fix dns-update service

4f5d5911 · Philipp Rothmann · a75493ee · 4f5d5911 · 4f5d5911 · 4f5d5911
Commit 4f5d5911 authored 3 years ago by Philipp Rothmann
--- a/roles/base/files/etc/systemd/system/update-ffhl-dns.service
+++ b/roles/base/files/etc/systemd/system/update-ffhl-dns.service
 [Service]
 Type=oneshot
-WorkingDirectory=/var/local/ffhl-dns
-ExecStart=/usr/bin/git pull
+ExecStart=/usr/local/lib/ffhl/update-dns.sh
\ No newline at end of file
--- a/roles/base/files/scripts/update-dns.sh
+++ b/roles/base/files/scripts/update-dns.sh
+#!/bin/bash
+set -e
+
+DIR=$(mktemp -d)
+DEST=/var/lib/powerdns/zones
+REPO=https://git.luebeck.freifunk.net/FreifunkLuebeck/ffhl-dns.git
+
+mkdir -p "$DEST"
+git clone "$REPO" "$DIR"
+git --git-dir="$DIR/.git" --work-tree="$DEST" reset --hard
+
+rm -rf $DIR
+
+pdns_control reload
\ No newline at end of file
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
 ---
-
 - name: copy base configs
  tags: [base, etc, apt, powerdns]
-  copy: src=etc/ dest=/etc
+  copy:
+    src: etc/
+    dest: /etc
+
+- name: copy scripts
+  tags: [base, powerdns]
+  copy:
+    src: scripts/
+    dest: /usr/local/lib/ffhl/
+    mode: a+x

 - name: install packages
  include: software.yml
@@ -26,7 +34,6 @@
    apply:
      tags: [base]

-
 - name: Disable root login with password
  tags: [base]
  lineinfile: dest=/etc/ssh/sshd_config regexp="^#?PermitRootLogin" line="PermitRootLogin without-password"
@@ -34,7 +41,6 @@
 - name: reload sysctl
  command: sysctl -p --system

-
 - name: add freifunk routing table
  tags: [network]
  lineinfile:
@@ -45,8 +51,6 @@
  copy: src=host/{{ inventory_hostname }}/etc/ dest=/etc
  tags: [bird]

-
-
 - name: networkd templates
  tags: [systemd-networkd]
  block:
@@ -59,7 +63,6 @@
        state: restarted
        name: systemd-networkd

-
 - name: template iptables
  tags: [iptables, network]
  block:
@@ -70,7 +73,6 @@
        state: restarted
        name: netfilter-persistent.service

-
 # sometimes disabled (dunno why)
 - name: enable systemd-networkd
  tags: [network]
@@ -78,7 +80,6 @@
    enabled: yes
    name: systemd-networkd

-
 - name: mesh-vpn
  tags: [fastd, mesh-vpn]
  include: mesh-vpn.yml
@@ -87,13 +88,11 @@
  tags: [gwvpn, fastd]
  include: gwvpn.yml

-
 - name: reload systemd
  systemd:
    daemon_reload: yes


-
 - include: radvd.yml
  tags: [network, radvd]
 - include: dhcpd.yml
@@ -101,7 +100,6 @@
 - include: powerdns.yml
  tags: [powerdns, network]

-
 - include: bird.yml
  tags: [bird]