blob: ae3708030be3978711814a7a1d83899107012bac (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
terraform {
required_providers {
vultr = {
source = "vultr/vultr"
version = "~> 2.1.2"
}
}
required_version = ">= 0.13"
}
# Input variables
variable "vultr_api_key" {
type = string
description = "Vultr API key."
}
variable "tld" {
type = string
description = "Root Top-Level Domain. Subdomains will be derived from it."
}
variable "hostname" {
type = string
description = "Human name of the host. This is a pet name, not cattle name :)"
}
# Vultr
provider "vultr" {
api_key = var.vultr_api_key
}
# Instance
resource "vultr_instance" "vps_server" {
enable_ipv6 = true
backups = "enabled"
hostname = var.hostname
activation_email = true
label = var.hostname
region = "cdg"
plan = "vc2-1c-1gb"
# $ curl -H "Authorization: Bearer $TF_VAR_vultr_api_key" https://api.vultr.com/v2/snapshots | jq
snapshot_id = "8e6aaab6-7973-48a0-aeb5-cb99ab1ff43d"
}
output "vps_public_ipv4" {
value = vultr_instance.vps_server.main_ip
}
output "vps_public_ipv6" {
value = vultr_instance.vps_server.v6_main_ip
}
# DNS and IP configuration
locals {
mail_domain = "mail.${var.tld}"
}
resource "vultr_dns_domain" "tld" {
# The CNAME record is already generated by Vultr
domain = var.tld
ip = vultr_instance.vps_server.main_ip
}
resource "vultr_dns_record" "vps_mail_a_record" {
domain = vultr_dns_domain.tld.id
name = "mail"
data = vultr_instance.vps_server.main_ip
type = "A"
}
resource "vultr_reverse_ipv4" "vps_mail_reverse_ipv4" {
instance_id = vultr_instance.vps_server.id
ip = vultr_instance.vps_server.main_ip
reverse = local.mail_domain
}
resource "vultr_dns_record" "vps_mail_aaaa_record" {
domain = vultr_dns_domain.tld.id
name = "mail"
data = vultr_instance.vps_server.v6_main_ip
type = "AAAA"
}
resource "vultr_reverse_ipv6" "vps_mail_reverse_ipv6" {
instance_id = vultr_instance.vps_server.id
ip = vultr_instance.vps_server.v6_main_ip
reverse = local.mail_domain
}
resource "vultr_dns_record" "vps_mx_record" {
domain = vultr_dns_domain.tld.id
name = ""
data = local.mail_domain
type = "MX"
}
resource "vultr_dns_record" "vps_spf_txt" {
domain = vultr_dns_domain.tld.id
name = ""
data = "\"v=spf1 mx -all\""
type = "TXT"
}
resource "vultr_dns_record" "vps_dkim_txt" {
domain = vultr_dns_domain.tld.id
name = "mail._domainkey"
data = "\"v=DKIM1; k=rsa; s=email; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgxJoKIUUzm1/4b507UQnO2gzJU5haFUhjLK2Vsx3eEGZ83XNj1NkI40IstWsR1VXNUkYcnuCGYwwoDwu397PBRK3qi62MV85rtLQ3ZbUoCkEtPgdoLome/87TU1sziMgadGVwK5QeV4bfFQYCY8dinM9QzIpfUo3UyB6s9mrCbQIDAQAB\""
type = "TXT"
}
resource "vultr_dns_record" "vps_dmarc_txt" {
domain = vultr_dns_domain.tld.id
name = "_dmarc"
data = "\"v=DMARC1; p=quarantine\""
type = "TXT"
}
# I think this DNS is configured by default
# resource "vultr_dns_record" "vps_cname_start_alias" {
# domain = vultr_dns_domain.tld.id
# name = "*"
# data = var.tld
# type = "CNAME"
# }
|
