chore: cleanup

- removed pdns leftover

create-database-backup.yml

@@ -50,7 +50,7 @@
         - "{{ item }}"
       changed_when: False
       with_items: "{{ cluster_features }}"
-      when: item in ['connect', 'management_connect', 'keycloak', 'gitea', 'pdns']
+      when: item in ['connect', 'management_connect', 'keycloak', 'gitea']
 
     - name: "Add maria servers to hosts if necessary"
       add_host:
@@ -83,12 +83,6 @@
     - role: keycloak_postgres
       when: "'keycloak' in group_names"
 
-#    - role: pdns_admin_postgres
-#      when: "'pdns' in group_names"
-
-#    - role: pdns_postgres
-#      when: "'pdns' in group_names"
-
     - role: connect_wordpress_maria
       when: "'connect_wordpress' in group_names"
 

create-database.yml

@@ -4,7 +4,6 @@
 #   - postgres
 #     - executed on stage specific server: {{ shared_service_postgres_primary }}
 #     - creates databases to work with connect: {{ connect_postgres_database }}
-#     - creates databases to work with pdns: {{ pdns_postgres_database }}
 #     - creates databases to work with management connect: {{ management_connect_postgres_database }}
 #     - creates databases to work with shared keycloak: {{ keycloak_postgres_database }}
 #   - maria
@@ -55,7 +54,7 @@
         - "{{ item }}"
       changed_when: False
       with_items: "{{ cluster_features }}"
-      when: item in ['connect', 'management_connect', 'keycloak', 'gitea', 'pdns']
+      when: item in ['connect', 'management_connect', 'keycloak', 'gitea']
 
     - name: "Add maria servers to hosts if necessary"
       add_host:
@@ -94,16 +93,6 @@
     - role: keycloak_postgres
       when: "'keycloak' in group_names"
 
-    - role: pdns_postgres
-      vars:
-        initialize: True
-      when: "'pdns' in group_names"
-
-    - role: pdns_admin_postgres
-      vars:
-        initialize: True
-      when: "'pdns' in group_names"
-
     - role: connect_wordpress_maria
       when: "'connect_wordpress' in group_names"
 

group_vars/pdns/plain.yml

@@ -1,20 +0,0 @@
----
-
-hetzner_server_type: cx11
-hetzner_server_labels: "stage={{ stage }} service=pdns"
-
-pdns_id: "{{ inventory_hostname }}-pdns"
-pdns_postgres_id: "{{ inventory_hostname }}-postgres-pdns"
-pdns_recursor_id: "{{ inventory_hostname }}-recursor-pdns"
-pdns_admin_id: "{{ inventory_hostname }}-admin-pdns"
-pdns_admin_postgres_id: "{{ inventory_hostname }}-admin-postgres-pdns"
-#pdns_api_key: "< see vault >"
-
-pdns_postgres_host: "{{ shared_service_postgres_primary }}"
-pdns_postgres_database: "{{ stage }}_pdns"
-pdns_postgres_username: "{{ pdns_postgres_database }}"
-pdns_postgres_password: "pdns-postgres-admin"
-
-pdns_admin_postgres_database: "{{ stage }}_pdns_admin"
-pdns_admin_postgres_username: "{{ pdns_admin_postgres_database }}"
-pdns_admin_postgres_password: "pdns-admin-postgres-admin"

group_vars/stage_dev/plain.yml

@@ -11,7 +11,6 @@ shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
-shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 
 connect_jwt_enabled: true
 connect_jwt_secret: "908ae14462d049d3be84964ef379c7c6"

group_vars/stage_prodnso/plain.yml

@@ -8,9 +8,9 @@ shared_service_network: "10.0.0.0/16"
 shared_service_elastic_stack_01_hostname: "{{ stage }}-elastic-stack-elastic-01"
 shared_service_elastic_stack_02_hostname: "{{ stage }}-elastic-stack-elastic-02"
 shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
+
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
-shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 
 connect_jwt_enabled: true
 connect_jwt_secret: "908ae14462d049d3be84964ef379c7c6"

