fix: onboot installation reference breaks - fixxes #5 (#7)

fix(installation): onboot installation reference breaks - fixxes #5 feat(scripts): adding cloudflare-ddns podman script and templated configuration
unifi-utilities · Dec 22, 2021 · d1ad89e · d1ad89e
1 parent 924a8cd
commit d1ad89e
Show file tree

Hide file tree

Showing 4 changed files with 52 additions and 2 deletions.
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -5,11 +5,12 @@ frr_enabled: no
 rsyncd_enabled: no
 openvpn_enabled: no
 zerotier_enabled: no
+cloudflare_enabled: no
 
 unifi_certificate_path: "{{ unifi_mount_path }}/unifi-os/unifi-core/config"
 unifi_os_certificate_path: "{{ unifi_os_mount_path }}/unifi-core/config"
 
 java_certificate_import: "java -jar /usr/lib/unifi/lib/ace.jar import_key_cert"
 
-udm_onboot_version: 1.0.4
+udm_onboot_version: 1.0.5
 udm_onboot_download_uri: "https://github.com/boostchicken/udm-utilities/releases/download/{{ udm_onboot_version }}/udm-boot_{{ udm_onboot_version }}_all.deb"
diff --git a/files/10-onboot-cloudflare-ddns.sh b/files/10-onboot-cloudflare-ddns.sh
@@ -0,0 +1,15 @@
+#!/bin/sh
+CONTAINER=cloudflare-ddns
+
+# Starts a cloudflare ddns container that is deleted after it is stopped.
+# All configs stored in /mnt/data/cloudflare-ddns
+if podman container exists "$CONTAINER"; then
+  podman start "$CONTAINER"
+else
+  podman run -i -d --rm \
+    --net=host \
+    --name "$CONTAINER" \
+    --security-opt=no-new-privileges \
+    -v /mnt/data/cloudflare-ddns/config.json:/config.json \
+    timothyjmiller/cloudflare-ddns:latest
+fi
diff --git a/tasks/onboot.yml b/tasks/onboot.yml
@@ -8,7 +8,7 @@
   when: onboot_version is not defined or ( onboot_version.stdout is defined and onboot_version.stdout != udm_onboot_version )
   block:
     - name: onboot - download package
-      raw: curl -L "{{ unifi_onboot_download_uri }}" -o "{{ unifi_mount_path }}/unifi-os/udm-boot-{{ udm_onboot_version }}.deb"
+      raw: curl -L "{{ udm_onboot_download_uri }}" -o "{{ unifi_mount_path }}/unifi-os/udm-boot-{{ udm_onboot_version }}.deb"
     - name: onboot - install package
       raw: "{{ unifi_os_cmd }} dpkg -i {{ unifi_os_mount_path }}/udm-boot-{{ udm_onboot_version }}.deb"
 
@@ -26,10 +26,20 @@
     - { file: "files/10-onboot-nodeexporter.sh", enabled: "{{ nodeexporter_enabled | bool }}" }
     - { file: "files/10-onboot-openvpn.sh", enabled: "{{ openvpn_enabled | bool }}"  }
     - { file: "files/10-onboot-zerotier.sh", enabled: "{{ zerotier_enabled | bool }}" }
+    - { file: "files/10-onboot-cloudflare-ddns.sh", enabled: "{{ cloudflare_enabled | bool }}" }
   shell:
     cmd: "[ '{{ item.enabled }}' = 'True' ] \
             && scp {{ role_path }}/{{ item.file }} {{ inventory_hostname }}:{{ unifi_onboot_directory }}/ \
             || echo 'item disabled: {{ item.file }}'"
 
 - name: onboot - enable executable flag on configurations
   raw: chmod +x {{ unifi_onboot_directory }}/*.sh
+
+- name: deploy cloudflare configuration
+  when: cloudflare_enabled
+  tags:
+    - cloudflare
+  template:
+    src: cloudflare_config.json.j2
+    dest: /mnt/data/cloudflare-ddns/config.json
+    mode: 0644
diff --git a/templates/cloudflare_config.json.j2 b/templates/cloudflare_config.json.j2
@@ -0,0 +1,24 @@
+
+
+{
+  "cloudflare": [
+    {
+      "authentication": {
+          "api_token": "{{ cloudflare_api_token | default('') }}",
+          "api_key": {
+              "api_key": "{{ cloudflare_api_key | default('') }}",
+              "account_email": "{{ cloudflare_account_email | default('') }}"
+	        }
+      },
+      "zone_id": "{{ cloudflare_zone_id }}",
+      "subdomains": [
+        {{ cloudflare_subdomains }}
+      ],
+      "proxied": false,
+      "ttl": 120
+    }
+  ],
+  "a": true,
+  "aaaa": false,
+  "purgeUnknownRecords": false
+}