From 912cff7f5a47c51a1896a03a0053239727045868 Mon Sep 17 00:00:00 2001
From: Julian Labus <julian@labus-online.de>
Date: Wed, 22 May 2019 10:10:45 +0200
Subject: [PATCH] Playbooks: move vars from dns.yml to host_vars

---
 .../host_vars/kichererbse.freifunk-mwu.de     |  61 +++++++++
 inventory/host_vars/linse.freifunk-mwu.de     |  60 +++++++++
 playbooks/dns.yml                             | 123 ------------------
 3 files changed, 121 insertions(+), 123 deletions(-)

diff --git a/inventory/host_vars/kichererbse.freifunk-mwu.de b/inventory/host_vars/kichererbse.freifunk-mwu.de
index a57630a..004d452 100644
--- a/inventory/host_vars/kichererbse.freifunk-mwu.de
+++ b/inventory/host_vars/kichererbse.freifunk-mwu.de
@@ -6,3 +6,64 @@ magic: 67
 nodejs_major_version: "10"
 
 http_dns_prefix: "dns-int"
+
+mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
+mysql_databases:
+  - name: "pdns-admin"
+    encoding: "utf8"
+    collation: "utf8_general_ci"
+mysql_users:
+  - name: "pdns-admin"
+    host: "localhost"
+    password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
+    priv: "pdns-admin.*:ALL"
+mysql_max_binlog_size: "100M"
+mysql_expire_logs_days: "10"
+mysql_bind_address: "127.0.0.1"
+
+pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
+
+pdns_mysql_databases_credentials:
+  gmysql:
+    priv_user: root
+    priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
+    priv_host:
+      - "localhost"
+
+pdns_config:
+  allow-axfr-ips: "{% for host in groups['gateways'] %}{{ loopback_net_ipv4 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }},{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
+  api: "yes"
+  api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}"
+  default-soa-name: "{{ inventory_hostname }}"
+  default-soa-mail: "admin.freifunk-mwu.de"
+  local-port: "53"
+  local-address: "127.0.0.1,{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }}"
+  local-ipv6: "::1,{{ loopback_net_ipv6 | ipaddr(magic) | ipaddr('address') }}"
+  master: True
+  only-notify: "{% for prefix in internal_prefixes %}{{ prefix.ipv4 }},{{ prefix.ipv6 }}{% if not loop.last %},{% endif %}{% endfor %}"
+  tcp-fast-open: "50"
+  version-string: "anonymous"
+  webserver: "yes"
+  webserver-address: "127.0.0.1"
+  webserver-allow-from: "0.0.0.0/0,::/0"
+  webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}"
+
+pdns_backends:
+  gmysql:
+    host: "127.0.0.1"
+    user: "powerdns"
+    password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}"
+    dbname: "powerdns"
+
+pdns_admin_global_config:
+  secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}"
+  login_title: "Freifunk MWU DNS Management"
+  log_level: "INFO"
+  log_file: "pdns-admin.log"
+
+pdns_admin_database_config:
+  sqla_db_user: "pdns-admin"
+  sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
+  sqla_db_host: "127.0.0.1"
+  sqla_db_name: "pdns-admin"
+  sqlalchemy_track_modifications: True
diff --git a/inventory/host_vars/linse.freifunk-mwu.de b/inventory/host_vars/linse.freifunk-mwu.de
index 5d890f4..a3bc5f4 100644
--- a/inventory/host_vars/linse.freifunk-mwu.de
+++ b/inventory/host_vars/linse.freifunk-mwu.de
@@ -6,3 +6,63 @@ magic: 71
 nodejs_major_version: "10"
 
 http_dns_prefix: "dns-ext"
+
+mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
+mysql_databases:
+  - name: "pdns-admin"
+    encoding: "utf8"
+    collation: "utf8_general_ci"
+mysql_users:
+  - name: "pdns-admin"
+    host: "localhost"
+    password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
+    priv: "pdns-admin.*:ALL"
+mysql_max_binlog_size: "100M"
+mysql_expire_logs_days: "10"
+mysql_bind_address: "127.0.0.1"
+
+pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
+
+pdns_mysql_databases_credentials:
+  gmysql:
+    priv_user: root
+    priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
+    priv_host:
+      - "localhost"
+
+pdns_config:
+  allow-axfr-ips: "{% for slave in dns_external.slaves %}{{ lookup('dig', slave, 'qtype=A') | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
+  api: "yes"
+  api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}"
+  default-soa-name: "{{ inventory_hostname }}"
+  default-soa-mail: "admin.freifunk-mwu.de"
+  local-port: "53"
+  local-address: "127.0.0.1,{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }},{{ ansible_default_ipv4.address | ipaddr('address') }}"
+  local-ipv6: "::1,{{ loopback_net_ipv6 | ipaddr(magic) | ipaddr('address') }},{{ ansible_default_ipv6.address | ipaddr('address') }}"
+  master: True
+  tcp-fast-open: "50"
+  version-string: "anonymous"
+  webserver: "yes"
+  webserver-address: "127.0.0.1"
+  webserver-allow-from: "0.0.0.0/0,::/0"
+  webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}"
+
+pdns_backends:
+  gmysql:
+    host: "127.0.0.1"
+    user: "powerdns"
+    password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}"
+    dbname: "powerdns"
+
+pdns_admin_global_config:
+  secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}"
+  login_title: "Freifunk MWU DNS Management"
+  log_level: "INFO"
+  log_file: "pdns-admin.log"
+
+pdns_admin_database_config:
+  sqla_db_user: "pdns-admin"
+  sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
+  sqla_db_host: "127.0.0.1"
+  sqla_db_name: "pdns-admin"
+  sqlalchemy_track_modifications: True
diff --git a/playbooks/dns.yml b/playbooks/dns.yml
index a074a00..15ad5d2 100755
--- a/playbooks/dns.yml
+++ b/playbooks/dns.yml
@@ -11,68 +11,6 @@
   - powerdns.pdns
   - pdns-admin
 
