diff --git a/roles/matrix-server/tasks/self_check/self_check_dns.yml b/roles/matrix-server/tasks/self_check/self_check_dns.yml index b4afce30..e3849619 100644 --- a/roles/matrix-server/tasks/self_check/self_check_dns.yml +++ b/roles/matrix-server/tasks/self_check/self_check_dns.yml @@ -1,24 +1,23 @@ --- +# This requires the dnspython library and will fail with a friendly error when unavailable. - name: Check DNS SRV record - shell: - cmd: "dig -t srv {{ ('_matrix._tcp.' + hostname_identity + '.')|quote }}" - register: result_dig_srv - changed_when: false - ignore_errors: true + set_fact: + result_dig_srv: "{{ lookup('dig', ('_matrix._tcp.' + hostname_identity + './SRV'), 'flat=0', wantlist=False) }}" -- name: Fail if dig failed +- name: Fail if DNS SRV record missing fail: - msg: "Failed checking DNS SRV record. You likely don't have the `dig` program installed locally. Full error: {{ result_dig_srv }}" - when: "result_dig_srv.stderr != ''" + msg: "It appears the DNS SRV record for {{ hostname_identity }} is not set up correctly (the record is missing). See the 'Configuring DNS' documentation for this playbook." + when: "result_dig_srv == 'NXDOMAIN'" -# We expect an answer like this: -# ;; ANSWER SECTION: -# _matrix._tcp.DOMAIN. 10800 IN SRV 10 0 8448 matrix.DOMAIN. - name: Fail if DNS SRV record incorrect fail: - msg: "It appears the DNS SRV record for {{ hostname_identity }} is not set up correctly. See the 'Configuring DNS' documentation for this playbook. Full DNS answer was: {{ result_dig_srv.stdout }}" - when: "('8448 ' + hostname_matrix) not in result_dig_srv.stdout" + msg: > + It appears the DNS SRV record for {{ hostname_identity }} is not set up correctly. + Expected it to point to `{{ (hostname_matrix + '.') }}` (port 8448). + Found it pointing to `{{ result_dig_srv.target }}` (port {{ result_dig_srv.port }}). + See the 'Configuring DNS' documentation for this playbook. + when: "result_dig_srv.target != (hostname_matrix + '.') or result_dig_srv.port != 8448" - name: Report correct DNS SRV record debug: