phfroidmont/self-hosting
1
0
Fork 0
mirror of https://github.com/phfroidmont/self-hosting.git synced 2026-03-28 14:26:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Migrate DNS to official hcloud provider and fix mail IPv6 deliverability

Browse source 
Switched DNS management from timohirt/hetznerdns to official hetznercloud/hcloud RRSet resources, imported existing records, and removed legacy provider config. Also enabled mail.banditlair.com AAAA with matching rDNS to satisfy Gmail IPv6 sender checks
This commit is contained in:
Paul-Henri Froidmont 2026-03-27 02:32:45 +01:00
parent a6571d5f39
commit 02e8e936c2
Signed by: phfroidmont
GPG key ID: BE948AFD7E7873BE
2 changed files with 176 additions and 211 deletions
Download patch file Download diff file Expand all files Collapse all files

20
terraform/config.tf
View file

@ -10,29 +10,11 @@ terraform {
required_providers { required_providers {
hcloud = { hcloud = {
source = "hetznercloud/hcloud" source = "hetznercloud/hcloud"
version = "~> 1.49" version = "~> 1.60"
} }
null = { null = {
source = "hashicorp/null" source = "hashicorp/null"
version = "~> 3.2" version = "~> 3.2"
} }
hetznerdns = {
source = "timohirt/hetznerdns"
version = ">= 2.2.0"
}
sops = {
source = "carlpett/sops"
version = "~> 0.7"
}
} }
} }
data "sops_file" "secrets" {
source_file = "../secrets.enc.yml"
}
provider "hetznerdns" {
apitoken = data.sops_file.secrets.data["hcloud.dns_token"]
}

361
terraform/dns.tf
View file

@ -4,472 +4,455 @@ locals {
hel1_ipv6 = "2a01:4f9:3100:1202::2" hel1_ipv6 = "2a01:4f9:3100:1202::2"
} }
data "hetznerdns_zone" "froidmont_solutions_zone" { data "hcloud_zone" "banditlair_zone" {
name = "froidmont.solutions"
}
resource "hetznerdns_record" "nextcloud_froidmont_solutions_a" {
zone_id = data.hetznerdns_zone.froidmont_solutions_zone.id
name = "cloud"
value = local.hel1_ip
type = "A"
ttl = 600
}
data "hetznerdns_zone" "banditlair_zone" {
name = "banditlair.com" name = "banditlair.com"
} }
resource "hetznerdns_record" "banditlair_hcloud_a" { resource "hcloud_zone_rrset" "banditlair_hcloud_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "@" name = "@"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "banditlair_mcmap_a" { resource "hcloud_zone_rrset" "banditlair_mcmap_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "mcmap" name = "mcmap"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "webmail_a" { resource "hcloud_zone_rrset" "webmail_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "webmail" name = "webmail"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "mail_a" { resource "hcloud_zone_rrset" "mail_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "mail" name = "mail"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
# resource "hetznerdns_record" "mail_aaaa" { resource "hcloud_zone_rrset" "mail_aaaa" {
# zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
# name = "mail" name = "mail"
# value = local.hel1_ipv6 records = [{ value = local.hel1_ipv6 }]
# type = "AAAA" type = "AAAA"
# ttl = 600 }
# }
resource "hetznerdns_record" "hel1_a" { resource "hcloud_zone_rrset" "hel1_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "hel1" name = "hel1"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "ws_a" { resource "hcloud_zone_rrset" "ws_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "ws" name = "ws"
value = hcloud_server.relay1.ipv4_address records = [{ value = hcloud_server.relay1.ipv4_address }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "grafana_a" { resource "hcloud_zone_rrset" "grafana_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "grafana" name = "grafana"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "jellyfin_a" { resource "hcloud_zone_rrset" "jellyfin_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "jellyfin" name = "jellyfin"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "status_banditlair_a" { resource "hcloud_zone_rrset" "status_banditlair_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "status" name = "status"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "jitsi_a" { resource "hcloud_zone_rrset" "jitsi_a" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "jitsi" name = "jitsi"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "uptime_a" { resource "hcloud_zone_rrset" "uptime_a" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "uptime" name = "uptime"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "transmission_a" { resource "hcloud_zone_rrset" "transmission_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "transmission" name = "transmission"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "jackett_a" { resource "hcloud_zone_rrset" "jackett_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "jackett" name = "jackett"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "sonarr_a" { resource "hcloud_zone_rrset" "sonarr_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "sonarr" name = "sonarr"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "radarr_a" { resource "hcloud_zone_rrset" "radarr_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "radarr" name = "radarr"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "lidarr_a" { resource "hcloud_zone_rrset" "lidarr_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "lidarr" name = "lidarr"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "slskd_a" { resource "hcloud_zone_rrset" "slskd_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "slskd" name = "slskd"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "vtt_a" { resource "hcloud_zone_rrset" "vtt_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "vtt" name = "vtt"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "photos_a" { resource "hcloud_zone_rrset" "photos_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "photos" name = "photos"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "monero_a" { resource "hcloud_zone_rrset" "monero_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "monero" name = "monero"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "anderia_a" { resource "hcloud_zone_rrset" "anderia_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "anderia" name = "anderia"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "arkadia_a" { resource "hcloud_zone_rrset" "arkadia_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "arkadia" name = "arkadia"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "chroniques_a" { resource "hcloud_zone_rrset" "chroniques_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "chroniques" name = "chroniques"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "cifirpg_a" { resource "hcloud_zone_rrset" "cifirpg_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "scifirpg" name = "scifirpg"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "banditlair_dedicated_a" { resource "hcloud_zone_rrset" "banditlair_dedicated_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "*" name = "*"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "nextcloud_a" { resource "hcloud_zone_rrset" "nextcloud_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "cloud" name = "cloud"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
# Matrix # Matrix
resource "hetznerdns_record" "matrix_a" { resource "hcloud_zone_rrset" "matrix_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "matrix" name = "matrix"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "matrix_srv" { resource "hcloud_zone_rrset" "matrix_srv" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "_matrix._tcp" name = "_matrix._tcp"
value = "12 10 443 matrix" records = [{ value = "12 10 443 matrix.banditlair.com." }]
type = "SRV" type = "SRV"
ttl = 86400
} }
resource "hetznerdns_record" "coturn_a" { resource "hcloud_zone_rrset" "coturn_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "turn" name = "turn"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "ch_a" { resource "hcloud_zone_rrset" "ch_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "ch" name = "ch"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "hs_a" { resource "hcloud_zone_rrset" "hs_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "hs" name = "hs"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
# Email # Email
resource "hetznerdns_record" "mail_mx" { resource "hcloud_zone_rrset" "mail_mx" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "@" name = "@"
value = "12 mail" records = [{ value = "12 mail.banditlair.com." }]
