Automatic, environment based config generation

2020-05-09 16:39:38 +02:00 · 2020-05-09 16:39:38 +02:00 · bdb4b20d35
parent b33fa00c76
commit bdb4b20d35
7 changed files with 40 additions and 88 deletions
--- a/files/internal.conf
+++ b/files/internal.conf
@ -1,22 +0,0 @@
-server:
-	local-zone: "redxen.localhost." static
-	local-data: "n0.redxen.localhost. 60 IN A 10.0.0.8"
-	local-data: "n1.redxen.localhost. 60 IN A 10.0.0.7"
-	local-data: "n2.redxen.localhost. 60 IN A 10.0.0.9"
-	local-data: "n3.redxen.localhost. 60 IN A 10.0.0.10"
-	local-data: "n4.redxen.localhost. 60 IN A 10.0.0.11"
-
-	local-data: "_gitea._tcp.redxen.localhost. 60 IN SRV 0 5 3200 n0.redxen.localhost."
-
-	local-data: "_grafana._tcp.redxen.localhost. 60 IN SRV 0 5 3000 n0.redxen.localhost."
-	local-data: "_grafana._tcp.redxen.localhost. 60 IN SRV 0 5 3000 n1.redxen.localhost."
-	local-data: "_grafana._tcp.redxen.localhost. 60 IN SRV 0 5 3000 n2.redxen.localhost."
-	local-data: "_grafana._tcp.redxen.localhost. 60 IN SRV 0 5 3000 n3.redxen.localhost."
-	local-data: "_grafana._tcp.redxen.localhost. 60 IN SRV 0 5 3000 n4.redxen.localhost."
-
-	local-data: "_homepage._tcp.redxen.localhost. 60 IN SRV 0 5 80 rxhome.s3-website.eu-central-1.amazonaws.com."
-
-	# Node 4
-	local-data: "redis.redxen.localhost. 60 IN CNAME n0.redxen.localhost."
-	local-data: "postgres.redxen.localhost. 60 IN CNAME n0.redxen.localhost."
-	local-data: "influxdb.redxen.localhost. 60 IN CNAME n0.redxen.localhost."
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,13 +1,3 @@
- name: Copy configuration files
-  copy:
-        follow: yes
-        src: '{{ role_path }}/files/'
-        dest: /etc/unbound/
-  notify:
-        - Reload unbound
-  tags:
-        - update
-        - unbound
 - name: Install Unbound
  apt:
        install_recommends: no
@ -18,6 +8,20 @@
  tags:
        - setup
        - packages
+- name: Copy configuration files
+  loop:
+        - internal.conf
+        - redxen-dns.conf
+        - unbound.conf
+  template:
+        follow: yes
+        src: '{{ item }}.j2'
+        dest: /etc/unbound/{{ item }}
+  notify:
+        - Reload unbound
+  tags:
+        - update
+        - unbound
 - name: Allow Unbound through iptables
  loop:
        - { ipv: 'ipv4', proto: 'tcp' }
--- a/templates/internal.conf.j2
+++ b/templates/internal.conf.j2
@ -0,0 +1,15 @@
+server:
+	local-zone: "redxen.localhost." static
+{% for host in groups['all'] %}
+        local-data: "{{ host }}.redxen.localhost. 60 IN A {{ hostvars[host]['ansible_ens10']['ipv4']['address'] }}"
+{% endfor %}
+
+{% for entry in services.unbound.internal.local.SRV %}
+{% for host in groups[entry.group] %}
+        local-data: "_{{ entry.service }}._tcp.redxen.localhost. 60 IN SRV 0 5 {{ entry.port }} {{ host }}.redxen.localhost."
+{% endfor %}
+{% endfor %}
+
+{% for entry in services.unbound.internal.local.CNAME %}
+	local-data: "{{ entry.service }}.redxen.localhost. 60 IN CNAME {{ entry.host }}.redxen.localhost."
+{% endfor %}
--- a/templates/redxen-dns.conf.j2
+++ b/templates/redxen-dns.conf.j2
@ -1,10 +1,8 @@
 server:
 	local-zone: "redxen.eu." static
-	local-data: "redxen.eu. 10800 IN NS ns0.redxen.eu"
-	local-data: "redxen.eu. 10800 IN NS ns1.redxen.eu"
-	local-data: "redxen.eu. 10800 IN NS ns2.redxen.eu"
-	local-data: "redxen.eu. 10800 IN NS ns3.redxen.eu"
-	local-data: "redxen.eu. 10800 IN NS ns4.redxen.eu"
+{% for host in groups['all'] %}
+	local-data: "redxen.eu. 10800 IN NS {{ host }}.redxen.eu"
+{% endfor %}

