o Adding Linode update code.

8 files changed, 174 insertions, 1 deletions

diff --git a/ansible/all.yml b/ansible/all.yml
index dc524d5..0a493b6 100644
--- a/ansible/all.yml
+++ b/ansible/all.yml
@@ -2,3 +2,10 @@
     - knot
   roles:
     - postfix
+
+- hosts:
+    - all
+    - desktops
+    - sbcs
+  roles:
+    - linode-dns-update
diff --git a/ansible/group_vars/all/linode-dns.yml b/ansible/group_vars/all/linode-dns.yml
new file mode 100644
index 0000000..99d0d5f
--- /dev/null
+++ b/ansible/group_vars/all/linode-dns.yml
@@ -0,0 +1,13 @@
+$ANSIBLE_VAULT;1.1;AES256
+62623736386330363663393335373462393837373030303932656338623037336433613563323763
+6332316437353338353832633031336533396235333638640a653666383835636635323938656134
+38633531303037643061363434646265336364613737376633646666376564656531333433663236
+3636646665613336620a663531313739663562313264306334393463323437643265616530653138
+62626230393139623233313930636137626233363737636435633737363432333235663035363634
+39343762346536343137653566616634363361396635656630633864616165646334623636376637
+62386465393339643139646437663531613063313635333064343432303137366664376637333930
+38303338616235313666383765636137656665363530393165313932623533663264333732646166
+34663163613031323263356333616336346261363530643438663262366364346437636537653061
+39663239393866396630326263653933363466343562313435373865613431633962643264353965
+65316536663566323930376335323635303634306434396136313366363130316231616431316331
+61643136303631333237
diff --git a/ansible/host_vars/birgitte/linode-dns.yml b/ansible/host_vars/birgitte/linode-dns.yml
new file mode 100644
index 0000000..f59a97b
--- /dev/null
+++ b/ansible/host_vars/birgitte/linode-dns.yml
@@ -0,0 +1,10 @@
+$ANSIBLE_VAULT;1.1;AES256
+66663239393964323061383163653563326263383631326234346430646530313962633834393939
+3138646564393864303064383365613964316336646561640a313234343732343065346163306234
+32663065613963306235633534623132653766653831353033626439663538353034623635316236
+6564393435383636350a363231666562623734346136366239383166646265633266363238333563
+38303765313837326637653035313032376631663135353863613634316538643935646464666163
+30373838373632383535613661343563396339356635376630326230363934366165323464323337
+65353765636466626562383832353162613664306561666232303566326437653262356264333464
+62663061613262613165323634663162663236373734303736386336346334666436663233643635
+6134
diff --git a/ansible/host_vars/conflatorio/linode-dns.yml b/ansible/host_vars/conflatorio/linode-dns.yml
new file mode 100644
index 0000000..655028d
--- /dev/null
+++ b/ansible/host_vars/conflatorio/linode-dns.yml
@@ -0,0 +1,7 @@
+$ANSIBLE_VAULT;1.1;AES256
+34343238663466653633313363366631636336326262643138386264653439343963646436653535
+6364623932316534356132333761366230393732333839610a343930643961353531663533616533
+33663765333761616366663930373431343865376237643538373862303037636535653963326138
+3836313633396337650a373563663766343064656539303131386137346239386664313365663035
+63643863646163333733633131636635623863656230316630636161623962343162396534393734
+3061653434333832623532363331303763303436326362663265
diff --git a/ansible/inventory b/ansible/inventory
index 38f04d0..3ae9b34 100644
--- a/ansible/inventory
+++ b/ansible/inventory
@@ -5,12 +5,28 @@ all:
     numquam:
       ansible_host: numquam.trygvis.io
     birgitte:
-      ansible_host: vs.trygvis.io
+      ansible_host: birgitte.trygvis.io
     arius:
       ansible_host: arius.trygvis.io
     mw:
       ansible_host: 2a01:7e00:e000:272:2ff:aaff:fe7e:46b4
+    homepi:
+      ansible_host: homepi.local
+    malabaricus:
+      ansible_host: malabaricus.trygvis.io
+    conflatorio:
+      ansible_host: conflatorio.trygvis.io
   children:
+    desktops:
+      hosts:
+        birgitte:
+        conflatorio:
+        arius:
+        akysis:
+    sbcs:
+      hosts:
+        homepi:
+        malabaricus:
