mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-31 18:29:21 +00:00
Kevin Veen-Birkenbach
96ded68ef4
- Added 'solo' flag support for A/AAAA, CNAME/MX/TXT, and SRV records in sys-dns-cloudflare-records. - Simplified sys-svc-dns: removed NS management tasks and CLOUDFLARE_NAMESERVERS default. - Renamed 03_apex.yml back to 02_apex.yml, adjusted AAAA task name. - Updated web-app-bluesky DNS tasks: marked critical records with 'solo'. - Updated web-app-mailu DNS tasks: removed cleanup block, enforced 'solo' on all records. - Adjusted constructor stage to call domain_mappings with AUTO_BUILD_ALIASES parameter. Conversation: https://chatgpt.com/share/68cd20d8-9ba8-800f-b070-f7294f072c40
33 lines
3.6 KiB
YAML
33 lines
3.6 KiB
YAML
- name: "DNS (Cloudflare) for Mailu"
|
|
include_role:
|
|
name: sys-dns-cloudflare-records
|
|
when: DNS_PROVIDER | lower == 'cloudflare'
|
|
vars:
|
|
cloudflare_async_enabled: "{{ ASYNC_ENABLED | bool }}"
|
|
cloudflare_async_time: "{{ ASYNC_TIME }}"
|
|
cloudflare_async_poll: "{{ ASYNC_POLL }}"
|
|
cloudflare_no_log: "{{ MASK_CREDENTIALS_IN_LOGS | bool }}"
|
|
cloudflare_records:
|
|
- { type: A, zone: "{{ MAILU_HOSTNAME_DNS_ZONE }}", name: "{{ MAILU_HOSTNAME }}", solo: true, content: "{{ MAILU_IP4_PUBLIC }}", proxied: false }
|
|
# - { type: AAAA, zone: "{{ MAILU_HOSTNAME_DNS_ZONE }}", name: "{{ MAILU_HOSTNAME }}", content: "{{ MAILU_IP6_PUBLIC }}", proxied: false }
|
|
- { type: CNAME, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "autoconfig.{{ MAILU_DOMAIN_DNS_ZONE }}", solo: true, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: MX, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, value: "{{ MAILU_HOSTNAME }}", priority: 10 }
|
|
- { type: TXT, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, value: '"v=spf1 mx a:{{ MAILU_HOSTNAME }} ~all"' }
|
|
- { type: TXT, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "_dmarc.{{ MAILU_DOMAIN_DNS_ZONE }}", solo: true, value: '"v=DMARC1; p=reject; ruf=mailto:{{ MAILU_DMARC_RUF }}; adkim=s; aspf=s"' }
|
|
- { type: TXT, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "dkim._domainkey.{{ MAILU_DOMAIN_DNS_ZONE }}", solo: true, value: '"{{ mailu_dkim_public_key }}"' }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_submission", proto: "_tcp", priority: 20, weight: 1, port: 587, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_submissions", proto: "_tcp", priority: 20, weight: 1, port: 465, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_imaps", proto: "_tcp", priority: 20, weight: 1, port: 993, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_imap", proto: "_tcp", priority: 20, weight: 1, port: 143, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_pop3s", proto: "_tcp", priority: 20, weight: 1, port: 995, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_pop3", proto: "_tcp", priority: 20, weight: 1, port: 110, value: "{{ MAILU_HOSTNAME }}" }
|
|
- { type: SRV, zone: "{{ MAILU_DOMAIN_DNS_ZONE }}", name: "{{ MAILU_DOMAIN }}", solo: true, service: "_autodiscover", proto: "_tcp", priority: 20, weight: 1, port: 443, value: "{{ MAILU_HOSTNAME }}" }
|
|
|
|
- name: "rDNS (Hetzner Cloud) for Mailu"
|
|
include_role:
|
|
name: sys-dns-hetzner-rdns
|
|
when: HOSTING_PROVIDER | lower == 'hetzner'
|
|
vars:
|
|
rdns_records:
|
|
- { resource: "server", ip_address: "{{ MAILU_IP4_PUBLIC }}", dns_ptr: "{{ MAILU_HOSTNAME }}" }
|
|
# - { resource: "server", ip_address: "{{ MAILU_IP6_PUBLIC | default('') }}", dns_ptr: "{{ MAILU_HOSTNAME }}" } |