resource "digitalocean_domain" "enp" { name = "enp.one" } # ========================================================================== # Standard hostname configuration resource "digitalocean_record" "enp" { domain = digitalocean_domain.enp.id type = "A" name = "@" value = "24.2.156.189" ttl = 3600 } resource "digitalocean_record" "enp_en1" { domain = digitalocean_domain.enp.id type = "A" name = "en1" value = "24.2.156.189" ttl = 3600 } # ========================================================================== # Service CNAME configuration resource "digitalocean_record" "enp_vcs" { domain = digitalocean_domain.enp.id type = "CNAME" name = "vcs" value = "en1.enp.one." ttl = 10600 } resource "digitalocean_record" "enp_ssv" { domain = digitalocean_domain.enp.id type = "CNAME" name = "ssv" value = "en1.enp.one." ttl = 10600 } resource "digitalocean_record" "enp_pms" { domain = digitalocean_domain.enp.id type = "CNAME" name = "pms" value = "en1.enp.one." ttl = 10600 } resource "digitalocean_record" "enp_cdn" { domain = digitalocean_domain.enp.id type = "CNAME" name = "cdn" value = "en2-cdn.nyc3.cdn.digitaloceanspaces.com." ttl = 3600 } resource "digitalocean_record" "enp_vpn" { domain = digitalocean_domain.enp.id type = "CNAME" name = "vpn" value = "en1.enp.one." ttl = 10600 } resource "digitalocean_record" "enp_web" { domain = digitalocean_domain.enp.id type = "CNAME" name = "web" value = "en1.enp.one." ttl = 10600 } resource "digitalocean_record" "enp_sso" { domain = digitalocean_domain.enp.id type = "CNAME" name = "sso" value = "en1.enp.one." ttl = 10600 } # ========================================================================== # Standard DO configuration for all managed domains, includes # NS records and SOA resource "digitalocean_record" "enp_ns1" { domain = digitalocean_domain.enp.id type = "NS" name = "@" value = "ns1.digitalocean.com." ttl = 1800 } resource "digitalocean_record" "enp_ns2" { domain = digitalocean_domain.enp.id type = "NS" name = "@" value = "ns2.digitalocean.com." ttl = 1800 } resource "digitalocean_record" "enp_ns3" { domain = digitalocean_domain.enp.id type = "NS" name = "@" value = "ns3.digitalocean.com." ttl = 1800 } # ========================================================================== # DMARC and HTTPS security configuration resource "digitalocean_record" "enp_dmarc" { domain = digitalocean_domain.enp.id type = "TXT" name = "_dmarc" value = "v=DMARC1; p=quarantine; adkim=s" ttl = 3600 } resource "digitalocean_record" "enp_caa" { domain = digitalocean_domain.enp.id type = "CAA" name = "@" value = "letsencrypt.org." ttl = 3600 tag = "issue" flags = 0 } resource "digitalocean_record" "enp_iodef" { domain = digitalocean_domain.enp.id type = "CAA" name = "@" value = "mailto:admin@enp.one" ttl = 3600 tag = "iodef" flags = 0 } # ========================================================================== # Tutanota mailer integration configuration resource "digitalocean_record" "enp_mx" { domain = digitalocean_domain.enp.id type = "MX" name = "@" value = "mail.tutanota.de." ttl = 3600 priority = 1010 } resource "digitalocean_record" "enp_spf" { domain = digitalocean_domain.enp.id type = "TXT" name = "@" value = "v=spf1 include:spf.tutanota.de -all" ttl = 3600 } resource "digitalocean_record" "enp_domainkey1" { domain = digitalocean_domain.enp.id type = "CNAME" name = "s1._domainkey" value = "s1._domainkey.tutanota.de." ttl = 10600 } resource "digitalocean_record" "enp_domainkey2" { domain = digitalocean_domain.enp.id type = "CNAME" name = "s2._domainkey" value = "s2._domainkey.tutanota.de." ttl = 10600 } resource "digitalocean_record" "enp_mta1" { domain = digitalocean_domain.enp.id type = "CNAME" name = "_mta-sts" value = "_mta-sts.tutanota.com." ttl = 10600 } resource "digitalocean_record" "enp_mta2" { domain = digitalocean_domain.enp.id type = "CNAME" name = "mta-sts" value = "mta-sts.tutanota.com." ttl = 10600 }