group_vars/stage_qa/plain.yml

@@ -11,7 +11,6 @@ shared_service_elastic_stack_03_hostname: "{{ stage }}-elastic-stack-elastic-03"
 
 shared_service_iam_hostname: "{{ stage }}-iam-01.{{ domain_env }}"
 shared_service_mail_hostname: "{{ stage }}-mail-01.{{ domain_env }}"
-shared_service_pdns_hostname: "{{ stage }}-pdns-01.{{ domain_env }}"
 
 connect_jwt_enabled: true
 connect_jwt_secret: "908ae14462d049d3be84964ef379c7c6"

pmci-inventory-database.yml

@@ -63,7 +63,7 @@
         - "pmci_database_selector"
       changed_when: False
       with_items: "{{ ['hcloud'] + ['stage_' + stage ] + [cluster.service] + (cluster.features | default([])) }}"
-      when: item in ['connect', 'management_connect', 'keycloak', 'gitea', 'pdns']
+      when: item in ['connect', 'management_connect', 'keycloak', 'gitea']
 
     - name: "Add maria servers to hosts if necessary"
       add_host:

remove-database.yml

@@ -48,7 +48,7 @@
         - "{{ item }}"
       changed_when: False
       with_items: "{{ cluster_features }}"
-      when: item in ['connect', 'management_connect', 'keycloak', 'gitea', 'pdns']
+      when: item in ['connect', 'management_connect', 'keycloak', 'gitea']
 
     - name: Add maria servers to hosts if necessary
       add_host:
@@ -88,12 +88,6 @@
     - role: keycloak_postgres
       when: "'keycloak' in group_names"
 
-#    - role: pdns_admin_postgres
-#      when: "'pdns' in group_names"
-
-#    - role: pdns_postgres
-#      when: "'pdns' in group_names"
-
     - role: connect_wordpress_maria
       when: "'connect_wordpress' in group_names"
 

roles/pdns/defaults/main.yml

@@ -1,10 +0,0 @@
----
-
-pdns_image_name: "{{ shared_service_hostname_harbor }}/smardigo/pdns-authoritative"
-pdns_image_version: "1.0.0"
-
-pdns_recursor_image_name: "{{ shared_service_hostname_harbor }}/smardigo/pdns-recursor"
-pdns_recursor_image_version: "1.0.0"
-
-pdns_admin_image_name: "ngoduykhanh/powerdns-admin"
-pdns_admin_image_version: "0.2.4"

roles/pdns/handlers/main.yml

@@ -1,7 +0,0 @@
----
-
-- name: Verify resolv.conf
-  ansible.builtin.lineinfile:
-    path: /etc/resolv.conf
-    regexp: '^nameserver 127.0.0.53'
-    line: nameserver 127.0.0.1

