diff --git a/README.md b/README.md index 31bff9d..1741af9 100644 --- a/README.md +++ b/README.md @@ -1,18 +1,10 @@ # cfdns -Sample Ansible role to create/remove CloudFlare DNS records +Sample Ansible role to create CloudFlare DNS records ## Requirements -1) See `roles/create-records/vars/sample.yml` for sample DNS zone entry definitions -- change these as desired - -To add a domain, define it in the `domains` list in `play.yml`. - -This will load the correlating file at `roles/create-records/vars/{{domain}}.yml`. - -The symbolic link `./domains` was provided to make these files more accessible, not used for function -- can be removed. - -_TODO_: Load files created here dynamically +1) See `roles/defaults/vars.yml` for sample DNS zone entry definitions -- change/remove these as desired 2) Your CloudFlare email address and API key must be stored in `~/.cloudflare.yml` like so for authentication: ``` diff --git a/ansible.cfg b/ansible.cfg index 07bb4c6..56bf283 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,4 +1,2 @@ [defaults] nocows=True -localhost_warning=False -gathering=smart \ No newline at end of file diff --git a/domains b/domains index 7fe77e7..9d33abd 120000 --- a/domains +++ b/domains @@ -1 +1 @@ -roles/manage-records/vars \ No newline at end of file +roles/create-records/vars \ No newline at end of file diff --git a/play.yml b/play.yml index ce916f7..89e1f37 100644 --- a/play.yml +++ b/play.yml @@ -2,15 +2,13 @@ - name: create cloudflare dns records hosts: localhost connection: local + gather_facts: smart vars: domains: - sampledomain.local tasks: - - name: import cloudflare creds - include_vars: - file: "~/.cloudflare.yml" - - name: "manage-records: include role" + - name: "enforce state for {{item}}" include_role: - name: manage-records + name: create-records vars_from: "{{item}}" with_items: "{{domains}}" diff --git a/roles/manage-records/tasks/main.yml b/roles/create-records/tasks/main.yml similarity index 56% rename from roles/manage-records/tasks/main.yml rename to roles/create-records/tasks/main.yml index f43aaf5..dbb97db 100644 --- a/roles/manage-records/tasks/main.yml +++ b/roles/create-records/tasks/main.yml @@ -1,15 +1,20 @@ --- -- name: "manage records for ({{ domain }})" +- name: import cloudflare creds + include_vars: + file: "~/.cloudflare.yml" + +- name: "create records ({{domain}})" cloudflare_dns: zone: "{{ domain }}" record: "{{ record.name }}" value: "{{ record.value }}" type: "{{ record.type }}" - solo: "{{ 'yes' if record.state in ['present'] | default(false) else omit }}" - state: "{{ record.state }}" # don't assume / set a default, require explicit instruction + solo: yes + state: present account_email: "{{ cf_email }}" account_api_token: "{{ cf_token }}" loop: "{{ records }}" loop_control: loop_var: record + when: (item.state is undefined) or (not item.state == 'absent') diff --git a/roles/create-records/vars/sample.yml b/roles/create-records/vars/sample.yml new file mode 100644 index 0000000..9e406be --- /dev/null +++ b/roles/create-records/vars/sample.yml @@ -0,0 +1,8 @@ +domain: sampledomain.local +records: + - name: 'subdomain' + value: '127.0.0.1' + type: A + - name: 'subdomain' + value: '::1' + type: AAAA diff --git a/roles/manage-records/vars/sampledomain.local.yml b/roles/manage-records/vars/sampledomain.local.yml deleted file mode 100644 index eae1960..0000000 --- a/roles/manage-records/vars/sampledomain.local.yml +++ /dev/null @@ -1,10 +0,0 @@ -domain: sampledomain.local -records: - - name: 'subdomain' # create a silly localhost subdomain.sampledomain.local A record (IPv4) - value: '127.0.0.1' - type: A - state: present - - name: 'subdomain' # remove equally silly subdomain.sampledomain.local AAAA record (IPv6 local) - value: '::1' - type: AAAA - state: absent