Compare commits

...

2 Commits

Author SHA1 Message Date
Ariadne Conill 1f871f55a7 fix DNS records
ci/woodpecker/push/dns Pipeline was successful Details
2022-07-17 20:19:22 +00:00
Ariadne Conill 25200dc9ec update to using glauca DNS
ci/woodpecker/push/dns Pipeline failed Details
2022-07-17 20:18:02 +00:00
1 changed files with 83 additions and 101 deletions

View File

@ -1,8 +1,8 @@
terraform { terraform {
required_providers { required_providers {
linode = { dns = {
source = "linode/linode" source = "hashicorp/dns"
version = "1.26.0" version = "3.2.3"
} }
} }
@ -16,162 +16,144 @@ terraform {
} }
} }
provider "linode" { provider "dns" {
token = var.token update {
} server = "ns1.as207960.net"
key_name = "treehouse.systems."
resource "linode_domain" "treehouse_domain" { key_algorithm = "hmac-sha512"
domain = "treehouse.systems" key_secret = var.secret
soa_email = "admin@treehouse.systems" }
type = "master"
} }
// Treehouse cluster: kn-linode-dallas // Treehouse cluster: kn-linode-dallas
// TODO(ariadne): Use linode data source to pull the kubernetes ingress // TODO(ariadne): Use linode data source to pull the kubernetes ingress
// IP addresses for this // IP addresses for this
resource "linode_domain_record" "kn_linode_dallas_ingress_v4" { resource "dns_a_record_set" "kn_linode_dallas_ingress_v4" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "kn-linode-dallas.ingress" name = "kn-linode-dallas.ingress"
record_type = "A" addresses = ["50.116.20.32"]
target = "50.116.20.32" ttl = 3600
ttl_sec = 30
} }
resource "linode_domain_record" "kn_linode_dallas_ingress_v6" { resource "dns_aaaa_record_set" "kn_linode_dallas_ingress_v6" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "kn-linode-dallas.ingress" name = "kn-linode-dallas.ingress"
record_type = "AAAA" addresses = ["2600:3c00::f03c:93ff:fee2:d097"]
target = "2600:3c00::f03c:93ff:fee2:d097" ttl = 3600
ttl_sec = 30
} }
// Treehouse cluster: kn-oci-sanjose // Treehouse cluster: kn-oci-sanjose
// TODO(ariadne): decommission me // TODO(ariadne): decommission me
resource "linode_domain_record" "kn_oci_sanjose_ingress_v4" { resource "dns_a_record_set" "kn_oci_sanjose_ingress_v4" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "kn-oci-sanjose.ingress" name = "kn-oci-sanjose.ingress"
record_type = "A" addresses = ["152.67.234.163"]
target = "152.67.234.163" ttl = 3600
ttl_sec = 30
} }
resource "linode_domain_record" "kn_oci_sanjose_ingress_v6" { resource "dns_aaaa_record_set" "kn_oci_sanjose_ingress_v6" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "kn-oci-sanjose.ingress" name = "kn-oci-sanjose.ingress"
record_type = "AAAA" addresses = ["2603:c024:c000:100::80"]
target = "2603:c024:c000:100::80" ttl = 3600
ttl_sec = 30
} }
// Treehouse services: Gitea // Treehouse services: Gitea
resource "linode_domain_record" "gitea_v4" { resource "dns_a_record_set" "gitea_v4" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "gitea" name = "gitea"
record_type = "A" addresses = ["104.250.236.2"]
target = "104.250.236.2" ttl = 3600
ttl_sec = 30
} }
resource "linode_domain_record" "gitea_v6" { resource "dns_aaaa_record_set" "gitea_v6" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "gitea" name = "gitea"
record_type = "AAAA" addresses = ["2602:fd37:1:0:104:250:236:2"]
target = "2602:fd37:1:0:104:250:236:2" ttl = 3600
ttl_sec = 30
} }
resource "linode_domain_record" "woodpecker_cname" { resource "dns_cname_record" "woodpecker_cname" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "woodpecker" name = "woodpecker"
record_type = "CNAME" cname = "gitea.treehouse.systems."
target = "gitea.treehouse.systems" ttl = 3600
ttl_sec = 30
} }
// Treehouse services: Mastodon (running on kn-linode-dallas) // Treehouse services: Mastodon (running on kn-linode-dallas)
resource "linode_domain_record" "social_cname" { resource "dns_cname_record" "social_cname" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "social" name = "social"
record_type = "CNAME" cname = "kn-linode-dallas.ingress.treehouse.systems."
target = "kn-linode-dallas.ingress.treehouse.systems" ttl = 3600