roles/pdns/tasks/main.yml

@@ -1,65 +0,0 @@
----
-
-### tags:
-###   update_deployment
-
-- name: "Check if /etc/resolv.conf is link"
-  stat:
-    path: "/etc/resolv.conf"
-  register: link
-
-- name: "Stopping systemd-resolved if running"
-  ansible.builtin.systemd:
-    name: systemd-resolved.service
-    state: stopped
-
-- name: "Remove symbolic link to /run/systemd/resolve/stub-resolv.conf"
-  file:
-    path: "/etc/resolv.conf"
-    state: absent
-  when: link.stat.islnk is defined and link.stat.islnk
-
-- name: "Copy /run/systemd/resolve/stub-resolv.conf"
-  ansible.builtin.copy:
-    src: "/run/systemd/resolve/stub-resolv.conf"
-    remote_src: true
-    dest: "/etc/resolv.conf"
-    owner: root
-    group: root
-    mode: '0644'
-  when: link.stat.islnk is defined and link.stat.islnk
-
-- name: Adding 8.8.8.8 as fallback to resolv.conf
-  ansible.builtin.lineinfile:
-    path: /etc/resolv.conf
-    regexp: '^nameserver 8\.8\.8\.8'
-    insertafter: '^nameserver 127\.0\.0.*'
-    line: nameserver 8.8.8.8
-
-- name: "Disabling systemd-resolved if enabled"
-  ansible.builtin.systemd:
-    name: systemd-resolved.service
-    enabled: no
-
-- name: "Deploying shared service dns to <{{ current_host }}><{{ current_server_ip }}>"
-  include_role:
-    name: shared_service
-  vars:
-    current_service: "pdns"
-    current_server_ip : "{{ stage_server_ip }}"
-    current_dns_entry: "{{ inventory_hostname }}"
-    current_dns_entries : "{{ pdns_public_dns_entries | default([]) }}"
-    current_service_id : "{{ pdns_id }}"
-    current_service_docker : "{{ pdns_docker }}"
-
-- name: Verify resolv.conf
-  ansible.builtin.lineinfile:
-    path: /etc/resolv.conf
-    regexp: '^nameserver 127\.0\.0.*'
-    line: nameserver 127.0.0.1
- 
-- name: "Delete search line if present"
-  ansible.builtin.lineinfile:
-    path: /etc/resolv.conf
-    regexp: '^search *'
-    state: absent

roles/pdns/vars/main.yml

@@ -1,133 +0,0 @@
----
-
-pdns_labels: [
-  '"traefik.enable=true"',
-  '"traefik.http.routers.{{ pdns_id }}.service={{ pdns_id }}"',
-  '"traefik.http.routers.{{ pdns_id }}.rule=Host(`{{ stage_server_domain }}`)"',
-  '"traefik.http.routers.{{ pdns_id }}.entrypoints=websecure"',
-  '"traefik.http.routers.{{ pdns_id }}.tls=true"',
-  '"traefik.http.routers.{{ pdns_id }}.tls.certresolver=letsencrypt"',
-  '"traefik.http.services.{{ pdns_id }}.loadbalancer.server.port=80"',
-]
-
-pdns_environment: [
-  "PDNS_gpgsql_host: \"{{ pdns_postgres_host }}\"",
-  "PDNS_gpgsql_dbname: \"{{ pdns_postgres_database }}\"",
-  "PDNS_gpgsql_user: \"{{ pdns_postgres_username }}\"",
-  "PDNS_gpgsql_password: \"{{ pdns_postgres_password }}\"",
-  "PDNS_master: \"yes\"",
-  "PDNS_api: \"yes\"",
-  "PDNS_api_key: \"{{ pdns_api_key }}\"",
-  "PDNS_webserver: \"yes\"",
-  "PDNS_webserver_address: \"0.0.0.0\"",
-  "PDNS_webserver_allow_from: \"172.6.0.0/16,0.0.0.0\"",
