WIP: Migrate DNS to Gandi #175
10 changed files with 570 additions and 465 deletions
|
@ -3,8 +3,7 @@ services:
|
||||||
image: traefik:v2.11
|
image: traefik:v2.11
|
||||||
user: "{{ docker_user.id }}"
|
user: "{{ docker_user.id }}"
|
||||||
environment:
|
environment:
|
||||||
- CF_DNS_API_TOKEN={{ vault_cloudflare_api_token }}
|
- GANDIV5_PERSONAL_ACCESS_TOKEN={{ vault_gandi_personal_access_token }}
|
||||||
- GANDIV5_API_KEY={{ vault_gandi_api_key }}
|
|
||||||
volumes:
|
volumes:
|
||||||
- ./traefik:/etc/traefik
|
- ./traefik:/etc/traefik
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
|
|
@ -50,17 +50,6 @@ api:
|
||||||
|
|
||||||
certificatesResolvers:
|
certificatesResolvers:
|
||||||
le:
|
le:
|
||||||
acme:
|
|
||||||
email: "{{ vault_letsencrypt_email }}"
|
|
||||||
storage: /etc/traefik/acme.json
|
|
||||||
dnsChallenge:
|
|
||||||
provider: cloudflare
|
|
||||||
delayBeforeCheck: 0
|
|
||||||
resolvers:
|
|
||||||
- 1.1.1.1:53
|
|
||||||
- 1.0.0.1:53
|
|
||||||
|
|
||||||
gandi:
|
|
||||||
acme:
|
acme:
|
||||||
email: "{{ vault_letsencrypt_email }}"
|
email: "{{ vault_letsencrypt_email }}"
|
||||||
storage: /etc/traefik/acme.json
|
storage: /etc/traefik/acme.json
|
||||||
|
@ -68,8 +57,8 @@ certificatesResolvers:
|
||||||
provider: gandiv5
|
provider: gandiv5
|
||||||
delayBeforeCheck: 0
|
delayBeforeCheck: 0
|
||||||
resolvers:
|
resolvers:
|
||||||
- 1.1.1.1:53
|
- 9.9.9.9:53
|
||||||
- 1.0.0.1:53
|
- 149.112.112.112:53
|
||||||
|
|
||||||
serversTransport:
|
serversTransport:
|
||||||
insecureSkipVerify: true
|
insecureSkipVerify: true
|
||||||
|
|
23
ansible/roles/traefik/vars/vault.yml
generated
23
ansible/roles/traefik/vars/vault.yml
generated
|
@ -1,14 +1,11 @@
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
63373634636339343234383662613339643138346430336463613834363661376334303131656565
|
30393461663462666434333462386264383831333936633961636237616338303335393861626336
|
||||||
6439633136396264356263663961383565636138333135660a366239313136663331386139386566
|
3566306338633735613431393736653061636536353335620a366335623630643137343863636161
|
||||||
61653432613237656635316336313064396433393939306330353739343439336165653866343030
|
37383436323439393965623436393465626362633134346239356463633936396236666164333762
|
||||||
6432366565396639640a636662356238636130326237613632643738643639313664393639323561
|
3565623930353964620a303965626164396536646336313438346464663236633465353036303935
|
||||||
39633939353663386566396534366166646631353461643062373363393566306538653730306362
|
30373230393432643330663434313637396234306563336137653861333839623530636465653532
|
||||||
36306532343933643830643564313166366530363139623564633061623238303866633037383032
|
37363239663939303834633332656365363437356236633933313339656563343130383262626539
|
||||||
31313765393134326561626264323336356539376263333765366162613363313138633932396136
|
61363762663630366430326635386163613936653938303366636363363334643035396233646430
|
||||||
35663737366132613133376431643333663466363737386664663036623839616333653231366536
|
32636431616335326264343931343064646363393736303263633038623562623965393763636562
|
||||||
38356566653933316462333462616362623535643866636332356563326136356563616632323034
|
35316264636264366161326463343730613232663539306532303838656338343535376439343834
|
||||||
39303437363535636433353961353964313733333164396538643563343338633432343232346235
|
3234663334333866376233336538343264623930653662303835
|
||||||
39626331376163356466313435616362613334346132666461633566393662363039393363613366
|
|
||||||
63613333643039626161653962353636366364353730383534336662336138643231333864633536
|
|
||||||
3232
|
|
||||||
|
|
|
@ -16,7 +16,6 @@ services:
|
||||||
labels:
|
labels:
|
||||||
- traefik.enable=true
|
- traefik.enable=true
|
||||||
- traefik.http.routers.yourls.rule=Host(`0rng.one`)
|
- traefik.http.routers.yourls.rule=Host(`0rng.one`)
|
||||||
- traefik.http.routers.yourls.tls.certresolver=gandi
|
|
||||||
networks:
|
networks:
|
||||||
- default
|
- default
|
||||||
- traefik
|
- traefik
|
||||||
|
|
|
@ -8,7 +8,7 @@ resource "gandi_livedns_record" "orngone_apex" {
|
||||||
type = "ALIAS" # Gandi doesn't support CNAME-flattening
|
type = "ALIAS" # Gandi doesn't support CNAME-flattening
|
||||||
ttl = 3600
|
ttl = 3600
|
||||||
values = [
|
values = [
|
||||||
