diff --git a/vm_automation/alpine/plans/create_vm.yaml b/vm_automation/alpine/plans/create_vm.yaml index 2dbc1bd..b647f30 100644 --- a/vm_automation/alpine/plans/create_vm.yaml +++ b/vm_automation/alpine/plans/create_vm.yaml @@ -210,6 +210,18 @@ steps: task: common::add_dns_a_record targets: localhost parameters: + network: $network + add_a_record_bool: $add_a_record_bool + ip_with_cidr: $ip_with_cidr + dns_hostname: $dns_hostname + dns_ttl: $dns_ttl + + - name: add_dns_a_record_internal + description: Add an Internal DNS A record for the VM + task: common::add_dns_a_record_internal + targets: localhost + parameters: + network: $network add_a_record_bool: $add_a_record_bool ip_with_cidr: $ip_with_cidr dns_hostname: $dns_hostname diff --git a/vm_automation/alpine/tasks/validate_vm_parameters.json b/vm_automation/alpine/tasks/validate_vm_parameters.json index 91a2dec..d4de9a1 100644 --- a/vm_automation/alpine/tasks/validate_vm_parameters.json +++ b/vm_automation/alpine/tasks/validate_vm_parameters.json @@ -15,7 +15,7 @@ "type": "String" }, "network": { - "description": "Network to connect the VM to (wan-verizon or moeny-internal)", + "description": "Network to connect the VM to (wan-verizon or internal-moeny)", "type": "String" }, "ip_with_cidr": { diff --git a/vm_automation/alpine/tasks/validate_vm_parameters.sh b/vm_automation/alpine/tasks/validate_vm_parameters.sh index 19681ce..9209fa1 100755 --- a/vm_automation/alpine/tasks/validate_vm_parameters.sh +++ b/vm_automation/alpine/tasks/validate_vm_parameters.sh @@ -82,12 +82,12 @@ validate_network_relationships() { if [[ "$gateway_ip" != "100.40.223.1" ]]; then output_warning "wan-verizon network typically uses 100.40.223.1 as gateway, but got ${gateway_ip}" fi - elif [[ "$network" == "moeny-internal" ]]; then + elif [[ "$network" == "internal-moeny" ]]; then if [[ ! "$ip_network" =~ ^10\.44\.0$ ]]; then - output_warning "moeny-internal network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}" + output_warning "internal-moeny network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}" fi if [[ "$gateway_ip" != "10.44.0.1" ]]; then - output_warning "moeny-internal network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}" + output_warning "internal-moeny network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}" fi fi } @@ -112,8 +112,8 @@ validate_hostname() { # Function to validate network validate_network() { local network=$1 - if [[ "$network" != "wan-verizon" && "$network" != "moeny-internal" ]]; then - output_status "error" "Invalid network '$network'. Must be either wan-verizon or moeny-internal" + if [[ "$network" != "wan-verizon" && "$network" != "internal-moeny" ]]; then + output_status "error" "Invalid network '$network'. Must be either wan-verizon or internal-moeny" fi } diff --git a/vm_automation/common/tasks/add_dns_a_record.sh b/vm_automation/common/tasks/add_dns_a_record.sh index 80ffef2..12d8a63 100644 --- a/vm_automation/common/tasks/add_dns_a_record.sh +++ b/vm_automation/common/tasks/add_dns_a_record.sh @@ -2,14 +2,15 @@ # This script adds a DNS A record to the DNS server zone file (common::add_dns_a_record) # Bolt environment variables +NETWORK="${PT_network}" ADD_A_RECORD="${PT_add_a_record_bool}" IP="${PT_ip_with_cidr}" HOSTNAME="${PT_dns_hostname}" TTL="${PT_dns_ttl}" -# Check if Docker installation is requested -if [ "$ADD_A_RECORD" != "true" ]; then - echo '{"status": "skipped", "message": "A Record addition not requested, skipping..."}' +# Check if A record addition is requested +if [ "$ADD_A_RECORD" != "true" ] || [ "$NETWORK" != "wan-verizon" ]; then + echo '{"status": "skipped", "message": "Skipping public facing A Record - either not requested or not on wan-verizon network"}' exit 0 fi diff --git a/vm_automation/common/tasks/add_dns_a_record_internal.sh b/vm_automation/common/tasks/add_dns_a_record_internal.sh new file mode 100644 index 0000000..9f22c44 --- /dev/null +++ b/vm_automation/common/tasks/add_dns_a_record_internal.sh @@ -0,0 +1,36 @@ +#!/bin/bash +# This script adds an Internal DNS A record to the DNS server zone file (common::add_dns_a_record_internal) + +# Bolt environment variables +NETWORK="${PT_network}" +ADD_A_RECORD="${PT_add_a_record_bool}" +IP="${PT_ip_with_cidr}" +HOSTNAME="${PT_dns_hostname}" +TTL="${PT_dns_ttl}" + +# Check if A record addition is requested +if [ "$ADD_A_RECORD" != "true" ] || [ "$NETWORK" != "internal-moeny" ]; then + echo '{"status": "skipped", "message": "Skipping internal A Record - either not requested or not on internal-moeny network"}' + exit 0 +fi + +# Check if required parameters are provided +if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$TTL" ]; then + echo '{"status": "failure", "message": "Error: Both ip_with_cidr, dns_hostname and ttl parameters must be provided"}' + exit 1 +fi + +# Create DNS A record +IP_ADDRESS=$(echo ${IP} | cut -d'/' -f1) +nsupdate -k "./keys/tsig-internal.key" << EOF +server ns99.moeny.internal +debug yes +zone moeny.internal +update add ${HOSTNAME}.moeny.internal ${TTL} A ${IP_ADDRESS} +send +EOF + +# Force zone file update on DNS server +ssh moeny@ns99.moeny.internal "sudo rndc sync moeny.internal" + +echo '{"status": "success", "message": "Internal A Record successfully added."