Add docker image transfer in reverseproxy role and fix dns transfer list

9 files changed, 70 insertions, 1 deletions

diff --git a/.gitignore b/.gitignore
index ff7a031..40b8a00 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,7 @@ roles/mtaserver/files/virtual
 roles/mtaserver/files/credentials
 roles/mtaserver/files/keys
 roles/reverseproxy/vars/email.yml
+roles/reverseproxy/files/images-docker
 roles/clients/files/credentials
 roles/proxy/vars/email.yml
 roles/proxy/files/certs
diff --git a/host_vars/192.168.0.25 b/host_vars/192.168.0.25
index e1d1bf0..ae366e1 100644
--- a/host_vars/192.168.0.25
+++ b/host_vars/192.168.0.25
@@ -5,6 +5,10 @@ mtadomain:
   - jaysfoodventure.com
 # dnsserver
 dnsslavelist:
+  - 178.170.58.2
+  - "2a00:c70:1:178:170:58:2:b50d"
+  - 109.238.2.40
+  - "2a00:c70:1:109:238:2:40:bad"
   - 51.15.179.153
   - "2001:bc8:3fec:f00:7ea::"
   - 163.172.211.128
diff --git a/host_vars/d72vewh3wa4lwpaj.onion b/host_vars/d72vewh3wa4lwpaj.onion
index e1d1bf0..ae366e1 100644
--- a/host_vars/d72vewh3wa4lwpaj.onion
+++ b/host_vars/d72vewh3wa4lwpaj.onion
@@ -5,6 +5,10 @@ mtadomain:
   - jaysfoodventure.com
 # dnsserver
 dnsslavelist:
+  - 178.170.58.2
+  - "2a00:c70:1:178:170:58:2:b50d"
+  - 109.238.2.40
+  - "2a00:c70:1:109:238:2:40:bad"
   - 51.15.179.153
   - "2001:bc8:3fec:f00:7ea::"
   - 163.172.211.128
diff --git a/host_vars/manchester.casperlefantom.net b/host_vars/manchester.casperlefantom.net
index e1d1bf0..ae366e1 100644
--- a/host_vars/manchester.casperlefantom.net
+++ b/host_vars/manchester.casperlefantom.net
@@ -5,6 +5,10 @@ mtadomain:
   - jaysfoodventure.com
 # dnsserver
 dnsslavelist:
+  - 178.170.58.2
+  - "2a00:c70:1:178:170:58:2:b50d"
+  - 109.238.2.40
+  - "2a00:c70:1:109:238:2:40:bad"
   - 51.15.179.153
   - "2001:bc8:3fec:f00:7ea::"
   - 163.172.211.128
diff --git a/host_vars/manchester.home.casperlefantom.net b/host_vars/manchester.home.casperlefantom.net
index e1d1bf0..ae366e1 100644
--- a/host_vars/manchester.home.casperlefantom.net
+++ b/host_vars/manchester.home.casperlefantom.net
@@ -5,6 +5,10 @@ mtadomain:
   - jaysfoodventure.com
 # dnsserver
 dnsslavelist:
+  - 178.170.58.2
+  - "2a00:c70:1:178:170:58:2:b50d"
+  - 109.238.2.40
+  - "2a00:c70:1:109:238:2:40:bad"
   - 51.15.179.153
   - "2001:bc8:3fec:f00:7ea::"
   - 163.172.211.128
diff --git a/roles/common/tasks/deps.yml b/roles/common/tasks/deps.yml
index bf444a3..5c08574 100644
--- a/roles/common/tasks/deps.yml
+++ b/roles/common/tasks/deps.yml
@@ -21,3 +21,15 @@
   package:
     name: libselinux-python
     state: present
+
+- name: Installation du module docker pour python2
+  package:
+    name: docker-python
+    state: present
+  when: ansible_distribution == "CentOS"
+
+- name: Installation du module docker pour python3
+  package:
+    name: python3-docker
+    state: present
+  when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 28
diff --git a/roles/dnsserver/files/casperlefantom.net.zone b/roles/dnsserver/files/casperlefantom.net.zone
index afea740..5ef3736 100644
--- a/roles/dnsserver/files/casperlefantom.net.zone
+++ b/roles/dnsserver/files/casperlefantom.net.zone
@@ -1,6 +1,6 @@
 $ttl 86400
 casperlefantom.net. IN SOA nsa.casperlefantom.net. hostmaster.casperlefantom.net. (
-2018122902  ; serial number
+2018123002  ; serial number
 10800  ; refresh
 3600  ; retry
 1209600  ; expire
@@ -119,7 +119,11 @@ voip IN A 82.247.103.117
 voip IN AAAA 2a01:e35:2f76:7750::4
 
