2019-02-11 18:38:41 +01:00
|
|
|
---
|
2019-02-13 14:28:16 +01:00
|
|
|
|
|
|
|
- name: Get nsupdate.key
|
2019-02-11 18:38:41 +01:00
|
|
|
shell: "pdnsutil list-tsig-keys | grep '^acme-{{ inventory_hostname }}. {{ acme_dnskey_algorithm }}'"
|
|
|
|
register: "pdns_key"
|
|
|
|
failed_when: "False"
|
|
|
|
changed_when: "False"
|
|
|
|
delegate_to: "{{ acme_dnskey_server }}"
|
|
|
|
|
|
|
|
- name: Update updatepolicy.aliases
|
|
|
|
lineinfile:
|
|
|
|
path: "/etc/powerdns/updatepolicy.aliases"
|
|
|
|
line: 'alias["{{ inventory_hostname }}."] = {}'
|
|
|
|
delegate_to: "{{ acme_dnskey_server }}"
|
|
|
|
|
|
|
|
- name: Update updatepolicy.aliases
|
|
|
|
lineinfile:
|
|
|
|
path: "/etc/powerdns/updatepolicy.aliases"
|
|
|
|
line: 'alias["{{ inventory_hostname }}."]["{{ item }}."] = "{{ item }}."'
|
2019-05-13 21:00:50 +02:00
|
|
|
loop: "{{ acme_dnskey_san_domains|default([]) }}"
|
2019-02-11 18:38:41 +01:00
|
|
|
delegate_to: "{{ acme_dnskey_server }}"
|
|
|
|
|
|
|
|
- name: Generate nsupdate.key
|
|
|
|
shell: "pdnsutil generate-tsig-key 'acme-{{ inventory_hostname }}.' '{{ acme_dnskey_algorithm }}'"
|
|
|
|
register: "pdns_genkey"
|
|
|
|
when: "pdns_key is defined and pdns_key.rc != 0"
|
|
|
|
delegate_to: "{{ acme_dnskey_server }}"
|
2019-02-13 14:28:16 +01:00
|
|
|
|
2019-02-11 18:38:41 +01:00
|
|
|
- name: Get nsupdate.key again
|
|
|
|
shell: "pdnsutil list-tsig-keys | grep '^acme-{{ inventory_hostname }}. {{ acme_dnskey_algorithm }}'"
|
2019-02-13 15:40:12 +01:00
|
|
|
register: "pdns_nsupdate_key"
|
2019-02-11 18:38:41 +01:00
|
|
|
when: "pdns_genkey is defined"
|
|
|
|
changed_when: "False"
|
|
|
|
delegate_to: "{{ acme_dnskey_server }}"
|
|
|
|
|
|
|
|
- name: Write nsupdate.key to file
|
|
|
|
template:
|
|
|
|
src: "nsupdate.key.j2"
|
|
|
|
dest: "{{ acme_dnskey_file }}"
|
|
|
|
when: "pdns_key is defined"
|