beatzaplenty/docker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
749c0d500ddf9cdeea097f155239d80aeea7f0f7
docker/docs/dynu-dns-inventory.md
T

2.3 KiB
Raw Blame History

Dynu DNS Read-Only Inventory

This repository includes a read-only Dynu DNS inventory workflow for lan.ddnsgeek.com.

This integration is intentionally read-only. No Dynu mutations are permitted in this repo at this stage.

Scope

  • Fetch live DNS/domain data from Dynu using GET requests only.
  • Correlate Dynu hostnames with Traefik Host(...) rules found in compose files.
  • Generate local inventory artifacts for documentation.

Safety Guard Rails

  • Scripts fail unless DYNU_READ_ONLY=true.
  • No Dynu write methods (POST, PUT, PATCH, DELETE) are implemented.
  • No Terraform Dynu provider/resources/modules are introduced.
  • No Ansible Dynu mutation tasks are introduced.
  • API secrets are read from environment variables and are never logged.

Required Environment Variables

  • DYNU_API_KEY (required)
  • DYNU_BASE_URL (optional, defaults to https://api.dynu.com)
  • DYNU_READ_ONLY (must be true)

Recommended local secrets file (not committed): secrets/dynu.env

DYNU_API_KEY=replace-with-real-api-key
DYNU_READ_ONLY=true
DYNU_BASE_URL=https://api.dynu.com

Notes:

  • Keep values unquoted unless required by your shell.
  • scripts/dynu/build_dns_inventory.sh will auto-load secrets/dynu.env when present.

Commands

Run directly:

DYNU_READ_ONLY=true DYNU_API_KEY=... python3 scripts/dynu/fetch_dynu_dns.py
DYNU_READ_ONLY=true python3 scripts/dynu/correlate_dynu_with_traefik.py

Or run the wrapper:

scripts/dynu/build_dns_inventory.sh

Artifacts

  • data/dns/dynu_live.json (generated, untracked by default due to repo data/ ignore)
  • data/dns/dynu_traefik_inventory.json (generated, untracked by default)
  • docs/generated/dns-inventory.md (generated documentation artifact)

Because data/ is gitignored in this repository, JSON outputs are intentionally local-only unless ignore behavior changes in the future.

Ansible Wrapper (Read-Only)

A syntax-safe wrapper playbook is provided at:

  • infrastructure/ansible/playbooks/dns-inventory.yml

It only executes the local read-only scripts and does not call write-capable Dynu APIs.

Not Managed Yet

Dynu DNS records are not managed by Terraform or Ansible in this repository at this stage. No configuration in this repository sends Dynu mutation requests.

Reference in New Issue View Git Blame Copy Permalink