From 810cf272b8d3c59c4e6cccb10d006b727f13c967 Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sat, 3 Sep 2022 23:12:06 +0200 Subject: [PATCH] feat: add option to set univention dns records --- data.tf | 10 ++++++++++ main.tf | 34 ++++++++++++++++++++++++++++------ outputs.tf | 8 ++++++-- providers.tf | 12 ++++++++++++ variables.tf | 26 +++++++++++++++++++++++--- versions.tf | 3 +++ 6 files changed, 82 insertions(+), 11 deletions(-) diff --git a/data.tf b/data.tf index 30f3bac..b33f3e3 100644 --- a/data.tf +++ b/data.tf @@ -6,3 +6,13 @@ data "cloudflare_zones" "zones" { status = "active" } } + +data "restapi_object" "ucs_zones" { + for_each = toset(try(var.ucs_zones, [])) + + query_string = "filter=univentionObjectType=dns/forward_zone" + path = "/dns/forward_zone/" + search_key = "id" + search_value = each.key + results_key = "_embedded/udm:object" +} diff --git a/main.tf b/main.tf index c449faf..8d27c8d 100644 --- a/main.tf +++ b/main.tf @@ -1,9 +1,15 @@ locals { - zones = { + cloudflare_zones = { for zone in try(data.cloudflare_zones.zones, []) : zone.zones[0].name => zone.zones[0].id } } +locals { + ucs_zones = { + for zone in try(data.restapi_object.ucs_zones, []) : zone.api_data.id => zone.api_data.dn + } +} + locals { server_volumes = flatten([ for server_key, server in var.server : [ @@ -25,7 +31,7 @@ locals { record_type = domain.type record_value = domain.value record_ttl = try(domain.ttl, 1) - zone_id = local.zones[try(domain.zone_name, var.cloudflare_default_zone)] + zone_id = local.cloudflare_zones[try(domain.zone_name, var.server_dns_zone)] } ] ]) @@ -91,7 +97,7 @@ resource "hcloud_rdns" "serverv4" { server_id = hcloud_server.server[each.value.name].id ip_address = hcloud_server.server[each.value.name].ipv4_address - dns_ptr = "${each.value.name}.${local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]}" + dns_ptr = "${each.value.name}.${try(each.value.dns_zone, var.server_dns_zone)}" } resource "hcloud_rdns" "serverv6" { @@ -99,13 +105,13 @@ resource "hcloud_rdns" "serverv6" { server_id = hcloud_server.server[each.value.name].id ip_address = hcloud_server.server[each.value.name].ipv6_address - dns_ptr = "${each.value.name}.${local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]}" + dns_ptr = "${each.value.name}.${try(each.value.dns_zone, var.server_dns_zone)}" } resource "cloudflare_record" "serverv4" { for_each = { for row in var.server : row.name => row } - zone_id = local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)] + zone_id = local.cloudflare_zones[try(each.value.dns_zone, var.server_dns_zone)] name = each.value.name value = hcloud_server.server[each.value.name].ipv4_address type = "A" @@ -115,7 +121,7 @@ resource "cloudflare_record" "serverv4" { resource "cloudflare_record" "serverv6" { for_each = { for row in var.server : row.name => row } - zone_id = local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)] + zone_id = local.cloudflare_zones[try(each.value.dns_zone, var.server_dns_zone)] name = each.value.name value = hcloud_server.server[each.value.name].ipv6_address type = "AAAA" @@ -131,3 +137,19 @@ resource "cloudflare_record" "record" { type = each.value.record_type ttl = each.value.record_ttl } + +resource "restapi_object" "ucs_server" { + for_each = { for row in var.server : row.name => row } + + path = "/dns/host_record/" + data = jsonencode({ + "position" : local.ucs_zones[try(each.value.dns_zone, var.server_dns_zone)], + "properties" : { + "name" : each.value.name, + "a" : [ + hcloud_server.server[each.value.name].ipv4_address, + hcloud_server.server[each.value.name].ipv6_address, + ], + } + }) +} diff --git a/outputs.tf b/outputs.tf index a8693a9..353c6e0 100644 --- a/outputs.tf +++ b/outputs.tf @@ -4,6 +4,10 @@ output "output" { } } -output "zones" { - value = local.zones +output "cloudflare_zones" { + value = local.cloudflare_zones +} + +output "ucs_zones" { + value = local.ucs_zones } diff --git a/providers.tf b/providers.tf index 8155974..1865ad2 100644 --- a/providers.tf +++ b/providers.tf @@ -5,3 +5,15 @@ provider "hcloud" { provider "cloudflare" { api_token = var.cloudflare_api_token } + +provider "restapi" { + uri = var.ucs_api_url + username = var.ucs_api_username + password = var.ucs_api_password + id_attribute = "dn" + debug = true + create_returns_object = true + headers = { + accept = "application/json" + } +} diff --git a/variables.tf b/variables.tf index 025efed..ac8104e 100644 --- a/variables.tf +++ b/variables.tf @@ -1,3 +1,4 @@ +// Hetzner Cloud variable "hcloud_token" { type = string } @@ -6,6 +7,7 @@ variable "hcloud_project" { type = string } +// Cloudflare variable "cloudflare_api_token" { type = string } @@ -14,14 +16,28 @@ variable "cloudflare_zones" { type = list(string) } -variable "server" { - default = [] +// Univention +variable "ucs_api_url" { + type = string } -variable "cloudflare_default_zone" { +variable "ucs_api_username" { type = string } +variable "ucs_api_password" { + type = string +} + +variable "ucs_zones" { + type = list(string) +} + +// Module +variable "server" { + default = [] +} + variable "server_keys" { type = list(string) } @@ -29,3 +45,7 @@ variable "server_keys" { variable "ssh_keys" { type = list(string) } + +variable "server_dns_zone" { + type = string +} diff --git a/versions.tf b/versions.tf index a4fbcf8..ff6f93c 100644 --- a/versions.tf +++ b/versions.tf @@ -6,5 +6,8 @@ terraform { hcloud = { source = "hetznercloud/hcloud" } + restapi = { + source = "Mastercard/restapi" + } } }