diff --git a/README.md b/README.md index 1741af9..31bff9d 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,18 @@ # cfdns -Sample Ansible role to create CloudFlare DNS records +Sample Ansible role to create/remove CloudFlare DNS records ## Requirements -1) See `roles/defaults/vars.yml` for sample DNS zone entry definitions -- change/remove these as desired +1) See `roles/create-records/vars/sample.yml` for sample DNS zone entry definitions -- change these as desired + +To add a domain, define it in the `domains` list in `play.yml`. + +This will load the correlating file at `roles/create-records/vars/{{domain}}.yml`. + +The symbolic link `./domains` was provided to make these files more accessible, not used for function -- can be removed. + +_TODO_: Load files created here dynamically 2) Your CloudFlare email address and API key must be stored in `~/.cloudflare.yml` like so for authentication: ``` diff --git a/ansible.cfg b/ansible.cfg index 56bf283..07bb4c6 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,2 +1,4 @@ [defaults] nocows=True +localhost_warning=False +gathering=smart \ No newline at end of file diff --git a/domains b/domains index 9d33abd..7fe77e7 120000 --- a/domains +++ b/domains @@ -1 +1 @@ -roles/create-records/vars \ No newline at end of file +roles/manage-records/vars \ No newline at end of file diff --git a/play.yml b/play.yml index 89e1f37..ce916f7 100644 --- a/play.yml +++ b/play.yml @@ -2,13 +2,15 @@ - name: create cloudflare dns records hosts: localhost connection: local - gather_facts: smart vars: domains: - sampledomain.local tasks: - - name: "enforce state for {{item}}" + - name: import cloudflare creds + include_vars: + file: "~/.cloudflare.yml" + - name: "manage-records: include role" include_role: - name: create-records + name: manage-records vars_from: "{{item}}" with_items: "{{domains}}" diff --git a/roles/create-records/vars/sample.yml b/roles/create-records/vars/sample.yml deleted file mode 100644 index 9e406be..0000000 --- a/roles/create-records/vars/sample.yml +++ /dev/null @@ -1,8 +0,0 @@ -domain: sampledomain.local -records: - - name: 'subdomain' - value: '127.0.0.1' - type: A - - name: 'subdomain' - value: '::1' - type: AAAA diff --git a/roles/create-records/tasks/main.yml b/roles/manage-records/tasks/main.yml similarity index 56% rename from roles/create-records/tasks/main.yml rename to roles/manage-records/tasks/main.yml index dbb97db..f43aaf5 100644 --- a/roles/create-records/tasks/main.yml +++ b/roles/manage-records/tasks/main.yml @@ -1,20 +1,15 @@ --- -- name: import cloudflare creds - include_vars: - file: "~/.cloudflare.yml" - -- name: "create records ({{domain}})" +- name: "manage records for ({{ domain }})" cloudflare_dns: zone: "{{ domain }}" record: "{{ record.name }}" value: "{{ record.value }}" type: "{{ record.type }}" - solo: yes - state: present + solo: "{{ 'yes' if record.state in ['present'] | default(false) else omit }}" + state: "{{ record.state }}" # don't assume / set a default, require explicit instruction account_email: "{{ cf_email }}" account_api_token: "{{ cf_token }}" loop: "{{ records }}" loop_control: loop_var: record - when: (item.state is undefined) or (not item.state == 'absent') diff --git a/roles/manage-records/vars/sampledomain.local.yml b/roles/manage-records/vars/sampledomain.local.yml new file mode 100644 index 0000000..eae1960 --- /dev/null +++ b/roles/manage-records/vars/sampledomain.local.yml @@ -0,0 +1,10 @@ +domain: sampledomain.local +records: + - name: 'subdomain' # create a silly localhost subdomain.sampledomain.local A record (IPv4) + value: '127.0.0.1' + type: A + state: present + - name: 'subdomain' # remove equally silly subdomain.sampledomain.local AAAA record (IPv6 local) + value: '::1' + type: AAAA + state: absent