Add cloudflare support'

Makefile

@@ -19,6 +19,7 @@ bootstrap:
 		export SP_STATE=present && \
 		python3 -m ansible playbook ./playbooks/other/ssh-key-gen/playbook.yml && \
 		python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml && \
+		python3 -m ansible playbook ./playbooks/other/cloudflare/playbook.yml && \
 		export ANSIBLE_INVENTORY=/tmp/outputs/inventory.yaml && \
 		export ANSIBE_PRIVATE_KEY_FILE=/tmp/outputs/ssh_key && \
 		sleep 8 && \
@@ -34,4 +35,5 @@ cleanup:
 		export SP_CUSTOMER=softplayer && \
 		export SP_ENV=dev && \
 		export SP_STATE=absent && \
-		python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml
+		python3 -m ansible playbook ./playbooks/providers/hetzner/playbook.yml || true &&  \
+		python3 -m ansible playbook ./playbooks/other/cloudflare/playbook.yml

group_vars/cloudflare.sops.yaml

@@ -0,0 +1,21 @@
+api_token: ENC[AES256_GCM,data:F4XoszX3kvpETLD5NDEzBPEUFqvHkHB06lbfJJkWy7SYvXW9zz9bXA==,iv:Y8u0triR363wZ5k7k07nJ3fJlQ2VZiGfH6RibBlClGo=,tag:mD0uzE9EKFYRsvfMyiTqJg==,type:str]
+sops:
+    kms: []
+    gcp_kms: []
+    azure_kv: []
+    hc_vault: []
+    age:
+        - recipient: age1lzythn62c4yug8w2wskckpgyjyja6rreyvgmwl9hj4mjvm0tvq6sl68d4z
+          enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHckx3S1JqNStxZTBoU1Za
+            ODh6S2Z3aENoZVBXTDc2dDJBQ2ZvL2h0TUNBCmxLWUJybHN3NFRYVlBRTU8rdlN0
+            WnpyOU9HdllST0lvamNOV1M5aisvZ0UKLS0tIHY4TVFNUm9GQnRtK1B5c01kdEky
+            YTNMWnNvZDdBTmtQNWNaSWd0ZzNvYjAKwV7BI7/8YRg+Nbm5KfoUZPzYX2S4m1At
+            /fSZvXt/sgJydJo1th3asUr/sXgykVjHuDQUh+WPsa5ys9jH5xS2ew==
+            -----END AGE ENCRYPTED FILE-----
+    lastmodified: "2024-05-03T16:29:13Z"
+    mac: ENC[AES256_GCM,data:sVjpsKCK+4CHB1mZb+BnBA0AHWAsHoizGaC4s0ErzAEbXaMIYLFBUYkkeN3OQUcLmLe6SqILpeBVjfhNaaHaQkfr6ZwxOng8d5TNr7qmBYBIGEEUqnIP+Z6vtVKWvpALpKUhTntbUfPaVbdO+rharaBYlXK3lZy8APLcKvmYz7I=,iv:SB00E70mSTpyRYF6p2nz+vLG1EjULj74CEqzuSCazNA=,tag:nys5spETdimYiFNukcwTdA==,type:str]
+    pgp: []
+    unencrypted_suffix: _unencrypted
+    version: 3.8.1

playbooks/other/cloudflare/playbook.yml

@@ -0,0 +1,38 @@
+- name: Cloudflare playbook
+  hosts: localhost
+  connection: local
+  vars:
+    output_dir: /tmp/outputs
+    customer: "{{ lookup('ansible.builtin.env', 'SP_CUSTOMER') }}"
+    env: "{{ lookup('ansible.builtin.env', 'SP_ENV') }}"
+    state: "{{ lookup('ansible.builtin.env', 'SP_STATE') }}"
+  tags:
+    - cloud
+    - cloudflare
+    - dns
+
+  tasks:
+    # --------------------------------------------------------
+    # -- Prepare the SOPS plugin to get secrets
+    # --------------------------------------------------------
+    - name: Load encrypted credentials
+      community.sops.load_vars:
+        file: ../../../group_vars/cloudflare.sops.yaml
+
+    - name: Configre A record
+      community.general.cloudflare_dns:      
+        api_token: "{{ api_token }}"
+        record: "{{ env }}"
+        zone: "badhouseplants.net"
+        type: A
+        value: "{{( lookup('file', '/tmp/outputs/provider_outputs.yaml')| from_yaml).user_entrypoint }}"
+        state: "{{ state }}"
+
+    - name: Configre CNAME
+      community.general.cloudflare_dns:      
+        api_token: "{{ api_token }}"
+        record: "*.{{ env }}"
+        zone: "badhouseplants.net"
+        type: CNAME
+        value: "{{ env }}.badhouseplants.net"
+        state: "{{ state }}"

playbooks/providers/hetzner/playbook.yml

@@ -93,6 +93,7 @@
             msg:
               - "{{ server_data }}"
           when: 'server_data'
+    
     - name: Generate new inventory
       ansible.builtin.template:
         src: templates/inventory.yaml.j2
@@ -102,3 +103,10 @@
         ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"
         cluster_name: "{{ customer }}-{{ env }}"
         volume_device_name: "{{ volumes_data.hcloud_volume.linux_device }}"
+    
+    - name: Generate provider output
+      ansible.builtin.template:
+        src: templates/provider_outputs.yaml.j2
+        dest: "{{ output_dir }}/provider_outputs.yaml"
+      vars:
+        ipv4_entrypoint: "{{ floating_ips_data.hcloud_floating_ip.ip }}"

playbooks/providers/hetzner/templates/provider_outputs.yaml.j2

@@ -1 +1 @@
-disk_device_name: {{ disk_device_name }}
+user_entrypoint: {{ ipv4_entrypoint }}