terraform {
  required_providers {
    vultr = {
      source  = "vultr/vultr"
      version = "~> 2.1.2"
    }
  }
  required_version = ">= 0.13"
}

# Input variables

variable "vultr_api_key" {
  type        = string
  description = "Vultr API key."
}

variable "vps_tld" {
  type        = string
  description = "Root Top-Level Domain. Subdomains will be derived from it."
}

variable "vps_hostname" {
  type        = string
  description = "Human name of the host. This is a pet name, not cattle name :)"
}

variable "vps_dkim_public_key" {
  type        = string
  description = "Public key for the DNS TXT DKIM record."
}

variable "vps_dkim_selector" {
  type        = string
  description = "The DKIM selector that prefixes the domain in the TXT record."
}

# Vultr

provider "vultr" {
  api_key = var.vultr_api_key
}

# Instance

resource "vultr_instance" "vps_server" {
  enable_ipv6      = true
  backups          = "enabled"
  hostname         = var.vps_hostname
  activation_email = true
  label            = var.vps_hostname
  region           = "cdg"
  plan             = "vc2-1c-1gb"
  # $ curl -H "Authorization: Bearer $TF_VAR_vultr_api_key" https://api.vultr.com/v2/snapshots  | jq
  snapshot_id = "8e6aaab6-7973-48a0-aeb5-cb99ab1ff43d"
}

output "vps_public_ipv4" {
  value = vultr_instance.vps_server.main_ip
}

output "vps_public_ipv6" {
  value = vultr_instance.vps_server.v6_main_ip
}

# DNS and IP configuration

locals {
  mail_domain = "mail.${var.vps_tld}"
}

resource "vultr_dns_domain" "vps_tld" {
  # The CNAME record is already generated by Vultr
  domain = var.vps_tld
  ip     = vultr_instance.vps_server.main_ip
}

resource "vultr_dns_record" "vps_mail_a_record" {
  domain = vultr_dns_domain.vps_tld.id
  name   = "mail"
  data   = vultr_instance.vps_server.main_ip
  type   = "A"
}

resource "vultr_reverse_ipv4" "vps_mail_reverse_ipv4" {
  instance_id = vultr_instance.vps_server.id
  ip          = vultr_instance.vps_server.main_ip
  reverse     = local.mail_domain
}

resource "vultr_dns_record" "vps_mail_aaaa_record" {
  domain = vultr_dns_domain.vps_tld.id
  name   = "mail"
  data   = vultr_instance.vps_server.v6_main_ip
  type   = "AAAA"
}

resource "vultr_reverse_ipv6" "vps_mail_reverse_ipv6" {
  instance_id = vultr_instance.vps_server.id
  ip          = vultr_instance.vps_server.v6_main_ip
  reverse     = local.mail_domain
}

resource "vultr_dns_record" "vps_mx_record" {
  domain = vultr_dns_domain.vps_tld.id
  name   = ""
  data   = local.mail_domain
  type   = "MX"
}

resource "vultr_dns_record" "vps_spf_txt" {
  domain = vultr_dns_domain.vps_tld.id
  name   = ""
  data   = "\"v=spf1 mx -all\""
  type   = "TXT"
}

resource "vultr_dns_record" "vps_dkim_txt" {
  domain = vultr_dns_domain.vps_tld.id
  name   = "${var.vps_dkim_selector}._domainkey"
  data   = "\"v=DKIM1;k=rsa;p=${var.vps_dkim_public_key}\""
  type   = "TXT"
}

resource "vultr_dns_record" "vps_dmarc_txt" {
  domain = vultr_dns_domain.vps_tld.id
  name   = "_dmarc"
  data   = "\"v=DMARC1;p=none;pct=100;rua=mailto:postmaster@${var.vps_tld};\""
  type   = "TXT"
}

# I think this DNS is configured by default

# resource "vultr_dns_record" "vps_cname_start_alias" {
#   domain = vultr_dns_domain.vps_tld.id
#   name   = "*"
#   data   = var.vps_tld
#   type   = "CNAME"
# }