Initial commit with previous code

defaults/main.yml

@@ -0,0 +1,13 @@
+---
+ovh_application_key: "{{ vault_ovh_api_key }}"
+ovh_application_secret: "{{ vault_ovh_api_secret }}"
+ovh_consumer_key: '{{ vault_ovh_consumer_key }}'
+ovh_endpoint: 'ovh-eu'
+ovh_backup_user: ovh_dns_backup
+ovh_backup_user_home: /var/lib/ovh_dns_backup
+records:
+- domain: example.com
+  name: 'www'
+  record_ttl: 0
+  record_type: A
+  value: 1.2.3.4

files/backup_ovh.timer

@@ -0,0 +1,10 @@
+[Unit]
+Description=Backup OVH DNS
+
+[Timer]
+OnBootSec=15min
+OnUnitActiveSec=1d
+Unit=backup_ovh.service
+
+[Install]
+WantedBy=timers.target

files/backup_ovh_dns.py

@@ -0,0 +1,55 @@
+import sys
+import time
+import socket
+from dataclasses import fields
+import ovh
+import yaml
+import json
+import click
+import click_config_file
+
+@click.command()
+@click.option("--application-key", "-a", required=True, help='Your OVH application key.')
+@click.option("--application-secret", "-s", required=True, help='Your OVH application secret. Use better a configuration file.')
+@click.option("--consumer-key", "-c", required=True, help='Your OVH consumer key.')
+@click.option("--endpoint", "-e", default='ovh-eu', help='OVH endpoint to use.', type=click.Choice(
+        ['ovh-eu', 'ovh-us', 'ovh-ca', 'soyoustart-eu', 'soyoustart-ca', 'kimsufi-eu', 'kimsufi-ca'],
+        case_sensitive=True,
+    ))
+@click.option("--format", "-f", default='bind', help='Format to show the information', type=click.Choice(
+        ['json', 'yaml', 'bind'],
+        case_sensitive=True,
+    ))
+@click.option('--output-file', '-o', type=click.File('wb'), default=sys.stdout)
+@click_config_file.configuration_option()
+def main(application_key, application_secret, consumer_key, endpoint, format, output_file):
+    client = ovh.Client(config_file=None, endpoint=endpoint, application_key=application_key, application_secret=application_secret, consumer_key=consumer_key)
+    dns_config = {
+        "records":[],
+        "timestamp": time.time(),
+        "endpoint": endpoint,
+        "hostname": socket.gethostname(),
+    }
+    for zone in client.get('/domain'):
+        if format == 'bind':
+            zone_raw = client.get(f"/domain/zone/{zone}/export")
+            output_file.write(f"Zone '{zone}':\n{zone_raw}\n".encode())
+        else:
+            for record in client.get(f"/domain/zone/{zone}/record"):
+                record_dict = client.get(f"/domain/zone/{zone}/record/{record}")
+                field_type = record_dict['fieldType'].lower()
+                my_record_dict = {
+                    "name": record_dict['subDomain'],
+                    "value": record_dict['target'],
+                    "record_ttl": record_dict['ttl'],
+                    "domain": zone,
+                    "record_type": record_dict['fieldType'],
+                    }
+                dns_config['records'].append(my_record_dict)
+    if format == 'yaml':
+        output_file.write(yaml.dump(dns_config).encode())
+    elif format == 'json':
+        output_file.write(json.dumps(dns_config, indent=2).encode())
+
+if __name__ == '__main__':
+    main()

handlers/main.yml

@@ -0,0 +1,3 @@
+---
+- name: Reload Systemd daemon
+  shell: systemctl daemon-reload

