diff --git a/group_vars/all/vars.yml b/group_vars/all/vars.yml index 028e9fd..d91fdcb 100644 --- a/group_vars/all/vars.yml +++ b/group_vars/all/vars.yml @@ -74,9 +74,10 @@ users: sudo: yes docker: yes -# Data for DD24 dyndns updates +# Data for dyndns updates dyndns_domain: "dyndns.n39.eu" dyndns_password: "{{ vault_dyndns_password }}" +dyndns_token: "{{ vault_dyndns_token }}" # Shared influxdb items influxdb_org: "netz39" diff --git a/group_vars/all/vault b/group_vars/all/vault index 1e42948..255971a 100644 --- a/group_vars/all/vault +++ b/group_vars/all/vault @@ -1,7 +1,10 @@ $ANSIBLE_VAULT;1.1;AES256 -34303066383937623831333466333965323161376134353838346235323662373164303163363734 -3134626237346361656533636161363331666537633538380a613761643431356530343663626666 -62646361316364333533316638646261373661633863363733366337373338336565366536386237 -3138646266613837310a396139363830613463393861336161363533343362383462623265356563 -31333862613937306463353130316365636634353862363039663762326263313366363530636631 -3630653638333831303432316266633833643739643533353536 +37306233306262383862373661626635346436316265663162343433303432653536376632316439 +6336396564613232363337303266643965346333396331620a316536636666393461353633366466 +39333362306166376462353739626139623835326461373834303330346538366637626363306438 +3033376133373330330a356236396366643938323666663836643738386337373362323933623838 +30316663646134623232336563343562393037363463303739626464633461323539306261316638 +61343330626263393065636230303632663965653939373437386561656539646533653661613236 +35326334313232633738633933653939383830636361373938373864643133363539623734646435 +32336630613231353337336466646164373734386539653936313865316336616264373061633139 +3839 diff --git a/host-pottwal.yml b/host-pottwal.yml index a7da2b3..8d7ea6d 100644 --- a/host-pottwal.yml +++ b/host-pottwal.yml @@ -28,6 +28,8 @@ - role: ansible-role-dehydrated_cron - role: dd24_dyndns_cron # variables are set in the inventory + - role: desec_dyndns_cron + # variables are set in the inventory - role: cleanuri vars: cleanuri_ui_domain: uritools.n39.eu diff --git a/roles/desec_dyndns_cron/defaults/main.yml b/roles/desec_dyndns_cron/defaults/main.yml new file mode 100644 index 0000000..59fc031 --- /dev/null +++ b/roles/desec_dyndns_cron/defaults/main.yml @@ -0,0 +1,4 @@ +# desec.io Cron configuration +--- +dyndns_domain: www.example.com +dyndns_token: yourtoken diff --git a/roles/desec_dyndns_cron/handlers/main.yml b/roles/desec_dyndns_cron/handlers/main.yml new file mode 100644 index 0000000..76bb1a9 --- /dev/null +++ b/roles/desec_dyndns_cron/handlers/main.yml @@ -0,0 +1,10 @@ +# handlers file for desec_dyndns_cron +--- +- name: reload cron + ansible.builtin.shell: + cmd: service cron reload + warn: no +# Use the shell call because the task sometimes has problems finding the service state +# service: +# name: cron +# state: restarted diff --git a/roles/desec_dyndns_cron/tasks/main.yml b/roles/desec_dyndns_cron/tasks/main.yml new file mode 100644 index 0000000..d389fb7 --- /dev/null +++ b/roles/desec_dyndns_cron/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: Make sure cron and curl are installed + apt: + name: + - cron + - curl + state: present + +- name: Setup cron file for desec.io updates + ansible.builtin.template: + src: "templates/desec-dyndns.cron.j2" + dest: "/etc/cron.d/desec-dyndns" + owner: root + group: root + mode: "0644" + notify: reload cron + # There is ansible.builtin.cron, but this makes configuration much + # more complicated, so we stick to the template. diff --git a/roles/desec_dyndns_cron/templates/desec-dyndns.cron.j2 b/roles/desec_dyndns_cron/templates/desec-dyndns.cron.j2 new file mode 100644 index 0000000..32bf8b6 --- /dev/null +++ b/roles/desec_dyndns_cron/templates/desec-dyndns.cron.j2 @@ -0,0 +1,6 @@ +# /etc/cron.d/desec-dyndns: Cron call to renew DynDNS entry + +SHELL=/bin/sh +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin + +*/5 * * * * root curl --silent --show-error --user {{ dyndns_domain }}:{{ dyndns_token }} "https://update.dedyn.io/" > /dev/null 2> >(/usr/bin/logger -p user.error -t desec)