From 44a25a875f9d6bca4f4a70a7113c41040850530d Mon Sep 17 00:00:00 2001 From: Sven Ketelsen Date: Fri, 11 Jun 2021 15:54:49 +0200 Subject: [PATCH] bugfix: dynamic ip address resolution for hetzner --- provisioning.yml | 19 +------- roles/_digitalocean/tasks/domain.yml | 12 +++++ roles/common/tasks/main.yml | 2 +- roles/hcloud/tasks/main.yml | 65 +++++++++++++++++++++++----- stage-dev | 1 + 5 files changed, 70 insertions(+), 29 deletions(-) diff --git a/provisioning.yml b/provisioning.yml index dbb2682..2158d12 100644 --- a/provisioning.yml +++ b/provisioning.yml @@ -27,30 +27,13 @@ tags: - update_networks - - name: "Gather current server infos" - hcloud_server_info: - api_token: "{{ hetzner_authentication_token }}" - register: hetzner_server_infos - delegate_to: 127.0.0.1 - become: false - tags: - - update_networks - - - name: "Set current server infos as fact: hetzner_server_infos_json" - set_fact: - hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}" - delegate_to: 127.0.0.1 - become: false - tags: - - update_networks - - name: Save firewall entries as variable (fact) set_fact: hetzner_firewalls_response_json: "{{ hetzner_firewalls_response.json }}" run_once: true tags: - update_networks - + - name: Parse firewall entries set_fact: firewall_records: "{{ hetzner_firewalls_response_json.firewalls | json_query(jmesquery) }}" diff --git a/roles/_digitalocean/tasks/domain.yml b/roles/_digitalocean/tasks/domain.yml index 1be9817..cdd1634 100644 --- a/roles/_digitalocean/tasks/domain.yml +++ b/roles/_digitalocean/tasks/domain.yml @@ -10,12 +10,16 @@ register: domain_records_response delegate_to: 127.0.0.1 become: false + tags: + - update_dns - name: Save DNS entry as variable (fact) set_fact: domain_records_response_json: "{{ domain_records_response.json }}" delegate_to: 127.0.0.1 become: false + tags: + - update_dns - name: Parse DNS entry for {{ record_name }}.{{ domain }} set_fact: @@ -24,12 +28,16 @@ jmesquery: '[*].{id: id, name: name, ip: data}' delegate_to: 127.0.0.1 become: false + tags: + - update_dns - name: Print DNS entry for {{ record_name }}.{{ domain }} debug: msg: "{{ domain_record }}" delegate_to: 127.0.0.1 become: false + tags: + - update_dns - name: Delete DNS entry for <{{ record_name }}> if necessary uri: @@ -44,6 +52,8 @@ and record_data != domain_record.ip delegate_to: 127.0.0.1 become: false + tags: + - update_dns - name: Create DNS entry for <{{ record_name }}> if necessary uri: @@ -67,3 +77,5 @@ or record_name != domain_record.name delegate_to: 127.0.0.1 become: false + tags: + - update_dns diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index fb7c207..f75c803 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -50,7 +50,7 @@ shell: "getent passwd | awk -F: '$3 > 999 {print $1}'" register: current_users tags: - - users + - users - name: "Remove outdated users" user: name={{item}} state=absent remove=yes diff --git a/roles/hcloud/tasks/main.yml b/roles/hcloud/tasks/main.yml index dc85520..66a183b 100644 --- a/roles/hcloud/tasks/main.yml +++ b/roles/hcloud/tasks/main.yml @@ -1,6 +1,7 @@ --- ### tags: +### update_dns ### update_networks - name: Create new server {{ inventory_hostname }} @@ -15,6 +16,58 @@ state: present delegate_to: 127.0.0.1 +- name: "Gather current server infos" + hcloud_server_info: + api_token: "{{ hetzner_authentication_token }}" + register: hetzner_server_infos + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns + - update_networks + +- name: "Set current server infos as fact: hetzner_server_infos_json" + set_fact: + hetzner_server_infos_json: "{{ hetzner_server_infos.hcloud_server_info }}" + delegate_to: 127.0.0.1 + become: false + tags: + - update_dns + - update_networks + +- name: Print the gathered infos + debug: + var: hetzner_server_infos_json + delegate_to: 127.0.0.1 + tags: + - update_dns + - update_networks + +- name: "Set current server ips as fact: stage_server_ips" + set_fact: + stage_server_ips: "{{ hetzner_server_infos_json | json_query(jmesquery) }}" + vars: + jmesquery: '[*].{name: name, ipv4: ipv4_address}' + tags: + - update_dns + +- name: Read ip for {{ inventory_hostname }} + set_fact: + stage_server_ip: "{{ stage_server_ips + | selectattr('name', 'equalto', inventory_hostname) + | map(attribute='ipv4') + | list + | first }}" + tags: + - update_dns + +- name: Print the gathered ip for {{ inventory_hostname }} + debug: + var: stage_server_ip + delegate_to: 127.0.0.1 + tags: + - update_dns + - name: "Setup firewall" include_tasks: configure-firewall.yml vars: @@ -29,16 +82,6 @@ tags: - update_networks -- name: Read ip for {{ inventory_hostname }} - set_fact: - stage_server_ip: "{{ item.ipv4_address }}" - with_items: "{{ hetzner_server_infos_json }}" - -- name: Print the gathered infos - debug: - var: stage_server_ip - delegate_to: 127.0.0.1 - - name: "Setup DNS configuration for {{ inventory_hostname }}" include_role: name: _digitalocean @@ -46,3 +89,5 @@ vars: record_data: "{{ stage_server_ip }}" record_name: "{{ inventory_hostname }}" + tags: + - update_dns diff --git a/stage-dev b/stage-dev index a4c4de6..e98e4f1 100644 --- a/stage-dev +++ b/stage-dev @@ -1,6 +1,7 @@ [connect] dev-connect-01 dev-connect-02 +dev-connect-03 [docker_registry] dev-docker-registry-01