start building DDNS update support

playbook.yml

@@ -25,11 +25,13 @@
     firewall_allowed_ports:
       - { port: 80, proto: "tcp" }
       - { port: 443, proto: "tcp" }
+    ddns_domains:
+      - { host: "", type: "A"}
   roles:
-    - backup
-    - sendmail
     - nodejs
-    - firewall
-    - forgejo
-    - caddy
+    # - backup
+    # - sendmail
+    # - firewall
+    # - forgejo
+    # - caddy
 

roles/ddns/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+# Domains to keep up to date
+ddns_domains: []

roles/ddns/files/update-ddns.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=Updates DDNS of various IPv4/IPv6 services
+OnFailure=status-email@%n
+
+[Service]
+Type=oneshot
+ExecStart=/root/update-ddns.sh
+User=root
+Group=root
+

roles/ddns/files/update-ddns.timer

@@ -0,0 +1,9 @@
+[Unit]
+Description=Ensure DNS is update to date, by checking hourly
+
+[Timer]
+OnCalendar="*-*-* *:15:00" 
+Persistent=false
+
+[Install]
+WantedBy=timers.target

roles/ddns/tasks/main.yml

@@ -0,0 +1,23 @@
+
+
+- name: upload ddns script
+  ansible.builtin.template:
+    src: update-ddns.sh.j2
+    dest: /root/update-ddns.sh
+    mode: '0700'
+    owner: root
+    group: root
+
+- name: upload systemd unit files
+  copy:
+    src: "{{ item }}"
+    dest: "/etc/systemd/system/{{ item }}"
+  loop:
+    - update-ddns.service
+    - update-ddns.timer
+
+- name: enable update-ddns.timer
+  ansible.builtin.systemd:
+    name: update-ddns.timer
+    state: started
+    enabled: true

roles/ddns/templates/update-ddns.sh.j2

@@ -0,0 +1,5 @@
+#!/bin/env bash
+
+{% for item in ddns_domains %}
+curl -X PUT https://box.nilsnh.no/admin/dns/custom/{{item.host}}/{{item.rtype}} --user {{ vault_mta_user }}:{{ vault_mta_user_pw }}
+{% endfor %}