diff --git a/infrastructure/dns.tf b/infrastructure/dns.tf new file mode 100644 index 0000000..fd13dc3 --- /dev/null +++ b/infrastructure/dns.tf @@ -0,0 +1,91 @@ +resource "hetznerdns_zone" "icb4dc0de" { + name = "icb4dc0.de" + ttl = 86400 +} + +resource "hetznerdns_record" "ns_primary" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "NS" + value = "helium.ns.hetzner.de." +} + +resource "hetznerdns_record" "ns_secondary" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "NS" + value = "oxygen.ns.hetzner.com." +} + +resource "hetznerdns_record" "ns_ternary" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "NS" + value = "hydrogen.ns.hetzner.com." +} + +resource "hetznerdns_record" "soa" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "SOA" + value = "hydrogen.ns.hetzner.com. dns.hetzner.com. 2023120305 86400 10800 3600000 3600" +} + +resource "hetznerdns_record" "mx_primary" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "MX" + value = "10 mx01.mail.icloud.com." +} + +resource "hetznerdns_record" "mx_secondary" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "MX" + value = "10 mx02.mail.icloud.com." +} + +resource "hetznerdns_record" "apple_proof" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "TXT" + value = "apple-domain=chwbVvzH8hWIgg1l" +} + +resource "hetznerdns_record" "apple_spf" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "@" + type = "TXT" + value = "\"v=spf1 include:icloud.com ~all\"" +} + +resource "hetznerdns_record" "apple_sig_domainkey" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "sig1._domainkey" + type = "CNAME" + value = "sig1.dkim.icb4dc0.de.at.icloudmailadmin.com." +} + +resource "hetznerdns_record" "wildcard_ipv4" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "*" + type = "A" + value = "65.109.42.5" + ttl = 300 +} + +resource "hetznerdns_record" "wildcard_ipv6" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "*" + type = "AAAA" + value = "2a01:4f9:c01d:4f1::1" + ttl = 300 +} + +resource "hetznerdns_record" "k8s" { + zone_id = hetznerdns_zone.icb4dc0de.id + name = "k8s" + type = "AAAA" + value = "2a01:4f9:c012:7d4b::1" + ttl = 60 +} \ No newline at end of file diff --git a/infrastructure/versions.tf b/infrastructure/versions.tf index 0ad69a1..710c62d 100644 --- a/infrastructure/versions.tf +++ b/infrastructure/versions.tf @@ -2,17 +2,27 @@ terraform { required_version = ">= 0.14" - backend "kubernetes" { - secret_suffix = "state" - config_path = "~/.kube/hetzner.yaml" - namespace = "infrastructure" - } + backend "s3" { + bucket = "tfstate" + key = "terraform.tfstate" + region = "us-east-1" + endpoint = "https://2df513adaee2eeae12106af900bed297.r2.cloudflarestorage.com" + skip_metadata_api_check = true + skip_region_validation = true + skip_credentials_validation = true + use_path_style = true + skip_s3_checksum = true + } required_providers { hcloud = { source = "hetznercloud/hcloud" version = "1.44.1" } + hetznerdns = { + source = "timohirt/hetznerdns" + version = "2.2.0" + } ct = { source = "poseidon/ct" version = "0.11.0"