RWejlgaard/pez-infra
1
0
Fork 0
mirror of https://github.com/RWejlgaard/pez-infra.git synced 2026-05-06 04:14:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

make dns more neat

Browse source
This commit is contained in:
Rasmus Wejlgaard 2026-05-01 21:03:55 +01:00
parent b5cef4b985
commit 267929461a
1 changed files with 38 additions and 238 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

276
terraform/hetzner_dns.tf
View file

@ -3,242 +3,48 @@ resource "hcloud_zone" "pezsh" {
mode = "primary" mode = "primary"
} }
# ============================================================================= locals {
# A Records helsinki_a = hcloud_server.helsinki-a.ipv4_address
# ============================================================================= nuremberg_a = hcloud_server.nuremberg-a.ipv4_address
nuremberg_aaaa = hcloud_server.nuremberg-a.ipv6_address
resource "hcloud_zone_rrset" "A_apps" { copenhagen = "83.94.248.182"
zone = hcloud_zone.pezsh.name
name = "apps"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
} }
resource "hcloud_zone_rrset" "A_auth" { resource "hcloud_zone_rrset" "A_helsinki_a" {
for_each = toset([
"@", "apps", "auth", "bitwarden", "download", "git", "grafana", "helsinki-a",
"jellyfin", "jellyfin-requests", "ldap", "lidarr", "music", "naveen",
"plex", "prometheus", "prowlarr", "radarr", "readarr", "request",
"rss", "sonarr", "soulseek", "status",
])
zone = hcloud_zone.pezsh.name zone = hcloud_zone.pezsh.name
name = "auth" name = each.value
type = "A" type = "A"
ttl = 300 ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }] records = [{ value = local.helsinki_a }]
} }
resource "hcloud_zone_rrset" "A_bitwarden" { resource "hcloud_zone_rrset" "nuremberg_mail" {
zone = hcloud_zone.pezsh.name for_each = {
name = "bitwarden" A = local.nuremberg_a
type = "A" AAAA = local.nuremberg_aaaa
ttl = 300 }
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_download" {
zone = hcloud_zone.pezsh.name
name = "download"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_git" {
zone = hcloud_zone.pezsh.name
name = "git"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_grafana" {
zone = hcloud_zone.pezsh.name
name = "grafana"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_helsinki-a" {
zone = hcloud_zone.pezsh.name
name = "helsinki-a"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_jellyfin" {
zone = hcloud_zone.pezsh.name
name = "jellyfin"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_jellyfin-requests" {
zone = hcloud_zone.pezsh.name
name = "jellyfin-requests"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_ldap" {
zone = hcloud_zone.pezsh.name
name = "ldap"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_lidarr" {
zone = hcloud_zone.pezsh.name
name = "lidarr"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_mail" {
zone = hcloud_zone.pezsh.name zone = hcloud_zone.pezsh.name
name = "mail" name = "mail"
type = each.key
ttl = 300
records = [{ value = each.value }]
}
resource "hcloud_zone_rrset" "A_copenhagen" {
for_each = toset(["minecraft", "wow"])
zone = hcloud_zone.pezsh.name
name = each.value
type = "A" type = "A"
ttl = 300 ttl = 300
records = [{ value = hcloud_server.nuremberg-a.ipv4_address }] records = [{ value = local.copenhagen }]
} }
resource "hcloud_zone_rrset" "A_minecraft" {
zone = hcloud_zone.pezsh.name
name = "minecraft"
type = "A"
ttl = 300
records = [{ value = "83.94.248.182" }]
}
resource "hcloud_zone_rrset" "A_music" {
zone = hcloud_zone.pezsh.name
name = "music"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_naveen" {
zone = hcloud_zone.pezsh.name
name = "naveen"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_root" {
zone = hcloud_zone.pezsh.name
name = "@"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_plex" {
zone = hcloud_zone.pezsh.name
name = "plex"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_prometheus" {
zone = hcloud_zone.pezsh.name
name = "prometheus"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_prowlarr" {
zone = hcloud_zone.pezsh.name
name = "prowlarr"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_radarr" {
zone = hcloud_zone.pezsh.name
name = "radarr"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_readarr" {