-  "PDNS_version_string: \"anonymous\"",
-  "PDNS_default_ttl: \"1500\"",
-]
-
-pdns_admin_environment: [
-  "SQLALCHEMY_DATABASE_URI: \"postgresql://{{ pdns_admin_postgres_username }}:{{ pdns_admin_postgres_password }}@{{ pdns_postgres_host }}/{{ pdns_admin_postgres_database }}\"",
-]
-
-pdns_recursor_environment: [
-  "PDNS_forward-zones: \"smardigo.digital=172.6.0.20\"",
-]
-
-pdns_docker: {
-  networks: [
-    {
-      name: front-tier,
-      external: true
-    },
-    {
-      name: pdns,
-      ipams: [
-        {
-          subnet: 172.6.0.0/16,
-          gateway: 172.6.0.1
-        }
-      ]
-    },
-  ],
-  services: [
-    {
-      name: "{{ pdns_id }}",
-      image_name: "{{ pdns_image_name }}",
-      image_version: "{{ pdns_image_version }}",
-      restart: "{{ pdns_service_restart | default('always') }}",
-      environment: "{{ pdns_environment + ( pdns_environment_additional | default([])) }}",
-      volumes: [
-        '"/etc/timezone:/etc/timezone:ro"',
-        '"/etc/localtime:/etc/localtime:ro"',
-      ],
-      networks: [
-        {
-          name: "pdns",
-          aliases: "pdns",
-          ipv4_address: "172.6.0.20",
-        },
-      ],
-      ports: [
-        {
-          external: "8081",
-          internal: "8081",
-        },
-      ],
-      extra_hosts: [
-        {
-          hostname: "{{ pdns_postgres_host }}",
-          ip: "{{ shared_service_pg_master_ip }}"
-        
-        },
-        {
-          hostname: "ns1.smardigo.digital",
-          ip: "172.6.0.20"
-        }
-      ],
-    },
-    {
-      name: "{{ pdns_admin_id }}",
-      image_name: "{{ pdns_admin_image_name }}",
-      image_version: "{{ pdns_admin_image_version }}",
-      labels: "{{ pdns_labels + ( pdns_labels_additional | default([])) }}",
-      environment: "{{ pdns_admin_environment + ( pdns_admin_environment_additional | default([])) }}",
-      volumes: [
-        '"/etc/timezone:/etc/timezone:ro"',
-        '"/etc/localtime:/etc/localtime:ro"',
-      ],
-      networks: [
-        '"pdns"',
-        '"front-tier"',
-      ],
-      extra_hosts: [
-        {
-          hostname: "{{ pdns_postgres_host }}",
-          ip: "{{ shared_service_pg_master_ip }}"
-        }
-      ],
-    },
-    {
-      name: "{{ pdns_recursor_id }}",
-      image_name: "{{ pdns_recursor_image_name }}",
-      image_version: "{{ pdns_recursor_image_version }}",
-      environment: "{{ pdns_recursor_environment + ( pdns_recursor_environment_additional | default([])) }}",
-      volumes: [
-        '"/etc/timezone:/etc/timezone:ro"',
-        '"/etc/localtime:/etc/localtime:ro"',
-      ],
-      ports: [
-        {
-          external: "53",
-          internal: "53/tcp",
-        },
-        {
-          external: "53",
-          internal: "53/udp",
-        },
-      ],
-      networks: [
-        '"pdns"',
-      ]
-    }
-  ],
-}