type = "MX" type = "MX"
ttl = 86400
} }
resource "hetznerdns_record" "spf_txt" { resource "hcloud_zone_rrset" "spf_txt" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "@" name = "@"
value = "\"v=spf1 mx -all\"" records = [{ value = "\"v=spf1 mx -all\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "dmarc_txt" { resource "hcloud_zone_rrset" "dmarc_txt" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "_dmarc" name = "_dmarc"
value = local.dmarc_value records = [{ value = local.dmarc_value }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "dmarc_report_froidmont_txt" { resource "hcloud_zone_rrset" "dmarc_report_froidmont_txt" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "froidmont.org._report._dmarc" name = "froidmont.org._report._dmarc"
value = "\"v=DMARC1\"" records = [{ value = "\"v=DMARC1\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "dmarc_report_falbo_txt" { resource "hcloud_zone_rrset" "dmarc_report_falbo_txt" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "falbo.fr._report._dmarc" name = "falbo.fr._report._dmarc"
value = "\"v=DMARC1\"" records = [{ value = "\"v=DMARC1\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "dkim_txt" { resource "hcloud_zone_rrset" "dkim_txt" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "mail._domainkey" name = "mail._domainkey"
value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgRhQ9zN4hkiASKH4kTfWUSBz+Ov7BvH0459BDVeSNQFjH3KjmofJicKQ6eWXGJOSz4jCpNDRdgMbkVHEiTHOcKd/u9LqxEchWKZU50lwSrYhUmr8j+b4vgf+sUxIWKCZUNuyrDp2ROeheA3Pbx+fYJb3VhGTZecLlchMrRjBJqwIDAQAB\"" records = [{ value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgRhQ9zN4hkiASKH4kTfWUSBz+Ov7BvH0459BDVeSNQFjH3KjmofJicKQ6eWXGJOSz4jCpNDRdgMbkVHEiTHOcKd/u9LqxEchWKZU50lwSrYhUmr8j+b4vgf+sUxIWKCZUNuyrDp2ROeheA3Pbx+fYJb3VhGTZecLlchMrRjBJqwIDAQAB\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
data "hetznerdns_zone" "falbo_zone" { data "hcloud_zone" "falbo_zone" {
name = "falbo.fr" name = "falbo.fr"
} }
resource "hetznerdns_record" "falbo_a" { resource "hcloud_zone_rrset" "falbo_a" {
zone_id = data.hetznerdns_zone.falbo_zone.id zone = data.hcloud_zone.falbo_zone.name
name = "@" name = "@"
value = hetznerdns_record.banditlair_dedicated_a.value records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "falbo_cname" { resource "hcloud_zone_rrset" "falbo_cname" {
zone_id = data.hetznerdns_zone.falbo_zone.id zone = data.hcloud_zone.falbo_zone.name
name = "*" name = "*"
value = "${data.hetznerdns_zone.falbo_zone.name}." records = [{ value = "${data.hcloud_zone.falbo_zone.name}." }]
type = "CNAME" type = "CNAME"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "falbo_mail_mx" { resource "hcloud_zone_rrset" "falbo_mail_mx" {
zone_id = data.hetznerdns_zone.falbo_zone.id zone = data.hcloud_zone.falbo_zone.name
name = "@" name = "@"
value = "12 mail.${data.hetznerdns_zone.banditlair_zone.name}." records = [{ value = "12 mail.${data.hcloud_zone.banditlair_zone.name}." }]
type = "MX" type = "MX"
ttl = 86400
} }
resource "hetznerdns_record" "falbo_spf_txt" { resource "hcloud_zone_rrset" "falbo_spf_txt" {
zone_id = data.hetznerdns_zone.falbo_zone.id zone = data.hcloud_zone.falbo_zone.name
name = "@" name = "@"
value = "\"v=spf1 include:${data.hetznerdns_zone.banditlair_zone.name} -all\"" records = [{ value = "\"v=spf1 include:${data.hcloud_zone.banditlair_zone.name} -all\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "falbo_dmarc_txt" { resource "hcloud_zone_rrset" "falbo_dmarc_txt" {
zone_id = data.hetznerdns_zone.falbo_zone.id zone = data.hcloud_zone.falbo_zone.name
name = "_dmarc" name = "_dmarc"
value = local.dmarc_value records = [{ value = local.dmarc_value }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "falbo_dkim_txt" { resource "hcloud_zone_rrset" "falbo_dkim_txt" {
zone_id = data.hetznerdns_zone.falbo_zone.id zone = data.hcloud_zone.falbo_zone.name
name = "mail._domainkey" name = "mail._domainkey"
value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCY6ESTQcWbZVNxjb8TFhpyhCoG6Ri8OV1MijDHGNmpLye8AsuMzaEdcFk59AoIWPI6P9ZGIXzYTTwRxXhCIBrRJgcDGrbTAQ7tuaKggJRCXhan7FVMizZSJ53NEr3f4PFaBtrV0Ni8f7ENuT6WcQQ+JsMN3vEGbwA1LmgHH2XSBQIDAQAB\"" records = [{ value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCY6ESTQcWbZVNxjb8TFhpyhCoG6Ri8OV1MijDHGNmpLye8AsuMzaEdcFk59AoIWPI6P9ZGIXzYTTwRxXhCIBrRJgcDGrbTAQ7tuaKggJRCXhan7FVMizZSJ53NEr3f4PFaBtrV0Ni8f7ENuT6WcQQ+JsMN3vEGbwA1LmgHH2XSBQIDAQAB\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
