From 34da73722c5c2eb4b7990eea4269a536d41e64b2 Mon Sep 17 00:00:00 2001
From: Felix Stupp <felix.stupp@outlook.com>
Date: Tue, 8 Oct 2019 02:08:03 +0200
Subject: [PATCH] Added role ip_discover

---
 README.md                                    |  1 +
 group_vars/all/vars.yml                      |  4 +++
 roles/misc/ip_discover/defaults/main.yml     | 11 +++++++++
 roles/misc/ip_discover/meta/main.yml         |  6 +++++
 roles/misc/ip_discover/tasks/main.yml        | 26 ++++++++++++++++++++
 roles/misc/ip_discover/templates/discover.sh |  5 ++++
 6 files changed, 53 insertions(+)
 create mode 100644 roles/misc/ip_discover/defaults/main.yml
 create mode 100644 roles/misc/ip_discover/meta/main.yml
 create mode 100644 roles/misc/ip_discover/tasks/main.yml
 create mode 100644 roles/misc/ip_discover/templates/discover.sh

diff --git a/README.md b/README.md
index ed46594..82ae3fa 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,7 @@ Following roles have been defined to make creating a server configuration easy:
 - **misc** contains some required but small roles
   - **deb_unstable** enables debian unstable on low priority
   - **handlers** contains some handlers used by other roles
+  - **ip_discover** configures a server to automatically send its ip addresses to a supported service
   - **system_user** creates a system user
 - **mysql** defines roles for handling mysql databases and users, uses *MariaDB*
   - **application** installs the main application with automatic backup
diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml
index 3d18221..ac544bb 100644
--- a/group_vars/all/vars.yml
+++ b/group_vars/all/vars.yml
@@ -46,6 +46,10 @@ global_ansible_facts_directory: "/etc/ansible/facts.d"
 
 global_apt_sources_directory: "/etc/apt/sources.list.d"
 
+global_ip_discover_server_name: "nvak.banananet.work"
+global_ip_discover_url: "https://keys.banananet.work/ping"
+global_ip_discover_register_pass: "{{ lookup('password', 'credentials/ip_discover/register_pass chars=digits,ascii_letters length=256') }}"
+
 global_ssh_configuration_directory: "/etc/ssh/"
 global_ssh_configuration_environment_directory: "/ansible/ssh_configuration"
 global_ssh_configuration_link_name: "config"
diff --git a/roles/misc/ip_discover/defaults/main.yml b/roles/misc/ip_discover/defaults/main.yml
new file mode 100644
index 0000000..a45104b
--- /dev/null
+++ b/roles/misc/ip_discover/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+
+system_user: ip_discover
+user_directory: "/var/ip_discover"
+
+domain: "{{ inventory_hostname }}"
+refresh_key: "{{ lookup('password', 'credentials/' + inventory_hostname + '/ip_refresh/' + domain + ' length=80') }}"
+
+discover_script_location: "{{ user_directory }}/{{ domain }}"
+discover_server_name: "{{ global_ip_discover_server }}"
+discover_server_url: "{{ global_ip_discover_url }}/{{ domain }}/{{ refresh_key }}"
diff --git a/roles/misc/ip_discover/meta/main.yml b/roles/misc/ip_discover/meta/main.yml
new file mode 100644
index 0000000..66ad1ab
--- /dev/null
+++ b/roles/misc/ip_discover/meta/main.yml
@@ -0,0 +1,6 @@
+---
+
+allow_duplicates: yes
+
+dependencies:
+  - role: misc/system_user
diff --git a/roles/misc/ip_discover/tasks/main.yml b/roles/misc/ip_discover/tasks/main.yml
new file mode 100644
index 0000000..315ee1d
--- /dev/null
+++ b/roles/misc/ip_discover/tasks/main.yml
@@ -0,0 +1,26 @@
+---
+
+- name: Register fqdn on discover server
+  uri:
+    url: "{{ discover_server_url }}/{{ global_ip_discover_register_pass }}"
+    status_code:
+      - 200
+    return_content: yes
+    validate_certs: yes
+  register: register_result
+  changed_when: "'Already' in register_result.content"
+
+- name: Copy discover script
+  template:
+    src: discover.sh
+    dest: "{{ discover_script_location }}"
+    owner: "{{ system_user }}"
+    group: "{{ system_user }}"
+    mode: "u=rwx,g=rx,o="
+
+- name: Configure crontab for discover script
+  cron:
+    user: "{{ system_user }}"
+    name: "ip_discover {{ domain }}"
+    minute: 0
+    job: "{{ discover_script_location }}"
diff --git a/roles/misc/ip_discover/templates/discover.sh b/roles/misc/ip_discover/templates/discover.sh
new file mode 100644
index 0000000..acf37d9
--- /dev/null
+++ b/roles/misc/ip_discover/templates/discover.sh
@@ -0,0 +1,5 @@
+#!/bin/sh
+
+for v in 4 6; do
+  curl --silent --show-error --ipv$v {{ discover_server_url | quote }};
+done