cloudflare_record.sys_domain_pve.hostname
|
gandi_livedns_record.sys_domain_pve.href
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -96,10 +96,10 @@ resource "linode_firewall" "casey" {
|
||||||
|
|
||||||
resource "linode_rdns" "casey_reverse_ipv4" {
|
resource "linode_rdns" "casey_reverse_ipv4" {
|
||||||
address = linode_instance.casey.ip_address
|
address = linode_instance.casey.ip_address
|
||||||
rdns = cloudflare_record.sys_domain_casey.hostname
|
rdns = gandi_livedns_record.sys_domain_casey.href
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_rdns" "casey_reverse_ipv6" {
|
resource "linode_rdns" "casey_reverse_ipv6" {
|
||||||
address = split("/", linode_instance.casey.ipv6)[0]
|
address = split("/", linode_instance.casey.ipv6)[0]
|
||||||
rdns = cloudflare_record.sys_domain_casey.hostname
|
rdns = gandi_livedns_record.sys_domain_casey.href
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,283 +1,345 @@
|
||||||
resource "cloudflare_zone" "jakehowardtech" {
|
resource "gandi_livedns_domain" "jakehowardtech" {
|
||||||
zone = "jakehoward.tech"
|
name = "jakehoward.tech"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_mx1" {
|
resource "gandi_livedns_record" "jakehowardtech_mx" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "@"
|
name = "@"
|
||||||
value = "in1-smtp.messagingengine.com"
|
|
||||||
type = "MX"
|
type = "MX"
|
||||||
priority = 10
|
ttl = 3600
|
||||||
ttl = 1
|
values = [
|
||||||
|
"10 in1-smtp.messagingengine.com.",
|
||||||
|
"20 in2-smtp.messagingengine.com.",
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_mx2" {
|
resource "gandi_livedns_record" "jakehowardtech_spf" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "@"
|
name = "@"
|
||||||
value = "in2-smtp.messagingengine.com"
|
|
||||||
type = "MX"
|
|
||||||
priority = 20
|
|
||||||
ttl = 1
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_txt" {
|
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
|
||||||
name = "@"
|
|
||||||
value = "v=spf1 include:spf.messagingengine.com -all"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=spf1 include:spf.messagingengine.com -all\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_dkim_fm1" {
|
resource "gandi_livedns_record" "jakehowardtech_dkim_fm1" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "fm1._domainkey"
|
name = "fm1._domainkey"
|
||||||
value = "fm1.jakehoward.tech.dkim.fmhosted.com"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"fm1.jakehoward.tech.dkim.fmhosted.com."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_dkim_fm2" {
|
resource "gandi_livedns_record" "jakehowardtech_dkim_fm2" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "fm2._domainkey"
|
name = "fm2._domainkey"
|
||||||
value = "fm2.jakehoward.tech.dkim.fmhosted.com"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"fm2.jakehoward.tech.dkim.fmhosted.com."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_dkim_fm3" {
|
resource "gandi_livedns_record" "jakehowardtech_dkim_fm3" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "fm3._domainkey"
|
name = "fm3._domainkey"
|
||||||
value = "fm3.jakehoward.tech.dkim.fmhosted.com"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"fm3.jakehoward.tech.dkim.fmhosted.com."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_dmarc" {
|
resource "gandi_livedns_record" "jakehowardtech_dmarc" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "_dmarc"
|
name = "_dmarc"
|
||||||
value = "v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_wallabag" {
|
resource "gandi_livedns_record" "jakehowardtech_wallabag" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "wallabag"
|
name = "wallabag"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_ttrss" {
|
resource "gandi_livedns_record" "jakehowardtech_ttrss" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "tt-rss"
|
name = "tt-rss"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_speed" {
|
resource "gandi_livedns_record" "jakehowardtech_speed" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "speed"
|
name = "speed"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_quassel" {
|
resource "gandi_livedns_record" "jakehowardtech_quassel" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "quassel"
|
name = "quassel"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_media" {
|
resource "gandi_livedns_record" "jakehowardtech_media" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "media"
|
name = "media"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_matrix" {
|
resource "gandi_livedns_record" "jakehowardtech_matrix" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "matrix"
|
name = "matrix"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_intersect" {
|
resource "gandi_livedns_record" "jakehowardtech_intersect" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "intersect"
|
name = "intersect"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_calibre" {
|
resource "gandi_livedns_record" "jakehowardtech_calibre" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "calibre"
|
name = "calibre"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_homeassistant" {
|
resource "gandi_livedns_record" "jakehowardtech_homeassistant" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "homeassistant"
|
name = "homeassistant"
|
||||||
value = cloudflare_record.sys_domain_pve_private.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve_private.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_grafana" {
|
resource "gandi_livedns_record" "jakehowardtech_grafana" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "grafana"
|
name = "grafana"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_vaultwarden" {
|
resource "gandi_livedns_record" "jakehowardtech_vaultwarden" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "vaultwarden"
|
name = "vaultwarden"
|
||||||
value = cloudflare_record.sys_domain_pve_private.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve_private.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_tandoor" {
|
resource "gandi_livedns_record" "jakehowardtech_recipes" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "recipes"
|
name = "recipes"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_mailgun_spf" {
|
resource "gandi_livedns_record" "jakehowardtech_mailgun_spf" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "mg"
|
name = "mg"
|
||||||
value = "v=spf1 include:mailgun.org -all"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=spf1 include:mailgun.org -all\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_mailgun_dkim" {
|
resource "gandi_livedns_record" "jakehowardtech_mailgun_dkim" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "s1._domainkey.mg"
|
name = "s1._domainkey.mg"
|
||||||
value = "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4E4cv86U+sFUjgLys26ZLccTghzGfHiFpitWdFg68lGXG63aoG2/+9bgKVT0ZBG7bjPvj6Kyj4N3TIe4oCJo2saVvtsNK1pvZkOadaBPgjzKeRvBaw48ZatUGKoV7q1NCa0kXAfiJleF7bMvbt8rYDmBljr/BG6TtZYPt6XgoZyh8HHXjv/1L6WT3JBVQ8q5UtqVRVujXNHf57FmJTOJpvs0bKn/6TUaXYZmt5z3jpDhc/HfmkzVV22AwRf9jn7kgKkgaKpkvfSL8gtYNn5oyfS0Y9W9x9ntqb4g72RCbynMppQb1uwxbIuWRVOp0un0koQDm3C8ZzhOOYAwe58BYQIDAQAB"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4E4cv86U+sFUjgLys26ZLccTghzGfHiFpitWdFg68lGXG63aoG2/+9bgKVT0ZBG7bjPvj6Kyj4N3TIe4oCJo2saVvtsNK1pvZkOadaBPgjzKeRvBaw48ZatUGKoV7q1NCa0kXAfiJleF7bMvbt8rYDmBljr/BG6TtZYPt6XgoZyh8HHXjv/1L6WT3JBVQ8q5UtqVRVujXNHf57FmJTOJpvs0bKn/6TUaXYZmt5z3jpDhc/HfmkzVV22AwRf9jn7kgKkgaKpkvfSL8gtYNn5oyfS0Y9W9x9ntqb4g72RCbynMppQb1uwxbIuWRVOp0un0koQDm3C8ZzhOOYAwe58BYQIDAQAB\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_mailgun_dmarc" {
|
resource "gandi_livedns_record" "jakehowardtech_mailgun_dmarc" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "_dmarc.mg"
|
name = "_dmarc.mg"
|
||||||
value = "v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_matrix_admin" {
|
resource "gandi_livedns_record" "jakehowardtech_synapse_admin" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "synapse-admin"
|
name = "synapse-admin"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
# Cloudflare supports CNAME flattening - so this is ok
|
resource "gandi_livedns_record" "jakehowardtech_apex" {
|
||||||
resource "cloudflare_record" "jakehowardtech_apex" {
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
|
||||||
name = "@"
|
name = "@"
|
||||||
value = cloudflare_record.sys_domain_walker.hostname
|
type = "ALIAS"
|
||||||
type = "CNAME"
|
ttl = 3600
|
||||||
ttl = 1
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_walker.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_collabora" {
|
