update to using glauca DNS
ci/woodpecker/push/dns Pipeline failed
Details
ci/woodpecker/push/dns Pipeline failed
Details
parent
d63adb31b6
commit
25200dc9ec
183
dns/main.tf
183
dns/main.tf
|
@ -1,8 +1,8 @@
|
||||||
terraform {
|
terraform {
|
||||||
required_providers {
|
required_providers {
|
||||||
linode = {
|
dns = {
|
||||||
source = "linode/linode"
|
source = "hashicorp/dns"
|
||||||
version = "1.26.0"
|
version = "3.2.3"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -16,162 +16,145 @@ terraform {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "linode" {
|
provider "dns" {
|
||||||
token = var.token
|
update {
|
||||||
}
|
server = "ns1.as207960.net"
|
||||||
|
key_name = "treehouse.systems."
|
||||||
resource "linode_domain" "treehouse_domain" {
|
key_algorithm = "hmac-sha512"
|
||||||
domain = "treehouse.systems"
|
key_secret = var.secret
|
||||||
soa_email = "admin@treehouse.systems"
|
}
|
||||||
type = "master"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Treehouse cluster: kn-linode-dallas
|
// Treehouse cluster: kn-linode-dallas
|
||||||
// TODO(ariadne): Use linode data source to pull the kubernetes ingress
|
// TODO(ariadne): Use linode data source to pull the kubernetes ingress
|
||||||
// IP addresses for this
|
// IP addresses for this
|
||||||
resource "linode_domain_record" "kn_linode_dallas_ingress_v4" {
|
resource "dns_a_record_set" "kn_linode_dallas_ingress_v4" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "kn-linode-dallas.ingress"
|
name = "kn-linode-dallas.ingress"
|
||||||
record_type = "A"
|
addresses = ["50.116.20.32"]
|
||||||
target = "50.116.20.32"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "kn_linode_dallas_ingress_v6" {
|
resource "dns_aaaa_record_set" "kn_linode_dallas_ingress_v6" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "kn-linode-dallas.ingress"
|
name = "kn-linode-dallas.ingress"
|
||||||
record_type = "AAAA"
|
addresses = ["2600:3c00::f03c:93ff:fee2:d097"]
|
||||||
target = "2600:3c00::f03c:93ff:fee2:d097"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Treehouse cluster: kn-oci-sanjose
|
// Treehouse cluster: kn-oci-sanjose
|
||||||
// TODO(ariadne): decommission me
|
// TODO(ariadne): decommission me
|
||||||
resource "linode_domain_record" "kn_oci_sanjose_ingress_v4" {
|
resource "dns_a_record_set" "kn_oci_sanjose_ingress_v4" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "kn-oci-sanjose.ingress"
|
name = "kn-oci-sanjose.ingress"
|
||||||
record_type = "A"
|
addresses = ["152.67.234.163"]
|
||||||
target = "152.67.234.163"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "kn_oci_sanjose_ingress_v6" {
|
resource "dns_aaaa_record_set" "kn_oci_sanjose_ingress_v6" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "kn-oci-sanjose.ingress"
|
name = "kn-oci-sanjose.ingress"
|
||||||
record_type = "AAAA"
|
addresses = ["2603:c024:c000:100::80"]
|
||||||
target = "2603:c024:c000:100::80"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Treehouse services: Gitea
|
// Treehouse services: Gitea
|
||||||
resource "linode_domain_record" "gitea_v4" {
|
resource "dns_a_record_set" "gitea_v4" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "gitea"
|
name = "gitea"
|
||||||
record_type = "A"
|
addresses = ["104.250.236.2"]
|
||||||
target = "104.250.236.2"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "gitea_v6" {
|
resource "dns_aaaa_record_set" "gitea_v6" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "gitea"
|
name = "gitea"
|
||||||
record_type = "AAAA"
|
addresses = ["2602:fd37:1:0:104:250:236:2"]
|
||||||
target = "2602:fd37:1:0:104:250:236:2"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "woodpecker_cname" {
|
resource "dns_cname_record" "woodpecker_cname" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "woodpecker"
|
name = "woodpecker"
|
||||||
record_type = "CNAME"
|
cname = "gitea.treehouse.systems"
|
||||||
target = "gitea.treehouse.systems"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Treehouse services: Mastodon (running on kn-linode-dallas)
|
// Treehouse services: Mastodon (running on kn-linode-dallas)
|
||||||
resource "linode_domain_record" "social_cname" {
|
resource "dns_cname_record" "social_cname" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "social"
|
name = "social"
|
||||||
record_type = "CNAME"
|
cname = "kn-linode-dallas.ingress.treehouse.systems"
|
||||||
target = "kn-linode-dallas.ingress.treehouse.systems"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "cache_cname" {
|
resource "dns_cname_record" "cache_cname" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "cache"
|
name = "cache"
|
||||||
record_type = "CNAME"
|
cname = "treehousesystems.b-cdn.net"
|
||||||
target = "treehousesystems.b-cdn.net"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Treehouse services: Discord redirector.
|
// Treehouse services: Discord redirector.
