Install dnscontrol and API credentials on DNS management server

diff --git a/cookbooks/dns/recipes/default.rb b/cookbooks/dns/recipes/default.rb
index 1896e99b82e99d0049e2ad6d8a2384f2111f222a..ac404488bebe54598dcc429e6cabdc7f5cf1049f 100644 (file)
--- a/cookbooks/dns/recipes/default.rb
+++ b/cookbooks/dns/recipes/default.rb
@@ -36,6 +36,14 @@ package %w[
   libjson-xs-perl
 ]
 
+remote_file "/usr/local/bin/dnscontrol" do
+  action :create
+  source "https://github.com/StackExchange/dnscontrol/releases/download/v2.10.0/dnscontrol-Linux"
+  owner "root"
+  group "root"
+  mode 0o755
+end
+
 directory "/srv/dns.openstreetmap.org" do
   owner "root"
   group "root"
@@ -109,6 +117,14 @@ directory "/var/lib/dns" do
   notifies :run, "execute[dns-update]"
 end
 
+template "/var/lib/dns/creds.json" do
+  source "creds.json.erb"
+  owner "git"
+  group "git"
+  mode 0o440
+  variables :passwords => passwords
+end
+
 cookbook_file "#{node[:dns][:repository]}/hooks/post-receive" do
   source "post-receive"
   owner "git"

diff --git a/cookbooks/dns/templates/default/creds.json.erb b/cookbooks/dns/templates/default/creds.json.erb
new file mode 100644 (file)
index 0000000..980c0fb
--- /dev/null
+++ b/cookbooks/dns/templates/default/creds.json.erb
@@ -0,0 +1,11 @@
+{
+  "gandi_v5": {
+    "apikey": "<%= @passwords["gandi"] %>",
+    "sharing_id": "7028b616-ba65-11e7-8343-00163ec31f40"
+  },
+  "cloudflare": {
+    "accountid": "049c95aba02c95fc1e78a9d255282e0f",
+    "accountname": "OpenStreetMap",
+    "apitoken": "<%= @passwords["cloudflare"] %>"
+  }
+}