blob: 05f5b31801a3af431ae85d79c3d499bc170e401f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
# Input variables
variable "vultr_api_key" {
type = string
description = "Vultr API key."
}
variable "tld" {
type = string
description = "Root Top-Level Domain. Subdomains will be derived from it."
}
variable "hostname" {
type = string
description = "Human name of the host. This is a pet name, not cattle name :)"
}
variable "dkim_public_key" {
type = string
description = "Public key for the DNS TXT DKIM record."
}
variable "dkim_selector" {
type = string
description = "The DKIM selector that prefixes the domain in the TXT record."
}
# Vultr
provider "vultr" {
api_key = var.vultr_api_key
}
# Instance
resource "vultr_server" "vps_server" {
enable_ipv6 = true
notify_activate = true
auto_backup = true
hostname = var.hostname
label = var.hostname
# $ curl https://api.vultr.com/v1/regions/list | jq '.["9"]'
region_id = 9
# $ curl https://api.vultr.com/v1/plans/list?type=vc2 | jq '.["201"]'
plan_id = 201
# $ curl -H "API-Key: $TF_VAR_vultr_api_key" https://api.vultr.com/v1/snapshot/list | jq
snapshot_id = "5c35fb3a74873" # base-guix-image
}
output "public_ip" {
value = vultr_server.vps_server.main_ip
}
# DNS and IP configuration
locals {
mail_domain = "mail.${var.tld}"
}
resource "vultr_dns_domain" "vps_tld" {
# The CNAME record is already generated by Vultr
domain = var.tld
server_ip = vultr_server.vps_server.main_ip
}
resource "vultr_dns_record" "vps_mail_a_record" {
domain = var.tld
name = "mail"
data = vultr_server.vps_server.main_ip
type = "A"
}
resource "vultr_reverse_ipv4" "vps_mail_reverse_ipv4" {
instance_id = vultr_server.vps_server.id
ip = vultr_server.vps_server.main_ip
reverse = local.mail_domain
}
resource "vultr_dns_record" "vps_mail_aaaa_record" {
domain = var.tld
name = "mail"
data = vultr_server.vps_server.v6_networks[0].v6_main_ip
type = "AAAA"
}
resource "vultr_reverse_ipv6" "vps_mail_reverse_ipv6" {
instance_id = vultr_server.vps_server.id
ip = vultr_server.vps_server.v6_networks[0].v6_main_ip
reverse = local.mail_domain
}
resource "vultr_dns_record" "vps_mx_record" {
domain = var.tld
name = ""
data = local.mail_domain
type = "MX"
}
resource "vultr_dns_record" "vps_spf_txt" {
domain = var.tld
name = ""
data = "\"v=spf1 mx -all\""
type = "TXT"
}
resource "vultr_dns_record" "vps_dkim_txt" {
domain = var.tld
name = "${var.dkim_selector}._domainkey"
data = "\"v=DKIM1;k=rsa;p=${var.dkim_public_key}\""
type = "TXT"
}
resource "vultr_dns_record" "vps_dmarc_txt" {
domain = var.tld
name = "_dmarc"
data = "\"v=DMARC1;p=none;pct=100;rua=mailto:postmaster@${var.tld};\""
type = "TXT"
}
|
