dns/entries: Rewrite role to use nsupdate module instead of custom makefile construct
parent
2b0345be62
commit
02b501f4a5
@ -1,8 +0,0 @@
|
||||
#targets := $(addsuffix ~DONE,$(wildcard *~update))
|
||||
#
|
||||
#.PHONY: all
|
||||
#all: $(targets)
|
||||
|
||||
%~update~DONE: %~update
|
||||
nsupdate -l "$<"
|
||||
touch "$@"
|
@ -1,32 +1,27 @@
|
||||
---
|
||||
|
||||
- name: Store changes in dns entries on the remote
|
||||
copy:
|
||||
content: |
|
||||
#jinja2:trim_blocks: False
|
||||
zone {{ dns_zone_domain }}.
|
||||
ttl {{ ttl_default }}
|
||||
{%- if entries_delete %}{% for entry in entries %}{% if entry|mapping %}
|
||||
update delete {{ entry.domain | default('@') | domain_relative_to(domain) }} 0 {{ entry.class | default('IN') }}{% if not entries_delete_all_types %} {{ entry.type }}{% endif %}
|
||||
{%- endif %}{% endfor %}{% endif %}
|
||||
{% for entry in entries %}{% if entry|mapping -%}
|
||||
update add {{ entry.domain | default('@') | domain_relative_to(domain) }} {{ entry.ttl | default(ttl_default) }} {{ entry.class | default('IN') }} {{ entry.type }} {{ entry.data }}
|
||||
{% else -%}
|
||||
{% if not entry|regex_search('^(update )?(add|del(ete)?) ') %}update add {% endif %}{{ entry }}
|
||||
{% endif %}{% endfor %}
|
||||
send
|
||||
dest: "{{ entries_file }}"
|
||||
owner: "{{ global_local_user }}"
|
||||
group: "{{ global_local_user }}"
|
||||
mode: u=rw,g=r,o=r
|
||||
- name: Gain TSIG key to apply DNS record changes
|
||||
tsig_interpreter:
|
||||
path: "{{ global_dns_session_key_path }}"
|
||||
register: tsig_key
|
||||
delegate_to: "{{ dns_system_domain }}"
|
||||
tags:
|
||||
- dns_entries
|
||||
|
||||
- name: Update dns entries at dns host
|
||||
make:
|
||||
chdir: "{{ global_dns_changes_directory }}"
|
||||
target: "{{ entries_file | basename }}~DONE"
|
||||
- name: Apply changes in DNS records
|
||||
nsupdate:
|
||||
server: "127.0.0.1" # delegated to correct system
|
||||
key_algorithm: "{{ tsig_key.key_algorithm }}"
|
||||
key_name: "{{ tsig_key.key_name }}"
|
||||
key_secret: "{{ tsig_key.key_secret }}"
|
||||
zone: "{{ dns_zone_domain }}"
|
||||
record: "{{ item.domain | default('@') | domain_relative_to(effective_domain) }}."
|
||||
ttl: "{{ item.ttl | default(ttl_default) }}"
|
||||
type: "{{ item.type }}"
|
||||
value: "{{ item.data }}"
|
||||
loop: "{{ entries | dns_entries_interpreter }}"
|
||||
loop_control:
|
||||
label: "{{ item.domain | default('@') | domain_relative_to(effective_domain) }}. {{ item.type }}"
|
||||
delegate_to: "{{ dns_system_domain }}"
|
||||
tags:
|
||||
- dns_entries
|
||||
|
Loading…
Reference in New Issue