 	local-data: "_amazonses.redxen.eu. 86400 IN TXT PAdK+hmtSCYH2lDwBdiCfJDxyhBj2UHJtwQzL7+kh50="
 	local-data: "6jxdve2mevelrsc4lrp5ymhu2pku67v4._domainkey.redxen.eu. 86400 IN CNAME 6jxdve2mevelrsc4lrp5ymhu2pku67v4.dkim.amazonses.com"
@ -16,47 +14,11 @@ server:
 	local-data: "_mumble._tcp.redxen.eu. 86400 IN SRV 0 5 2250 redxen.eu."
 	local-data: "_minecraft._tcp.redxen.eu. 86400 IN SRV 0 5 25565 redxen.eu."

-	local-data: "redxen.eu. 86400 IN A {{ ips.n0 }}"
-	local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n0 }}"
-	local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n0 }}"
-	local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n0 }}"
-	local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n0 }}"
-	local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n0 }}"
-	local-data: "ns0.redxen.eu. 86400 IN A {{ ips.n0 }}"
-	local-data: "nbg0.redxen.eu. 86400 IN A {{ ips.n0 }}"
-
-	local-data: "redxen.eu. 86400 IN A {{ ips.n1 }}"
-	local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n1 }}"
-	local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n1 }}"
-	local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n1 }}"
-	local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n1 }}"
-	local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n1 }}"
-	local-data: "ns1.redxen.eu. 86400 IN A {{ ips.n1 }}"
-	local-data: "nbg1.redxen.eu. 86400 IN A {{ ips.n1 }}"
-
-	local-data: "redxen.eu. 86400 IN A {{ ips.n2 }}"
-	local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n2 }}"
-	local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n2 }}"
-	local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n2 }}"
-	local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n2 }}"
-	local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n2 }}"
-	local-data: "ns2.redxen.eu. 86400 IN A {{ ips.n2 }}"
-	local-data: "nbg2.redxen.eu. 86400 IN A {{ ips.n2 }}"
-
-	local-data: "redxen.eu. 86400 IN A {{ ips.n3 }}"
-	local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n3 }}"
-	local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n3 }}"
-	local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n3 }}"
-	local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n3 }}"
-	local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n3 }}"
-	local-data: "ns3.redxen.eu. 86400 IN A {{ ips.n3 }}"
-	local-data: "nbg3.redxen.eu. 86400 IN A {{ ips.n3 }}"
-
-	local-data: "redxen.eu. 86400 IN A {{ ips.n4 }}"
-	local-data: "{{ domains.grafana }}. 86400 IN A {{ ips.n4 }}"
-	local-data: "{{ domains.gitea }}. 86400 IN A {{ ips.n4 }}"
-	local-data: "{{ domains.transmission }}. 86400 IN A {{ ips.n4 }}"
-	local-data: "{{ domains.seedown }}. 86400 IN A {{ ips.n4 }}"
-	local-data: "{{ domains.pleroma }}. 86400 IN A {{ ips.n4 }}"
-	local-data: "ns4.redxen.eu. 86400 IN A {{ ips.n4 }}"
-	local-data: "nbg4.redxen.eu. 86400 IN A {{ ips.n4 }}"
+{% for host in groups['all'] %}
+{% for domains in services.haproxy.public %}
+	local-data: "{{ domains.domain }}.redxen.eu. 86400 IN A {{ hostvars[host]['ansible_default_ipv4']['address'] }}"
+	local-data: "{{ domains.domain }}.redxen.eu. 86400 IN AAAA {{ hostvars[host]['ansible_default_ipv6']['address'] }}"
+{% endfor %}
+	local-data: "{{ host }}.redxen.eu. 86400 IN A {{ hostvars[host]['ansible_default_ipv4']['address'] }}"
+	local-data: "{{ host }}.redxen.eu. 86400 IN AAAA {{ hostvars[host]['ansible_default_ipv6']['address'] }}"
+{% endfor %}
--- a/templates/unbound.conf.j2
+++ b/templates/unbound.conf.j2
--- a/vars/domains.yml
+++ b/vars/domains.yml
@ -1 +0,0 @@
-../../web/vars/domains.yml
--- a/vars/ips.yml
+++ b/vars/ips.yml
@ -1,6 +0,0 @@
-ips:
-        n0: ""
-        n1: ""
-        n2: ""
-        n3: ""
-        n4: ""