|
||||||
// TODO(ariadne): This is really now treehouse.systems/discord, but
|
// TODO(ariadne): This is really now treehouse.systems/discord, but
|
||||||
// we need to keep this one for a while until it can be fully
|
// we need to keep this one for a while until it can be fully
|
||||||
// decommissioned.
|
// decommissioned.
|
||||||
resource "linode_domain_record" "discord_cname" {
|
resource "dns_cname_record" "discord_cname" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "discord"
|
name = "discord"
|
||||||
record_type = "CNAME"
|
cname = "kn-oci-sanjose.ingress.treehouse.systems"
|
||||||
target = "kn-oci-sanjose.ingress.treehouse.systems"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Treehouse services: Minecraft (OVH, managed by Kenneth)
|
// Treehouse services: Minecraft (OVH, managed by Kenneth)
|
||||||
resource "linode_domain_record" "minecraft_cname" {
|
resource "dns_cname_record" "minecraft_cname" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "survival.minecraft"
|
name = "survival.minecraft"
|
||||||
record_type = "CNAME"
|
record_type = "CNAME"
|
||||||
target = "survival.treehouse.fork.run"
|
cname = "survival.treehouse.fork.run"
|
||||||
ttl_sec = 30
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
||||||
// Apex domain settings.
|
// Apex domain settings.
|
||||||
resource "linode_domain_record" "apex_v4" {
|
resource "dns_a_record_set" "apex_v4" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = ""
|
addresses = ["152.67.234.163"]
|
||||||
record_type = "A"
|
ttl = 3600
|
||||||
target = "152.67.234.163"
|
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "apex_v6" {
|
resource "dns_aaaa_record_set" "apex_v6" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = ""
|
addresses = ["2603:c024:c000:100::80"]
|
||||||
record_type = "AAAA"
|
ttl = 3600
|
||||||
target = "2603:c024:c000:100::80"
|
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "apex_mx" {
|
resource "dns_mx_record_set" "apex_mx" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = ""
|
|
||||||
record_type = "MX"
|
mx {
|
||||||
target = "mx1.mailbun.net"
|
preference = 5
|
||||||
priority = "5"
|
exchange = "mx1.mailbun.net"
|
||||||
ttl_sec = 30
|
}
|
||||||
|
|
||||||
|
ttl = 3600
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "apex_spf" {
|
resource "dns_txt_record_set" "apex_spf" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = ""
|
txt = ["v=spf1 a mx include:spf.mailbun.net ~all"]
|
||||||
record_type = "TXT"
|
ttl = 3600
|
||||||
target = "v=spf1 a mx include:spf.mailbun.net ~all"
|
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "apex_dmarc" {
|
resource "dns_txt_record_set" "apex_dmarc" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "_dmarc"
|
name = "_dmarc"
|
||||||
record_type = "TXT"
|
txt = ["v=DMARC1; p=none; fo=1; rua=mailto:admin@treehouse.systems"]
|
||||||
target = "v=DMARC1; p=none; fo=1; rua=mailto:admin@treehouse.systems"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "linode_domain_record" "apex_domainkey" {
|
resource "dns_txt_record_set" "apex_domainkey" {
|
||||||
domain_id = "${linode_domain.treehouse_domain.id}"
|
zone = "treehouse.systems."
|
||||||
name = "mailbun._domainkey"
|
name = "mailbun._domainkey"
|
||||||
record_type = "TXT"
|
txt = ["v=DKIM1; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJGZN1aCAUd8CqyQA7Akzkvns+Wq/w70ft2xr0B8jFp0DtW8BtyLLAsErpIp5ZTDgReYGgL7cNcSsNQRn+d6ZaOBGlC/gH1T3KYfbsvavOdnbGx9gofi6x8I5QOOLhp7epK5YkaP/Igg58Zm0ni3jdeMCuX+qkJVqn2WVv8IcRtIA3zJrTYOW3lGCj1ieezl5ref+43mFvcUqidToR9XyHNmi1RowmWAofbZASXkNqZiR1P2Jw3s7q6p0fAEz6bODNOmngIlRAaKjBfDVezsaTeQJwsMg9g58GigVTSb9gMHRZon61yxWcCJtcivPug7xAVlVU+MMkDr7MfvUke5KQIDAQAB"]
|
||||||
target = "v=DKIM1; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJGZN1aCAUd8CqyQA7Akzkvns+Wq/w70ft2xr0B8jFp0DtW8BtyLLAsErpIp5ZTDgReYGgL7cNcSsNQRn+d6ZaOBGlC/gH1T3KYfbsvavOdnbGx9gofi6x8I5QOOLhp7epK5YkaP/Igg58Zm0ni3jdeMCuX+qkJVqn2WVv8IcRtIA3zJrTYOW3lGCj1ieezl5ref+43mFvcUqidToR9XyHNmi1RowmWAofbZASXkNqZiR1P2Jw3s7q6p0fAEz6bODNOmngIlRAaKjBfDVezsaTeQJwsMg9g58GigVTSb9gMHRZon61yxWcCJtcivPug7xAVlVU+MMkDr7MfvUke5KQIDAQAB"
|
ttl = 3600
|
||||||
ttl_sec = 30
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue