From 8d999fbf5d3c3ba526ad0e18c3c5770b9880d886 Mon Sep 17 00:00:00 2001
From: nazunalika <tucklesepk@gmail.com>
Date: Sat, 23 Jan 2021 23:44:22 -0700
Subject: [PATCH] CNAME host

---
 ansible/playbooks/adhoc-ipadnsrecord.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/ansible/playbooks/adhoc-ipadnsrecord.yml b/ansible/playbooks/adhoc-ipadnsrecord.yml
index 53ed07f..4c8ec9d 100644
--- a/ansible/playbooks/adhoc-ipadnsrecord.yml
+++ b/ansible/playbooks/adhoc-ipadnsrecord.yml
@@ -42,3 +42,16 @@
         state: "{{ ipa_presence }}"
       tags:
         - dns
+
+    # We try to do this just in case because if a certificate is being issued
+    # that wants a CNAME, the host has to "manage" said host. However, if the
+    # host doesn't exist, we'll ignore it.
+    - name: "Creating host object for CNAME"
+      freeipa.ansible_freeipa.ipahost:
+        ipaadmin_principal: "{{ ipa_admin|default('admin') }}"
+        ipaadmin_password: "{{ ipaadmin_password }}"
+        name: "{{ ipa_name }}.{{ ipa_zone }}"
+        force: true
+        managedby:
+          - "{{ ipa_name_value[:-1] }}"
+      ignore_errors: true