Add internal DNS operations

2025-05-02 15:56:51 -04:00 · 2025-05-02 15:56:51 -04:00 · e40e5b93ec
commit e40e5b93ec
parent 537edfd389
9 changed files with 101 additions and 16 deletions
--- a/vm_automation/alpine/plans/create_vm.yaml
+++ b/vm_automation/alpine/plans/create_vm.yaml
@ -210,6 +210,18 @@ steps:
    task: common::add_dns_a_record
    targets: localhost
    parameters:
+      network: $network
+      add_a_record_bool: $add_a_record_bool
+      ip_with_cidr: $ip_with_cidr
+      dns_hostname: $dns_hostname
+      dns_ttl: $dns_ttl
+
+  - name: add_dns_a_record_internal
+    description: Add an Internal DNS A record for the VM
+    task: common::add_dns_a_record_internal
+    targets: localhost
+    parameters:
+      network: $network
      add_a_record_bool: $add_a_record_bool
      ip_with_cidr: $ip_with_cidr
      dns_hostname: $dns_hostname
--- a/vm_automation/alpine/tasks/validate_vm_parameters.json
+++ b/vm_automation/alpine/tasks/validate_vm_parameters.json
@ -15,7 +15,7 @@
      "type": "String"
    },
    "network": {
-      "description": "Network to connect the VM to (wan-verizon or moeny-internal)",
+      "description": "Network to connect the VM to (wan-verizon or internal-moeny)",
      "type": "String"
    },
    "ip_with_cidr": {
--- a/vm_automation/alpine/tasks/validate_vm_parameters.sh
+++ b/vm_automation/alpine/tasks/validate_vm_parameters.sh
@ -82,12 +82,12 @@ validate_network_relationships() {
        if [[ "$gateway_ip" != "100.40.223.1" ]]; then
            output_warning "wan-verizon network typically uses 100.40.223.1 as gateway, but got ${gateway_ip}"
        fi
-    elif [[ "$network" == "moeny-internal" ]]; then
+    elif [[ "$network" == "internal-moeny" ]]; then
        if [[ ! "$ip_network" =~ ^10\.44\.0$ ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
+            output_warning "internal-moeny network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
        fi
        if [[ "$gateway_ip" != "10.44.0.1" ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
+            output_warning "internal-moeny network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
        fi
    fi
 }
@ -112,8 +112,8 @@ validate_hostname() {
 # Function to validate network
 validate_network() {
    local network=$1
-    if [[ "$network" != "wan-verizon" && "$network" != "moeny-internal" ]]; then
-        output_status "error" "Invalid network '$network'. Must be either wan-verizon or moeny-internal"
+    if [[ "$network" != "wan-verizon" && "$network" != "internal-moeny" ]]; then
+        output_status "error" "Invalid network '$network'. Must be either wan-verizon or internal-moeny"
    fi
 }

--- a/vm_automation/common/tasks/add_dns_a_record.sh
+++ b/vm_automation/common/tasks/add_dns_a_record.sh
@ -2,14 +2,15 @@
 # This script adds a DNS A record to the DNS server zone file (common::add_dns_a_record)

 # Bolt environment variables
+NETWORK="${PT_network}"
 ADD_A_RECORD="${PT_add_a_record_bool}"
 IP="${PT_ip_with_cidr}"
 HOSTNAME="${PT_dns_hostname}"
 TTL="${PT_dns_ttl}"

-# Check if Docker installation is requested
-if [ "$ADD_A_RECORD" != "true" ]; then
-    echo '{"status": "skipped", "message": "A Record addition not requested, skipping..."}'
+# Check if A record addition is requested
+if [ "$ADD_A_RECORD" != "true" ] || [ "$NETWORK" != "wan-verizon" ]; then
+    echo '{"status": "skipped", "message": "Skipping public facing A Record - either not requested or not on wan-verizon network"}'
    exit 0
 fi

