the great migration from truenas to fedora and all its collatoral

systemd/graduated/ddns/README.md

@@ -1,14 +0,0 @@
-# DDNS Service
-
-Since we occasionally need an ipv4 address we'll make one.
-
-This creates and keeps updated `ipv4.reeselink.com`.
-
-This requires the aws cli to be installed on each node with credentials that can modify
-records in route53.
-
-<https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html>
-
-```bash
-ansible-playbook -i ansible/inventory.yaml systemd/graduated/ddns/install_ddns.yaml
-```

systemd/graduated/ddns/ddns.md

@@ -0,0 +1,15 @@
+# DDNS Service
+
+Since we occasionally need an ipv4 address we'll make one.
+
+This creates and keeps updated ipv4 records for reeseapps.com and reeselink.com
+as specified in vars.yaml
+
+**NOTE**: This requires the aws cli to be installed on each node with
+credentials that can modify records in route53. See
+[aws_iam](/cloud/graduated/aws_iam/aws_iam.md) and
+[aws_cli](/cloud/graduated/aws_cli/aws_cli.md)
+
+```bash
+ansible-playbook -i ansible/inventory.yaml systemd/graduated/ddns/install_ddns.yaml
+```

systemd/graduated/ddns/ddns.sh

@@ -1,20 +1,29 @@
 #!/bin/bash
 
 # Get public IP address (there are many ways to do it, I picked this way)
-PUBLIC_IP=$(curl -4 ifconfig.me)
+PUBLIC_IPV4=$(curl -4 ifconfig.me)
+PUBLIC_IPV6=$(curl -6 ifconfig.me)
 
 # Update reeselink records
-cat /etc/ddns/reeselink_record_template.json \
-  | jq '.Changes[0].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IP'"' \
-   > /etc/ddns/reeselink_record.json
+cat /etc/ddns/ipv4_reeselink_record_template.json \
+  | jq '.Changes[0].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IPV4'"' \
+   > /etc/ddns/ipv4_reeselink_record.json
+cat /etc/ddns/ipv6_reeselink_record_template.json \
+  | jq '.Changes[0].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IPV6'"' \
+   > /etc/ddns/ipv6_reeselink_record.json
 
 # Update reeseapps records
-cat /etc/ddns/reeseapps_record_template.json \
-  | jq '.Changes[].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IP'"' \
-   > /etc/ddns/reeseapps_record.json
+cat /etc/ddns/ipv4_reeseapps_record_template.json \
+  | jq '.Changes[].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IPV4'"' \
+   > /etc/ddns/ipv4_reeseapps_record.json
+cat /etc/ddns/ipv6_reeseapps_record_template.json \
+  | jq '.Changes[].ResourceRecordSet.ResourceRecords[0].Value = "'$PUBLIC_IPV6'"' \
+   > /etc/ddns/ipv6_reeseapps_record.json
 
 # Update reeselink records
-aws route53 change-resource-record-sets --hosted-zone-id {{ reeselink_zone_id }} --change-batch file:///etc/ddns/reeselink_record.json
+aws route53 change-resource-record-sets --hosted-zone-id {{ reeselink_zone_id }} --change-batch file:///etc/ddns/ipv4_reeselink_record.json
+aws route53 change-resource-record-sets --hosted-zone-id {{ reeselink_zone_id }} --change-batch file:///etc/ddns/ipv6_reeselink_record.json
 
 # Update reeseapps records
-aws route53 change-resource-record-sets --hosted-zone-id {{ reeseapps_zone_id }} --change-batch file:///etc/ddns/reeseapps_record.json
+aws route53 change-resource-record-sets --hosted-zone-id {{ reeseapps_zone_id }} --change-batch file:///etc/ddns/ipv4_reeseapps_record.json
+aws route53 change-resource-record-sets --hosted-zone-id {{ reeseapps_zone_id }} --change-batch file:///etc/ddns/ipv6_reeseapps_record.json

