forked from UCCNetsoc/NaC
-
Notifications
You must be signed in to change notification settings - Fork 0
/
dns.yml
116 lines (100 loc) · 5.78 KB
/
dns.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
---
- name: "Setup DNS"
hosts: 127.0.0.1
connection: local
vars_files:
- vars/ip_allocation.yml
- vars/cloudflare.yml
- vars/secrets.yml
tasks:
- name: "Add DNS records for each server name (.dev)"
cloudflare_dns:
zone: "netsoc.dev"
type: A
record: "{{ item }}.netsoc.dev"
value: "{{ hostvars[item].ansible_host }}" # ansible_host in hosts.yml
state: present
account_email: "{{ cloudflare_api_email }}"
account_api_token: "{{ cloudflare_api_key }}"
with_inventory_hostnames:
- all
- name: "Add DNS records for each server name (.co)"
cloudflare_dns:
zone: "netsoc.co"
type: A
record: "{{ item }}.netsoc.co"
value: "{{ hostvars[item].ansible_host }}" # ansible_host in hosts.yml
state: present
account_email: "{{ cloudflare_api_email }}"
account_api_token: "{{ cloudflare_api_key }}"
with_inventory_hostnames:
- all
- name: "Add DNS records"
cloudflare_dns:
zone: "{{ item.zone }}"
type: "{{ item.type }}"
record: "{{ item.record }}"
value: "{{ item.value }}"
state: present
account_email: "{{ cloudflare_api_email }}"
account_api_token: "{{ cloudflare_api_key }}"
with_items:
# A record for use before the DNS is first setup on auth
- { zone: "netsoc.co", type: A, record: "ipa.vm", value: "{{ ip_allocation.freeipa_base }}" }
# NS for clients
- { zone: "netsoc.co", type: A, record: "ns1", value: "84.39.234.50" }
- { zone: "netsoc.co", type: A, record: "ns2", value: "84.39.234.52" }
# elon
- { zone: "netsoc.co", type: A, record: "elon", value: "143.239.87.40" }
- { zone: "netsoc.co", type: CNAME, record: "ldap", value: "elon.netsoc.co" }
# tesla
- { zone: "netsoc.co", type: A, record: "tesla", value: "143.239.87.41" }
# boole
- { zone: "netsoc.co", type: CNAME, record: "docker", value: "boole.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "portainer", value: "boole.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "sentry", value: "boole.netsoc.co" }
# bigbertha
- { zone: "netsoc.dev", type: CNAME, record: "*.netsoc.dev", value: "bigbertha.netsoc.dev" }
- { zone: "netsoc.dev", type: CNAME, record: "www.*.netsoc.dev", value: "bigbertha.netsoc.dev" }
- { zone: "netsoc.co", type: CNAME, record: "*.netsoc.co", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "www.*.netsoc.co", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.dev", type: CNAME, record: "netsoc.dev", value: "bigbertha.netsoc.dev" }
- { zone: "netsoc.co", type: A, record: "ipa", value: "84.39.234.50" }
- { zone: "netsoc.co", type: CNAME, record: "ci", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "mysql", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "lxd", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "tutorials", value: "blog.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "vault", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "wiki", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "impressive", value: "bigbertha.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "hlm", value: "bigbertha.netsoc.co" }
# constitution
- { zone: "netsoc.co", type: CNAME, record: "constitution", value: "uccnetworkingsociety.github.io" }
- { zone: "netsoc.co", type: CNAME, record: "*.evan.netsoc.co", value: "leela.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "www.*.evan.netsoc.co", value: "leela.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "unf2b", value: "leela.netsoc.co" }
# lovelace
- { zone: "netsoc.dev", type: CNAME, record: "pterodactyl-daemon", value: "lovelace.netsoc.dev" }
- { zone: "netsoc.co", type: CNAME, record: "pterodactyl-daemon", value: "lovelace.netsoc.co" }
- { zone: "netsoc.co", type: CNAME, record: "minecraft", value: "feynman.netsoc.co" }
- { zone: "netsoc.co", type: TXT, record: "_dmarc", value: "v=DMARC1; p=none" }
- { zone: "netsoc.co", type: TXT, record: "netsoc.co", value: "v=spf1 mx include:zoho.com include:u1980078.wl.sendgrid.net -all" }
- { zone: "netsoc.co", type: TXT, record: "zoho._domainkey.netsoc.co", value: "k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCB3sWPAMJHYvSCWEueINNaIsPy4OeAQgFsm3y+IcOSUcXJUhHr+LrYGuD9SZzIEh0ekm0Usm73gRz4LgGYfeZ9SXbR3H1LupOETGym0FRRQnAjnXI9L/wfaOzYwbpKm04lhpbobhAwrtsUcgMyo+wmEByM3AR25+YDmlUuijmNTwIDAQAB" }
# "floating" CNAMEs
- { zone: "netsoc.co", type: CNAME, record: "userdomains", value: "leela.netsoc.co" }
# MX
- { zone: "netsoc.co", type: MX, record: "netsoc.co", value: "mx.zoho.com" }
- { zone: "netsoc.co", type: MX, record: "netsoc.co", value: "mx2.zoho.com" }
- name: "Add Minecraft SRV record"
cloudflare_dns:
zone: "netsoc.co"
type: "SRV"
proto: "tcp"
service: "minecraft"
port: 1194
priority: 0
weight: 5
value: "minecraft.netsoc.co"
state: present
account_email: "{{ cloudflare_api_email }}"
account_api_token: "{{ cloudflare_api_key }}"