Add internal DNS operations

vm_automation/alpine/plans/create_vm.yaml

@@ -210,6 +210,18 @@ steps:
     task: common::add_dns_a_record
     targets: localhost
     parameters:
+      network: $network
+      add_a_record_bool: $add_a_record_bool
+      ip_with_cidr: $ip_with_cidr
+      dns_hostname: $dns_hostname
+      dns_ttl: $dns_ttl
+
+  - name: add_dns_a_record_internal
+    description: Add an Internal DNS A record for the VM
+    task: common::add_dns_a_record_internal
+    targets: localhost
+    parameters:
+      network: $network
       add_a_record_bool: $add_a_record_bool
       ip_with_cidr: $ip_with_cidr
       dns_hostname: $dns_hostname

vm_automation/alpine/tasks/validate_vm_parameters.json

@@ -15,7 +15,7 @@
       "type": "String"
     },
     "network": {
-      "description": "Network to connect the VM to (wan-verizon or moeny-internal)",
+      "description": "Network to connect the VM to (wan-verizon or internal-moeny)",
       "type": "String"
     },
     "ip_with_cidr": {

vm_automation/alpine/tasks/validate_vm_parameters.sh

@@ -82,12 +82,12 @@ validate_network_relationships() {
         if [[ "$gateway_ip" != "100.40.223.1" ]]; then
             output_warning "wan-verizon network typically uses 100.40.223.1 as gateway, but got ${gateway_ip}"
         fi
-    elif [[ "$network" == "moeny-internal" ]]; then
+    elif [[ "$network" == "internal-moeny" ]]; then
         if [[ ! "$ip_network" =~ ^10\.44\.0$ ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
+            output_warning "internal-moeny network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
         fi
         if [[ "$gateway_ip" != "10.44.0.1" ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
+            output_warning "internal-moeny network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
         fi
     fi
 }
@@ -112,8 +112,8 @@ validate_hostname() {
 # Function to validate network
 validate_network() {
     local network=$1
-    if [[ "$network" != "wan-verizon" && "$network" != "moeny-internal" ]]; then
+    if [[ "$network" != "wan-verizon" && "$network" != "internal-moeny" ]]; then
-        output_status "error" "Invalid network '$network'. Must be either wan-verizon or moeny-internal"
+        output_status "error" "Invalid network '$network'. Must be either wan-verizon or internal-moeny"
     fi
 }
 

vm_automation/common/tasks/add_dns_a_record.sh

@@ -2,14 +2,15 @@
 # This script adds a DNS A record to the DNS server zone file (common::add_dns_a_record)
 
 # Bolt environment variables
+NETWORK="${PT_network}"
 ADD_A_RECORD="${PT_add_a_record_bool}"
 IP="${PT_ip_with_cidr}"
 HOSTNAME="${PT_dns_hostname}"
 TTL="${PT_dns_ttl}"
 
-# Check if Docker installation is requested
+# Check if A record addition is requested
-if [ "$ADD_A_RECORD" != "true" ]; then
+if [ "$ADD_A_RECORD" != "true" ] || [ "$NETWORK" != "wan-verizon" ]; then
-    echo '{"status": "skipped", "message": "A Record addition not requested, skipping..."}'
+    echo '{"status": "skipped", "message": "Skipping public facing A Record - either not requested or not on wan-verizon network"}'
     exit 0
 fi
 

vm_automation/common/tasks/add_dns_a_record_internal.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+# This script adds an Internal DNS A record to the DNS server zone file (common::add_dns_a_record_internal)
+
+# Bolt environment variables
+NETWORK="${PT_network}"
+ADD_A_RECORD="${PT_add_a_record_bool}"
+IP="${PT_ip_with_cidr}"
+HOSTNAME="${PT_dns_hostname}"
+TTL="${PT_dns_ttl}"
+
+# Check if A record addition is requested
+if [ "$ADD_A_RECORD" != "true" ] || [ "$NETWORK" != "internal-moeny" ]; then
+    echo '{"status": "skipped", "message": "Skipping internal A Record - either not requested or not on internal-moeny network"}'
+    exit 0
+fi
+
+# Check if required parameters are provided
+if [ -z "$IP" ] || [ -z "$HOSTNAME" ] || [ -z "$TTL" ]; then
+    echo '{"status": "failure", "message": "Error: Both ip_with_cidr, dns_hostname and ttl parameters must be provided"}'
+    exit 1
+fi
+
+# Create DNS A record
+IP_ADDRESS=$(echo ${IP} | cut -d'/' -f1)
+nsupdate -k "./keys/tsig-internal.key" << EOF
+server ns99.moeny.internal
+debug yes
+zone moeny.internal
+update add ${HOSTNAME}.moeny.internal ${TTL} A ${IP_ADDRESS}
+send
+EOF
+
+# Force zone file update on DNS server
+ssh moeny@ns99.moeny.internal "sudo rndc sync moeny.internal"
+
+echo '{"status": "success", "message": "Internal A Record successfully added."}'

