skylab
/
skylab-ansible
Archived
2
0
Fork 0
Code Pull Requests Releases Activity
This repository has been archived on 2023-05-19. You can view files and clone it, but cannot push or open issues or pull requests.
skylab-ansible/terra/domain.enp.tf

201 lines
4.4 KiB
HCL
Raw Blame History

resource "digitalocean_domain" "enp" {
name = "enp.one"
}
# ==========================================================================
# Standard hostname configuration
resource "digitalocean_record" "enp" {
domain = digitalocean_domain.enp.id
type = "A"
name = "@"
value = "24.2.156.189"
ttl = 3600
}
resource "digitalocean_record" "enp_en1" {
domain = digitalocean_domain.enp.id
type = "A"
name = "en1"
value = "24.2.156.189"
ttl = 3600
}
# ==========================================================================
# Service CNAME configuration
resource "digitalocean_record" "enp_vcs" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "vcs"
value = "en1.enp.one."
ttl = 10600
}
resource "digitalocean_record" "enp_ssv" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "ssv"
value = "en1.enp.one."
ttl = 10600
}
resource "digitalocean_record" "enp_pms" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "pms"
value = "en1.enp.one."
ttl = 10600
}
resource "digitalocean_record" "enp_cdn" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "cdn"
value = "en2-cdn.nyc3.cdn.digitaloceanspaces.com."
ttl = 3600
}
resource "digitalocean_record" "enp_vpn" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "vpn"
value = "en1.enp.one."
ttl = 10600
}
resource "digitalocean_record" "enp_web" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "web"
value = "en1.enp.one."
ttl = 10600
}
resource "digitalocean_record" "enp_sso" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "sso"
value = "en1.enp.one."
ttl = 10600
}
resource "digitalocean_record" "enp_img" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "img"
value = "en1.enp.one."
ttl = 10600
}
# ==========================================================================
# Standard DO configuration for all managed domains, includes
# NS records and SOA
resource "digitalocean_record" "enp_ns1" {
domain = digitalocean_domain.enp.id
type = "NS"
name = "@"
value = "ns1.digitalocean.com."
ttl = 1800
}
resource "digitalocean_record" "enp_ns2" {
domain = digitalocean_domain.enp.id
type = "NS"
name = "@"
value = "ns2.digitalocean.com."
ttl = 1800
}
resource "digitalocean_record" "enp_ns3" {
domain = digitalocean_domain.enp.id
type = "NS"
name = "@"
value = "ns3.digitalocean.com."
ttl = 1800
}
# ==========================================================================
# DMARC and HTTPS security configuration
resource "digitalocean_record" "enp_dmarc" {
domain = digitalocean_domain.enp.id
type = "TXT"
name = "_dmarc"
value = "v=DMARC1; p=quarantine; adkim=s"
ttl = 3600
}
resource "digitalocean_record" "enp_caa" {
domain = digitalocean_domain.enp.id
type = "CAA"
name = "@"
value = "letsencrypt.org."
ttl = 3600
tag = "issue"
flags = 0
}
resource "digitalocean_record" "enp_iodef" {
domain = digitalocean_domain.enp.id
type = "CAA"
name = "@"
value = "mailto:admin@enp.one"
ttl = 3600
tag = "iodef"
flags = 0
}
# ==========================================================================
# Tutanota mailer integration configuration
resource "digitalocean_record" "enp_mx" {
domain = digitalocean_domain.enp.id
type = "MX"
name = "@"
value = "mail.tutanota.de."
ttl = 3600
priority = 1010
}
resource "digitalocean_record" "enp_spf" {
domain = digitalocean_domain.enp.id
type = "TXT"
name = "@"
value = "v=spf1 include:spf.tutanota.de -all"
ttl = 3600
}
resource "digitalocean_record" "enp_domainkey1" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "s1._domainkey"
value = "s1._domainkey.tutanota.de."
ttl = 10600
}
resource "digitalocean_record" "enp_domainkey2" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "s2._domainkey"
value = "s2._domainkey.tutanota.de."
ttl = 10600
}
resource "digitalocean_record" "enp_mta1" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "_mta-sts"
value = "_mta-sts.tutanota.com."
ttl = 10600
}
resource "digitalocean_record" "enp_mta2" {
domain = digitalocean_domain.enp.id
type = "CNAME"
name = "mta-sts"
value = "mta-sts.tutanota.com."
ttl = 10600
}
View Git Blame Copy Permalink