-  vars:
-    mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
-    mysql_databases:
-      - name: "pdns-admin"
-        encoding: "utf8"
-        collation: "utf8_general_ci"
-    mysql_users:
-      - name: "pdns-admin"
-        host: "localhost"
-        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
-        priv: "pdns-admin.*:ALL"
-    mysql_max_binlog_size: "100M"
-    mysql_expire_logs_days: "10"
-    mysql_bind_address: "127.0.0.1"
-
-    pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
-
-    pdns_mysql_databases_credentials:
-      gmysql:
-        priv_user: root
-        priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
-        priv_host:
-          - "localhost"
-
-    pdns_config:
-      allow-axfr-ips: "{% for host in groups['ffmwu-gateways'] %}{{ loopback_net_ipv4 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }},{{ loopback_net_ipv6 | ipaddr(hostvars[host]['magic']) | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
-      api: "yes"
-      api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}"
-      default-soa-name: "{{ inventory_hostname }}"
-      default-soa-mail: "admin.freifunk-mwu.de"
-      local-port: "53"
-      local-address: "127.0.0.1,{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }}"
-      local-ipv6: "::1,{{ loopback_net_ipv6 | ipaddr(magic) | ipaddr('address') }}"
-      master: True
-      only-notify: "{% for prefix in internal_prefixes %}{{ prefix.ipv4 }},{{ prefix.ipv6 }}{% if not loop.last %},{% endif %}{% endfor %}"
-      tcp-fast-open: "50"
-      version-string: "anonymous"
-      webserver: "yes"
-      webserver-address: "127.0.0.1"
-      webserver-allow-from: "0.0.0.0/0,::/0"
-      webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}"
-
-    pdns_backends:
-      gmysql:
-        host: "127.0.0.1"
-        user: "powerdns"
-        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}"
-        dbname: "powerdns"
-
-    pdns_admin_global_config:
-      secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}"
-      login_title: "Freifunk MWU DNS Management"
-      log_level: "INFO"
-      log_file: "pdns-admin.log"
-
-    pdns_admin_database_config:
-      sqla_db_user: "pdns-admin"
-      sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
-      sqla_db_host: "127.0.0.1"
-      sqla_db_name: "pdns-admin"
-      sqlalchemy_track_modifications: True
-
 - name: Manage DNS External Master Server.
   hosts: linse.freifunk-mwu.de
 
@@ -83,64 +21,3 @@
   - geerlingguy.mysql
   - powerdns.pdns
   - pdns-admin
-
-  vars:
-    mysql_root_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
-    mysql_databases:
-      - name: "pdns-admin"
-        encoding: "utf8"
-        collation: "utf8_general_ci"
-    mysql_users:
-      - name: "pdns-admin"
-        host: "localhost"
-        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
-        priv: "pdns-admin.*:ALL"
-    mysql_max_binlog_size: "100M"
-    mysql_expire_logs_days: "10"
-    mysql_bind_address: "127.0.0.1"
-
-    pdns_install_repo: "{{ pdns_auth_powerdns_repo_41 }}"
-
-    pdns_mysql_databases_credentials:
-      gmysql:
-        priv_user: root
-        priv_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_root subkey=secret') }}"
-        priv_host:
-          - "localhost"
-
-    pdns_config:
-      allow-axfr-ips: "{% for slave in dns_external.slaves %}{{ lookup('dig', slave, 'qtype=A') | ipaddr('address') }}{% if not loop.last %},{% endif %}{% endfor %}"
-      api: "yes"
-      api-key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_apikey') }}"
-      default-soa-name: "{{ inventory_hostname }}"
-      default-soa-mail: "admin.freifunk-mwu.de"
-      local-port: "53"
-      local-address: "127.0.0.1,{{ loopback_net_ipv4 | ipaddr(magic) | ipaddr('address') }},{{ ansible_default_ipv4.address | ipaddr('address') }}"
-      local-ipv6: "::1,{{ loopback_net_ipv6 | ipaddr(magic) | ipaddr('address') }},{{ ansible_default_ipv6.address | ipaddr('address') }}"
-      master: True
-      tcp-fast-open: "50"
-      version-string: "anonymous"
-      webserver: "yes"
-      webserver-address: "127.0.0.1"
-      webserver-allow-from: "0.0.0.0/0,::/0"
-      webserver-password: "{{ lookup('passwordstore', inventory_hostname_short + '/pdns_webserver') }}"
-
-    pdns_backends:
-      gmysql:
-        host: "127.0.0.1"
-        user: "powerdns"
-        password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_powerdns subkey=secret') }}"
-        dbname: "powerdns"
-
-    pdns_admin_global_config:
-      secret_key: "{{ lookup('passwordstore', inventory_hostname_short + '/pdnsadmin_secretkey') }}"
-      login_title: "Freifunk MWU DNS Management"
-      log_level: "INFO"
-      log_file: "pdns-admin.log"
-
-    pdns_admin_database_config:
-      sqla_db_user: "pdns-admin"
-      sqla_db_password: "{{ lookup('passwordstore', inventory_hostname_short + '/mysql_pdns-admin subkey=secret') }}"
-      sqla_db_host: "127.0.0.1"
-      sqla_db_name: "pdns-admin"
-      sqlalchemy_track_modifications: True