From 30107f91a8d7807fb0c94a864888656c2d639332 Mon Sep 17 00:00:00 2001
From: ducoterra <git@ducoterra.net>
Date: Thu, 6 Jun 2024 20:37:23 -0400
Subject: [PATCH] add ddns service

---
 ddns/README.md            |  6 ++++
 ddns/ddns.service         |  5 ++++
 ddns/ddns.sh              | 11 ++++++++
 ddns/ddns.timer           | 11 ++++++++
 ddns/install_ddns.yaml    | 59 +++++++++++++++++++++++++++++++++++++++
 ddns/record_template.json | 31 ++++++++++++++++++++
 ddns/vars.yaml            |  2 ++
 7 files changed, 125 insertions(+)
 create mode 100644 ddns/README.md
 create mode 100644 ddns/ddns.service
 create mode 100755 ddns/ddns.sh
 create mode 100644 ddns/ddns.timer
 create mode 100644 ddns/install_ddns.yaml
 create mode 100644 ddns/record_template.json
 create mode 100644 ddns/vars.yaml

diff --git a/ddns/README.md b/ddns/README.md
new file mode 100644
index 0000000..5d5924d
--- /dev/null
+++ b/ddns/README.md
@@ -0,0 +1,6 @@
+# DDNS Service
+
+This requires the aws cli to be installed on each node with credentials that can modify
+records in route53.
+
+<https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html>
diff --git a/ddns/ddns.service b/ddns/ddns.service
new file mode 100644
index 0000000..9d8e7c9
--- /dev/null
+++ b/ddns/ddns.service
@@ -0,0 +1,5 @@
+[Unit]
+Description=Updates the {{ fqdn }} and *.{{ fqdn }} record with the current public IPV4 address
+
+[Service]
+ExecStart=/usr/local/scripts/ddns.sh
diff --git a/ddns/ddns.sh b/ddns/ddns.sh
new file mode 100755
index 0000000..71187f9
--- /dev/null
+++ b/ddns/ddns.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Get public IP address (there are many ways to do it, I picked this way)
+PUBLIC_IP=$(curl -4 ifconfig.me)
+# Update *.{{ fqdn }} and {{ fqdn }}
+cat /etc/ddns/record_template.json \
+  | jq '.Changes[0].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IP'"' \
+  | jq '.Changes[1].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IP'"' \
+   > /etc/ddns/record.json
+# aws cli to update a record
+aws route53 change-resource-record-sets --hosted-zone-id {{ hosted_zone_id }} --change-batch file:///etc/ddns/record.json
diff --git a/ddns/ddns.timer b/ddns/ddns.timer
new file mode 100644
index 0000000..efd7c9e
--- /dev/null
+++ b/ddns/ddns.timer
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run ddns service every hour
+
+[Timer]
+OnCalendar=hourly
+AccuracySec=10min
+Persistent=true
+Unit=ddns.service
+
+[Install]
+WantedBy=timers.target
diff --git a/ddns/install_ddns.yaml b/ddns/install_ddns.yaml
new file mode 100644
index 0000000..00099b6
--- /dev/null
+++ b/ddns/install_ddns.yaml
@@ -0,0 +1,59 @@
+- name: Update nginx stream configuration
+  hosts: colors
+  become: true
+  become_user: root
+  become_method: sudo
+  vars_files:
+    - vars.yaml
+  tasks:
+  - name: Ensure moreutils, jq is installed
+    ansible.builtin.dnf:
+      name:
+        - moreutils
+        - jq
+      state: present
+  - name: Create /usr/local/scripts dir
+    ansible.builtin.file:
+      path: /usr/local/scripts
+      state: directory
+      mode: '0755'
+  - name: Copy ddns.sh
+    template:
+      src: ddns.sh
+      dest: /usr/local/scripts/ddns.sh
+      owner: root
+      group: root
+      mode: '0755'
+  - name: Create /etc/ddns dir
+    ansible.builtin.file:
+      path: /etc/ddns
+      state: directory
+      mode: '0755'
+  - name: Copy record_template.json
+    template:
+      src: record_template.json
+      dest: /etc/ddns/record_template.json
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy ddns.service
+    template:
+      src: ddns.service
+      dest: /etc/systemd/system/ddns.service
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy ddns.timer
+    template:
+      src: ddns.timer
+      dest: /etc/systemd/system/ddns.timer
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Run ddns script
+    ansible.builtin.shell: /usr/local/scripts/ddns.sh
+  - name: Reload ddns timer
+    ansible.builtin.systemd_service:
+      state: restarted
+      name: ddns.timer
+      enabled: true
diff --git a/ddns/record_template.json b/ddns/record_template.json
new file mode 100644
index 0000000..8cc3aea
--- /dev/null
+++ b/ddns/record_template.json
@@ -0,0 +1,31 @@
+{
+  "Comment": "Update Public IPV4 Address",
+  "Changes": [
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "*.{{ fqdn }}.",
+        "Type": "A",
+        "TTL": 300,
+        "ResourceRecords": [
+          {
+            "Value": ""
+          }
+        ]
+      }
+    },
+    {
+        "Action": "UPSERT",
+        "ResourceRecordSet": {
+          "Name": "{{ fqdn }}.",
+          "Type": "A",
+          "TTL": 300,
+          "ResourceRecords": [
+            {
+              "Value": ""
+            }
+          ]
+        }
+      }
+  ]
+}
diff --git a/ddns/vars.yaml b/ddns/vars.yaml
new file mode 100644
index 0000000..0619240
--- /dev/null
+++ b/ddns/vars.yaml
@@ -0,0 +1,2 @@
+hosted_zone_id: Z012820733346FJ0U4FUF
+fqdn: reeseapps.com