     vm:
       hosts:
         mw:
diff --git a/ansible/roles/linode-dns-update/handlers/main.yml b/ansible/roles/linode-dns-update/handlers/main.yml
new file mode 100644
index 0000000..9d7ba98
--- /dev/null
+++ b/ansible/roles/linode-dns-update/handlers/main.yml
@@ -0,0 +1,10 @@
+- name: systemd daemon-reload
+  become: yes
+  systemd:
+    daemon_reload: true
+
+- name: service start linode-dns-update.timer
+  become: yes
+  service:
+    name: linode-dns-update.timer
+    state: restarted
diff --git a/ansible/roles/linode-dns-update/tasks/main.yml b/ansible/roles/linode-dns-update/tasks/main.yml
new file mode 100644
index 0000000..8b305f8
--- /dev/null
+++ b/ansible/roles/linode-dns-update/tasks/main.yml
@@ -0,0 +1,65 @@
+- when: (linode_dns__ipv4_resource is defined) or (linode_dns__ipv6_resource is defined)
+  become: true
+  tags: linode-dns-update
+  block:
+    - name: /usr/local/bin/linode-dns-update
+      template:
+        src: linode-dns-update.j2
+        dest: /usr/local/bin/linode-dns-update
+        owner: root
+        group: root
+        mode: a=rx,u=rwx
+
+    - name: /etc/systemd/system/linode-dns-update.service
+      notify:
+        - systemd daemon-reload
+      copy:
+        dest: /etc/systemd/system/linode-dns-update.service
+        content: |
+          [Unit]
+          Description=Update DNS entry
+
+          [Service]
+          Type=oneshot
+          ExecStart=/usr/local/bin/linode-dns-update
+          User=nobody
+          Group=systemd-journal
+
+    - name: systemctl enable linode-dns-update.service
+      systemd:
+        name: linode-dns-update.service
+        enabled: yes
+
+    - name: /etc/systemd/system/linode-dns-update.timer
+      notify:
+        - systemd daemon-reload
+        - service start linode-dns-update.timer
+      copy:
+        dest: /etc/systemd/system/linode-dns-update.timer
+        content: |
+          [Unit]
+          Description=Update DNS entry
+
+          [Timer]
+          OnBootSec=5min
+          OnUnitActiveSec=1hour
+
+          [Install]
+          WantedBy=timers.target
+
+    - name: systemctl enable linode-dns-update.timer
+      systemd:
+        name: linode-dns-update.timer
+        enabled: yes
+        state: started
+
+    # Remove old stuff
+    - file:
+        path: /usr/local/bin/update-linode
+        state: absent
+
+    - name: Install cron job
+      cron:
+        name: update-linode
+        cron_file: update-linode
+        state: absent
diff --git a/ansible/roles/linode-dns-update/templates/linode-dns-update.j2 b/ansible/roles/linode-dns-update/templates/linode-dns-update.j2
new file mode 100644
index 0000000..97ab7c9
--- /dev/null
+++ b/ansible/roles/linode-dns-update/templates/linode-dns-update.j2
@@ -0,0 +1,45 @@
+#!/bin/bash
+
+set -e
+
+# Hostname: {{ ansible_hostname }}
+URL="https://api.linode.com/"
+USERNAME="{{ linode_dns__api_username }}"
+KEY="{{ linode_dns__api_key }}"
+DOMAIN_ID="{{ linode_dns__domain_id }}"
+
+PATH=/sbin:/usr/sbin:/bin:/usr/bin:
+
+req() {
+  PARAMS=()
+  for p in "$@"
+  do
+    PARAMS+=(-F "$p")
+  done
+
+  curl \
+    -4 \
+    --user "$USERNAME:$KEY" -s \
+    "${PARAMS[@]}" \
+    "$URL" >/dev/null # | jq
+}
+
+domain_resource_update() {
+  req api_action=domain.resource.update DomainId="$1" ResourceId="$2" Type="$3" Target="$4"
+}
+
+{% if linode_dns__ipv4_resource is defined %}
+domain_resource_update "$DOMAIN_ID" "{{ linode_dns__ipv4_resource }}" "A" "[remote_addr]"
+{% endif %}
+
+{% if linode_dns__ipv6_resource is defined %}
+q=''
+#q='map(select(.ifname=="wlx00e01d0808b2"))'
+q='map(.addr_info) | flatten | map(select(.scope=="global" and .deprecated != true and .mngtmpaddr != true) | .local) | first'
+ip=$(ip -6 -json addr | jq -r -c "$q")
+
+if [[ ! -z $ip ]]
+then
+  domain_resource_update "$DOMAIN_ID" "{{ linode_dns__ipv6_resource }}" "AAAA" "$ip"
+fi
+{% endif %}