vm_automation/common/tasks/delete_dns_a_record_internal.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+# This script deletes a DNS A record from the DNS server zone file (common::delete_dns_a_record_internal)
+# Bolt environment variables
+HOSTNAME="${PT_dns_hostname}"
+
+# Check if required parameters are provided
+if [ -z "$HOSTNAME" ]; then
+    echo '{"status": "failure", "message": "Error: dns_hostname parameter must be provided"}'
+    exit 1
+fi
+
+# Delete DNS A record
+nsupdate -k "./keys/tsig-internal.key" << EOF
+server ns99.moeny.internal
+debug yes
+zone moeny.internal
+update delete ${HOSTNAME}.moeny.internal A
+send
+EOF
+
+# Force zone file update on DNS server
+ssh moeny@ns99.moeny.internal "sudo rndc sync moeny.internal"
+
+echo '{"status": "success", "message": "Internal A Record successfully deleted."}'

vm_automation/ubuntu/plans/create_vm.yaml

@@ -186,6 +186,18 @@ steps:
     task: common::add_dns_a_record
     targets: localhost
     parameters:
+      network: $network
+      add_a_record_bool: $add_a_record_bool
+      ip_with_cidr: $ip_with_cidr
+      dns_hostname: $dns_hostname
+      dns_ttl: $dns_ttl
+
+  - name: add_dns_a_record_internal
+    description: Add an Internal DNS A record for the VM
+    task: common::add_dns_a_record_internal
+    targets: localhost
+    parameters:
+      network: $network
       add_a_record_bool: $add_a_record_bool
       ip_with_cidr: $ip_with_cidr
       dns_hostname: $dns_hostname

vm_automation/ubuntu/tasks/validate_vm_parameters.json

@@ -15,7 +15,7 @@
       "type": "String"
     },
     "network": {
-      "description": "Network to connect the VM to (wan-verizon or moeny-internal)",
+      "description": "Network to connect the VM to (wan-verizon or internal-moeny)",
       "type": "String"
     },
     "ip_with_cidr": {

vm_automation/ubuntu/tasks/validate_vm_parameters.sh

@@ -80,15 +80,15 @@ validate_network_relationships() {
         if [[ "$staging_ip" != "public" ]]; then
             output_warning "wan-verizon network typically uses 'public' for staging_ip, but got '${staging_ip}'"
         fi
-    elif [[ "$network" == "moeny-internal" ]]; then
+    elif [[ "$network" == "internal-moeny" ]]; then
         if [[ ! "$ip_network" =~ ^10\.44\.0$ ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
+            output_warning "internal-moeny network typically uses 10.44.0.0/24 range, but got ${ip_network}.0/${cidr}"
         fi
         if [[ "$gateway_ip" != "10.44.0.1" ]]; then
-            output_warning "moeny-internal network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
+            output_warning "internal-moeny network typically uses 10.44.0.1 as gateway, but got ${gateway_ip}"
         fi
         if [[ "$staging_ip" != "internal" ]]; then
-            output_warning "moeny-internal network typically uses 'internal' for staging_ip, but got '${staging_ip}'"
+            output_warning "internal-moeny network typically uses 'internal' for staging_ip, but got '${staging_ip}'"
         fi
     fi
 }
@@ -113,8 +113,8 @@ validate_hostname() {
 # Function to validate network
 validate_network() {
     local network=$1
-    if [[ "$network" != "wan-verizon" && "$network" != "moeny-internal" ]]; then
+    if [[ "$network" != "wan-verizon" && "$network" != "internal-moeny" ]]; then
-        output_status "error" "Invalid network '$network'. Must be either wan-verizon or moeny-internal"
+        output_status "error" "Invalid network '$network'. Must be either wan-verizon or internal-moeny"
     fi
 }