resource "gandi_livedns_record" "jakehowardtech_collabora" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "collabora"
|
name = "collabora"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_tasks" {
|
resource "gandi_livedns_record" "jakehowardtech_tasks" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "tasks"
|
name = "tasks"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_auth" {
|
resource "gandi_livedns_record" "jakehowardtech_auth" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "auth"
|
name = "auth"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_minio" {
|
resource "gandi_livedns_record" "jakehowardtech_minio" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "minio"
|
name = "minio"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_s3" {
|
resource "gandi_livedns_record" "jakehowardtech_s3" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "s3"
|
name = "s3"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_ntfy" {
|
resource "gandi_livedns_record" "jakehowardtech_ntfy" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "ntfy"
|
name = "ntfy"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_headscale" {
|
resource "gandi_livedns_record" "jakehowardtech_headscale" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "headscale"
|
name = "headscale"
|
||||||
value = cloudflare_record.sys_domain_casey.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_casey.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_slides" {
|
resource "gandi_livedns_record" "jakehowardtech_slides" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "slides"
|
name = "slides"
|
||||||
value = cloudflare_record.sys_domain_walker.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_walker.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_uptime" {
|
resource "gandi_livedns_record" "jakehowardtech_uptime" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "uptime"
|
name = "uptime"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "jakehowardtech_caa" {
|
resource "gandi_livedns_record" "jakehowardtech_baby-buddy" {
|
||||||
zone_id = cloudflare_zone.jakehowardtech.id
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
|
name = "baby-buddy"
|
||||||
|
type = "CNAME"
|
||||||
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve_private.href}."
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "gandi_livedns_record" "jakehowardtech_caa" {
|
||||||
|
zone = gandi_livedns_domain.jakehowardtech.id
|
||||||
name = "@"
|
name = "@"
|
||||||
type = "CAA"
|
type = "CAA"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
data = {
|
"0 issue \"letsencrypt.org\"",
|
||||||
tag = "issue"
|
"0 wildissue \"letsencrypt.org\"",
|
||||||
flags = 0
|
]
|
||||||
value = "letsencrypt.org"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,47 +1,59 @@
|
||||||
resource "cloudflare_record" "sys_domain_casey" {
|
resource "gandi_livedns_record" "sys_domain_casey" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "casey.sys"
|
name = "casey.sys"
|
||||||
value = linode_instance.casey.ip_address
|
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
linode_instance.casey.ip_address
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "sys_domain_walker" {
|
resource "gandi_livedns_record" "sys_domain_casey_v6" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "walker.sys"
|
|
||||||
value = hcloud_server.walker.ipv4_address
|
|
||||||
type = "A"
|
|
||||||
ttl = 1
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "cloudflare_record" "sys_domain_casey_v6" {
|
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
|
||||||
name = "casey.sys"
|
name = "casey.sys"
|
||||||
value = split("/", linode_instance.casey.ipv6)[0]
|
|
||||||
type = "AAAA"
|
type = "AAAA"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
split("/", linode_instance.casey.ipv6)[0]
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "sys_domain_walker_v6" {
|
resource "gandi_livedns_record" "sys_domain_walker" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "walker.sys"
|
name = "walker.sys"
|
||||||
value = hcloud_server.walker.ipv6_address
|
type = "A"
|
||||||
type = "AAAA"
|
ttl = 3600
|
||||||
ttl = 1
|
values = [
|
||||||
|
hcloud_server.walker.ipv4_address
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "sys_domain_pve" {
|
resource "gandi_livedns_record" "sys_domain_walker_v6" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
