I have the following code block:
- name: Store challenge on DNS server
uri:
headers:
X-API-Key: "{{ rns_dns_apikey }}"
method: PATCH
url: "{{ rns_dns_rest_api}}/{{ rr_item.key.split('.')[-2:] | join('.') }}"
body_format: json
body: '{"rrsets": [
{"name": "{{ rns_ssl_challenge["challenge_data"][rr_item.key]["dns-01"]["record"] }}.",
"type": "TXT",
"ttl": 600,
"changetype": "REPLACE",
"records": [
{"content": "\"{{ rns_ssl_challenge["challenge_data"][rr_item.key]["dns-01"]["resource_value"] }}\"",
"disabled": false
}]}]}'
status_code: 204
loop:
"{{ rns_ssl_challenge['challenge_data'] | dict2items }}"
loop_control:
loop_var: rr_item
which shall store ACME challenges on a PowerDNS server using its REST-API. Unfortunately I forgot that the API only knows 'REPLACE' or 'DELETE' for the field changetype. So the code above will only store one challenge on the server.
What I need and what I do not know is something like this:
- name: Store challenge on DNS server
uri:
headers:
X-API-Key: "{{ rns_dns_apikey }}"
method: PATCH
url: "{{ rns_dns_rest_api}}/{{ rr_item.key.split('.')[-2:] | join('.') }}"
body_format: json
body: '{"rrsets": [
{"name": "{{ rns_ssl_challenge["challenge_data"][rr_item.key]["dns-01"]["record"] }}.",
"type": "TXT",
"ttl": 600,
"changetype": "REPLACE",
"records": [
{% looping here around content %}
{"content": "\"{{ rns_ssl_challenge["challenge_data"][rr_item.key]["dns-01"]["resource_value"] }}\"",
"disabled": false
}
{% end loop %}
]}]}'
status_code: 204
loop:
"{{ rns_ssl_challenge['challenge_data'] | dict2items }}"
loop_control:
loop_var: rr_item
Update 2020-12-22:
ok: [localhost] =>
rns_ssl_challenge:
account_uri: https://acme-v02.api.letsencrypt.org/acme/acct/98718156
authorizations:
'*.roessner-net.de':
challenges:
- status: pending
token: ******some_token
type: dns-01
url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/9487231596/jI7d4A
expires: '2020-12-28T23:00:13Z'
identifier:
type: dns
value: roessner-net.de
status: pending
uri: https://acme-v02.api.letsencrypt.org/acme/authz-v3/9487231596
wildcard: true
roessner-net.de:
challenges:
- status: pending
token: ******some_token
type: http-01
url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/9484423630/KhPKIA
- status: pending
token: ******some_token
type: dns-01
url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/9484423630/6UqCWw
- status: pending
token: ******some_token
url: https://acme-v02.api.letsencrypt.org/acme/chall-v3/9484423630/DS0uyg
expires: '2020-12-28T20:03:00Z'
identifier:
type: dns
value: roessner-net.de
status: pending
uri: https://acme-v02.api.letsencrypt.org/acme/authz-v3/9484423630
cert_days: 28
challenge_data:
'*.roessner-net.de':
dns-01:
record: _acme-challenge.roessner-net.de
resource: _acme-challenge
resource_value: ******some_token_example_1
roessner-net.de:
dns-01:
record: _acme-challenge.roessner-net.de
resource: _acme-challenge
resource_value: ******some_token_example_2
http-01:
resource: .well-known/acme-challenge/******some_token
resource_value: ******some_token
tls-alpn-01:
resource: roessner-net.de
resource_original: dns:roessner-net.de
resource_value: ******some_token
challenge_data_dns:
_acme-challenge.roessner-net.de:
- ******some_token
- ******some_token
changed: true
failed: false
finalize_uri: https://acme-v02.api.letsencrypt.org/acme/finalize/98718156/6882152001
order_uri: https://acme-v02.api.letsencrypt.org/acme/order/98718156/6882152001
Under 'challenge_data' there are all listed domains as keys. Under these you find dns-01. I need the 'resource_value' field from each dns-01 and each domain. Is this somehow possible?
That shall be constructed to:
'{"rrsets": [
{"name": "{{ rns_ssl_challenge["challenge_data"][rr_item.key]["dns-01"]["record"] }}.",
"type": "TXT",
"ttl": 600,
"changetype": "REPLACE",
"records": [
{"content": "\"******some_token_example_1\"",
"disabled": false
},
{"content": "\"******some_token_example_2\"",
"disabled": false
},
]}]}'
Many thanks in advance
