193 lines
4.3 KiB
HCL
193 lines
4.3 KiB
HCL
resource "digitalocean_domain" "enp" {
|
|
name = "enp.one"
|
|
}
|
|
|
|
|
|
# ==========================================================================
|
|
# Standard hostname configuration
|
|
resource "digitalocean_record" "enp" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "A"
|
|
name = "@"
|
|
value = "24.2.156.189"
|
|
ttl = 3600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_en1" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "A"
|
|
name = "en1"
|
|
value = "24.2.156.189"
|
|
ttl = 3600
|
|
}
|
|
|
|
|
|
# ==========================================================================
|
|
# Service CNAME configuration
|
|
resource "digitalocean_record" "enp_vcs" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "vcs"
|
|
value = "en1.enp.one."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_ssv" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "ssv"
|
|
value = "en1.enp.one."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_pms" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "pms"
|
|
value = "en1.enp.one."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_cdn" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "cdn"
|
|
value = "en2-cdn.nyc3.cdn.digitaloceanspaces.com."
|
|
ttl = 3600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_vpn" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "vpn"
|
|
value = "en1.enp.one."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_web" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "web"
|
|
value = "en1.enp.one."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_sso" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "sso"
|
|
value = "en1.enp.one."
|
|
ttl = 10600
|
|
}
|
|
|
|
|
|
# ==========================================================================
|
|
# Standard DO configuration for all managed domains, includes
|
|
# NS records and SOA
|
|
resource "digitalocean_record" "enp_ns1" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "NS"
|
|
name = "@"
|
|
value = "ns1.digitalocean.com."
|
|
ttl = 1800
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_ns2" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "NS"
|
|
name = "@"
|
|
value = "ns2.digitalocean.com."
|
|
ttl = 1800
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_ns3" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "NS"
|
|
name = "@"
|
|
value = "ns3.digitalocean.com."
|
|
ttl = 1800
|
|
}
|
|
|
|
|
|
# ==========================================================================
|
|
# DMARC and HTTPS security configuration
|
|
resource "digitalocean_record" "enp_dmarc" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "TXT"
|
|
name = "_dmarc"
|
|
value = "v=DMARC1; p=quarantine; adkim=s"
|
|
ttl = 3600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_caa" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CAA"
|
|
name = "@"
|
|
value = "letsencrypt.org."
|
|
ttl = 3600
|
|
tag = "issue"
|
|
flags = 0
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_iodef" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CAA"
|
|
name = "@"
|
|
value = "mailto:admin@enp.one"
|
|
ttl = 3600
|
|
tag = "iodef"
|
|
flags = 0
|
|
}
|
|
|
|
|
|
# ==========================================================================
|
|
# Tutanota mailer integration configuration
|
|
resource "digitalocean_record" "enp_mx" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "MX"
|
|
name = "@"
|
|
value = "mail.tutanota.de."
|
|
ttl = 3600
|
|
priority = 1010
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_spf" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "TXT"
|
|
name = "@"
|
|
value = "v=spf1 include:spf.tutanota.de -all"
|
|
ttl = 3600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_domainkey1" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "s1._domainkey"
|
|
value = "s1._domainkey.tutanota.de."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_domainkey2" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "s2._domainkey"
|
|
value = "s2._domainkey.tutanota.de."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_mta1" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "_mta-sts"
|
|
value = "_mta-sts.tutanota.com."
|
|
ttl = 10600
|
|
}
|
|
|
|
resource "digitalocean_record" "enp_mta2" {
|
|
domain = digitalocean_domain.enp.id
|
|
type = "CNAME"
|
|
name = "mta-sts"
|
|
value = "mta-sts.tutanota.com."
|
|
ttl = 10600
|
|
}
|