Jörg Thalheim
5f92da77fb
All checks were successful
buildbot/nix-build .#checks.x86_64-linux.clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.package-clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-merge Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-default Build done.
buildbot/nix-build .#checks.x86_64-linux.treefmt Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-ensure-tea-login Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-create-pr Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-web01 Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-flake-update-pr-clan Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gitea Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-core Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-homepage Build done.
buildbot/nix-build .#checks.x86_64-linux.package-job-flake-update-clan-infra Build done.
buildbot/nix-build .#checks.x86_64-linux.package-action-flake-update Build done.
buildbot/nix-build .#checks.x86_64-linux.package-renovate Build done.
buildbot/nix-eval Build done.
70 lines
1.8 KiB
HCL
70 lines
1.8 KiB
HCL
resource "hetznerdns_zone" "server" {
|
|
name = var.dns_zone
|
|
ttl = 3600
|
|
}
|
|
|
|
resource "hetznerdns_record" "root_a" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "@"
|
|
type = "A"
|
|
value = var.ipv4_address
|
|
}
|
|
|
|
resource "hetznerdns_record" "root_aaaa" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "@"
|
|
type = "AAAA"
|
|
value = var.ipv6_address
|
|
}
|
|
|
|
resource "hetznerdns_record" "wildcard_a" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "*"
|
|
type = "A"
|
|
value = var.ipv4_address
|
|
}
|
|
|
|
resource "hetznerdns_record" "wildcard_aaaa" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "*"
|
|
type = "AAAA"
|
|
value = var.ipv6_address
|
|
}
|
|
|
|
# for sending emails
|
|
resource "hetznerdns_record" "spf" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "@"
|
|
type = "TXT"
|
|
value = "\"v=spf1 ip4:${var.ipv4_address} ip6:${var.ipv6_address} ~all\""
|
|
}
|
|
|
|
resource "hetznerdns_record" "dkim" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "v1._hostnamekey"
|
|
type = "TXT"
|
|
# take from `systemctl status opendkim`
|
|
value = "\"v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpQeJirqh8VFGHRQBemqF5CeicC/5qHJn3vqKkVIOQNqkgp7IE+EZDg+MXoxMQZEJ0RbO0JpZZgYpOf3jf8o5w56WbE4dbpbi+9112R57k5w41R16Q0EUjf7MbrLJqcF6mtf+3bPklF9ngdcWhgN024YfhR9SlebCOapCVYqVt8QIDAQAB\""
|
|
}
|
|
|
|
resource "hetznerdns_record" "adsp" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "_adsp._hostnamekey"
|
|
type = "TXT"
|
|
value = "\"dkim=all;\""
|
|
}
|
|
|
|
resource "hetznerdns_record" "matrix" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "_matrix._tcp"
|
|
type = "SRV"
|
|
value = "0 5 443 matrix"
|
|
}
|
|
|
|
resource "hetznerdns_record" "dmarc" {
|
|
zone_id = hetznerdns_zone.server.id
|
|
name = "_dmarc"
|
|
type = "TXT"
|
|
value = "\"v=DMARC1; p=none; adkim=r; aspf=r; rua=mailto:joerc.dmarc@thalheim.io; ruf=mailto:joerg.dmarc@thalheim.io; pct=100\""
|
|
}
|