "{{ item.record }}"
|
|
type: "{{ item.type | default('CNAME', true) }}"
|
|
ttl: 3600
|
|
state: "{{ item.state | default('present', true) }}"
|
|
value: [ "{{ item.value }}" ]
|
|
with_items:
|
|
- record: bastion1.desu.ltd
|
|
value: bastion1.dallas.mgmt.desu.ltd
|
|
- record: com1.desu.ltd
|
|
value: com1.dallas.mgmt.desu.ltd
|
|
- record: dsk-ryzen-0.desu.ltd
|
|
value: dsk-ryzen-1.ws.mgmt.desu.ltd
|
|
- record: lap-s76-lemp9-0.desu.ltd
|
|
value: lap-s76-lemp9-1.ws.mgmt.desu.ltd
|
|
- record: pi-homeauto-1.desu.ltd
|
|
value: pi-homeauto-1.home.mgmt.desu.ltd
|
|
- record: psql1.desu.ltd
|
|
value: psql1.dallas.mgmt.desu.ltd
|
|
- record: web1.desu.ltd
|
|
value: web1.dallas.mgmt.desu.ltd
|
|
- record: web2.desu.ltd
|
|
value: web2.dallas.mgmt.desu.ltd
|
|
- record: web3.desu.ltd
|
|
value: web3.dallas.mgmt.desu.ltd
|
|
loop_control:
|
|
label: "{{ item.record }}"
|
|
delegate_to: localhost
|
|
run_once: true
|
|
tags: [ route53, dns, legacy ]
|
|
- name: configure site dns
|
|
community.aws.route53:
|
|
record: "{{ item.record }}"
|
|
type: "{{ item.type | default('CNAME', true) }}"
|
|
ttl: 3600
|
|
state: "{{ item.state | default('present', true) }}"
|
|
value: [ "{{ item.value }}" ]
|
|
with_items:
|
|
# Public
|
|
- record: git.desu.ltd
|
|
value: web1.dallas.mgmt.desu.ltd
|
|
- record: jenkins.desu.ltd
|
|
value: web2.dallas.mgmt.desu.ltd
|
|
- record: matrix.desu.ltd
|
|
value: com1.dallas.mgmt.desu.ltd
|
|
- record: movie.desu.ltd
|
|
value: web3.dallas.mgmt.desu.ltd
|
|
- record: nagios.desu.ltd
|
|
value: web3.dallas.mgmt.desu.ltd
|
|
- record: nc.desu.ltd
|
|
value: web1.dallas.mgmt.desu.ltd
|
|
- record: netbox.desu.ltd
|
|
value: web3.dallas.mgmt.desu.ltd
|
|
- record: ara.desu.ltd
|
|
value: web3.dallas.mgmt.desu.ltd
|
|
# Local
|
|
- record: homeauto.local.desu.ltd
|
|
value: pi-homeauto-1.home.mgmt.desu.ltd
|
|
- record: jackett.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
state: absent
|
|
- record: prowlarr.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
- record: jellyfin.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
- record: radarr.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
- record: sonarr.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
- record: lidarr.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
- record: syncthing.local.desu.ltd
|
|
value: vm-syncthing-1.home.mgmt.desu.ltd
|
|
- record: transmission.local.desu.ltd
|
|
value: zt1.vm-media-1.home.mgmt.desu.ltd
|
|
- record: octoprint.local.desu.ltd
|
|
value: wlan0.pi-octoprint-1.home.mgmt.desu.ltd
|
|
loop_control:
|
|
label: "{{ item.record }}"
|
|
delegate_to: localhost
|
|
run_once: true
|
|
tags: [ route53, dns, site ]
|