}' \ No newline at end of file diff --git a/vm_automation/common/tasks/delete_dns_a_record_internal.sh b/vm_automation/common/tasks/delete_dns_a_record_internal.sh new file mode 100644 index 0000000..b2b9cdb --- /dev/null +++ b/vm_automation/common/tasks/delete_dns_a_record_internal.sh @@ -0,0 +1,24 @@ +#!/bin/bash +# This script deletes a DNS A record from the DNS server zone file (common::delete_dns_a_record_internal) +# Bolt environment variables +HOSTNAME="${PT_dns_hostname}" + +# Check if required parameters are provided +if [ -z "$HOSTNAME" ]; then + echo '{"status": "failure", "message": "Error: dns_hostname parameter must be provided"}' + exit 1 +fi + +# Delete DNS A record +nsupdate -k "./keys/tsig-internal.key" << EOF +server ns99.moeny.internal +debug yes +zone moeny.internal +update delete ${HOSTNAME}.moeny.internal A +send +EOF + +# Force zone file update on DNS server +ssh moeny@ns99.moeny.internal "sudo rndc sync moeny.internal" + +echo '{"status": "success", "message": "Internal A Record successfully deleted."}' \ No newline at end of file diff --git a/vm_automation/ubuntu/plans/create_vm.yaml b/vm_automation/ubuntu/plans/create_vm.yaml index e5ef2c9..9ac80ab 100644 --- a/vm_automation/ubuntu/plans/create_vm.yaml +++ b/vm_automation/ubuntu/plans/create_vm.yaml @@ -186,6 +186,18 @@ steps: task: common::add_dns_a_record targets: localhost parameters: + network: $network + add_a_record_bool: $add_a_record_bool + ip_with_cidr: $ip_with_cidr + dns_hostname: $dns_hostname + dns_ttl: $dns_ttl + + - name: add_dns_a_record_internal + description: Add an Internal DNS A record for the VM + task: common::add_dns_a_record_internal + targets: localhost + parameters: + network: $network add_a_record_bool: $add_a_record_bool ip_with_cidr: $ip_with_cidr dns_hostname: $dns_hostname diff --git a/vm_automation/ubuntu/tasks/validate_vm_parameters.json b/vm_automation/ubuntu/tasks/validate_vm_parameters.json index b04d177..7274ae9 100644 --- a/vm_automation/ubuntu/tasks/validate_vm_parameters.json +++ b/vm_automation/ubuntu/tasks/validate_vm_parameters.json @@ -15,7 +15,7 @@ "type": "String" }, "network": { - "description": "Network to connect the VM to (wan-verizon or moeny-internal)", + "description": "Network to connect the VM to (wan-verizon or internal-moeny)", "type": "String" }, "ip_with_cidr": { diff --git a/vm_automation/ubuntu/tasks/validate_vm_parameters.sh b/vm_automation/ubuntu/tasks/validate_vm_parameters.sh index 0bdeaf0..d230819 100755 --- a/vm_automation/ubuntu/tasks/validate_vm_parameters.sh +++ b/vm_automation/ubuntu/tasks/validate_vm_parameters.sh @@ -80,15 +80,15 @@ validate_network_relationships() { if [[ "$staging_ip" != "public" ]]; then output_warning "wan-verizon network typically uses 'public' for staging_ip, but got '${staging_ip}'" fi - elif [[ "$network" == "moeny-internal" ]]; then + elif [[ "$network" == "internal-moeny" ]]; then if [[ ! "$ip_network" =~ ^10\.44\.0$ ]]; then - output_warning "moeny-internal network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}" + output_warning "internal-moeny network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}" fi if [[ "$gateway_ip" != "10.44.0.1" ]]; then - output_warning "moeny-internal network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}" + output_warning "internal-moeny network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}" fi if [[ "$staging_ip" != "internal" ]]; then - output_warning "moeny-internal network typically uses 'internal' for staging_ip, but got '${staging_ip}'" + output_warning "internal-moeny network typically uses 'internal' for staging_ip, but got '${staging_ip}'" fi fi } @@ -113,8 +113,8 @@ validate_hostname() { # Function to validate network validate_network() { local network=$1 - if [[ "$network" != "wan-verizon" && "$network" != "moeny-internal" ]]; then - output_status "error" "Invalid network '$network'. Must be either wan-verizon or moeny-internal" + if [[ "$network" != "wan-verizon" && "$network" != "internal-moeny" ]]; then + output_status "error" "Invalid network '$network'. Must be either wan-verizon or internal-moeny" fi }