ttl_sec = 30
} }
resource "linode_domain_record" "cache_cname" { resource "dns_cname_record" "cache_cname" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "cache" name = "cache"
record_type = "CNAME" cname = "treehousesystems.b-cdn.net."
target = "treehousesystems.b-cdn.net" ttl = 3600
ttl_sec = 30
} }
// Treehouse services: Discord redirector. // Treehouse services: Discord redirector.
// TODO(ariadne): This is really now treehouse.systems/discord, but // TODO(ariadne): This is really now treehouse.systems/discord, but
// we need to keep this one for a while until it can be fully // we need to keep this one for a while until it can be fully
// decommissioned. // decommissioned.
resource "linode_domain_record" "discord_cname" { resource "dns_cname_record" "discord_cname" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "discord" name = "discord"
record_type = "CNAME" cname = "kn-oci-sanjose.ingress.treehouse.systems."
target = "kn-oci-sanjose.ingress.treehouse.systems" ttl = 3600
ttl_sec = 30
} }
// Treehouse services: Minecraft (OVH, managed by Kenneth) // Treehouse services: Minecraft (OVH, managed by Kenneth)
resource "linode_domain_record" "minecraft_cname" { resource "dns_cname_record" "minecraft_cname" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "survival.minecraft" name = "survival.minecraft"
record_type = "CNAME" cname = "survival.treehouse.fork.run."
target = "survival.treehouse.fork.run" ttl = 3600
ttl_sec = 30
} }
// Apex domain settings. // Apex domain settings.
resource "linode_domain_record" "apex_v4" { resource "dns_a_record_set" "apex_v4" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "" addresses = ["152.67.234.163"]
record_type = "A" ttl = 3600
target = "152.67.234.163"
ttl_sec = 30
} }
resource "linode_domain_record" "apex_v6" { resource "dns_aaaa_record_set" "apex_v6" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "" addresses = ["2603:c024:c000:100::80"]
record_type = "AAAA" ttl = 3600
target = "2603:c024:c000:100::80"
ttl_sec = 30
} }
resource "linode_domain_record" "apex_mx" { resource "dns_mx_record_set" "apex_mx" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = ""
record_type = "MX" mx {
target = "mx1.mailbun.net" preference = 5
priority = "5" exchange = "mx1.mailbun.net."
ttl_sec = 30 }
ttl = 3600
} }
resource "linode_domain_record" "apex_spf" { resource "dns_txt_record_set" "apex_spf" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "" txt = ["v=spf1 a mx include:spf.mailbun.net ~all"]
record_type = "TXT" ttl = 3600
target = "v=spf1 a mx include:spf.mailbun.net ~all"
ttl_sec = 30
} }
resource "linode_domain_record" "apex_dmarc" { resource "dns_txt_record_set" "apex_dmarc" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "_dmarc" name = "_dmarc"
record_type = "TXT" txt = ["v=DMARC1; p=none; fo=1; rua=mailto:admin@treehouse.systems"]
target = "v=DMARC1; p=none; fo=1; rua=mailto:admin@treehouse.systems" ttl = 3600
ttl_sec = 30
} }
resource "linode_domain_record" "apex_domainkey" { resource "dns_txt_record_set" "apex_domainkey" {
domain_id = "${linode_domain.treehouse_domain.id}" zone = "treehouse.systems."
name = "mailbun._domainkey" name = "mailbun._domainkey"
record_type = "TXT" txt = ["v=DKIM1; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJGZN1aCAUd8CqyQA7Akzkvns+Wq/w70ft2xr0B8jFp0DtW8BtyLLAsErpIp5ZTDgReYGgL7cNcSsNQRn+d6ZaOBGlC/gH1T3KYfbsvavOdnbGx9gofi6x8I5QOOLhp7epK5YkaP/Igg58Zm0ni3jdeMCuX+qkJVqn2WVv8IcRtIA3zJrTYOW3lGCj1ieezl5ref+43mFvcUqidToR9XyHNmi1RowmWAofbZASXkNqZiR1P2Jw3s7q6p0fAEz6bODNOmngIlRAaKjBfDVezsaTeQJwsMg9g58GigVTSb9gMHRZon61yxWcCJtcivPug7xAVlVU+MMkDr7MfvUke5KQIDAQAB"]
target = "v=DKIM1; k=rsa; s=email; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJGZN1aCAUd8CqyQA7Akzkvns+Wq/w70ft2xr0B8jFp0DtW8BtyLLAsErpIp5ZTDgReYGgL7cNcSsNQRn+d6ZaOBGlC/gH1T3KYfbsvavOdnbGx9gofi6x8I5QOOLhp7epK5YkaP/Igg58Zm0ni3jdeMCuX+qkJVqn2WVv8IcRtIA3zJrTYOW3lGCj1ieezl5ref+43mFvcUqidToR9XyHNmi1RowmWAofbZASXkNqZiR1P2Jw3s7q6p0fAEz6bODNOmngIlRAaKjBfDVezsaTeQJwsMg9g58GigVTSb9gMHRZon61yxWcCJtcivPug7xAVlVU+MMkDr7MfvUke5KQIDAQAB" ttl = 3600
ttl_sec = 30
} }