From 2d269ab267000412e5f7d98ceac85a993a7de9b0 Mon Sep 17 00:00:00 2001
From: Ricard Illa <rilla@monotremata.xyz>
Date: Tue, 23 Aug 2022 17:24:21 +0200
Subject: [PATCH] namecheap: handle narwhal subdomains

---
 namecheap.tf | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/namecheap.tf b/namecheap.tf
index f6703e5..3e8dd7a 100644
--- a/namecheap.tf
+++ b/namecheap.tf
@@ -19,6 +19,16 @@ variable "caladan-hostnames" {
   default = ["@"]
 }
 
+// These are subdomains for services hosted on the host named `narwhal`.
+// They are only accessible from my internal network and my internal DNS server
+// takes care of that.
+// But I set the public A record to caladan's ipv4 just for renewing their
+// letsencrypt certificates. No need to set the AAAA record.
+variable "narwhal-hostnames" {
+  type = set(string)
+  default = ["authelia"]
+}
+
 provider "namecheap" {
   user_name = "gthar"
   api_user = "gthar"
@@ -39,6 +49,15 @@ resource "namecheap_domain_records" "monotremata-xyz" {
     }
   }
 
+  dynamic "record" {
+    for_each = var.narwhal-hostnames
+    content {
+      hostname = record.value
+      type = "A"
+      address = var.caladan-ips.v4
+    }
+  }
+
   dynamic "record" {
     for_each = var.caladan-hostnames
     content {