kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-16 00:47:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implmented dev mode für cloudflare

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-08-10 12:18:17 +02:00
parent 2fd83eaf55
commit fdceb0f792
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
6 changed files with 87 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Todo.md
View File

@ -1,4 +1,3 @@
# Todos # Todos
- Implement multi language - Implement multi language
- Implement rbac administration interface - Implement rbac administration interface
- Implement [cloudflare dev cache via API](https://chatgpt.com/share/689385e2-7744-800f-aa93-a6e811a245df)

35
roles/srv-proxy-6-6-domain/tasks/01_cloudflare.yml Normal file
View File

@ -0,0 +1,35 @@
- name: "Ensure Cloudflare Zone ID is known for {{ domain }}"
vars:
cf_api_url: "https://api.cloudflare.com/client/v4/zones"
ansible.builtin.uri:
url: "{{ cf_api_url }}?name={{ domain | to_primary_domain }}"
method: GET
headers:
Authorization: "Bearer {{ certbot_dns_api_token }}"
Content-Type: "application/json"
return_content: yes
register: cf_zone_lookup_dev
when:
- cf_zone_id is not defined
- name: "Set fact cf_zone_id (if not already set)"
set_fact:
cf_zone_id: "{{ cf_zone_lookup_dev.json.result[0].id }}"
when:
- cf_zone_id is not defined
- cf_zone_lookup_dev.json.result | length > 0
- name: "Fail if no Cloudflare zone found for {{ domain | to_primary_domain }}"
ansible.builtin.fail:
msg: "No Cloudflare zone found for {{ domain | to_primary_domain }} — aborting!"
when:
- cf_zone_id is not defined
- cf_zone_lookup_dev.json.result | length == 0
- name: activate cloudflare cache development mode
include_tasks: "cloudflare/02_enable_cf_dev_mode.yml"
when: (INFINITO_ENVIRONMENT | lower) == 'development'
- name: purge cloudflare domain cache
include_tasks: "cloudflare/01_cleanup.yml"
when: mode_cleanup | bool

33
roles/srv-proxy-6-6-domain/tasks/cleanup.yml
View File

@ -1,33 +0,0 @@
- name: "Lookup Cloudflare Zone ID for {{ domain }}"
vars:
cf_api_url: "https://api.cloudflare.com/client/v4/zones"
ansible.builtin.uri:
url: "{{ cf_api_url }}?name={{ domain | to_primary_domain }}"
method: GET
headers:
Authorization: "Bearer {{ certbot_dns_api_token }}"
Content-Type: "application/json"
return_content: yes
register: cf_zone_lookup
when: dns_provider == "cloudflare"
- name: "Set fact cf_zone_id"
set_fact:
cf_zone_id: "{{ cf_zone_lookup.json.result[0].id }}"
when:
- dns_provider == "cloudflare"
- cf_zone_lookup.json.result | length > 0
- name: "Purge everything from Cloudflare cache for domain {{ domain }}"
ansible.builtin.uri:
url: "https://api.cloudflare.com/client/v4/zones/{{ cf_zone_id }}/purge_cache"
method: POST
headers:
Authorization: "Bearer {{ certbot_dns_api_token }}"
Content-Type: "application/json"
body:
purge_everything: true
body_format: json
return_content: yes
register: cf_purge
when: dns_provider == "cloudflare"

12
roles/srv-proxy-6-6-domain/tasks/cloudflare/01_cleanup.yml Normal file
View File

@ -0,0 +1,12 @@
- name: "Purge everything from Cloudflare cache for domain {{ domain }}"
ansible.builtin.uri:
url: "https://api.cloudflare.com/client/v4/zones/{{ cf_zone_id }}/purge_cache"
method: POST
headers:
Authorization: "Bearer {{ certbot_dns_api_token }}"
Content-Type: "application/json"
body:
purge_everything: true
body_format: json
return_content: yes
register: cf_purge

35
roles/srv-proxy-6-6-domain/tasks/cloudflare/02_enable_cf_dev_mode.yml Normal file
View File

@ -0,0 +1,35 @@
# roles/srv-proxy-6-6-domain/tasks/02_enable_cf_dev_mode.yml
---
# Enables Cloudflare Development Mode (bypasses cache for ~3 hours).
# Uses the same auth token as in 01_cleanup.yml: certbot_dns_api_token
# Assumes `domain` and (optionally) `cf_zone_id` are available.
# Safe to run repeatedly; only changes when the mode is not already "on".
- name: "Read current Cloudflare development_mode setting"
ansible.builtin.uri:
url: "https://api.cloudflare.com/client/v4/zones/{{ cf_zone_id }}/settings/development_mode"
method: GET
headers:
Authorization: "Bearer {{ certbot_dns_api_token }}"
Content-Type: "application/json"
return_content: yes
register: cf_dev_mode_current
- name: "Enable Cloudflare Development Mode"
ansible.builtin.uri:
url: "https://api.cloudflare.com/client/v4/zones/{{ cf_zone_id }}/settings/development_mode"
method: PATCH
headers:
Authorization: "Bearer {{ certbot_dns_api_token }}"
Content-Type: "application/json"
body:
value: "on"
body_format: json
return_content: yes
register: cf_dev_mode_enable
changed_when: >
cf_dev_mode_current.json.result.value is defined and
cf_dev_mode_current.json.result.value != 'on'
when:
- cf_zone_id is defined
- cf_dev_mode_current.json.result.value | default('off') != 'on'

7
roles/srv-proxy-6-6-domain/tasks/main.yml
View File

@ -1,7 +1,8 @@
# run_once_srv_proxy_6_6_domain: deactivated # run_once_srv_proxy_6_6_domain: deactivated
- name: Cleanup Domain
include_tasks: cleanup.yml - block:
when: mode_cleanup | bool - include_tasks: "01_cloudflare.yml"
when: dns_provider == "cloudflare"
- include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml" - include_tasks: "{{ playbook_dir }}/tasks/utils/load_handlers.yml"
vars: vars: