update

backend.tf

@@ -0,0 +1,13 @@
+terraform {
+  required_version = "~> 0.12.0"
+
+  backend "remote" {
+    hostname     = "app.terraform.io"
+    organization = "example"
+    token        = "xxxxxxxx"
+
+    workspaces {
+      name = "prod"
+    }
+  }
+}

domain.tf

@@ -1,4 +0,0 @@
-resource "cloudflare_zone" "domain_zone" {
-  account_id = var.cloudflare_account_id
-  zone       = var.cf_domain
-}

main.tf

@@ -1,19 +1,10 @@
-data "ovh_domain_zone" "zone" {
-  name = var.zone_name
-}
+resource "cloudflare_zone_settings_override" "this" {
+  name = "${var.cloudflare_zone}"
 
-resource "ovh_domain_zone_record" "dagobah" {
-  zone      = data.ovh_domain_zone.zone.id
-  subdomain = "tagobah"
-  fieldtype = "A"
-  ttl       = 60
-  target    = "82.66.77.254"
-}
-
-resource "ovh_domain_zone_record" "tatooine" {
-  zone      = data.ovh_domain_zone.zone.id
-  subdomain = "tatooine"
-  fieldtype = "A"
-  ttl       = 60
-  target    = "82.66.77.254"
-}
+  settings {
+    always_use_https = "on"
+    tls_1_3          = "on"
+    ssl              = "strict"
+    min_tls_version  = "1.2"
+  }
+}

provider.tf

@@ -1,13 +1,6 @@
-terraform {
-  required_providers {
-    cloudflare = {
-      source  = "cloudflare/cloudflare"
-      version = "~> 3.0"
-    }
-  }
-  required_version = ">= 1.7.5"
-}
-
 provider "cloudflare" {
-  api_token = var.cloudflare_api_key
+  version = "~> 1.16"
+
+  email = "${var.cloudflare_email}"
+  token = "${var.cloudflare_token}"
 }

records.tf

@@ -1,15 +0,0 @@
-resource "cloudflare_record" "tagobah" {
-  zone_id = cloudflare_zone.domain_zone.id
-  name    = "tagobah"
-  value   = "82.66.77.254"
-  type    = "A"
-  proxied = false
-}
-
-resource "cloudflare_record" "tatooine" {
-  zone_id = cloudflare_zone.domain_zone.id
-  name    = "tatooine"
-  value   = "2a01:e0a:a90:e990:9209:d0ff:fe07:ec65"
-  type    = "AAAA"
-  proxied = true
-}

records_a.tf

@@ -0,0 +1,19 @@
+resource "cloudflare_record" "terraform" {
+  domain  = "${var.cloudflare_zone}"
+
+  name    = "terraform"
+  value   = "82.66.77.254"
+  type    = "A"
+  ttl     = 1
+  proxied = true
+}
+
+resource "cloudflare_record" "a-root" {
+  domain = "${var.cloudflare_zone}"
+
+  name    = "@"
+  value   = "${var.main_server}"
+  type    = "A"
+  ttl     = 3600
+  proxied = false
+}

records_cname.tf

@@ -0,0 +1,19 @@
+resource "cloudflare_record" "cname-www" {
+  domain = "${var.cloudflare_zone}"
+
+  name    = "www"
+  value   = "${cloudflare_record.a-root.hostname}"
+  type    = "CNAME"
+  ttl     = 3600
+  proxied = false
+}
+
+resource "cloudflare_record" "cname-mail" {
+  domain = "${var.cloudflare_zone}"
+
+  name    = "mail"
+  value   = "ghs.googlehosted.com"
+  type    = "CNAME"
+  ttl     = 3600
+  proxied = false
+}

records_mx.tf

@@ -0,0 +1,44 @@
+resource "cloudflare_record" "mx-aspmx" {
+  domain = "${var.cloudflare_zone}"
+
+  name     = "@"
+  value    = "aspmx.l.google.com"
+  type     = "MX"
+  priority = 10
+}
+
+resource "cloudflare_record" "mx-alt1" {
+  domain = "${var.cloudflare_zone}"
+
+  name     = "@"
+  value    = "alt1.aspmx.l.google.com"
+  type     = "MX"
+  priority = 20
+}
+
+resource "cloudflare_record" "mx-alt2" {
+  domain = "${var.cloudflare_zone}"
+
+  name     = "@"
+  value    = "alt2.aspmx.l.google.com"
+  type     = "MX"
+  priority = 20
+}
+
+resource "cloudflare_record" "mx-alt3" {
+  domain = "${var.cloudflare_zone}"
+
+  name     = "@"
+  value    = "alt3.aspmx.l.google.com"
+  type     = "MX"
+  priority = 30
+}
+
+resource "cloudflare_record" "mx-alt4" {
+  domain = "${var.cloudflare_zone}"
+
+  name     = "@"
+  value    = "alt4.aspmx.l.google.com"
+  type     = "MX"
+  priority = 30
+}

records_srv.tf

@@ -0,0 +1,16 @@
+resource "cloudflare_record" "sip-tls-terraform-srv" {
+  domain = "${var.cloudflare_zone}"
+
+  name   = "_sip._tls"
+  type   = "SRV"
+
+  data = {
+    service  = "_sip"
+    proto    = "_tls"
+    name     = "terraform-srv"
+    priority = 0
+    weight   = 0
+    port     = 443
+    target   = "tips-of-mine.com"
+  }
+}

records_txt.tf

@@ -0,0 +1,26 @@
+resource "cloudflare_record" "txt-amazonses" {
+  domain = "${var.cloudflare_zone}"
+
+  name  = "_amazonses"
+  value = "xxxxxxxx"
+  type  = "TXT"
+  ttl   = 300
+}
+
+resource "cloudflare_record" "txt-dmarc" {
+  domain = "${var.cloudflare_zone}"
+
+  name  = "_dmarc"
+  value = "v=DMARC1; p=none; pct=100; rua=mailto:dmarc@tips-of-mine.com; sp=none; aspf=r;"
+  type  = "TXT"
+  ttl   = 300
+}
+
+resource "cloudflare_record" "txt-mandrill-domainkey" {
+  domain = "${var.cloudflare_zone}"
+
+  name  = "mandrill._domainkey"
+  value = "v=DKIM1; k=rsa; p=xxxxxxxx;"
+  type  = "TXT"
+  ttl   = 300
+}

variables.tf

@@ -1,6 +1,19 @@
-variable "cloudflare_api_key" {}
-variable "cloudflare_account_id" {}
-variable "cf_domain" {
-  default = "tips-of-mine.com"
-  type    = string
-}
+variable "cloudflare_email" {
+  description = "The email associated with the account. This can also be specified with the CLOUDFLARE_EMAIL shell environment variable."
+  default     = "default"
+}
+
+variable "cloudflare_token" {
+  description = "The Cloudflare API token. This can also be specified with the CLOUDFLARE_TOKEN shell environment variable."
+  default     = "default"
+}
+
+variable "cloudflare_zone" {
+  description = "The DNS zone to add the record to."
+  default     = "default"
+}
+
+variable "main_server" {
+  description = "The main web server"
+  default     = "127.0.0.1"
+}