data "hetznerdns_zone" "froidmont_zone" { data "hcloud_zone" "froidmont_zone" {
name = "froidmont.org" name = "froidmont.org"
} }
resource "hetznerdns_record" "froidmont_a" { resource "hcloud_zone_rrset" "froidmont_a" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "@" name = "@"
value = hetznerdns_record.banditlair_dedicated_a.value records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "rl_a" { resource "hcloud_zone_rrset" "rl_a" {
zone_id = data.hetznerdns_zone.banditlair_zone.id zone = data.hcloud_zone.banditlair_zone.name
name = "rl" name = "rl"
value = hcloud_server.relay1.ipv4_address records = [{ value = hcloud_server.relay1.ipv4_address }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "website_marie_a" { resource "hcloud_zone_rrset" "website_marie_a" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "osteopathie" name = "osteopathie"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "forge_a" { resource "hcloud_zone_rrset" "forge_a" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "forge" name = "forge"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "froidmont_cname" { resource "hcloud_zone_rrset" "froidmont_cname" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "*" name = "*"
value = "${data.hetznerdns_zone.froidmont_zone.name}." records = [{ value = "${data.hcloud_zone.froidmont_zone.name}." }]
type = "CNAME" type = "CNAME"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "froidmont_mail_mx" { resource "hcloud_zone_rrset" "froidmont_mail_mx" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "@" name = "@"
value = "12 mail.${data.hetznerdns_zone.banditlair_zone.name}." records = [{ value = "12 mail.${data.hcloud_zone.banditlair_zone.name}." }]
type = "MX" type = "MX"
ttl = 86400
} }
resource "hetznerdns_record" "froidmont_spf_txt" { resource "hcloud_zone_rrset" "froidmont_spf_txt" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "@" name = "@"
value = "\"v=spf1 include:${data.hetznerdns_zone.banditlair_zone.name} -all\"" records = [{ value = "\"v=spf1 include:${data.hcloud_zone.banditlair_zone.name} -all\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "froidmont_dmarc_txt" { resource "hcloud_zone_rrset" "froidmont_dmarc_txt" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "_dmarc" name = "_dmarc"
value = local.dmarc_value records = [{ value = local.dmarc_value }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "froidmont_dkim_txt" { resource "hcloud_zone_rrset" "froidmont_dkim_txt" {
zone_id = data.hetznerdns_zone.froidmont_zone.id zone = data.hcloud_zone.froidmont_zone.name
name = "mail._domainkey" name = "mail._domainkey"
value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoY56+gnsfCFGVchumtl7mnRuFENBKoTojxpMZQ8kHPY68pkTg7Xw0M6GtfLQQa/2VGCddQIYcXH74nu7J/4vakEPLp7JYsToqbLOucfXoFbBAQN3N43YyUsp8DqMh80y0UjItHf04HQUfa+OyjJWZD9JZm2oKIAO4Z0X0RoSyWwIDAQAB\"" records = [{ value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoY56+gnsfCFGVchumtl7mnRuFENBKoTojxpMZQ8kHPY68pkTg7Xw0M6GtfLQQa/2VGCddQIYcXH74nu7J/4vakEPLp7JYsToqbLOucfXoFbBAQN3N43YyUsp8DqMh80y0UjItHf04HQUfa+OyjJWZD9JZm2oKIAO4Z0X0RoSyWwIDAQAB\"" }]
type = "TXT" type = "TXT"
ttl = 600 ttl = 600
} }
data "hetznerdns_zone" "stb_zone" { data "hcloud_zone" "stb_zone" {
name = "societe-de-tir-bertrix.com" name = "societe-de-tir-bertrix.com"
} }
resource "hetznerdns_record" "stb_a" { resource "hcloud_zone_rrset" "stb_a" {
zone_id = data.hetznerdns_zone.stb_zone.id zone = data.hcloud_zone.stb_zone.name
name = "@" name = "@"
value = local.hel1_ip records = [{ value = local.hel1_ip }]
type = "A" type = "A"
ttl = 600 ttl = 600
} }
resource "hetznerdns_record" "stb_cname" { resource "hcloud_zone_rrset" "stb_cname" {
zone_id = data.hetznerdns_zone.stb_zone.id zone = data.hcloud_zone.stb_zone.name
name = "*" name = "*"
value = "${data.hetznerdns_zone.stb_zone.name}." records = [{ value = "${data.hcloud_zone.stb_zone.name}." }]
type = "CNAME" type = "CNAME"
ttl = 600 ttl = 600
} }