zone = hcloud_zone.pezsh.name
name = "readarr"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_request" {
zone = hcloud_zone.pezsh.name
name = "request"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_rss" {
zone = hcloud_zone.pezsh.name
name = "rss"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_sonarr" {
zone = hcloud_zone.pezsh.name
name = "sonarr"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_soulseek" {
zone = hcloud_zone.pezsh.name
name = "soulseek"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_status" {
zone = hcloud_zone.pezsh.name
name = "status"
type = "A"
ttl = 300
records = [{ value = hcloud_server.helsinki-a.ipv4_address }]
}
resource "hcloud_zone_rrset" "A_wow" {
zone = hcloud_zone.pezsh.name
name = "wow"
type = "A"
ttl = 300
records = [{ value = "83.94.248.182" }]
}
# =============================================================================
# AAAA Records
# =============================================================================
resource "hcloud_zone_rrset" "AAAA_mail" {
zone = hcloud_zone.pezsh.name
name = "mail"
type = "AAAA"
ttl = 300
records = [{ value = hcloud_server.nuremberg-a.ipv6_address }]
}
# =============================================================================
# CNAME Records
# =============================================================================
resource "hcloud_zone_rrset" "CNAME_public" { resource "hcloud_zone_rrset" "CNAME_public" {
zone = hcloud_zone.pezsh.name zone = hcloud_zone.pezsh.name
name = "public" name = "public"
@ -247,10 +53,6 @@ resource "hcloud_zone_rrset" "CNAME_public" {
records = [{ value = "public.r2.dev." }] records = [{ value = "public.r2.dev." }]
} }
# =============================================================================
# MX Records
# =============================================================================
resource "hcloud_zone_rrset" "MX_root" { resource "hcloud_zone_rrset" "MX_root" {
zone = hcloud_zone.pezsh.name zone = hcloud_zone.pezsh.name
name = "@" name = "@"
@ -262,16 +64,14 @@ resource "hcloud_zone_rrset" "MX_root" {
] ]
} }
# =============================================================================
# TXT Records
# =============================================================================
resource "hcloud_zone_rrset" "TXT_dkim" { resource "hcloud_zone_rrset" "TXT_dkim" {
zone = hcloud_zone.pezsh.name zone = hcloud_zone.pezsh.name
name = "dkim._domainkey" name = "dkim._domainkey"
type = "TXT" type = "TXT"
ttl = 300 ttl = 300
records = [{ value = "\"v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT/TGkPkfbjleqRYuQoI67/xvM0J5gGmdlzo2jO5qTABz5+nzOS+PefrXkeEZ0IZrpLPKqLyi7K469Ql+HG5wDFDxQRRG7lHJkWJ4tnZgjZWgeszFPhoME74lT6i+j3x29WyxhyzNg0f3NhSwttOe5knmS4zsOb+JK4jShoF9zZkOUCHAZ/vKvY\" \"tJdV+8qpmU8wfgyrzN1OWxjHIjzPP8iMD4g0iCfobbvSvWXHYBveCS7b/Nr3jw3E8twtEAUEGYNGd4h0wKNbNagYUsb5My8tMxQQwZf6imKHgCeYC7buH8TvaJHATReeea4Dzj9UzdPgwdbFLiMB/HXlN0GPhlQIDAQAB\"" }] records = [{
value = "\"v=DKIM1;k=rsa;t=s;s=email;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmT/TGkPkfbjleqRYuQoI67/xvM0J5gGmdlzo2jO5qTABz5+nzOS+PefrXkeEZ0IZrpLPKqLyi7K469Ql+HG5wDFDxQRRG7lHJkWJ4tnZgjZWgeszFPhoME74lT6i+j3x29WyxhyzNg0f3NhSwttOe5knmS4zsOb+JK4jShoF9zZkOUCHAZ/vKvY\" \"tJdV+8qpmU8wfgyrzN1OWxjHIjzPP8iMD4g0iCfobbvSvWXHYBveCS7b/Nr3jw3E8twtEAUEGYNGd4h0wKNbNagYUsb5My8tMxQQwZf6imKHgCeYC7buH8TvaJHATReeea4Dzj9UzdPgwdbFLiMB/HXlN0GPhlQIDAQAB\""
}]
} }
resource "hcloud_zone_rrset" "TXT_dmarc" { resource "hcloud_zone_rrset" "TXT_dmarc" {
@ -282,10 +82,10 @@ resource "hcloud_zone_rrset" "TXT_dmarc" {
records = [{ value = "\"v=DMARC1; p=quarantine; rua=mailto:pez@pez.sh; adkim=r; aspf=r\"" }] records = [{ value = "\"v=DMARC1; p=quarantine; rua=mailto:pez@pez.sh; adkim=r; aspf=r\"" }]
} }
resource "hcloud_zone_rrset" "TXT_root_spf" { resource "hcloud_zone_rrset" "TXT_spf" {
zone = hcloud_zone.pezsh.name zone = hcloud_zone.pezsh.name
name = "@" name = "@"
type = "TXT" type = "TXT"
ttl = 300 ttl = 300
records = [{ value = "\"v=spf1 ip4:${hcloud_server.nuremberg-a.ipv4_address} ip6:${hcloud_server.nuremberg-a.ipv6_address} -all\"" }] records = [{ value = "\"v=spf1 ip4:${local.nuremberg_a} ip6:${local.nuremberg_aaaa} -all\"" }]
} }