tasks/configure.yml

@@ -0,0 +1,90 @@
+---
+- name: Deploy OVH configuration files
+  template:
+    src: templates/ovh.conf.j2
+    dest: "{{ ovh_backup_user_home }}/ovh.conf"
+    mode: 0640
+    owner: "{{ ovh_backup_user }}"
+    backup: yes
+
+- name: Enable OVH DNS backups systemd units
+  systemd:
+    name: backup_ovh.timer
+    enabled: yes
+    state: started
+
+# - name: Add A records to DNS
+#   synthesio.ovh.domain:
+#     name: "{{ item.name}}"
+#     endpoint: "{{ ovh_endpoint }}"
+#     application_key: "{{ ovh_application_key }}"
+#     application_secret: "{{ ovh_application_secret }}"
+#     consumer_key: "{{ ovh_consumer_key }}"
+#     domain: "{{ item.domain }}"
+#     value: "{{ item.value }}"
+#     record_type: A
+#   with_items: "{{ a_records }}"
+
+# - name: Add AAAA records to DNS
+#   synthesio.ovh.domain:
+#     name: "{{ item.name}}"
+#     endpoint: "{{ ovh_endpoint }}"
+#     application_key: "{{ ovh_application_key }}"
+#     application_secret: "{{ ovh_application_secret }}"
+#     consumer_key: "{{ ovh_consumer_key }}"
+#     domain: "{{ item.domain }}"
+#     value: "{{ item.value }}"
+#     record_type: AAAA
+#   with_items: "{{ aaaa_records }}"
+
+# - name: Add CNAME records to DNS
+#   synthesio.ovh.domain:
+#     name: "{{ item.name}}"
+#     endpoint: "{{ ovh_endpoint }}"
+#     application_key: "{{ ovh_application_key }}"
+#     application_secret: "{{ ovh_application_secret }}"
+#     consumer_key: "{{ ovh_consumer_key }}"
+#     domain: "{{ item.domain }}"
+#     value: "{{ item.value }}"
+#     record_type: CNAME
+#   with_items: "{{ cname_records }}"
+
+# - name: Add MX records to DNS
+#   synthesio.ovh.domain:
+#     name: "{{ item.name}}"
+#     endpoint: "{{ ovh_endpoint }}"
+#     application_key: "{{ ovh_application_key }}"
+#     application_secret: "{{ ovh_application_secret }}"
+#     consumer_key: "{{ ovh_consumer_key }}"
+#     domain: "{{ item.domain }}"
+#     value: "{{ item.value }}"
+#     record_type: MX
+#   with_items: "{{ mx_records }}"
+
+# - name: Add TXT records to DNS
+#   synthesio.ovh.domain:
+#     name: "{{ item.name}}"
+#     endpoint: "{{ ovh_endpoint }}"
+#     application_key: "{{ ovh_application_key }}"
+#     application_secret: "{{ ovh_application_secret }}"
+#     consumer_key: "{{ ovh_consumer_key }}"
+#     domain: "{{ item.domain }}"
+#     value: "{{ item.value }}"
+#     record_type: TXT
+#   with_items: "{{ txt_records }}"
+
+- name: Add other records to DNS
+  synthesio.ovh.domain:
+    name: "{{ item.name}}"
+    endpoint: "{{ ovh_endpoint }}"
+    application_key: "{{ ovh_application_key }}"
+    application_secret: "{{ ovh_application_secret }}"
+    consumer_key: "{{ ovh_consumer_key }}"
+    domain: "{{ item.domain }}"
+    value: "{{ item.value }}"
+    record_type: "{{ item.record_type }}"
+    record_ttl: "{{ item.record_ttl }}"
+    state: "{{ item.state |default('present') }}"
+    append: true
+  loop: "{{ records }}"
+#  when: item['domain'] == "susurrando.com" and "adpvm" in item['value']

tasks/install.yml

@@ -0,0 +1,29 @@
+---
+- name: Create local user to backup OVH DNS
+  user:
+    name: "{{ ovh_backup_user }}"
+    home: "{{ ovh_backup_user_home }}"
+    shell: /dev/null
+
+- name: Deploy backup script
+  copy:
+    src: files/backup_ovh_dns.py
+    dest: /usr/local/bin/backup_ovh_dns.py
+    mode: 0755
+    backup: yes
+
+- name: Deploy backup script timer unit
+  copy:
+    src: files/backup_ovh.timer
+    dest: /etc/systemd/system/backup_ovh.timer
+    mode: 0644
+    backup: yes
+  notify: Reload Systemd daemon
+
+- name: Deploy backup script service unit
+  template:
+    src: templates/backup_ovh.service.j2
+    dest: /etc/systemd/system/backup_ovh.service
+    mode: 0644
+    backup: yes
+  notify: Reload Systemd daemon

tasks/main.yml

@@ -0,0 +1,5 @@
+---
+- name: Ensure installation of scripts
+  include_tasks: install.yml
+- name: Ensure configuration of OVH DNS management
+  include_tasks: configure.yml

templates/backup_ovh.service.j2

@@ -0,0 +1,7 @@
+[Service]
+Type=simple
+User={{ ovh_backup_user }}
+ExecStart=/usr/bin/env python3 /usr/local/bin/backup_ovh_dns.py --config "{{ ovh_backup_user_home }}/ovh.conf"
+
+[Unit]
+OnFailure=status_email_antoniodelgado@%n.service

templates/ovh.conf.j2

@@ -0,0 +1,5 @@
+endpoint="{{ ovh_endpoint }}"
+application_key="{{ ovh_application_key }}"
+application_secret="{{ ovh_application_secret }}"
+consumer_key="{{ ovh_consumer_key }}"
+output_file="{{ ovh_backups_file }}"