dns/entries: Rewrite role to use nsupdate module instead of custom makefile construct
parent
2b0345be62
commit
02b501f4a5
@ -1,8 +0,0 @@
|
|||||||
#targets := $(addsuffix ~DONE,$(wildcard *~update))
|
|
||||||
#
|
|
||||||
#.PHONY: all
|
|
||||||
#all: $(targets)
|
|
||||||
|
|
||||||
%~update~DONE: %~update
|
|
||||||
nsupdate -l "$<"
|
|
||||||
touch "$@"
|
|
@ -1,32 +1,27 @@
|
|||||||
---
|
---
|
||||||
|
|
||||||
- name: Store changes in dns entries on the remote
|
- name: Gain TSIG key to apply DNS record changes
|
||||||
copy:
|
tsig_interpreter:
|
||||||
content: |
|
path: "{{ global_dns_session_key_path }}"
|
||||||
#jinja2:trim_blocks: False
|
register: tsig_key
|
||||||
zone {{ dns_zone_domain }}.
|
|
||||||
ttl {{ ttl_default }}
|
|
||||||
{%- if entries_delete %}{% for entry in entries %}{% if entry|mapping %}
|
|
||||||
update delete {{ entry.domain | default('@') | domain_relative_to(domain) }} 0 {{ entry.class | default('IN') }}{% if not entries_delete_all_types %} {{ entry.type }}{% endif %}
|
|
||||||
{%- endif %}{% endfor %}{% endif %}
|
|
||||||
{% for entry in entries %}{% if entry|mapping -%}
|
|
||||||
update add {{ entry.domain | default('@') | domain_relative_to(domain) }} {{ entry.ttl | default(ttl_default) }} {{ entry.class | default('IN') }} {{ entry.type }} {{ entry.data }}
|
|
||||||
{% else -%}
|
|
||||||
{% if not entry|regex_search('^(update )?(add|del(ete)?) ') %}update add {% endif %}{{ entry }}
|
|
||||||
{% endif %}{% endfor %}
|
|
||||||
send
|
|
||||||
dest: "{{ entries_file }}"
|
|
||||||
owner: "{{ global_local_user }}"
|
|
||||||
group: "{{ global_local_user }}"
|
|
||||||
mode: u=rw,g=r,o=r
|
|
||||||
delegate_to: "{{ dns_system_domain }}"
|
delegate_to: "{{ dns_system_domain }}"
|
||||||
tags:
|
tags:
|
||||||
- dns_entries
|
- dns_entries
|
||||||
|
|
||||||
- name: Update dns entries at dns host
|
- name: Apply changes in DNS records
|
||||||
make:
|
nsupdate:
|
||||||
chdir: "{{ global_dns_changes_directory }}"
|
server: "127.0.0.1" # delegated to correct system
|
||||||
target: "{{ entries_file | basename }}~DONE"
|
key_algorithm: "{{ tsig_key.key_algorithm }}"
|
||||||
|
key_name: "{{ tsig_key.key_name }}"
|
||||||
|
key_secret: "{{ tsig_key.key_secret }}"
|
||||||
|
zone: "{{ dns_zone_domain }}"
|
||||||
|
record: "{{ item.domain | default('@') | domain_relative_to(effective_domain) }}."
|
||||||
|
ttl: "{{ item.ttl | default(ttl_default) }}"
|
||||||
|
type: "{{ item.type }}"
|
||||||
|
value: "{{ item.data }}"
|
||||||
|
loop: "{{ entries | dns_entries_interpreter }}"
|
||||||
|
loop_control:
|
||||||
|
label: "{{ item.domain | default('@') | domain_relative_to(effective_domain) }}. {{ item.type }}"
|
||||||
delegate_to: "{{ dns_system_domain }}"
|
delegate_to: "{{ dns_system_domain }}"
|
||||||
tags:
|
tags:
|
||||||
- dns_entries
|
- dns_entries
|
||||||
|
Loading…
Reference in New Issue