From d76cae78e94c3411b849abca90119d05b272be89 Mon Sep 17 00:00:00 2001 From: hcornet Date: Mon, 13 Jan 2025 20:43:15 +0100 Subject: [PATCH] update --- backend.tf | 13 +++++++++++++ databasas.tf | 0 domain.tf | 4 ---- instances.tf | 0 main.tf | 27 +++++++++------------------ networks.tf | 0 provider.tf | 15 ++++----------- records.tf | 15 --------------- records_a.tf | 19 +++++++++++++++++++ records_cname.tf | 19 +++++++++++++++++++ records_mx.tf | 44 ++++++++++++++++++++++++++++++++++++++++++++ records_srv.tf | 16 ++++++++++++++++ records_txt.tf | 26 ++++++++++++++++++++++++++ variables.tf | 25 +++++++++++++++++++------ 14 files changed, 169 insertions(+), 54 deletions(-) create mode 100644 backend.tf delete mode 100644 databasas.tf delete mode 100644 domain.tf delete mode 100644 instances.tf delete mode 100644 networks.tf delete mode 100644 records.tf create mode 100644 records_a.tf create mode 100644 records_cname.tf create mode 100644 records_mx.tf create mode 100644 records_srv.tf create mode 100644 records_txt.tf diff --git a/backend.tf b/backend.tf new file mode 100644 index 0000000..a860349 --- /dev/null +++ b/backend.tf @@ -0,0 +1,13 @@ +terraform { + required_version = "~> 0.12.0" + + backend "remote" { + hostname = "app.terraform.io" + organization = "example" + token = "xxxxxxxx" + + workspaces { + name = "prod" + } + } +} \ No newline at end of file diff --git a/databasas.tf b/databasas.tf deleted file mode 100644 index e69de29..0000000 diff --git a/domain.tf b/domain.tf deleted file mode 100644 index 8ae2642..0000000 --- a/domain.tf +++ /dev/null @@ -1,4 +0,0 @@ -resource "cloudflare_zone" "domain_zone" { - account_id = var.cloudflare_account_id - zone = var.cf_domain -} \ No newline at end of file diff --git a/instances.tf b/instances.tf deleted file mode 100644 index e69de29..0000000 diff --git a/main.tf b/main.tf index 9a277ea..7d7fff8 100644 --- a/main.tf +++ b/main.tf @@ -1,19 +1,10 @@ -data "ovh_domain_zone" "zone" { - name = var.zone_name -} +resource "cloudflare_zone_settings_override" "this" { + name = "${var.cloudflare_zone}" -resource "ovh_domain_zone_record" "dagobah" { - zone = data.ovh_domain_zone.zone.id - subdomain = "tagobah" - fieldtype = "A" - ttl = 60 - target = "82.66.77.254" -} - -resource "ovh_domain_zone_record" "tatooine" { - zone = data.ovh_domain_zone.zone.id - subdomain = "tatooine" - fieldtype = "A" - ttl = 60 - target = "82.66.77.254" -} + settings { + always_use_https = "on" + tls_1_3 = "on" + ssl = "strict" + min_tls_version = "1.2" + } +} \ No newline at end of file diff --git a/networks.tf b/networks.tf deleted file mode 100644 index e69de29..0000000 diff --git a/provider.tf b/provider.tf index 4814022..24c90fa 100644 --- a/provider.tf +++ b/provider.tf @@ -1,13 +1,6 @@ -terraform { - required_providers { - cloudflare = { - source = "cloudflare/cloudflare" - version = "~> 3.0" - } - } - required_version = ">= 1.7.5" -} - provider "cloudflare" { - api_token = var.cloudflare_api_key + version = "~> 1.16" + + email = "${var.cloudflare_email}" + token = "${var.cloudflare_token}" } \ No newline at end of file diff --git a/records.tf b/records.tf deleted file mode 100644 index 29cb075..0000000 --- a/records.tf +++ /dev/null @@ -1,15 +0,0 @@ -resource "cloudflare_record" "tagobah" { - zone_id = cloudflare_zone.domain_zone.id - name = "tagobah" - value = "82.66.77.254" - type = "A" - proxied = false -} - -resource "cloudflare_record" "tatooine" { - zone_id = cloudflare_zone.domain_zone.id - name = "tatooine" - value = "2a01:e0a:a90:e990:9209:d0ff:fe07:ec65" - type = "AAAA" - proxied = true -} diff --git a/records_a.tf b/records_a.tf new file mode 100644 index 0000000..cab25ed --- /dev/null +++ b/records_a.tf @@ -0,0 +1,19 @@ +resource "cloudflare_record" "terraform" { + domain = "${var.cloudflare_zone}" + + name = "terraform" + value = "82.66.77.254" + type = "A" + ttl = 1 + proxied = true +} + +resource "cloudflare_record" "a-root" { + domain = "${var.cloudflare_zone}" + + name = "@" + value = "${var.main_server}" + type = "A" + ttl = 3600 + proxied = false +} \ No newline at end of file diff --git a/records_cname.tf b/records_cname.tf new file mode 100644 index 0000000..b20ed28 --- /dev/null +++ b/records_cname.tf @@ -0,0 +1,19 @@ +resource "cloudflare_record" "cname-www" { + domain = "${var.cloudflare_zone}" + + name = "www" + value = "${cloudflare_record.a-root.hostname}" + type = "CNAME" + ttl = 3600 + proxied = false +} + +resource "cloudflare_record" "cname-mail" { + domain = "${var.cloudflare_zone}" + + name = "mail" + value = "ghs.googlehosted.com" + type = "CNAME" + ttl = 3600 + proxied = false +} \ No newline at end of file diff --git a/records_mx.tf b/records_mx.tf new file mode 100644 index 0000000..bf10523 --- /dev/null +++ b/records_mx.tf @@ -0,0 +1,44 @@ +resource "cloudflare_record" "mx-aspmx" { + domain = "${var.cloudflare_zone}" + + name = "@" + value = "aspmx.l.google.com" + type = "MX" + priority = 10 +} + +resource "cloudflare_record" "mx-alt1" { + domain = "${var.cloudflare_zone}" + + name = "@" + value = "alt1.aspmx.l.google.com" + type = "MX" + priority = 20 +} + +resource "cloudflare_record" "mx-alt2" { + domain = "${var.cloudflare_zone}" + + name = "@" + value = "alt2.aspmx.l.google.com" + type = "MX" + priority = 20 +} + +resource "cloudflare_record" "mx-alt3" { + domain = "${var.cloudflare_zone}" + + name = "@" + value = "alt3.aspmx.l.google.com" + type = "MX" + priority = 30 +} + +resource "cloudflare_record" "mx-alt4" { + domain = "${var.cloudflare_zone}" + + name = "@" + value = "alt4.aspmx.l.google.com" + type = "MX" + priority = 30 +} diff --git a/records_srv.tf b/records_srv.tf new file mode 100644 index 0000000..73cc38b --- /dev/null +++ b/records_srv.tf @@ -0,0 +1,16 @@ +resource "cloudflare_record" "sip-tls-terraform-srv" { + domain = "${var.cloudflare_zone}" + + name = "_sip._tls" + type = "SRV" + + data = { + service = "_sip" + proto = "_tls" + name = "terraform-srv" + priority = 0 + weight = 0 + port = 443 + target = "tips-of-mine.com" + } +} \ No newline at end of file diff --git a/records_txt.tf b/records_txt.tf new file mode 100644 index 0000000..4088d65 --- /dev/null +++ b/records_txt.tf @@ -0,0 +1,26 @@ +resource "cloudflare_record" "txt-amazonses" { + domain = "${var.cloudflare_zone}" + + name = "_amazonses" + value = "xxxxxxxx" + type = "TXT" + ttl = 300 +} + +resource "cloudflare_record" "txt-dmarc" { + domain = "${var.cloudflare_zone}" + + name = "_dmarc" + value = "v=DMARC1; p=none; pct=100; rua=mailto:dmarc@tips-of-mine.com; sp=none; aspf=r;" + type = "TXT" + ttl = 300 +} + +resource "cloudflare_record" "txt-mandrill-domainkey" { + domain = "${var.cloudflare_zone}" + + name = "mandrill._domainkey" + value = "v=DKIM1; k=rsa; p=xxxxxxxx;" + type = "TXT" + ttl = 300 +} diff --git a/variables.tf b/variables.tf index e5334ba..3cc4076 100644 --- a/variables.tf +++ b/variables.tf @@ -1,6 +1,19 @@ -variable "cloudflare_api_key" {} -variable "cloudflare_account_id" {} -variable "cf_domain" { - default = "tips-of-mine.com" - type = string -} \ No newline at end of file +variable "cloudflare_email" { + description = "The email associated with the account. This can also be specified with the CLOUDFLARE_EMAIL shell environment variable." + default = "default" +} + +variable "cloudflare_token" { + description = "The Cloudflare API token. This can also be specified with the CLOUDFLARE_TOKEN shell environment variable." + default = "default" +} + +variable "cloudflare_zone" { + description = "The DNS zone to add the record to." + default = "default" +} + +variable "main_server" { + description = "The main web server" + default = "127.0.0.1" +}