feat: add option to set univention dns records

2022-09-03 23:12:06 +02:00 · 2022-09-03 23:12:06 +02:00 · 810cf272b8
commit 810cf272b8
parent e74ddebc6b
6 changed files with 82 additions and 11 deletions
--- a/data.tf
+++ b/data.tf
@ -6,3 +6,13 @@ data "cloudflare_zones" "zones" {
    status = "active"
  }
 }
+
+data "restapi_object" "ucs_zones" {
+  for_each = toset(try(var.ucs_zones, []))
+
+  query_string = "filter=univentionObjectType=dns/forward_zone"
+  path         = "/dns/forward_zone/"
+  search_key   = "id"
+  search_value = each.key
+  results_key  = "_embedded/udm:object"
+}
--- a/main.tf
+++ b/main.tf
@ -1,9 +1,15 @@
 locals {
-  zones = {
+  cloudflare_zones = {
    for zone in try(data.cloudflare_zones.zones, []) : zone.zones[0].name => zone.zones[0].id
  }
 }

+locals {
+  ucs_zones = {
+    for zone in try(data.restapi_object.ucs_zones, []) : zone.api_data.id => zone.api_data.dn
+  }
+}
+
 locals {
  server_volumes = flatten([
    for server_key, server in var.server : [
@ -25,7 +31,7 @@ locals {
        record_type  = domain.type
        record_value = domain.value
        record_ttl   = try(domain.ttl, 1)
-        zone_id      = local.zones[try(domain.zone_name, var.cloudflare_default_zone)]
+        zone_id      = local.cloudflare_zones[try(domain.zone_name, var.server_dns_zone)]
      }
    ]
  ])
@ -91,7 +97,7 @@ resource "hcloud_rdns" "serverv4" {

  server_id  = hcloud_server.server[each.value.name].id
  ip_address = hcloud_server.server[each.value.name].ipv4_address
-  dns_ptr    = "${each.value.name}.${local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]}"
+  dns_ptr    = "${each.value.name}.${try(each.value.dns_zone, var.server_dns_zone)}"
 }

 resource "hcloud_rdns" "serverv6" {
@ -99,13 +105,13 @@ resource "hcloud_rdns" "serverv6" {

  server_id  = hcloud_server.server[each.value.name].id
  ip_address = hcloud_server.server[each.value.name].ipv6_address
-  dns_ptr    = "${each.value.name}.${local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]}"
+  dns_ptr    = "${each.value.name}.${try(each.value.dns_zone, var.server_dns_zone)}"
 }

 resource "cloudflare_record" "serverv4" {
  for_each = { for row in var.server : row.name => row }

-  zone_id = local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]
+  zone_id = local.cloudflare_zones[try(each.value.dns_zone, var.server_dns_zone)]
  name    = each.value.name
  value   = hcloud_server.server[each.value.name].ipv4_address
  type    = "A"
@ -115,7 +121,7 @@ resource "cloudflare_record" "serverv4" {
 resource "cloudflare_record" "serverv6" {
  for_each = { for row in var.server : row.name => row }

-  zone_id = local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]
+  zone_id = local.cloudflare_zones[try(each.value.dns_zone, var.server_dns_zone)]
  name    = each.value.name
  value   = hcloud_server.server[each.value.name].ipv6_address
  type    = "AAAA"
@ -131,3 +137,19 @@ resource "cloudflare_record" "record" {
  type    = each.value.record_type
  ttl     = each.value.record_ttl
 }
+
+resource "restapi_object" "ucs_server" {
+  for_each = { for row in var.server : row.name => row }
+
+  path = "/dns/host_record/"
+  data = jsonencode({
+    "position" : local.ucs_zones[try(each.value.dns_zone, var.server_dns_zone)],
+    "properties" : {
+      "name" : each.value.name,
+      "a" : [
+        hcloud_server.server[each.value.name].ipv4_address,
+        hcloud_server.server[each.value.name].ipv6_address,
+      ],
+    }
+  })
+}
--- a/outputs.tf
+++ b/outputs.tf
@ -4,6 +4,10 @@ output "output" {
  }
 }

-output "zones" {
-  value = local.zones
+output "cloudflare_zones" {
+  value = local.cloudflare_zones
+}
+
+output "ucs_zones" {
+  value = local.ucs_zones
 }
--- a/providers.tf
+++ b/providers.tf
@ -5,3 +5,15 @@ provider "hcloud" {
 provider "cloudflare" {
  api_token = var.cloudflare_api_token
 }
+
+provider "restapi" {
+  uri                   = var.ucs_api_url
+  username              = var.ucs_api_username
+  password              = var.ucs_api_password
+  id_attribute          = "dn"
+  debug                 = true
+  create_returns_object = true
+  headers = {
+    accept = "application/json"
+  }
+}
--- a/variables.tf
+++ b/variables.tf
@ -1,3 +1,4 @@
+// Hetzner Cloud
 variable "hcloud_token" {
  type = string
 }
@ -6,6 +7,7 @@ variable "hcloud_project" {
  type = string
 }

+// Cloudflare
 variable "cloudflare_api_token" {
  type = string
 }
@ -14,14 +16,28 @@ variable "cloudflare_zones" {
  type = list(string)
 }

-variable "server" {
-  default = []
+// Univention
+variable "ucs_api_url" {
+  type = string
 }

-variable "cloudflare_default_zone" {
+variable "ucs_api_username" {
  type = string
 }

+variable "ucs_api_password" {
+  type = string
+}
+
+variable "ucs_zones" {
+  type = list(string)
+}
+
+// Module
+variable "server" {
+  default = []
+}
+
 variable "server_keys" {
  type = list(string)
 }
@ -29,3 +45,7 @@ variable "server_keys" {
 variable "ssh_keys" {
  type = list(string)
 }
+
+variable "server_dns_zone" {
+  type = string
+}
--- a/versions.tf
+++ b/versions.tf
@ -6,5 +6,8 @@ terraform {
    hcloud = {
      source = "hetznercloud/hcloud"
    }
+    restapi = {
+      source = "Mastercard/restapi"
+    }
  }
 }