rework network.fact

saltyorg · Sep 5, 2023 · 941ddbb · 941ddbb
1 parent f0576d1
commit 941ddbb
Show file tree

Hide file tree

Showing 4 changed files with 85 additions and 35 deletions.
diff --git a/ansible_facts.d/network.fact b/ansible_facts.d/network.fact
@@ -1,29 +1,75 @@
-#!/bin/bash
-
-# https://github.com/mtecer/terraform/blob/master/bmc/files/ansible/custom.fact
-
-RES=$(curl -s -w "%{http_code}" --connect-timeout 2.37 -4 https://ipify.saltbox.dev)
-BODY=${RES::-3}
-STATUS=$(printf "%s" "$RES" | tail -c 3)
-if [[ "$STATUS" == 200 ]] && [ -n "${BODY-unset}" ]; then
-    # Server returned 200 response
-    PUBLIC_IP=$BODY
-else
-    # Server didn't return 200 response, so falling back to icanhazip.com
-    PUBLIC_IP=$(curl --connect-timeout 2.37 -s -4 https://ipv4.icanhazip.com)
-fi
-
-RES6=$(curl -s -w "%{http_code}" --connect-timeout 2.37 -6 https://ipify6.saltbox.dev)
-BODY6=${RES6::-3}
-STATUS6=$(printf "%s" "$RES6" | tail -c 3)
-if [[ "$STATUS6" == 200 ]] && [ -n "${BODY6-unset}" ]; then
-    # Server returned 200 response
-    PUBLIC_IPv6=$BODY6
-else
-    # Server didn't return 200 response, so falling back to icanhazip.com
-    PUBLIC_IPv6=$(curl --connect-timeout 2.37 -s -6 https://ipv6.icanhazip.com)
-fi
-
-echo "[ip]"
-echo "public_ip=${PUBLIC_IP}"
-echo "public_ipv6=${PUBLIC_IPv6}"
+#!/srv/ansible/venv/bin/python3
+
+import requests
+import json
+import ipaddress
+
+urls = {
+    "ipv4_primary": "https://ipify.saltbox.dev",
+    "ipv4_fallback": "https://ipv4.icanhazip.com",
+    "ipv6_primary": "https://ipify6.saltbox.dev",
+    "ipv6_fallback": "https://ipv6.icanhazip.com",
+}
+
+MAX_RETRIES = 3
+TIMEOUT = 3  # in seconds
+
+def validate_ip(ip, version):
+    try:
+        if version == "ipv4":
+            ipaddress.IPv4Address(ip)
+        else:
+            ipaddress.IPv6Address(ip)
+        return True
+    except ipaddress.AddressValueError:
+        return False
+
+def get_ip(url, version):
+    retries = 0
+    error = None
+
+    while retries < MAX_RETRIES:
+        try:
+            response = requests.get(url, timeout=TIMEOUT)
+            if response.status_code == 200:
+                ip = response.text.strip()
+                if validate_ip(ip, version):
+                    return ip, None, False  # IP, error message, failed status
+                else:
+                    error = f"Invalid {version} address received."
+            else:
+                error = f"HTTP {response.status_code} received from {url}."
+
+        except requests.RequestException as e:
+            error = str(e)
+        retries += 1
+
+    return None, error, True  # IP, error message, failed status
+
+data = {
+    "ip": {
+        "public_ip": "",
+        "public_ipv6": "",
+        "error_ipv4": None,
+        "error_ipv6": None,
+        "failed_ipv4": False,
+        "failed_ipv6": False
+    }
+}
+
+public_ip, error_v4, failed_v4 = get_ip(urls["ipv4_primary"], "ipv4")
+if not public_ip:
+    public_ip, error_v4, failed_v4 = get_ip(urls["ipv4_fallback"], "ipv4")
+
+public_ipv6, error_v6, failed_v6 = get_ip(urls["ipv6_primary"], "ipv6")
+if not public_ipv6:
+    public_ipv6, error_v6, failed_v6 = get_ip(urls["ipv6_fallback"], "ipv6")
+
+data["ip"]["public_ip"] = public_ip or ""
+data["ip"]["public_ipv6"] = public_ipv6 or ""
+data["ip"]["error_ipv4"] = error_v4
+data["ip"]["error_ipv6"] = error_v6
+data["ip"]["failed_ipv4"] = failed_v4
+data["ip"]["failed_ipv6"] = failed_v6
+
+print(json.dumps(data, indent=4))
diff --git a/inventories/group_vars/all.yml b/inventories/group_vars/all.yml
@@ -150,13 +150,17 @@ ip_address_host: "0.0.0.0"
 
 ip_address_localhost: "127.0.0.1"
 
-ip_address_public: "{{ ansible_local.network.ip.public_ip | default(ansible_default_ipv4.address) }}"
+ip_address_public: "{{ ansible_local.network.ip.public_ip }}"
 
-ip_address_public_is_valid: "{{ ip_address_public | ansible.utils.ipv4 }}"
+ip_address_public_is_valid: "{{ false if ansible_local.network.ip.failed_ipv4 else true }}"
 
-ipv6_address_public: "{{ ansible_local.network.ip.public_ipv6 | default(ansible_default_ipv6.address) }}"
+ip_address_public_error: "{{ ansible_local.network.ip.error_ipv4 }}"
 
-ipv6_address_public_is_valid: "{{ ipv6_address_public | ansible.utils.ipv6 }}"
+ipv6_address_public: "{{ ansible_local.network.ip.public_ipv6 }}"
+
+ipv6_address_public_is_valid: "{{ false if ansible_local.network.ip.failed_ipv6 else true }}"
+
+ipv6_address_public_error: "{{ ansible_local.network.ip.error_ipv6 }}"
 
 ################################
 # Theme

diff --git a/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv4_enabled.yml b/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv4_enabled.yml
@@ -9,7 +9,7 @@
 ---
 - name: Cloudflare | Add DNS Record | IPv4 | Validate IP variable
   ansible.builtin.fail:
-    msg: "ip_address_public contains: '{{ ip_address_public }}' which is not a valid IP"
+    msg: "{{ ip_address_public_error }}"
   when: (not ip_address_public_is_valid)
 
 - name: Cloudflare | Add DNS Record | IPv4 | Add DNS Record

diff --git a/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv6_enabled.yml b/resources/roles/dns/tasks/cloudflare/subtasks/add_dns_record/ipv6_enabled.yml
@@ -9,7 +9,7 @@
 ---
 - name: Cloudflare | Add DNS Record | IPv6 | Validate IPv6 variable
   ansible.builtin.fail:
-    msg: "ipv6_address_public contains: '{{ ipv6_address_public }}' which is not a valid IP"
+    msg: "{{ ipv6_address_public_error }}"
   when: (not ipv6_address_public_is_valid)
 
 - name: Cloudflare | Add DNS Record | IPv6 | Add DNS Record