community.dns.hetzner_dns_records inventory – Create inventory from Hetzner DNS records

Note

This inventory plugin is part of the community.dns collection (version 3.0.7).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install community.dns.

To use it in a playbook, specify: community.dns.hetzner_dns_records.

New in community.dns 2.0.0

Synopsis

  • For Ansible to be able to identify a YAML file as an inventory for this plugin, the inventory file must contain plugin: community.dns.hetzner_dns_records and its filename must end with hetzner_dns.yaml or hetzner_dns.yml

  • Records are matched by prefix / record name and value.

  • This plugin allows to create an inventory from Hetzner DNS records.

Parameters

Parameter

Comments

filters

list / elements=dictionary

added in community.dns 3.0.0

A list of include/exclude filters that allows to select/deselect hosts for this inventory.

Filters are processed sequentially until the first filter where filters[].exclude or filters[].include matches is found. In case filters[].exclude matches, the host is excluded, and in case filters[].include matches, the host is included. In case no filter matches, the host is included.

exclude

string

A Jinja2 condition. If it matches for a host, that host is excluded.

Exactly one of filters[].exclude and filters[].include can be specified.

include

string

A Jinja2 condition. If it matches for a host, that host is included.

Exactly one of filters[].exclude and filters[].include can be specified.

hetzner_token

aliases: api_token

string / required

The token for the Hetzner API.

If not provided, will be read from the environment variable HETZNER_DNS_TOKEN.

Configuration:

plugin

string / required

The name of this plugin. Should always be set to community.dns.hetzner_dns_records for this plugin to recognize it as its own.

Choices:

  • "community.dns.hetzner_dns_records"

simple_filters

dictionary

A dictionary of filter value pairs.

This option used to be called filters before community.dns 3.0.0. It has been renamed from filters to simple_filters in community.dns 2.8.0, and the old name was still available as an alias until community.dns 3.0.0. filters is now used for something else.

Default: {}

type

list / elements=string

Record types whose values to use.

Choices:

  • "A" ← (default)

  • "AAAA" ← (default)

  • "CAA"

  • "CNAME" ← (default)

  • "DANE"

  • "DS"

  • "HINFO"

  • "MX"

  • "NS"

  • "RP"

  • "SOA"

  • "SRV"

  • "TLSA"

  • "TXT"

Default: ["A", "AAAA", "CNAME"]

txt_character_encoding

string

added in community.dns 2.5.0

Whether to treat numeric escape sequences (\xyz) as octal or decimal numbers. This is only used when txt_transformation=quoted.

The default changed to decimal in community.dns 3.0.0. Before, the default used to be octal. The value decimal is compatible to RFC 1035.

Choices:

  • "decimal" ← (default)

  • "octal"

txt_transformation

string

Determines how TXT entry values are converted between the API and this module’s input and output.

The value api means that values are returned from this module as they are returned from the API, and pushed to the API as they have been passed to this module. For idempotency checks, the input string will be compared to the strings returned by the API. The API might automatically transform some values, like splitting long values or adding quotes, which can cause problems with idempotency.

The value unquoted automatically transforms values so that you can pass in unquoted values, and the module will return unquoted values. If you pass in quoted values, they will be double-quoted.

The value quoted automatically transforms values so that you must use quoting for values that contain spaces, characters such as quotation marks and backslashes, and that are longer than 255 bytes. It also makes sure to return values from the API in a normalized encoding.

The default value, unquoted, ensures that you can work with values without having to care about how to correctly quote for DNS. Most users should use one of unquoted or quoted, but not api.

Note: the conversion code assumes UTF-8 encoding for values. If you need another encoding use txt_transformation=api and handle the encoding yourself.

Choices:

  • "api"

  • "quoted"

  • "unquoted" ← (default)

zone_id

string

The ID of the DNS zone to modify.

Exactly one of zone_name and zone_id must be specified.

zone_name

aliases: zone

string

The DNS zone to modify.

Exactly one of zone_name and zone_id must be specified.

Notes

Note

See Also

See also

community.dns.hetzner_dns_record_set_info

Retrieve record sets in Hetzner DNS service.

community.dns.hetzner_dns_record_info

Retrieve records in Hetzner DNS service.

Examples

# filename must end with hetzner_dns.yaml or hetzner_dns.yml

plugin: community.dns.hetzner_dns_records
zone_name: domain.de
simple_filters:
  type:
    - TXT
filters:
  - include: >-
      not ansible_host.startswith('v=')
  - exclude: true
txt_transformation: unquoted

# You can also configure the token by putting secret value into this file,
# but this is discouraged. Use a lookup like below, or leave it away and
# set it with the HETZNER_DNS_TOKEN environment variable.
hetzner_token: >-
    {{ (lookup('community.sops.sops', 'keys/hetzner.sops.yml') | from_yaml).hetzner_dns_token }}

Authors

  • Markus Bergholz (@markuman)

  • Felix Fontein (@felixfontein)

Hint

Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.