mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-18 09:45:03 +02:00
Kevin Veen-Birkenbach
2620ee088e
- replaced CERTBOT_DNS_API_TOKEN with CLOUDFLARE_API_TOKEN everywhere - introduced generic sys-dns-cloudflare-records role for managing DNS records - added sys-dns-hetzner-rdns role with both Cloud (hcloud) and Robot API flavors - updated Mailu role to: - generate DKIM before DNS setup - delegate DNS + rDNS records to the new generic roles - removed legacy per-role Cloudflare vars (MAILU_CLOUDFLARE_API_TOKEN) - extended group vars with HOSTING_PROVIDER for rDNS flavor decision - added hetzner.hcloud collection to requirements This consolidates DNS management into reusable roles, supports both Cloudflare and Hetzner providers, and standardizes variable naming across the project.
28 lines
1001 B
YAML
28 lines
1001 B
YAML
- block:
|
|
- name: Include dependency 'srv-web-7-4-core'
|
|
include_role:
|
|
name: srv-web-7-4-core
|
|
when: run_once_srv_web_7_4_core is not defined
|
|
- include_tasks: utils/run_once.yml
|
|
when: run_once_web_opt_rdr_www is not defined
|
|
|
|
- name: Filter www-prefixed domains from current_play_domains_all
|
|
set_fact:
|
|
www_domains: "{{ current_play_domains_all | select('match', '^www\\.') | list }}"
|
|
|
|
- name: Include web-opt-rdr-domains role for www-to-bare redirects
|
|
include_role:
|
|
name: web-opt-rdr-domains
|
|
vars:
|
|
domain_mappings: "{{ www_domains | map('regex_replace', '^www\\.(.+)$', '{ source: \"www.\\1\", target: \"\\1\" }') | map('from_yaml') | list }}"
|
|
|
|
- name: Include DNS role to set redirects
|
|
include_role:
|
|
name: srv-web-7-7-dns-records
|
|
vars:
|
|
CLOUDFLARE_API_TOKEN: "{{ CLOUDFLARE_API_TOKEN }}"
|
|
cloudflare_domains: "{{ www_domains }}"
|
|
cloudflare_target_ip: "{{ networks.internet.ip4 }}"
|
|
cloudflare_proxied: false
|
|
when: DNS_PROVIDER == 'cloudflare'
|