systemd/graduated/ddns/install_ddns.yaml

@@ -1,5 +1,5 @@
-- name: Update nginx stream configuration
-  hosts: yellow
+- name: Create DDNS Service
+  hosts: 3dserver
   vars_files:
     - vars.yaml
     - secrets/secret_vars.yaml
@@ -27,17 +27,31 @@
       path: /etc/ddns
       state: directory
       mode: '0755'
-  - name: Copy reeseapps_record_template.json
+  - name: Copy IPv4 reeseapps_record_template.json
     template:
-      src: secrets/reeseapps_record_template.json
-      dest: /etc/ddns/reeseapps_record_template.json
+      src: ipv4_reeseapps_record_template.json.j2
+      dest: /etc/ddns/ipv4_reeseapps_record_template.json
       owner: root
       group: root
       mode: '0644'
-  - name: Copy reeselink_record_template.json
+  - name: Copy IPv4 reeselink_record_template.json
     template:
-      src: secrets/reeselink_record_template.json
-      dest: /etc/ddns/reeselink_record_template.json
+      src: ipv4_reeselink_record_template.json.j2
+      dest: /etc/ddns/ipv4_reeselink_record_template.json
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy IPv6 reeseapps_record_template.json
+    template:
+      src: ipv6_reeseapps_record_template.json.j2
+      dest: /etc/ddns/ipv6_reeseapps_record_template.json
+      owner: root
+      group: root
+      mode: '0644'
+  - name: Copy IPv6 reeselink_record_template.json
+    template:
+      src: ipv6_reeselink_record_template.json.j2
+      dest: /etc/ddns/ipv6_reeselink_record_template.json
       owner: root
       group: root
       mode: '0644'

systemd/graduated/ddns/ipv4_reeseapps_record_template.json.j2

@@ -0,0 +1,20 @@
+{
+  "Comment": "Update Public IPV4 Address",
+  "Changes": [
+{%- for item in records.reeseapps %}
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "{{ item }}.reeseapps.com",
+        "Type": "A",
+        "TTL": 300,
+        "ResourceRecords": [
+          {
+            "Value": ""
+          }
+        ]
+      }
+    }{{ ", " if not loop.last else "" }}
+{%- endfor %}
+  ]
+}

systemd/graduated/ddns/ipv4_reeselink_record_template.json.j2

@@ -0,0 +1,20 @@
+{
+  "Comment": "Update Public IPV4 Address",
+  "Changes": [
+{%- for item in records.reeselink %}
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "{{ item }}.reeselink.com",
+        "Type": "A",
+        "TTL": 300,
+        "ResourceRecords": [
+          {
+            "Value": ""
+          }
+        ]
+      }
+    }{{ ", " if not loop.last else "" }}
+{%- endfor %}
+  ]
+}

systemd/graduated/ddns/ipv6_reeseapps_record_template.json.j2

@@ -0,0 +1,20 @@
+{
+  "Comment": "Update Public IPV4 Address",
+  "Changes": [
+{%- for item in records.reeseapps %}
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "{{ item }}.reeseapps.com",
+        "Type": "AAAA",
+        "TTL": 300,
+        "ResourceRecords": [
+          {
+            "Value": ""
+          }
+        ]
+      }
+    }{{ ", " if not loop.last else "" }}
+{%- endfor %}
+  ]
+}

systemd/graduated/ddns/ipv6_reeselink_record_template.json.j2

@@ -0,0 +1,20 @@
+{
+  "Comment": "Update Public IPV4 Address",
+  "Changes": [
+{%- for item in records.reeselink %}
+    {
+      "Action": "UPSERT",
+      "ResourceRecordSet": {
+        "Name": "{{ item }}.reeselink.com",
+        "Type": "AAAA",
+        "TTL": 300,
+        "ResourceRecords": [
+          {
+            "Value": ""
+          }
+        ]
+      }
+    }{{ ", " if not loop.last else "" }}
+{%- endfor %}
+  ]
+}

systemd/graduated/ddns/record_template_example.json

@@ -1,19 +0,0 @@
-{
-    "Comment": "Update Public IPV4 Address",
-    "Changes": [
-      {
-          "Action": "UPSERT",
-          "ResourceRecordSet": {
-            "Name": "ipv4.myhost.com",
-            "Type": "A",
-            "TTL": 300,
-            "ResourceRecords": [
-              {
-                "Value": ""
-              }
-            ]
-          }
-      }
-    ]
-  }
-  

systemd/graduated/ddns/vars.yaml

@@ -0,0 +1,7 @@
+records:
+  reeseapps:
+    - nextcloud
+    - gitea
+    - git
+  reeselink:
+    - ipv4