clan-infra/terraform/web01/dns.tf

locals {
  hostnames = [
    "@",
    "git",
    "mail",
    "cache",
    "matrix",
    "www",
    "docs",
    "metrics",
    "buildbot"
  ]
}

resource "hetznerdns_zone" "server" {
  name = var.dns_zone
  ttl  = 3600
}

resource "hetznerdns_record" "server_a" {
  for_each = toset(local.hostnames)
  zone_id  = hetznerdns_zone.server.id
  name     = each.value
  type     = "A"
  value    = var.ipv4_address
}

resource "hetznerdns_record" "server_aaaa" {
  for_each = toset(local.hostnames)
  zone_id  = hetznerdns_zone.server.id
  name     = each.value
  type     = "AAAA"
  value    = var.ipv6_address
}

# for sending emails
resource "hetznerdns_record" "spf" {
  zone_id = hetznerdns_zone.server.id
  name    = "@"
  type    = "TXT"
  value   = "\"v=spf1 ip4:${var.ipv4_address} ip6:${var.ipv6_address} ~all\""
}

resource "hetznerdns_record" "dkim" {
  zone_id = hetznerdns_zone.server.id
  name    = "mail._domainkey"
  type    = "TXT"
  # take from `systemctl status opendkim`
  value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdw2gyAg5TW2/OO2u8sbzlI6vfLkPycr4ufpfFQVvpd31hb6ctvpWXlzVHUDi9KyaWRydB7cAmYvPuZ7KFi1XPzQ213vy0S0AEbnXOJsTyT5FR8cmiuHPhiWGSMrSlB/l78kG6xK6A1x2lWCm2r7z/dzkLyCgAqI79YaUTcYO0eQIDAQAB\""
}

resource "hetznerdns_record" "adsp" {
  zone_id = hetznerdns_zone.server.id
  name    = "_adsp._hostnamekey"
  type    = "TXT"
  value   = "\"dkim=all;\""
}

resource "hetznerdns_record" "matrix" {
  zone_id = hetznerdns_zone.server.id
  name    = "_matrix._tcp"
  type    = "SRV"
  value   = "0 5 443 matrix"
}

resource "hetznerdns_record" "dmarc" {
  zone_id = hetznerdns_zone.server.id
  name    = "_dmarc"
  type    = "TXT"
  value   = "\"v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:joerc.dmarc@thalheim.io; ruf=mailto:joerg.dmarc@thalheim.io; pct=100\""
}
add matrix server 2023-07-13 15:47:35 +00:00			`locals {`
add metrics.clan.lol 2024-04-13 14:08:20 +00:00			`hostnames = [`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`"@",`
			`"git",`
			`"mail",`
			`"cache",`
			`"matrix",`
add docs.clan.lol 2024-04-12 14:11:21 +00:00			`"www",`
add metrics.clan.lol 2024-04-13 14:08:20 +00:00			`"docs",`
add buildbot subdomain 2024-04-30 11:14:46 +00:00			`"metrics",`
			`"buildbot"`
add matrix server 2023-07-13 15:47:35 +00:00			`]`
add gitea 2023-07-04 17:56:58 +00:00			`}`

switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`resource "hetznerdns_zone" "server" {`
move web01-new to web01 and web01 to web01-old 2023-07-17 08:31:59 +00:00			`name = var.dns_zone`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`ttl = 3600`
			`}`
integrate postfix into gitea 2023-07-05 10:52:45 +00:00
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`resource "hetznerdns_record" "server_a" {`
add metrics.clan.lol 2024-04-13 14:08:20 +00:00			`for_each = toset(local.hostnames)`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`zone_id = hetznerdns_zone.server.id`
			`name = each.value`
			`type = "A"`
move web01-new to web01 and web01 to web01-old 2023-07-17 08:31:59 +00:00			`value = var.ipv4_address`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`}`

			`resource "hetznerdns_record" "server_aaaa" {`
add metrics.clan.lol 2024-04-13 14:08:20 +00:00			`for_each = toset(local.hostnames)`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`zone_id = hetznerdns_zone.server.id`
			`name = each.value`
			`type = "AAAA"`
move web01-new to web01 and web01 to web01-old 2023-07-17 08:31:59 +00:00			`value = var.ipv6_address`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`}`
integrate postfix into gitea 2023-07-05 10:52:45 +00:00
			`# for sending emails`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`resource "hetznerdns_record" "spf" {`
			`zone_id = hetznerdns_zone.server.id`
			`name = "@"`
			`type = "TXT"`
move web01-new to web01 and web01 to web01-old 2023-07-17 08:31:59 +00:00			`value = "\"v=spf1 ip4:${var.ipv4_address} ip6:${var.ipv6_address} ~all\""`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`}`

			`resource "hetznerdns_record" "dkim" {`
			`zone_id = hetznerdns_zone.server.id`
fixup dkim key 2024-06-10 10:00:10 +00:00			`name = "mail._domainkey"`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`type = "TXT"`
			# take from `systemctl status opendkim`
fixup dkim key 2024-06-10 10:00:10 +00:00			`value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdw2gyAg5TW2/OO2u8sbzlI6vfLkPycr4ufpfFQVvpd31hb6ctvpWXlzVHUDi9KyaWRydB7cAmYvPuZ7KFi1XPzQ213vy0S0AEbnXOJsTyT5FR8cmiuHPhiWGSMrSlB/l78kG6xK6A1x2lWCm2r7z/dzkLyCgAqI79YaUTcYO0eQIDAQAB\""`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`}`

			`resource "hetznerdns_record" "adsp" {`
			`zone_id = hetznerdns_zone.server.id`
move web01-new to web01 and web01 to web01-old 2023-07-17 08:31:59 +00:00			`name = "_adsp._hostnamekey"`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`type = "TXT"`
			`value = "\"dkim=all;\""`
dns: add matrix srv record 2023-07-13 16:41:09 +00:00			`}`

			`resource "hetznerdns_record" "matrix" {`
			`zone_id = hetznerdns_zone.server.id`
			`name = "_matrix._tcp"`
			`type = "SRV"`
			`value = "0 5 443 matrix"`
switch from netlify to hetznerdns 2023-07-13 16:37:14 +00:00			`}`

			`resource "hetznerdns_record" "dmarc" {`
			`zone_id = hetznerdns_zone.server.id`
			`name = "_dmarc"`
			`type = "TXT"`
			`value = "\"v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:joerc.dmarc@thalheim.io; ruf=mailto:joerg.dmarc@thalheim.io; pct=100\""`
			`}`