roles/pdns_admin_postgres/defaults/main.yml

@@ -1,6 +0,0 @@
----
-
-postgres_acls:
-  - name: "{{ pdns_admin_postgres_database }}"
-    password: "{{ pdns_admin_postgres_password }}"
-    trusted_cidr_entry: "{{ shared_service_network }}"

roles/pdns_admin_postgres/tasks/main.yml

@@ -1,18 +0,0 @@
----
-
-### tags:
-
-- name: "Updating <pdns-admin> database on {{ inventory_hostname }}"
-  include_role:
-    name: postgres
-    tasks_from: _update_database_state
-  when:
-  - database_backup_state is not defined
-
-- name: "Creating/Restoring <pdns-admin> database backup on {{ inventory_hostname }}"
-  include_role:
-    name: postgres
-    tasks_from: _create_database_backup.yml
-  when:
-  - database_backup_state is defined
-  - database_backup_state in ['dump', 'restore']

roles/pdns_postgres/defaults/main.yml

@@ -1,8 +0,0 @@
----
-
-postgres_acls:
-  - name: "{{ pdns_postgres_database }}"
-    password: "{{ pdns_postgres_password }}"
-    trusted_cidr_entry: "{{ shared_service_network }}"
-    
-initialize: False

roles/pdns_postgres/tasks/create-requirements.yml

@@ -1,41 +0,0 @@
-- name: "Check if domain table in {{ pdns_postgres_database }} exist"
-  postgresql_query:
-    db: "{{ pdns_postgres_database }}"
-    login_host: "{{ pdns_postgres_host }}"
-    login_password: "{{ pdns_postgres_password }}"
-    login_user: "{{ pdns_postgres_username }}"
-    query: "SELECT EXISTS (SELECT FROM information_schema.tables WHERE table_schema='public' AND table_name='domains');"
-  register: result
-    
-- name: "Convert the SELECT result"
-  set_fact:
-    converted_result: "{{ result | from_yaml }}"
-
-- name: "Set variable"
-  set_fact:
-    domain_table_exist: "{{ item.exists }}"
-  with_items: "{{ converted_result.query_result }}"
-
-- name: "Copy SQL script"
-  copy:
-    src: "{{ playbook_dir }}/templates/pdns/schema.pgsql.sql"
-    dest: /tmp/schema.pgsql.sql
-    mode: '0644'
-  when: 
-    - not domain_table_exist
-
-- name: "Run queries from SQL script"
-  postgresql_query:
-    db: "{{ pdns_postgres_database }}"
-    login_host: "{{ pdns_postgres_host }}"
-    login_password: "{{ pdns_postgres_password }}"
-    login_user: "{{ pdns_postgres_username }}"
-    as_single_query: yes
-    path_to_script: /tmp/schema.pgsql.sql
-  when: 
-    - not domain_table_exist
-
-- name: "Remove SQL script if present"
-  file:
-    path: /tmp/schema.pgsql.sql
-    state: absent

roles/pdns_postgres/tasks/main.yml

@@ -1,29 +0,0 @@
----
-
-### tags:
-
-- name: "Updating <pdns> database on {{ inventory_hostname }}"
-  include_role:
-    name: postgres
-    tasks_from: _update_database_state
-  when:
-  - database_backup_state is not defined
-
-- name: "Creating/Restoring <pdns> database backup on {{ inventory_hostname }}"
-  include_role:
-    name: postgres
-    tasks_from: _create_database_backup.yml
-  when:
-  - database_backup_state is defined
-  - database_backup_state in ['dump', 'restore']
-
-# TODO shouldn't be here?
-- name: "Install python3-psycopg2 if not present"
-  apt:
-    name: python3-psycopg2
-    state: present
-
-# TODO shouldn't be here?
-- name: Include Create Requirements
-  include_tasks: create-requirements.yml
-  when: initialize

smardigo.yml

@@ -58,9 +58,6 @@
     - role: management
       when: "'management' in group_names"
 
-    - role: pdns
-      when: "'pdns' in group_names"
-
     - role: backup
       when: "'backup' in group_names"
 
@@ -72,7 +69,3 @@
 
     - role: connect_compact
       when: "'connect_compact' in group_names"
-
-# just for certificate updates - do not run without -t update_certs
-#    - role: connect
-#      when: "'connect' in group_names"

stage-dev

@@ -34,9 +34,6 @@ dev-management-01
 [maria]
 dev-maria-01
 
-[pdns]
-#dev-pdns-01
-
 [pgadmin4]
 dev-pgadmin4-01
 
@@ -98,7 +95,6 @@ kibana
 logstash
 management
 maria
-pdns
 pgadmin4
 postfix
 postgres

stage-prodnso

@@ -4,9 +4,6 @@ prodnso-backup-01
 [connect]
 prodnso-management-01
 
-[pdns]
-#prodnso-pdns-01
-
 [elastic]
 prodnso-elastic-stack-elastic-01
 prodnso-elastic-stack-elastic-02
@@ -98,7 +95,6 @@ kibana
 logstash
 management
 maria
-pdns
 pgadmin4
 postfix
 postgres

stage-qa

@@ -4,9 +4,6 @@ qa-backup-01
 [connect]
 qa-management-01
 
-[pdns]
-#qa-pdns-01
-
 [elastic]
 qa-elastic-stack-elastic-01
 qa-elastic-stack-elastic-02
@@ -87,7 +84,6 @@ kube_node
 backup
 connect
 elastic
-pdns
 gitea
 harbor
 iam