--- a/vm_automation/common/tasks/add_dns_a_record_internal.sh
+++ b/vm_automation/common/tasks/add_dns_a_record_internal.sh
@ -0,0 +1,36 @@
+#!/bin/bash
+# This script adds an Internal DNS A record to the DNS server zone file (common::add_dns_a_record_internal)
+
+# Bolt environment variables
+NETWORK="${PT_network}"
+ADD_A_RECORD="${PT_add_a_record_bool}"
+IP="${PT_ip_with_cidr}"
+HOSTNAME="${PT_dns_hostname}"
+TTL="${PT_dns_ttl}"
+
+# Check if A record addition is requested
+if [ "$ADD_A_RECORD" != "true" ] || [ "$NETWORK" != "internal-moeny" ]; then
+    echo '{"status": "skipped", "message": "Skipping internal A Record - either not requested or not on internal-moeny network"}'
+    exit 0
+fi
+
+# Check if required parameters are provided
+if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$TTL" ]; then
+    echo '{"status": "failure", "message": "Error: Both ip_with_cidr, dns_hostname and ttl parameters must be provided"}'
+    exit 1
+fi
+
+# Create DNS A record
+IP_ADDRESS=$(echo ${IP} | cut -d'/' -f1)
+nsupdate -k "./keys/tsig-internal.key" << EOF
+server ns99.moeny.internal
+debug yes
+zone moeny.internal
+update add ${HOSTNAME}.moeny.internal ${TTL} A ${IP_ADDRESS}
+send
+EOF
+
+# Force zone file update on DNS server
+ssh moeny@ns99.moeny.internal "sudo rndc sync moeny.internal"
+
+echo '{"status": "success", "message": "Internal A Record successfully added."}'
--- a/vm_automation/common/tasks/delete_dns_a_record_internal.sh
+++ b/vm_automation/common/tasks/delete_dns_a_record_internal.sh
@ -0,0 +1,24 @@
+#!/bin/bash
+# This script deletes a DNS A record from the DNS server zone file (common::delete_dns_a_record_internal)
+# Bolt environment variables
+HOSTNAME="${PT_dns_hostname}"
+
+# Check if required parameters are provided
+if [ -z "$HOSTNAME" ]; then
+    echo '{"status": "failure", "message": "Error: dns_hostname parameter must be provided"}'
+    exit 1
+fi
+
+# Delete DNS A record
+nsupdate -k "./keys/tsig-internal.key" << EOF
+server ns99.moeny.internal
+debug yes
+zone moeny.internal
+update delete ${HOSTNAME}.moeny.internal A
+send
+EOF
+
+# Force zone file update on DNS server
+ssh moeny@ns99.moeny.internal "sudo rndc sync moeny.internal"
+
+echo '{"status": "success", "message": "Internal A Record successfully deleted."}'
--- a/vm_automation/ubuntu/plans/create_vm.yaml
+++ b/vm_automation/ubuntu/plans/create_vm.yaml
@ -186,6 +186,18 @@ steps:
    task: common::add_dns_a_record
    targets: localhost
    parameters:
+      network: $network
+      add_a_record_bool: $add_a_record_bool
+      ip_with_cidr: $ip_with_cidr
+      dns_hostname: $dns_hostname
+      dns_ttl: $dns_ttl
+
+  - name: add_dns_a_record_internal
+    description: Add an Internal DNS A record for the VM
+    task: common::add_dns_a_record_internal
+    targets: localhost
+    parameters:
+      network: $network
      add_a_record_bool: $add_a_record_bool
      ip_with_cidr: $ip_with_cidr
      dns_hostname: $dns_hostname
--- a/vm_automation/ubuntu/tasks/validate_vm_parameters.json
+++ b/vm_automation/ubuntu/tasks/validate_vm_parameters.json
@ -15,7 +15,7 @@
      "type": "String"
    },
    "network": {
-      "description": "Network to connect the VM to (wan-verizon or moeny-internal)",
+      "description": "Network to connect the VM to (wan-verizon or internal-moeny)",
      "type": "String"
    },
    "ip_with_cidr": {
--- a/vm_automation/ubuntu/tasks/validate_vm_parameters.sh
+++ b/vm_automation/ubuntu/tasks/validate_vm_parameters.sh
@ -80,15 +80,15 @@ validate_network_relationships() {
        if [[ "$staging_ip" != "public" ]]; then
            output_warning "wan-verizon network typically uses 'public' for staging_ip, but got '${staging_ip}'"
        fi
-    elif [[ "$network" == "moeny-internal" ]]; then
+    elif [[ "$network" == "internal-moeny" ]]; then
        if [[ ! "$ip_network" =~ ^10\.44\.0$ ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
+            output_warning "internal-moeny network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
        fi
        if [[ "$gateway_ip" != "10.44.0.1" ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
+            output_warning "internal-moeny network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
        fi
        if [[ "$staging_ip" != "internal" ]]; then
-            output_warning "moeny-internal network typically uses 'internal' for staging_ip, but got '${staging_ip}'"
+            output_warning "internal-moeny network typically uses 'internal' for staging_ip, but got '${staging_ip}'"
        fi
    fi
 }
@ -113,8 +113,8 @@ validate_hostname() {
 # Function to validate network
 validate_network() {
    local network=$1
-    if [[ "$network" != "wan-verizon" && "$network" != "moeny-internal" ]]; then
-        output_status "error" "Invalid network '$network'. Must be either wan-verizon or moeny-internal"
+    if [[ "$network" != "wan-verizon" && "$network" != "internal-moeny" ]]; then
+        output_status "error" "Invalid network '$network'. Must be either wan-verizon or internal-moeny"
    fi
 }