dns: use tailscale IP if enabled for role

saltyorg · Jul 4, 2023 · 159e102 · 159e102
1 parent cbc1343
commit 159e102
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 4 deletions.
diff --git a/resources/roles/dns/tasks/cloudflare/main.yml b/resources/roles/dns/tasks/cloudflare/main.yml
@@ -16,6 +16,19 @@
   ansible.builtin.include_tasks: "subtasks/setup.yml"
   when: (not cloudflare_folder.stat.exists) or cloudflare_reinstall
 
+- name: Cloudflare | Tailscale block
+  when: traefik_tailscale_enabled and lookup('vars', ansible_parent_role_names | first + '_traefik_tailscale_enabled', default=false)
+  block:
+    - name: Get Tailscale IPs
+      ansible.builtin.shell: "tailscale ip"
+      register: dns_tailscale_ips
+      failed_when: dns_tailscale_ips.rc != 0
+
+    - name: Set Tailscale variables
+      ansible.builtin.set_fact:
+        dns_tailscale_ipv4: "{{ dns_tailscale_ips.stdout_lines[0] }}"
+        dns_tailscale_ipv6: "{{ dns_tailscale_ips.stdout_lines[1] }}"
+
 - name: Cloudflare | Add DNS Record
   ansible.builtin.include_tasks: "subtasks/add_dns_record.yml"
   when: dns_action != 'remove'

diff --git a/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv4_enabled.yml b/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv4_enabled.yml
@@ -21,7 +21,9 @@
     solo: true
     proxied: "{{ dns_proxy }}"
     type: A
-    value: "{{ ip_address_public }}"
+    value: "{{ ip_address_public
+            if not lookup('vars', ansible_parent_role_names | first + '_traefik_tailscale_enabled', default=false)
+            else dns_tailscale_ipv4 }}"
     record: "{{ dns_record }}"
   register: cloudflare_dns_record_creation_status
 

diff --git a/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv6_enabled.yml b/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv6_enabled.yml
@@ -21,14 +21,15 @@
     solo: true
     proxied: "{{ dns_proxy }}"
     type: AAAA
-    value: "{{ ipv6_address_public }}"
+    value: "{{ ipv6_address_public
+            if not lookup('vars', ansible_parent_role_names | first + '_traefik_tailscale_enabled', default=false)
+            else dns_tailscale_ipv6 }}"
     record: "{{ dns_record }}"
   register: cloudflare_dns_v6_record_creation_status
 
 - name: Cloudflare | Add DNS Record | IPv6 | Tasks on success
   when: cloudflare_dns_v6_record_creation_status is succeeded
   block:
-
     - name: Cloudflare | Add DNS Record | IPv6 | Set 'dns_record_print' variable
       ansible.builtin.set_fact:
         dns_record_print: "{{ (dns_record == dns_zone) | ternary(dns_zone, dns_record + '.' + dns_zone) }}"

diff --git a/roles/traefik/tasks/subtasks/config.yml b/roles/traefik/tasks/subtasks/config.yml
@@ -66,7 +66,7 @@
       register: tailscale_ips
       failed_when: tailscale_ips.rc != 0
 
-    - name: set_fact
+    - name: Set Tailscale variables
       ansible.builtin.set_fact:
         tailscale_ipv4: "{{ tailscale_ips.stdout_lines[0] }}"
         tailscale_ipv6: "{{ tailscale_ips.stdout_lines[1] }}"