add ddns service

ddns/README.md

@@ -0,0 +1,6 @@
+# DDNS Service
+
+This requires the aws cli to be installed on each node with credentials that can modify
+records in route53.
+
+<https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html>

ddns/ddns.service

@@ -0,0 +1,5 @@
+[Unit]
+Description=Updates the {{ fqdn }} and *.{{ fqdn }} record with the current public IPV4 address
+
+[Service]
+ExecStart=/usr/local/scripts/ddns.sh

ddns/ddns.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+
+# Get public IP address (there are many ways to do it, I picked this way)
+PUBLIC_IP=$(curl -4 ifconfig.me)
+# Update *.{{ fqdn }} and {{ fqdn }}
+cat /etc/ddns/record_template.json \
+  | jq '.Changes[0].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IP'"' \
+  | jq '.Changes[1].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IP'"' \
+   > /etc/ddns/record.json
+# aws cli to update a record
+aws route53 change-resource-record-sets --hosted-zone-id {{ hosted_zone_id }} --change-batch file:///etc/ddns/record.json

ddns/ddns.timer

@@ -0,0 +1,11 @@
+[Unit]
+Description=Run ddns service every hour
+
+[Timer]
+OnCalendar=hourly
+AccuracySec=10min
+Persistent=true
+Unit=ddns.service
+
+[Install]
+WantedBy=timers.target

ddns/install_ddns.yaml

@@ -0,0 +1,59 @@
+- name: Update nginx stream configuration
+  hosts: colors
+  become: true
+  become_user: root
+  become_method: sudo
+  vars_files:
+    - vars.yaml
+  tasks:
+  - name: Ensure moreutils, jq is installed
+    ansible.builtin.dnf:
+      name:
+        - moreutils
+        - jq
+      state: present
+  - name: Create /usr/local/scripts dir
+    ansible.builtin.file:
+      path: /usr/local/scripts
+      state: directory
+      mode: '0755'
+  - name: Copy ddns.sh
+    template:
+      src: ddns.sh
+      dest: /usr/local/scripts/ddns.sh
+      owner: root
+      group: root
+      mode: '0755'
+  - name: Create /etc/ddns dir
+    ansible.builtin.file:
+      path: /etc/ddns
+      state: directory
+      mode: '0755'
+  - name: Copy record_template.json
+    template:
+      src: record_template.json
+      dest: /etc/ddns/record_template.json
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy ddns.service
+    template:
+      src: ddns.service
+      dest: /etc/systemd/system/ddns.service
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy ddns.timer
+    template:
+      src: ddns.timer
+      dest: /etc/systemd/system/ddns.timer
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Run ddns script
+    ansible.builtin.shell: /usr/local/scripts/ddns.sh
+  - name: Reload ddns timer
+    ansible.builtin.systemd_service:
+      state: restarted
+      name: ddns.timer
+      enabled: true

ddns/record_template.json

@@ -0,0 +1,31 @@
+{
+  "Comment": "Update Public IPV4 Address",
+  "Changes": [
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "*.{{ fqdn }}.",
+        "Type": "A",
+        "TTL": 300,
+        "ResourceRecords": [
+          {
+            "Value": ""
+          }
+        ]
+      }
+    },
+    {
+        "Action": "UPSERT",
+        "ResourceRecordSet": {
+          "Name": "{{ fqdn }}.",
+          "Type": "A",
+          "TTL": 300,
+          "ResourceRecords": [
+            {
+              "Value": ""
+            }
+          ]
+        }
+      }
+  ]
+}

ddns/vars.yaml

@@ -0,0 +1,2 @@
+hosted_zone_id: Z012820733346FJ0U4FUF
+fqdn: reeseapps.com