michael/IaC
1
0
Fork 0
Code Packages

add more dns records

Browse Source
This commit is contained in:
michael 2024-11-29 01:35:04 -05:00
parent d6983b4744
commit 1775e24a45
3 changed files with 73 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
terraform/cloudflare/main.tf
View File

@ -8,7 +8,7 @@ terraform {
} }
} }
backend "local" { backend "local" {
path = pathexpand("~/Backups/tfstate/cloudflare.tfstate") # path = pathexpand("~/Backups/tfstate/cloudflare.tfstate")
} }
} }
@ -23,6 +23,10 @@ locals {
for index, record in distinct(var.dns_records) : # 'distint' removes duplicate values from a list for index, record in distinct(var.dns_records) : # 'distint' removes duplicate values from a list
tostring(index) => record tostring(index) => record
} }
mx_records = {
for index, record in distinct(var.mx_records) : # 'distint' removes duplicate values from a list
tostring(index) => record
}
} }
resource "cloudflare_zone" "balsillie_net" { resource "cloudflare_zone" "balsillie_net" {
@ -47,4 +51,15 @@ resource "cloudflare_record" "dns_records" {
ttl = each.value.ttl ttl = each.value.ttl
} }
resource "cloudflare_record" "mx_records" {
for_each = local.mx_records
zone_id = cloudflare_zone.balsillie_net.id
proxied = false
name = each.value.name
type = each.value.type
content = each.value.content
priority = each.value.priority
ttl = each.value.ttl
}
# TODO update the SOA record when dns_records resource was changed # TODO update the SOA record when dns_records resource was changed

24
terraform/cloudflare/variable_definitions.tf
View File

@ -15,3 +15,27 @@ variable "dns_records" {
})) }))
default = [] default = []
} }
variable "mx_records" {
description = "DNS MX records to create"
type = list(object({
name = string
type = string
content = string
priority = number
ttl = number
}))
default = []
}
variable "caa_records" {
description = "DNS CAA records to create"
type = list(object({
name = string
type = string
content = string
# priority = number
ttl = number
}))
default = []
}

57
terraform/cloudflare/variables.auto.tfvars
View File

@ -1,26 +1,35 @@
dns_records = [ dns_records = [
{ name = "@", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "@", type = "TXT", content = "\"v=spf1 +ip4:5.161.254.39 -all\"", ttl = 60 },
{ name = "www", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "@", type = "TXT", content = "\"openpgp4fpr:2362b71cc210e435244d63dae81ed7810d966cd4\"", ttl = 60 },
{ name = "cloud", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "_dmarc", type = "TXT", content = "\"v=DMARC1; p=reject; rua=mailto:postmaster@balsillie.net; ruf=mailto:postmaster@balsillie.net; sp=reject; fo=1; aspf=s; adkim=s; ri=259200\"", ttl = 60 },
{ name = "hetzner", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "mail._domainkey", type = "TXT", content = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+URc62p2hXgTgt+1NEo8tCm1SWYPXlnsO9vQdz3SqM6SUXyV/nuLzHQBriJwEnL7sXlmMvfu7JkY4wx/q4nZUVqJ6P8tV4qqRTlPYf9EOtzdPetvz24NVcI8Jh1qo06K/JXTPwGssSDnacfC6B14Q06JPC+1Kx28pOu8XLZSJpwIDAQAB\"", ttl = 60 },
{ name = "imap", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "@", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "sieve", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "www", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "smtp", type = "A", content = "5.161.254.39", ttl = 60 }, { name = "cloud", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "auth", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "imap", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "autoconfig", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "sieve", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "autodiscover", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "smtp", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "code", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "auth", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "discord-bridge", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "autoconfig", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "im", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "autodiscover", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "matrix", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "code", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "matrix-auth", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "im", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "matrix-federation", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "matrix", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "matrix-sync", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "matrix-auth", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "mta-sts", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "matrix-federation", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "notify", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "matrix-sync", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "office", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "mta-sts", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "signal-bridge", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "notify", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "social", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "office", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "turn", type = "CNAME", content = "hetzner", ttl = 60 }, { name = "social", type = "A", content = "5.161.254.39", ttl = 60 },
{ name = "whatsapp-bridge", type = "CNAME", content = "hetzner", ttl = 60 } { name = "turn", type = "A", content = "5.161.254.39", ttl = 60 }
]
mx_records = [
{ name = "@", type = "MX", content = "smtp.balsillie.net.", priority = 0, ttl = 60 }
]
caa_records = [
{ name = "@", type = "CAA", content = "0 issuewild ';'", ttl = 60 },
{ name = "@", type = "CAA", content = "0 issue \"letsencrypt.org\"", ttl = 60 }
] ]