From 429d60eef3d68e876db9219d85ae9280738fffbe Mon Sep 17 00:00:00 2001
From: Thomas Constans <thomas@opendoor.fr>
Date: Tue, 10 Aug 2021 22:41:11 +0200
Subject: [PATCH] =?UTF-8?q?ajout=20code=20gestion=20NDM=20-=20test=C3=A9?=
 =?UTF-8?q?=20avec=20succes?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md         |  2 ++
 defaults/main.yml |  1 +
 tasks/dns.yml     | 26 ++++++++++++++++++++++++++
 tasks/main.yml    |  4 ++++
 4 files changed, 33 insertions(+)
 create mode 100644 tasks/dns.yml

diff --git a/README.md b/README.md
index c8e57f1..f1d7c95 100644
--- a/README.md
+++ b/README.md
@@ -12,6 +12,7 @@ Role Variables
 --------------
 
 apache_server_name
+apache_server_ip
 apache_ssl_root_email: email to use for certificate
 apache_server_alias (list)
 apache_user_password: default undefined
@@ -21,6 +22,7 @@ apache_access_log: {{ apache_base_dir}}/logs/access_log
 apache_php_socket: {{ apache_base_dir }}/php-fpm.sock
 apache_use_php: true
 apache_use_ssl: true
+apache_use_dns: true - wether we setup up dns A and CNAME records
 apache_use_zabbix: true - wether we install script to monitor certificate expiry date
 apache_use_certbot: true
 apache_use_stats: true
diff --git a/defaults/main.yml b/defaults/main.yml
index 642e48f..1822bdc 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -10,6 +10,7 @@ apache_ssl_certificate: "/etc/letsencrypt/live/{{ apache_server_name }}/cert.pem
 apache_ssl_chain: "/etc/letsencrypt/live/{{ apache_server_name }}/fullchain.pem"
 apache_ssl_key: "/etc/letsencrypt/live/{{ apache_server_name }}/privkey.pem "
 apache_use_certbot: true
+apache_use_dns: true
 apache_use_php: true
 apache_use_ssl: true
 apache_use_stats: true
diff --git a/tasks/dns.yml b/tasks/dns.yml
new file mode 100644
index 0000000..6fabdc9
--- /dev/null
+++ b/tasks/dns.yml
@@ -0,0 +1,26 @@
+---
+  - name: setup dns names
+    block:
+    - name: create ovh DNS A record
+      ovh_dns:
+        domain: opendoor.fr
+        name: "{{ apache_server_name }}"
+        type: A
+        value: "{{ apache_server_ip }}"
+
+    - name: create ovh DNS CNAME
+      ovh_dns:
+        domain: opendoor.fr
+        name: "{{ item }}"
+        type: CNAME
+        value: "{{ apache_server_name }}"
+      loop:
+       "{{ apache_server_alias }}"
+      when: apache_server_alias is defined
+    delegate_to: localhost
+    become: false
+    environment:
+      OVH_ENDPOINT: ovh-eu
+      OVH_APPLICATION_KEY: "{{ lookup( 'keepass', 'opendoor/ovh_application_key', 'password' ) }}"
+      OVH_APPLICATION_SECRET: "{{ lookup( 'keepass', 'opendoor/ovh_application_secret', 'password' ) }}"
+      OVH_CONSUMER_KEY: "{{ lookup( 'keepass', 'opendoor/ovh_consumer_key', 'password' ) }}"
\ No newline at end of file
diff --git a/tasks/main.yml b/tasks/main.yml
index 61c2459..8576399 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -44,6 +44,10 @@
     - "{{ apache_base_dir }}/session"
     - "{{ apache_base_dir }}/wsdlcache"
 
+- name: dns setup
+  include_tasks: dns.yml
+  when: apache_use_dns is defined
+
 - name: generate cert
   import_tasks: certbot.yml
   when: apache_use_certbot