2021-01-09 17:54:42 +00:00
|
|
|
- name: Test if k8s TSIG key exists
|
|
|
|
shell: grep -c "k8s_tsig" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
|
|
|
|
register: k8s_tsig_test_grep
|
|
|
|
|
|
|
|
- name: Test if ddclinet TSIG key exists
|
|
|
|
shell: grep -c "ddclient_tsig" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
|
|
|
|
register: ddclient_tsig_test_grep
|
|
|
|
|
|
|
|
- name: Test if ddclinet TSIG key exists
|
|
|
|
shell: grep -c "ddclient_tsig_public_key_base64" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
|
|
|
|
register: ddclient_tsig_public_key_test_grep
|
|
|
|
|
|
|
|
- name: Test if ddclinet TSIG key exists
|
|
|
|
shell: grep -c "ddclient_tsig_private_key_base64" "{{ inventory_dir }}/group_vars/all/passwords.yaml" || true
|
|
|
|
register: ddclient_tsig_private_key_test_grep
|
|
|
|
|
|
|
|
- name: Generate k8s TSIG key for Knot DNS
|
|
|
|
docker_container:
|
|
|
|
name: keymgr
|
|
|
|
image: "{{ docker_registry }}/tsig"
|
|
|
|
cleanup: true
|
|
|
|
detach: false
|
|
|
|
container_default_behavior: no_defaults
|
|
|
|
command: "keymgr -t k8s hmac-sha512"
|
|
|
|
register: knot_container_output
|
|
|
|
when: k8s_tsig_test_grep.stdout == '0'
|
|
|
|
|
2024-05-05 20:04:47 +00:00
|
|
|
- debug:
|
|
|
|
msg: "{{ knot_container_output }}"
|
|
|
|
|
2021-01-09 17:54:42 +00:00
|
|
|
- name: Set k8s_key
|
|
|
|
set_fact:
|
2024-05-05 20:04:47 +00:00
|
|
|
k8s_key: "{{ knot_container_output.container.Output | from_yaml }}"
|
2021-01-09 17:54:42 +00:00
|
|
|
when: k8s_tsig_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Show k8s TSIG key
|
|
|
|
debug:
|
|
|
|
msg: "Knot k8s key: {{ k8s_key['key'][0]['secret'] }}"
|
|
|
|
when: k8s_tsig_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Write TSIG for Kubernetes
|
|
|
|
lineinfile:
|
|
|
|
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
|
|
|
|
line: "k8s_tsig: \"{{ k8s_key['key'][0]['secret'] }}\""
|
|
|
|
when: k8s_tsig_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Generate TSIG key for ddclient
|
|
|
|
docker_container:
|
|
|
|
name: ddclient
|
|
|
|
image: "{{ docker_registry }}/tsig"
|
|
|
|
cleanup: true
|
|
|
|
detach: false
|
|
|
|
container_default_behavior: no_defaults
|
|
|
|
command: "bash tsig-key.sh {{ namespace }}"
|
|
|
|
register: ddclient_container_output
|
|
|
|
when: ddclient_tsig_public_key_test_grep.stdout == '0' or ddclient_tsig_private_key_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Set ddclient_key
|
|
|
|
set_fact:
|
2024-05-05 20:04:47 +00:00
|
|
|
ddclient_key: "{{ ddclient_container_output.container.Output | from_yaml }}"
|
2021-01-09 17:54:42 +00:00
|
|
|
when: ddclient_tsig_public_key_test_grep.stdout == '0' or ddclient_tsig_private_key_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Show ddclient TSIG public key file
|
|
|
|
debug:
|
|
|
|
msg: "ddclient key: {{ ddclient_key['tsig'][0]['key'] | b64decode }}"
|
|
|
|
verbosity: 2
|
|
|
|
when: ddclient_tsig_public_key_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Show ddclient TSIG private key file
|
|
|
|
debug:
|
|
|
|
msg: "ddclient key: {{ ddclient_key['tsig'][0]['private'] | b64decode }}"
|
|
|
|
verbosity: 2
|
|
|
|
when: ddclient_tsig_private_key_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Write ddclient TSIG public key file in base64
|
|
|
|
lineinfile:
|
|
|
|
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
|
|
|
|
line: "ddclient_tsig_public_key_base64: \"{{ ddclient_key['tsig'][0]['key'] }}\""
|
|
|
|
when: ddclient_tsig_public_key_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Write ddclient TSIG private key file in base64
|
|
|
|
lineinfile:
|
|
|
|
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
|
|
|
|
line: "ddclient_tsig_private_key_base64: \"{{ ddclient_key['tsig'][0]['private'] }}\""
|
|
|
|
when: ddclient_tsig_private_key_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Set ddclient TSIG key
|
|
|
|
set_fact:
|
|
|
|
ddclient_tsig_key: "{{ ddclient_key['tsig'][0]['private'] | b64decode | from_yaml }}"
|
|
|
|
when: ddclient_tsig_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Show ddclient TSIG key
|
|
|
|
debug:
|
|
|
|
msg: "{{ ddclient_tsig_key }}"
|
|
|
|
verbosity: 2
|
|
|
|
when: ddclient_tsig_test_grep.stdout == '0'
|
|
|
|
|
|
|
|
- name: Write ddclient TSIG key
|
|
|
|
lineinfile:
|
|
|
|
path: "{{ inventory_dir }}/group_vars/all/passwords.yaml"
|
|
|
|
line: "ddclient_tsig: \"{{ ddclient_tsig_key['Key'] }}\""
|
|
|
|
when: ddclient_tsig_test_grep.stdout == '0'
|