clan/clan-infra
10
0
Fork 1
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

drop netlify
All checks were successful
build / test (push) Successful in 8s
Details

Browse Source
This commit is contained in:
Jörg Thalheim 2023-07-14 11:01:08 +02:00
parent 04668aa39a
commit 8daee43e84
6 changed files with 5 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
flake.nix
View File

@ -61,8 +61,6 @@
pkgs.sops pkgs.sops
(pkgs.terraform.withPlugins (p: [ (pkgs.terraform.withPlugins (p: [
p.hetznerdns p.hetznerdns
# TODO: drop netlify
p.netlify
p.hcloud p.hcloud
p.null p.null
p.external p.external

1
targets/web01/terraform.tf
View File

@ -7,7 +7,6 @@ variable "hetznerdns_token" {}
module "web01" { module "web01" {
source = "../../terraform/web01" source = "../../terraform/web01"
domain = "clan.lol" domain = "clan.lol"
netlify_dns_zone = "clan.lol"
nixos_flake_attr = "web01" nixos_flake_attr = "web01"
nixos_vars_file = "${path.module}/nixos-vars.json" nixos_vars_file = "${path.module}/nixos-vars.json"
hetznerdns_token = var.hetznerdns_token hetznerdns_token = var.hetznerdns_token

10
targets/web01/terraform.tfstate
View File

File diff suppressed because one or more lines are too long

50
terraform/web01/dns.tf
View File

@ -1,8 +1,3 @@
resource "netlify_dns_zone" "server" {
site_id = ""
name = var.netlify_dns_zone
}
locals { locals {
subdomains = [ subdomains = [
"@", "@",
@ -43,22 +38,6 @@ resource "hetznerdns_record" "server_aaaa" {
value = hcloud_server.server.ipv6_address value = hcloud_server.server.ipv6_address
} }
resource "netlify_dns_record" "server_a" {
for_each = toset(local.domains)
zone_id = netlify_dns_zone.server.id
hostname = each.value
type = "A"
value = hcloud_server.server.ipv4_address
}
resource "netlify_dns_record" "server_aaaa" {
for_each = toset(local.domains)
zone_id = netlify_dns_zone.server.id
hostname = each.value
type = "AAAA"
value = hcloud_server.server.ipv6_address
}
# for sending emails # for sending emails
resource "hetznerdns_record" "spf" { resource "hetznerdns_record" "spf" {
zone_id = hetznerdns_zone.server.id zone_id = hetznerdns_zone.server.id
@ -67,13 +46,6 @@ resource "hetznerdns_record" "spf" {
value = "\"v=spf1 ip4:${hcloud_server.server.ipv4_address} ip6:${hcloud_server.server.ipv6_address} ~all\"" value = "\"v=spf1 ip4:${hcloud_server.server.ipv4_address} ip6:${hcloud_server.server.ipv6_address} ~all\""
} }
resource "netlify_dns_record" "spf" {
zone_id = netlify_dns_zone.server.id
hostname = var.domain
type = "TXT"
value = "v=spf1 ip4:${hcloud_server.server.ipv4_address} ip6:${hcloud_server.server.ipv6_address} ~all"
}
resource "hetznerdns_record" "dkim" { resource "hetznerdns_record" "dkim" {
zone_id = hetznerdns_zone.server.id zone_id = hetznerdns_zone.server.id
name = "v1._domainkey" name = "v1._domainkey"
@ -82,14 +54,6 @@ resource "hetznerdns_record" "dkim" {
value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB\"" value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB\""
} }
resource "netlify_dns_record" "dkim" {
zone_id = netlify_dns_zone.server.id
hostname = "v1._domainkey.${var.domain}"
type = "TXT"
# take from `systemctl status opendkim`
value = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDTFSkQcM0v6mC4kiWEoF/EgK/hPVgOBJlHesLVIe+8BmidylaUowKlyC2gECipXhoVX9++OfMFAKNtGrIJcCTVNH/DRGkhbHLSxzzXijCbJ7G/fjpHRifpxMydEmybQDKdidR44YMR74Aj0OwUEgu+N/yJZ2+ubOlstW0fZJaJwQIDAQAB"
}
resource "hetznerdns_record" "adsp" { resource "hetznerdns_record" "adsp" {
zone_id = hetznerdns_zone.server.id zone_id = hetznerdns_zone.server.id
name = "_adsp._domainkey" name = "_adsp._domainkey"
@ -104,13 +68,6 @@ resource "hetznerdns_record" "matrix" {
value = "0 5 443 matrix" value = "0 5 443 matrix"
} }
resource "netlify_dns_record" "adsp" {
zone_id = netlify_dns_zone.server.id
hostname = "_adsp._domainkey.${var.domain}"
type = "TXT"
value = "dkim=all;"
}
resource "hetznerdns_record" "dmarc" { resource "hetznerdns_record" "dmarc" {
zone_id = hetznerdns_zone.server.id zone_id = hetznerdns_zone.server.id
name = "_dmarc" name = "_dmarc"
@ -118,13 +75,6 @@ resource "hetznerdns_record" "dmarc" {
value = "\"v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:joerc.dmarc@thalheim.io; ruf=mailto:joerg.dmarc@thalheim.io; pct=100\"" value = "\"v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:joerc.dmarc@thalheim.io; ruf=mailto:joerg.dmarc@thalheim.io; pct=100\""
} }
resource "netlify_dns_record" "dmarc" {
zone_id = netlify_dns_zone.server.id
hostname = "_dmarc.${var.domain}"
type = "TXT"
value = "v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:joerc.dmarc@thalheim.io; ruf=mailto:joerg.dmarc@thalheim.io; pct=100"
}
resource "hcloud_rdns" "master_a" { resource "hcloud_rdns" "master_a" {
server_id = hcloud_server.server.id server_id = hcloud_server.server.id
ip_address = hcloud_server.server.ipv4_address ip_address = hcloud_server.server.ipv4_address

1
terraform/web01/providers.tf
View File

@ -1,6 +1,5 @@
terraform { terraform {
required_providers { required_providers {
netlify = { source = "AegirHealth/netlify" }
hcloud = { source = "hetznercloud/hcloud" } hcloud = { source = "hetznercloud/hcloud" }
local = { source = "hashicorp/local" } local = { source = "hashicorp/local" }
hetznerdns = { source = "timohirt/hetznerdns" } hetznerdns = { source = "timohirt/hetznerdns" }

5
terraform/web01/variables.tf
View File

@ -10,11 +10,6 @@ variable "server_location" {
description = "Hetzner cloud server location" description = "Hetzner cloud server location"
} }
variable "netlify_dns_zone" {
type = string
description = "Netlify DNS zone"
}
variable "nixos_vars_file" { variable "nixos_vars_file" {
type = string type = string
description = "File to write NixOS configuration variables to" description = "File to write NixOS configuration variables to"