 dl IN A 51.15.179.153
+dl IN A 178.170.58.2
+dl IN A 109.238.2.40
 dl IN AAAA 2001:bc8:3fec:f00:7ea::
+dl IN AAAA 2a00:c70:1:178:170:58:2:b50d
+dl IN AAAA 2a00:c70:1:109:238:2:40:bad
 dl IN TXT "mwyjtiphky5em4yp.onion"
 
 
@@ -135,7 +139,11 @@ conference IN A 82.247.103.117
 conference IN AAAA 2a01:e35:2f76:7750::4
 
 search IN A 51.15.179.153
+search IN A 178.170.58.2
+search IN A 109.238.2.40
 search IN AAAA 2001:bc8:3fec:f00:7ea::
+search IN AAAA 2a00:c70:1:178:170:58:2:b50d
+search IN AAAA 2a00:c70:1:109:238:2:40:bad
 search IN TXT "nrybuqtxgxnavtla.onion"
 
 
@@ -160,7 +168,11 @@ bank IN A 82.247.103.117
 bank IN AAAA 2a01:e35:2f76:7750::4
 
 blog IN A 51.15.179.153
+blog IN A 178.170.58.2
+blog IN A 109.238.2.40
 blog IN AAAA 2001:bc8:3fec:f00:7ea::
+blog IN AAAA 2a00:c70:1:178:170:58:2:b50d
+blog IN AAAA 2a00:c70:1:109:238:2:40:bad
 
 
 frhb11858flex IN A 178.170.58.2
@@ -216,7 +228,11 @@ vpna IN AAAA 2001:bc8:3fec:f00:7ea::
 
 
 cirrus IN A 51.15.179.153
+cirrus IN A 178.170.58.2
+cirrus IN A 109.238.2.40
 cirrus IN AAAA 2001:bc8:3fec:f00:7ea::
+cirrus IN AAAA 2a00:c70:1:178:170:58:2:b50d
+cirrus IN AAAA 2a00:c70:1:109:238:2:40:bad
 cirrus IN TXT "w77rtjmn4c4oggn6.onion"
 
 nimbus IN A 51.15.179.153
diff --git a/roles/reverseproxy/tasks/config.yml b/roles/reverseproxy/tasks/config.yml
index a6ecfec..9e1cd48 100644
--- a/roles/reverseproxy/tasks/config.yml
+++ b/roles/reverseproxy/tasks/config.yml
@@ -17,6 +17,9 @@
     dest: /usr/local/bin/containercleaning
     mode: 0755
 
+# Be careful to don't block Let's Encrypt
+# You must check each entry in this file in your DNS zone
+# Before you run the playbook
 - name: Configuration du reverse proxy
   template:
     src: Caddyfile.j2
@@ -24,3 +27,18 @@
     owner: root
     group: root
     mode: 0644
+
+- name: Transfert de l'image docker de Caddy
+  copy:
+    src: images-docker/docker.io_abiosoft_caddy_latest.tar
+    dest: /contener/images-docker
+    mode: 0600
+  register: filematch
+
+- name: Import de l'image docker
+  docker_image:
+    name: docker.io/abiosoft/caddy
+    tag: latest
+    load_path: /contener/images-docker/docker.io_abiosoft_caddy_latest.tar
+    state: present
+  when: filematch is changed
diff --git a/roles/reverseproxy/tasks/dirs.yml b/roles/reverseproxy/tasks/dirs.yml
index 39f4789..ea28a0c 100644
--- a/roles/reverseproxy/tasks/dirs.yml
+++ b/roles/reverseproxy/tasks/dirs.yml
@@ -1,3 +1,9 @@
+- name: Création du répertoire de stockage
+  file:
+    path: /contener/images-docker
+    state: directory
+    mode: 0755
+
 - name: Création du répertoire racine
   file:
     path: /contener/caddy-reverse-proxy