235 lines
6.5 KiB
HCL
235 lines
6.5 KiB
HCL
resource "cloudflare_zone" "theorangeonenet" {
|
|
zone = "theorangeone.net"
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_git" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "git"
|
|
value = cloudflare_record.sys_domain_pve.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_whoami" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "whoami"
|
|
value = cloudflare_record.sys_domain_pve.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_whoami_cdn" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "whoami-cdn"
|
|
value = cloudflare_record.sys_domain_casey.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_whoami_private" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "whoami-private"
|
|
value = cloudflare_record.sys_domain_pve_private.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_mx1" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "@"
|
|
value = "in1-smtp.messagingengine.com"
|
|
type = "MX"
|
|
priority = 10
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_mx2" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "@"
|
|
value = "in2-smtp.messagingengine.com"
|
|
type = "MX"
|
|
priority = 20
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_spf" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "@"
|
|
value = "v=spf1 include:spf.messagingengine.com -all"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_dkim_fm1" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "fm1._domainkey"
|
|
value = "fm1.theorangeone.net.dkim.fmhosted.com"
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_dkim_fm2" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "fm2._domainkey"
|
|
value = "fm2.theorangeone.net.dkim.fmhosted.com"
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_dkim_fm3" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "fm3._domainkey"
|
|
value = "fm3.theorangeone.net.dkim.fmhosted.com"
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_dmarc" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "_dmarc"
|
|
value = "v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_dmarc_report" {
|
|
for_each = toset([
|
|
cloudflare_zone.theorangeonenet.zone,
|
|
cloudflare_zone.jakehowardtech.zone,
|
|
cloudflare_record.theorangeonenet_mailgun_spf.hostname,
|
|
cloudflare_record.jakehowardtech_mailgun_spf.hostname,
|
|
])
|
|
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "${each.value}._report._dmarc"
|
|
value = "v=DMARC1"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
# Cloudflare supports CNAME flattening - so this is ok
|
|
resource "cloudflare_record" "theorangeonenet_apex" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "@"
|
|
value = cloudflare_record.sys_domain_walker.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_srv_matrix" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "_matrix._tcp"
|
|
type = "SRV"
|
|
ttl = 1
|
|
|
|
data = {
|
|
service = "_matrix"
|
|
proto = "_tcp"
|
|
name = cloudflare_zone.theorangeonenet.zone
|
|
priority = 10
|
|
weight = 0
|
|
port = 8448
|
|
target = cloudflare_record.jakehowardtech_matrix.hostname
|
|
}
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_matrix" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "matrix"
|
|
value = cloudflare_record.sys_domain_pve.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_plausible" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "plausible"
|
|
value = cloudflare_record.sys_domain_walker.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_plausible_bare" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "elbisualp"
|
|
value = cloudflare_record.sys_domain_walker.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_notes" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "notes"
|
|
value = "realorangeone.github.io"
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_privatebin" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "bin"
|
|
value = cloudflare_record.sys_domain_pve.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_google_site_verification" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "@"
|
|
value = "google-site-verification=IXY4iSBN_vOcM3cp_f-BgVvEI_shz1GzXuY_8dqY61o"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_mailgun_spf" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "mg"
|
|
value = "v=spf1 include:mailgun.org -all"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_mailgun_dkim" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "mta._domainkey.mg"
|
|
value = "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z/MHEzpbWm5EgMkyWb+Xkz44Xrzr4SA5i2u8M2H5yZ1PSb4DpGk3IAX+I05UWax02+WBW3CBb5wU9rH9flgxezBoCf/hiMS1Wjb9hKGIBa2jMCzpF+wa5fyqLkLoAJZF4bc/BJKyi/ET2c7+DAA/2KlWv/nv4MEjcUR4hNGLPEC9+6PhUp8z2PnUQLzPRWHpKc1oLrnROWaX3XxdDekCzwyOw7ygzZdThVevE+0CqXVOt5SUSUCnd2tjVbvblGi6DBiQY5Tl6+xLqkQHCRqks9187+EN4FdJXkjQodkFzzyiBH5cXVGiZLOhal4koEvxGirr596qM97bIXiJWArdQIDAQAB"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_mailgun_dmarc" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "_dmarc.mg"
|
|
value = "v=DMARC1; p=quarantine; ruf=mailto:dmarc-report@jakehoward.tech;"
|
|
type = "TXT"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_mastodon" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "mastodon"
|
|
value = cloudflare_record.sys_domain_pve.hostname
|
|
type = "CNAME"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_comentario" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "comentario"
|
|
value = cloudflare_record.sys_domain_walker.value
|
|
type = "A"
|
|
ttl = 1
|
|
}
|
|
|
|
resource "cloudflare_record" "theorangeonenet_caa" {
|
|
zone_id = cloudflare_zone.theorangeonenet.id
|
|
name = "@"
|
|
type = "CAA"
|
|
ttl = 1
|
|
|
|
data = {
|
|
tag = "issue"
|
|
flags = 0
|
|
value = "letsencrypt.org"
|
|
}
|
|
}
|