slfhst/ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

♻: manage san for certificate/domain/sni routing
All checks were successful
ansible-lint / lint-everything (push) Successful in 1m24s
Details

Browse Source
This commit is contained in:
VC
2025-04-11 17:11:15 +02:00
parent c49025d712
commit 14cc54f4ed
14 changed files with 53 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
roles/nsd/tasks/zones.yml
View File

@@ -11,7 +11,17 @@
dns_serial: "{{ ansible_date_time.epoch }}"
web_hostname_block: |-
{% for webserver in groups['webservers'] | sort -%}
{% for web_hostname in (hostvars[webserver]['web_hostname'] | selectattr('host', 'match', '.*' ~ item.name) | map(attribute='host') | sort) -%}
{% for web_hostname in (
(hostvars[webserver]['web_hostname']
| selectattr('host', 'match', '.*' ~ item.name)
| map(attribute='host')
+
(hostvars[webserver]['web_hostname']
| selectattr('san', 'defined')
| map(attribute='san')
| flatten
| select('match', '.*' ~ item.name)))
| sort) -%}
{% if web_hostname is match("(\S+\.){2}") %}
{{ web_hostname | regex_replace('\.' ~ item.name ~ '$', '') }} IN CNAME {{ hostvars[webserver].ansible_host }}.
{% else %}