scrumplex.net / flake
❄️ Dotfiles and NixOS configurations
fork atom
flake / sefa_cloud.tf
at main 172 lines 3.4 kB view raw
1data "hcloud_zone" "sefa_cloud" { 2 name = "sefa.cloud" 3} 4 5resource "hcloud_zone_rrset" "rootcaa_sefa_cloud" { 6 zone = data.hcloud_zone.sefa_cloud.name 7 name = "@" 8 type = "CAA" 9 10 records = [for v in var.caa_records : { value = v }] 11} 12 13resource "hcloud_zone_rrset" "cosmos4_sefa_cloud" { 14 zone = data.hcloud_zone.sefa_cloud.name 15 name = "cosmos" 16 type = "A" 17 18 records = [ 19 { 20 value = "10.0.0.11" 21 } 22 ] 23} 24 25resource "hcloud_zone_rrset" "cosmos6_sefa_cloud" { 26 zone = data.hcloud_zone.sefa_cloud.name 27 name = "cosmos" 28 type = "AAAA" 29 30 records = [ 31 { 32 value = "fd19:783f:b287:0:dea6:32ff:fe54:1a63" 33 } 34 ] 35} 36 37resource "hcloud_zone_rrset" "cosmoscnames_sefa_cloud" { 38 for_each = toset([ 39 "asf", 40 ]) 41 zone = data.hcloud_zone.sefa_cloud.name 42 name = "${each.key}.cosmos" 43 type = "CNAME" 44 45 records = [ 46 { 47 value = "cosmos.sefa.cloud." 48 } 49 ] 50} 51 52resource "hcloud_zone_rrset" "eclipse4_sefa_cloud" { 53 zone = data.hcloud_zone.sefa_cloud.name 54 name = "eclipse" 55 type = "A" 56 57 records = [ 58 { 59 value = "10.10.10.12" 60 } 61 ] 62} 63 64resource "hcloud_zone_rrset" "eclipse6_sefa_cloud" { 65 zone = data.hcloud_zone.sefa_cloud.name 66 name = "eclipse" 67 type = "AAAA" 68 69 records = [ 70 { 71 value = "fdcc:546e:5cf:0:da5e:d3ff:feea:f48e" 72 } 73 ] 74} 75 76resource "hcloud_zone_rrset" "eclipsecnames_sefa_cloud" { 77 for_each = toset([ 78 "nzb", 79 "paperless", 80 "prowlarr", 81 "radarr", 82 "slskd", 83 "sonarr", 84 "syncthing", 85 "torrent", 86 ]) 87 zone = data.hcloud_zone.sefa_cloud.name 88 name = "${each.key}.eclipse" 89 type = "CNAME" 90 91 records = [ 92 { 93 value = "eclipse.sefa.cloud." 94 } 95 ] 96} 97 98resource "hcloud_zone_rrset" "cnames_sefa_cloud" { 99 for_each = toset([ 100 "audiobookshelf", 101 "box", 102 "cache", 103 "cook", 104 "home", 105 "immich", 106 "jellyfin", 107 "miniflux", 108 "request", 109 "smart", 110 "vault", 111 "view", 112 ]) 113 zone = data.hcloud_zone.sefa_cloud.name 114 name = each.key 115 type = "CNAME" 116 117 records = [ 118 { 119 value = "${data.hcloud_zone.sefa_cloud.name}." 120 } 121 ] 122} 123 124resource "hcloud_zone_rrset" "cnames_arson_sefa_cloud" { 125 for_each = toset([ 126 "hass", 127 ]) 128 zone = data.hcloud_zone.sefa_cloud.name 129 name = each.key 130 type = "CNAME" 131 132 records = [ 133 { 134 value = "arson.${data.hcloud_zone.sefa_cloud.name}." 135 } 136 ] 137} 138 139# Verifications 140 141resource "hcloud_zone_rrset" "roottxt_sefa_cloud" { 142 zone = data.hcloud_zone.sefa_cloud.name 143 name = "@" 144 type = "TXT" 145 146 records = [ 147 { 148 value = "\"Sendinblue-code:40fc54f18aa321c1ef380e8bc74c0f1f\"" 149 comment = "Brevo/Send in Blue Verification" 150 }, 151 { 152 value = "\"v=spf1 include:spf.sendinblue.com mx ~all\"" 153 comment = "Brevo/Send in Blue SPF" 154 } 155 ] 156} 157 158resource "hcloud_zone_rrset" "brevotxt_sefa_cloud" { 159 for_each = tomap({ 160 _dmarc = "\"v=DMARC1; p=none; sp=none; rua=mailto:dmarc@mailinblue.com!10m; ruf=mailto:dmarc@mailinblue.com!10m; rf=afrf; pct=100; ri=86400\"" 161 "mail._domainkey" = "\"k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDeMVIzrCa3T14JsNY0IRv5/2V1/v2itlviLQBwXsa7shBD6TrBkswsFUToPyMRWC9tbR/5ey0nRBH0ZVxp+lsmTxid2Y2z+FApQ6ra2VsXfbJP3HE6wAO0YTVEJt1TmeczhEd2Jiz/fcabIISgXEdSpTYJhb0ct0VJRxcg4c8c7wIDAQAB\"" 162 }) 163 zone = data.hcloud_zone.sefa_cloud.name 164 name = each.key 165 type = "TXT" 166 167 records = [ 168 { 169 value = each.value 170 } 171 ] 172}