|
name = "walker.sys"
|
||||||
|
type = "AAAA"
|
||||||
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
hcloud_server.walker.ipv6_address
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "gandi_livedns_record" "sys_domain_pve" {
|
||||||
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "pve.sys"
|
name = "pve.sys"
|
||||||
value = linode_instance.casey.ip_address
|
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
linode_instance.casey.ip_address
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "sys_domain_pve_private" {
|
resource "gandi_livedns_record" "sys_domain_pve_private" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "pve-private.sys"
|
name = "pve-private.sys"
|
||||||
value = local.private_ipv6_marker
|
|
||||||
type = "AAAA"
|
type = "AAAA"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
local.private_ipv6_marker
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,235 +1,282 @@
|
||||||
resource "cloudflare_zone" "theorangeonenet" {
|
resource "gandi_livedns_domain" "theorangeonenet" {
|
||||||
zone = "theorangeone.net"
|
name = "theorangeone.net"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_git" {
|
resource "gandi_livedns_record" "theorangeonenet_git" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "git"
|
name = "git"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_whoami" {
|
resource "gandi_livedns_record" "theorangeonenet_whoami" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "whoami"
|
name = "whoami"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_whoami_cdn" {
|
resource "gandi_livedns_record" "theorangeonenet_whoami_cdn" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "whoami-cdn"
|
name = "whoami-cdn"
|
||||||
value = cloudflare_record.sys_domain_casey.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_whoami_private" {
|
resource "gandi_livedns_record" "theorangeonenet_whoami_private" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "whoami-private"
|
name = "whoami-private"
|
||||||
value = cloudflare_record.sys_domain_pve_private.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_mx1" {
|
resource "gandi_livedns_record" "theorangeonenet_mx" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "@"
|
name = "@"
|
||||||
value = "in1-smtp.messagingengine.com"
|
|
||||||
type = "MX"
|
type = "MX"
|
||||||
priority = 10
|
ttl = 3600
|
||||||
ttl = 1
|
values = [
|
||||||
|
"10 in1-smtp.messagingengine.com.",
|
||||||
|
"20 in2-smtp.messagingengine.com.",
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_mx2" {
|
resource "gandi_livedns_record" "theorangeonenet_spf" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "@"
|
name = "@"
|
||||||
value = "in2-smtp.messagingengine.com"
|
|
||||||
type = "MX"
|
|
||||||
priority = 20
|
|
||||||
ttl = 1
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_spf" {
|
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
|
||||||
name = "@"
|
|
||||||
value = "v=spf1 include:spf.messagingengine.com -all"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=spf1 include:spf.messagingengine.com -all\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_dkim_fm1" {
|
resource "gandi_livedns_record" "theorangeonenet_dkim_fm1" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "fm1._domainkey"
|
name = "fm1._domainkey"
|
||||||
value = "fm1.theorangeone.net.dkim.fmhosted.com"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"fm1.theorangeone.net.dkim.fmhosted.com."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_dkim_fm2" {
|
resource "gandi_livedns_record" "theorangeonenet_dkim_fm2" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "fm2._domainkey"
|
name = "fm2._domainkey"
|
||||||
value = "fm2.theorangeone.net.dkim.fmhosted.com"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"fm2.theorangeone.net.dkim.fmhosted.com."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_dkim_fm3" {
|
resource "gandi_livedns_record" "theorangeonenet_dkim_fm3" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "fm3._domainkey"
|
name = "fm3._domainkey"
|
||||||
value = "fm3.theorangeone.net.dkim.fmhosted.com"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"fm3.theorangeone.net.dkim.fmhosted.com."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_dmarc" {
|
