rilla
/
terraform
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: added hetzner dns entries

main
Ricard Illa 2023-05-25 12:50:26 +02:00
parent 34de64e414
commit c9eb813b24
3 changed files with 143 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
justfile
View File

@ -13,6 +13,7 @@ export LINODE_TOKEN := `pass linode.com/token`
export VULTR_API_KEY := `pass vultr.com/api_key` export VULTR_API_KEY := `pass vultr.com/api_key`
export HTTP_PROXY := "caladan:8888" export HTTP_PROXY := "caladan:8888"
export HTTPS_PROXY := "caladan:8888" export HTTPS_PROXY := "caladan:8888"
export HETZNER_DNS_API_TOKEN := `pass hetzner.com/tokens/terraform`
init: init:
terraform init -backend-config="conn_str=postgres://{{pg_user}}:{{passwd}}@{{pg_host}}:{{pg_port}}/{{pg_db}}" terraform init -backend-config="conn_str=postgres://{{pg_user}}:{{passwd}}@{{pg_host}}:{{pg_port}}/{{pg_db}}"
@ -24,3 +25,5 @@ plan *ARGS:
apply *ARGS: apply *ARGS:
terraform apply {{ARGS}} terraform apply {{ARGS}}
terraform *ARGS:
terraform {{ARGS}}

136
modules/dns/hetzner.tf Normal file
View File

@ -0,0 +1,136 @@
resource "hetznerdns_zone" "monotremata_xyz" {
name = var.domain
ttl = 86400
}
resource "hetznerdns_record" "caladan_a" {
zone_id = hetznerdns_zone.monotremata_xyz.id
name = each.key
value = var.caladan.ipv4
type = "A"
ttl = 86400
for_each = var.caladan.domains
}
resource "hetznerdns_record" "caladan_aaaa" {
zone_id = hetznerdns_zone.monotremata_xyz.id
name = each.key
value = var.caladan.ipv6
type = "AAAA"
ttl = 86400
for_each = var.caladan.domains
}
resource "hetznerdns_record" "mx" {
zone_id = hetznerdns_zone.monotremata_xyz.id
name = each.value.name
value = each.value.value
type = each.value.type
for_each = {
A = {
type = "A"
name = "mail"
value = var.fugu.ipv4
}
AAAA = {
type = "AAAA"
name = "mail"
value = var.fugu.ipv6
}
MX = {
type = "MX"
name = var.domain,
value = format("0 mail.%s", var.domain) # handle MX priority 0
}
}
}
resource "hetznerdns_record" "mx2" {
zone_id = hetznerdns_zone.monotremata_xyz.id
name = each.value.name
value = each.value.value
type = each.value.type
for_each = {
A = {
type = "A"
name = "mx2"
value = var.caladan.ipv4
}
AAAA = {
type = "AAAA"
name = "mx2"
value = var.caladan.ipv6
}
MX = {
type = "MX"
name = var.domain
value = format("5 mx2.%s", var.domain) # handle MX priority 5
}
}
}
resource "hetznerdns_record" "mail_txt" {
zone_id = hetznerdns_zone.monotremata_xyz.id
type = "TXT"
name = each.value.name
value = each.value.value
for_each = {
spf = {
name = var.domain
value = jsonencode("v=spf1 mx -all")
}
dmarc = {
name = "_dmarc"
value = jsonencode(format("v=DMARC1;p=quarantine;pct=100;rua=mailto:postmaster@%s;;", var.domain))
}
dkim = {
name = "20201210._domainkey"
value = jsonencode(format("v=DKIM1;k=rsa;p=%s;", var.dkim_pub_key))
}
}
}
resource "hetznerdns_record" "matrix_srv" {
zone_id = hetznerdns_zone.monotremata_xyz.id
type = "SRV"
# service: matrix
# port: tcp
name = "_matrix._tcp"
# priority: 0
# weight: 0
# port: 443
# target: matrix.monotremata.xyz
value = format("0 10 443 matrix.%s", var.domain)
ttl = 3600 # 1hour
}
resource "hetznerdns_record" "xmpp_srv" {
zone_id = hetznerdns_zone.monotremata_xyz.id
type = "SRV"
# service: xmpp-client or xmpp-server
# protocol: tcp
name = format("_%s._tcp", each.value.service)
# priority: 5
# weight: 0
# port: 5222 or 5269
# target: xmpp.monotremata.xyz
value = format("5 0 %s xmpp.%s", each.value.port, var.domain)
ttl = 1800 // 30 min
for_each = {
client = {
service = "xmpp-client"
port = 5222
}
server = {
service = "xmpp-server"
port = 5269
}
}
}

4
modules/dns/main.tf
View File

@ -8,5 +8,9 @@ terraform {
source = "namecheap/namecheap" source = "namecheap/namecheap"
version = ">= 2.0.0" version = ">= 2.0.0"
} }
hetznerdns = {
source = "timohirt/hetznerdns"
version = ">=2.2.0"
}
} }
} }