feat: add option to set univention dns records
All checks were successful
continuous-integration/drone/push Build is passing

This commit is contained in:
Robert Kaussow 2022-09-03 23:12:06 +02:00
parent e74ddebc6b
commit 810cf272b8
Signed by: xoxys
GPG Key ID: 4E692A2EAECC03C0
6 changed files with 82 additions and 11 deletions

10
data.tf
View File

@ -6,3 +6,13 @@ data "cloudflare_zones" "zones" {
status = "active" status = "active"
} }
} }
data "restapi_object" "ucs_zones" {
for_each = toset(try(var.ucs_zones, []))
query_string = "filter=univentionObjectType=dns/forward_zone"
path = "/dns/forward_zone/"
search_key = "id"
search_value = each.key
results_key = "_embedded/udm:object"
}

34
main.tf
View File

@ -1,9 +1,15 @@
locals { locals {
zones = { cloudflare_zones = {
for zone in try(data.cloudflare_zones.zones, []) : zone.zones[0].name => zone.zones[0].id for zone in try(data.cloudflare_zones.zones, []) : zone.zones[0].name => zone.zones[0].id
} }
} }
locals {
ucs_zones = {
for zone in try(data.restapi_object.ucs_zones, []) : zone.api_data.id => zone.api_data.dn
}
}
locals { locals {
server_volumes = flatten([ server_volumes = flatten([
for server_key, server in var.server : [ for server_key, server in var.server : [
@ -25,7 +31,7 @@ locals {
record_type = domain.type record_type = domain.type
record_value = domain.value record_value = domain.value
record_ttl = try(domain.ttl, 1) record_ttl = try(domain.ttl, 1)
zone_id = local.zones[try(domain.zone_name, var.cloudflare_default_zone)] zone_id = local.cloudflare_zones[try(domain.zone_name, var.server_dns_zone)]
} }
] ]
]) ])
@ -91,7 +97,7 @@ resource "hcloud_rdns" "serverv4" {
server_id = hcloud_server.server[each.value.name].id server_id = hcloud_server.server[each.value.name].id
ip_address = hcloud_server.server[each.value.name].ipv4_address ip_address = hcloud_server.server[each.value.name].ipv4_address
dns_ptr = "${each.value.name}.${local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]}" dns_ptr = "${each.value.name}.${try(each.value.dns_zone, var.server_dns_zone)}"
} }
resource "hcloud_rdns" "serverv6" { resource "hcloud_rdns" "serverv6" {
@ -99,13 +105,13 @@ resource "hcloud_rdns" "serverv6" {
server_id = hcloud_server.server[each.value.name].id server_id = hcloud_server.server[each.value.name].id
ip_address = hcloud_server.server[each.value.name].ipv6_address ip_address = hcloud_server.server[each.value.name].ipv6_address
dns_ptr = "${each.value.name}.${local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)]}" dns_ptr = "${each.value.name}.${try(each.value.dns_zone, var.server_dns_zone)}"
} }
resource "cloudflare_record" "serverv4" { resource "cloudflare_record" "serverv4" {
for_each = { for row in var.server : row.name => row } for_each = { for row in var.server : row.name => row }
zone_id = local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)] zone_id = local.cloudflare_zones[try(each.value.dns_zone, var.server_dns_zone)]
name = each.value.name name = each.value.name
value = hcloud_server.server[each.value.name].ipv4_address value = hcloud_server.server[each.value.name].ipv4_address
type = "A" type = "A"
@ -115,7 +121,7 @@ resource "cloudflare_record" "serverv4" {
resource "cloudflare_record" "serverv6" { resource "cloudflare_record" "serverv6" {
for_each = { for row in var.server : row.name => row } for_each = { for row in var.server : row.name => row }
zone_id = local.zones[try(each.value.dns_zone, var.cloudflare_default_zone)] zone_id = local.cloudflare_zones[try(each.value.dns_zone, var.server_dns_zone)]
name = each.value.name name = each.value.name
value = hcloud_server.server[each.value.name].ipv6_address value = hcloud_server.server[each.value.name].ipv6_address
type = "AAAA" type = "AAAA"
@ -131,3 +137,19 @@ resource "cloudflare_record" "record" {
type = each.value.record_type type = each.value.record_type
ttl = each.value.record_ttl ttl = each.value.record_ttl
} }
resource "restapi_object" "ucs_server" {
for_each = { for row in var.server : row.name => row }
path = "/dns/host_record/"
data = jsonencode({
"position" : local.ucs_zones[try(each.value.dns_zone, var.server_dns_zone)],
"properties" : {
"name" : each.value.name,
"a" : [
hcloud_server.server[each.value.name].ipv4_address,
hcloud_server.server[each.value.name].ipv6_address,
],
}
})
}

View File

@ -4,6 +4,10 @@ output "output" {
} }
} }
output "zones" { output "cloudflare_zones" {
value = local.zones value = local.cloudflare_zones
}
output "ucs_zones" {
value = local.ucs_zones
} }

View File

@ -5,3 +5,15 @@ provider "hcloud" {
provider "cloudflare" { provider "cloudflare" {
api_token = var.cloudflare_api_token api_token = var.cloudflare_api_token
} }
provider "restapi" {
uri = var.ucs_api_url
username = var.ucs_api_username
password = var.ucs_api_password
id_attribute = "dn"
debug = true
create_returns_object = true
headers = {
accept = "application/json"
}
}

View File

@ -1,3 +1,4 @@
// Hetzner Cloud
variable "hcloud_token" { variable "hcloud_token" {
type = string type = string
} }
@ -6,6 +7,7 @@ variable "hcloud_project" {
type = string type = string
} }
// Cloudflare
variable "cloudflare_api_token" { variable "cloudflare_api_token" {
type = string type = string
} }
@ -14,14 +16,28 @@ variable "cloudflare_zones" {
type = list(string) type = list(string)
} }
variable "server" { // Univention
default = [] variable "ucs_api_url" {
type = string
} }
variable "cloudflare_default_zone" { variable "ucs_api_username" {
type = string type = string
} }
variable "ucs_api_password" {
type = string
}
variable "ucs_zones" {
type = list(string)
}
// Module
variable "server" {
default = []
}
variable "server_keys" { variable "server_keys" {
type = list(string) type = list(string)
} }
@ -29,3 +45,7 @@ variable "server_keys" {
variable "ssh_keys" { variable "ssh_keys" {
type = list(string) type = list(string)
} }
variable "server_dns_zone" {
type = string
}

View File

@ -6,5 +6,8 @@ terraform {
hcloud = { hcloud = {
source = "hetznercloud/hcloud" source = "hetznercloud/hcloud"
} }
restapi = {
source = "Mastercard/restapi"
}
} }
} }