resource "gandi_livedns_record" "theorangeonenet_dmarc" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "_dmarc"
|
name = "_dmarc"
|
||||||
value = "v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_dmarc_report" {
|
resource "gandi_livedns_record" "theorangeonenet_dmarc_report" {
|
||||||
for_each = toset([
|
for_each = toset([
|
||||||
cloudflare_zone.theorangeonenet.zone,
|
gandi_livedns_domain.theorangeonenet.name,
|
||||||
cloudflare_zone.jakehowardtech.zone,
|
gandi_livedns_domain.jakehowardtech.name,
|
||||||
cloudflare_record.theorangeonenet_mailgun_spf.hostname,
|
gandi_livedns_record.theorangeonenet_mailgun_spf.href,
|
||||||
cloudflare_record.jakehowardtech_mailgun_spf.hostname,
|
gandi_livedns_record.jakehowardtech_mailgun_spf.href,
|
||||||
])
|
])
|
||||||
|
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "${each.value}._report._dmarc"
|
name = "${each.value}._report._dmarc"
|
||||||
value = "v=DMARC1"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"v=DMARC1"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
# Cloudflare supports CNAME flattening - so this is ok
|
resource "gandi_livedns_record" "theorangeonenet_apex" {
|
||||||
resource "cloudflare_record" "theorangeonenet_apex" {
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
|
||||||
name = "@"
|
name = "@"
|
||||||
value = cloudflare_record.sys_domain_walker.hostname
|
type = "ALIAS"
|
||||||
type = "CNAME"
|
ttl = 3600
|
||||||
ttl = 1
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_walker.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_srv_matrix" {
|
resource "gandi_livedns_record" "theorangeonenet_srv_matrix" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "_matrix._tcp"
|
name = "_matrix._tcp"
|
||||||
type = "SRV"
|
type = "SRV"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
data = {
|
"10 0 8448 ${gandi_livedns_record.theorangeonenet_matrix.href}."
|
||||||
service = "_matrix"
|
]
|
||||||
proto = "_tcp"
|
|
||||||
name = cloudflare_zone.theorangeonenet.zone
|
|
||||||
priority = 10
|
|
||||||
weight = 0
|
|
||||||
port = 8448
|
|
||||||
target = cloudflare_record.theorangeonenet_matrix.hostname
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_matrix" {
|
resource "gandi_livedns_record" "theorangeonenet_matrix" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "matrix"
|
name = "matrix"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_plausible" {
|
resource "gandi_livedns_record" "theorangeonenet_plausible" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "plausible"
|
name = "plausible"
|
||||||
value = cloudflare_record.sys_domain_walker.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_walker.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_plausible_bare" {
|
resource "gandi_livedns_record" "theorangeonenet_plausible_bare" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "elbisualp"
|
name = "elbisualp"
|
||||||
value = cloudflare_record.sys_domain_walker.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_walker.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_notes" {
|
resource "gandi_livedns_record" "theorangeonenet_notes" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "notes"
|
name = "notes"
|
||||||
value = "realorangeone.github.io"
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"realorangeone.github.io."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_privatebin" {
|
resource "gandi_livedns_record" "theorangeonenet_bin" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "bin"
|
name = "bin"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_google_site_verification" {
|
resource "gandi_livedns_record" "theorangeonenet_google_site_verification" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "@"
|
name = "@"
|
||||||
value = "google-site-verification=IXY4iSBN_vOcM3cp_f-BgVvEI_shz1GzXuY_8dqY61o"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"google-site-verification=IXY4iSBN_vOcM3cp_f-BgVvEI_shz1GzXuY_8dqY61o"
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_mailgun_spf" {
|
resource "gandi_livedns_record" "theorangeonenet_mailgun_spf" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "mg"
|
name = "mg"
|
||||||
value = "v=spf1 include:mailgun.org -all"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=spf1 include:mailgun.org -all\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_mailgun_dkim" {
|
resource "gandi_livedns_record" "theorangeonenet_mailgun_dkim" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "mta._domainkey.mg"
|
name = "mta._domainkey.mg"
|
||||||
value = "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z/MHEzpbWm5EgMkyWb+Xkz44Xrzr4SA5i2u8M2H5yZ1PSb4DpGk3IAX+I05UWax02+WBW3CBb5wU9rH9flgxezBoCf/hiMS1Wjb9hKGIBa2jMCzpF+wa5fyqLkLoAJZF4bc/BJKyi/ET2c7+DAA/2KlWv/nv4MEjcUR4hNGLPEC9+6PhUp8z2PnUQLzPRWHpKc1oLrnROWaX3XxdDekCzwyOw7ygzZdThVevE+0CqXVOt5SUSUCnd2tjVbvblGi6DBiQY5Tl6+xLqkQHCRqks9187+EN4FdJXkjQodkFzzyiBH5cXVGiZLOhal4koEvxGirr596qM97bIXiJWArdQIDAQAB"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z/MHEzpbWm5EgMkyWb+Xkz44Xrzr4SA5i2u8M2H5yZ1PSb4DpGk3IAX+I05UWax02+WBW3CBb5wU9rH9flgxezBoCf/hiMS1Wjb9hKGIBa2jMCzpF+wa5fyqLkLoAJZF4bc/BJKyi/ET2c7+DAA/2KlWv/nv4MEjcUR4hNGLPEC9+6PhUp8z2PnUQLzPRWHpKc1oLrnROWaX3XxdDekCzwyOw7ygzZdThVevE+0CqXVOt5SUSUCnd2tjVbvblGi6DBiQY5Tl6+xLqkQHCRqks9187+EN4FdJXkjQodkFzzyiBH5cXVGiZLOhal4koEvxGirr596qM97bIXiJWArdQIDAQAB\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_mailgun_dmarc" {
|
resource "gandi_livedns_record" "theorangeonenet_mailgun_dmarc" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "_dmarc.mg"
|
name = "_dmarc.mg"
|
||||||
value = "v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;"
|
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"\"v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;\""
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_mastodon" {
|
resource "gandi_livedns_record" "theorangeonenet_mastodon" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "mastodon"
|
name = "mastodon"
|
||||||
value = cloudflare_record.sys_domain_pve.hostname
|
|
||||||
type = "CNAME"
|
type = "CNAME"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_comentario" {
|
resource "gandi_livedns_record" "theorangeonenet_comentario" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "comentario"
|
name = "comentario"
|
||||||
value = cloudflare_record.sys_domain_walker.value
|
type = "CNAME"
|
||||||
type = "A"
|
ttl = 3600
|
||||||
ttl = 1
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_walker.href}."
|
||||||
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_record" "theorangeonenet_caa" {
|
resource "gandi_livedns_record" "theorangeonenet_bsky" {
|
||||||
zone_id = cloudflare_zone.theorangeonenet.id
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
|
name = "bsky"
|
||||||
|
type = "CNAME"
|
||||||
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"${gandi_livedns_record.sys_domain_pve.href}."
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "gandi_livedns_record" "theorangeonenet_atproto" {
|
||||||
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
|
name = "_atproto"
|
||||||
|
type = "TXT"
|
||||||
|
ttl = 3600
|
||||||
|
values = [
|
||||||
|
"did=did:plc:pgyg4ih7zsqkwdon34jqkbuz"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "gandi_livedns_record" "theorangeonenet_caa" {
|
||||||
|
zone = gandi_livedns_domain.theorangeonenet.id
|
||||||
name = "@"
|
name = "@"
|
||||||
type = "CAA"
|
type = "CAA"
|
||||||
ttl = 1
|
ttl = 3600
|
||||||
|
values = [
|
||||||
data = {
|
"0 issue \"letsencrypt.org\"",
|
||||||
tag = "issue"
|
"0 wildissue \"letsencrypt.org\"",
|
||||||
flags = 0
|
]
|
||||||
value = "letsencrypt.org"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -16,11 +16,11 @@ resource "hcloud_server" "walker" {
|
||||||
resource "hcloud_rdns" "walker_reverse_ipv4" {
|
resource "hcloud_rdns" "walker_reverse_ipv4" {
|
||||||
server_id = hcloud_server.walker.id
|
server_id = hcloud_server.walker.id
|
||||||
ip_address = hcloud_server.walker.ipv4_address
|
ip_address = hcloud_server.walker.ipv4_address
|
||||||
dns_ptr = cloudflare_record.sys_domain_walker.hostname
|
dns_ptr = gandi_livedns_record.sys_domain_walker.href
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "hcloud_rdns" "walker_reverse_ipv6" {
|
resource "hcloud_rdns" "walker_reverse_ipv6" {
|
||||||
server_id = hcloud_server.walker.id
|
server_id = hcloud_server.walker.id
|
||||||
ip_address = hcloud_server.walker.ipv6_address
|
ip_address = hcloud_server.walker.ipv6_address
|
||||||
dns_ptr = cloudflare_record.sys_domain_walker.hostname
|
dns_ptr = gandi_livedns_record.sys_domain_walker.href
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue