Adding google workspace terraform code

terraform/.terraform.lock.hcl

@@ -1,22 +1,23 @@
-# This file is maintained automatically by "terraform init".
+# This file is maintained automatically by "tofu init".
 # Manual edits may be lost in future updates.
 
-provider "registry.terraform.io/ovh/ovh" {
-  version = "0.15.0"
+provider "registry.opentofu.org/ovh/ovh" {
+  version = "2.1.0"
   hashes = [
-    "h1:rh7PGMysbkMfqBSf2CFoItKr7fF9hS7ZAIsZp0eOCxE=",
-    "zh:122172ff264ce8adfdd21af53b2a3bdf612f467aa24a44d3c517df05711d9324",
-    "zh:255e029721057a9f7e284f072600b1ee219abbcaf60be505b8af164a0bf85f12",
-    "zh:2db9a0c41062e8bfa51573f7cf584a82aa41e4d58b4e875dac993c08817558c3",
-    "zh:2f399c684f0d557b38dd5471d1f1827592260e2fb0c5380b7b6db7e5f58eb29d",
-    "zh:38fc5d0c2b0c5a549881b0ae942648f0b8542252533a6c7afcb2d6aeef003584",
-    "zh:4949c7ed30e074c0f5f4489c73a1e1262919e7fb95337b1ffcb2ef2e65211a1b",
-    "zh:4e9577d2099953a7aa31dca1dc31fdeeb57835e22b82f97b3f14056d8b907cb4",
-    "zh:6f9a40171e3b9be0c7640bbe7b994cad613779528306d6a3b922e773357abd2d",
-    "zh:7211debe573bd46d9e9ef10d60215ca8f3404baec437862e335945dcf798302d",
-    "zh:73ce6df8810fa7f427814f4878afe1841c554c2f5021ed56affc0593ef538958",
-    "zh:9aeb3b5b991cdc58cfc6a0c55ce71ebffad0cc2d906f876c4ebe40d0ed28b929",
-    "zh:9f1d3628318c2059c6baa38a6156b3c06f3c34f43720228a9bb30bbb15844ba6",
-    "zh:d38a2ad0809adcd2f3b95b5a8764bbdd4d1f96300951e050d578250152e459e9",
+    "h1:QNYWbHCXQyUAs1Ucxd4Lw7CS/FohMP/P21uyRWlYPTw=",
+    "zh:08d56f6fd7e0730ea379962b869a80ee47992d5f8523d259eada4479001ce646",
+    "zh:0f1e34db1f51e5b05e183b8905e89c521e223481507ab72421ec141718cb1465",
+    "zh:299b1a702fba2b42bcef9a12db0cb51d091962a6387e1da6043b4830d60b7eca",
+    "zh:4ee79a677eddff27ceed33c207b074ebbfc33727a9e5b863ae8d800da819f1da",
+    "zh:50b7ae60d4d539b79e8db097db954a03e582d29c760cff0854a9b882148db848",
+    "zh:6121ce09a73ed20025e933a8e237cbc62ccaee92fed5ebcbb6984b3c2bc6e4fc",
+    "zh:75cccdfefdfd9054b388b6c8ddce3ffa76adbdc9eb149f6e34998a87e5bb0d3d",
+    "zh:8859bdfb25ae26e4e924e9909f476eafea91a9c2c9f7f65fbc85e68f3c2c4e60",
+    "zh:a435fe28514806bc7b3a3c5a9b878401790402bd75d34f1a9fe1b7b7db9b66b7",
+    "zh:b3ac7469d1864cf96cad90fd8b0c4b99da2e5695b6b2826540320302c241f803",
+    "zh:b531d3ea1b12a17a8999a093a819f0e90c18b0d5db371e2c7e15add337f421ff",
+    "zh:bebc6b1aa48fc5c42fd68d9ff2f8866d794bfff568486d1943827202212aed44",
+    "zh:d4fb1c9e76eb923b35bea62ba4921cba63da83abe4676150d7a4bb9b687228eb",
+    "zh:f953ef37e4a1b3cac22f851c3269e7376704018ffa642b4768869cc227ffccc9",
   ]
 }

terraform/google_workspace.tf

@@ -0,0 +1,75 @@
+# haumdaucher.de
+
+resource "ovh_domain_zone_record" "haumdaucher_mx_record" {
+
+    zone = "haumdaucher.de"
+    fieldtype = "MX"
+    ttl = 60
+    target = "1 SMTP.GOOGLE.COM."
+}
+
+resource "ovh_domain_zone_record" "spf_haumdaucher_de" {
+  zone      = "haumdaucher.de"
+  subdomain = "" # SPF record goes on the root domain
+  fieldtype = "TXT"
+  ttl       = 60 # Time-to-live in seconds (1 hour is standard, but 60 is ok too)
+  target    = "v=spf1 include:_spf.google.com ~all"
+}
+
+resource "ovh_domain_zone_record" "dmarc_haumdaucher_de" {
+  zone      = "haumdaucher.de"
+  subdomain = "_dmarc" # DMARC record always goes on the _dmarc subdomain
+  fieldtype = "TXT"
+  ttl       = 60 # 1 hour TTL
+  target    = "v=DMARC1; p=none; rua=mailto:custom-admin@haumdaucher.de; ruf=mailto:custom-admin@haumdaucher.de"
+}
+
+resource "ovh_domain_zone_record" "dkim_google_haumdaucher_de" {
+  zone      = "haumdaucher.de"
+  subdomain = "google._domainkey" # The DNS Host name provided by Google
+  fieldtype = "TXT"
+  ttl       = 3600 # 1 hour TTL
+  target    = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4al3nYNZLlUBn0dcxqui5q48jjk4YvB2d2VNLfr864YdCm+3WqO6fc8Yx7sO4jKiX+OpMXnOc2RZazCCpcdCofJwTZxT+H0u2h4uyveEHq8UYqQZ66aAFLt3N1HYMT6+uFJZpKpSkFgqLagkQoW/cQHguJuu7Xjmt09fLTsBunjfJkKfUcjcyNlpnnAcVuo/TT7DKNzjB436yB1pf8QHxykUkV/lfz1/IzfRV//hR3H5pSNn4kR9qT9HqrTGgaZkPmStjoV2i2Dih4d3jO9FF1VDUNDm7W7739yiQhRZ5yelj5TaWGeRxWv+xM3YpVGqJzWI9oCuSpR2QaVKaOMQwIDAQAB"
+}
+
+# moritzgraf.de
+
+resource "ovh_domain_zone_record" "mx_record_moritzgraf_de" {
+
+    zone = "moritzgraf.de"
+    fieldtype = "MX"
+    ttl = 60
+    target = "1 SMTP.GOOGLE.COM."
+}
+
+
+resource "ovh_domain_zone_record" "google_domain_verification_moritzgraf_de" {
+    zone = "moritzgraf.de"
+    fieldtype = "TXT"
+    ttl = 60
+    target = "google-site-verification=YwUd-Bmbq1-lA7uYGcowsLEMczqx1odndFZq_Nk3nvM"
+}
+
+resource "ovh_domain_zone_record" "spf_moritzgraf_de" {
+  zone      = "moritzgraf.de"
+  subdomain = "" # SPF record goes on the root domain
+  fieldtype = "TXT"
+  ttl       = 60 # Time-to-live in seconds (1 hour is standard, but 60 is ok too)
+  target    = "v=spf1 include:_spf.google.com ~all"
+}
+
+resource "ovh_domain_zone_record" "dmarc_moritzgraf_de" {
+  zone      = "moritzgraf.de"
+  subdomain = "_dmarc" # DMARC record always goes on the _dmarc subdomain
+  fieldtype = "TXT"
+  ttl       = 60 # 1 hour TTL
+  target    = "v=DMARC1; p=none; rua=mailto:custom-admin@haumdaucher.de; ruf=mailto:custom-admin@haumdaucher.de"
+}
+
+resource "ovh_domain_zone_record" "dkim_google_moritzgraf_de" {
+  zone      = "moritzgraf.de"
+  subdomain = "google._domainkey" # The DNS Host name provided by Google
+  fieldtype = "TXT"
+  ttl       = 3600 # 1 hour TTL
+  target    = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4hYXxdgHDaNwqiUrHa4S9vbqLx/iV2avvgwwPqa5+2aOef109Ap8U7OfgFQQgwRVXx5XWbkKL69as3sdzuVA+8A8fRKbprugZEFoL9gyoTxPQveKO2s+1CsP0fUIx1c7aemfgn6mrfC0Ep17D70Y9YcQQWgiNHGHlgQDE1z6ncfUquHdipcmd0wEIAmjdNDBoqf3b1SRz5xaayKIeAsf/f2AFB1IeYwvLEaOC/mQDZWsry86RwjAfKvxbw0zAQaxSLFOho+kuxL2YUPbT55mZaB9Bi1G4VemzZUGuqXoq8xPzFOO/wxNi6Pei0Vs9wLwFahtuxriin4EVYOkjF4uwIDAQAB"
+}

terraform/ovh.tf

@@ -92,8 +92,8 @@ variable "subdomains_haumdaucher" {
 
 # ## graf.me -> problems with domain
 variable "domains" {
-    default = [ "moritzgraf.de","haumdaucher.de"
-                ,"graf-fam.de","ianaa.art"
+    default = [ "moritzgraf.de"
+                ,"graf-fam.de"
                 ,"krassescheisse.de"]
 }
 
@@ -190,29 +190,29 @@ resource "ovh_domain_zone_record" "moritzgraf" {
     target = "136.243.23.215" # hetzner
 }
 
-resource "ovh_domain_zone_record" "mx_records" {
-    for_each = toset(var.domains)
-    zone = each.key
-    fieldtype = "MX"
-    ttl = local.ttl
-    target = "10 mail.moritzgraf.de."
-}
+# resource "ovh_domain_zone_record" "mx_records" {
+#     for_each = toset(var.domains)
+#     zone = each.key
+#     fieldtype = "MX"
+#     ttl = local.ttl
+#     target = "10 mail.moritzgraf.de."
+# }
 
-## SPF
-resource "ovh_domain_zone_record" "spf_record_txt" {
-    for_each = toset(var.domains)
-    zone = each.key
-    fieldtype = "TXT"
-    ttl = local.ttl
-    target = "v=spf1 mx a:mail.moritzgraf.de -all"
-}
-resource "ovh_domain_zone_record" "spf_record_spf" {
-    for_each = toset(var.domains)
-    zone = each.key
-    fieldtype = "SPF"
-    ttl = 600
-    target = "\"v=spf1 mx a:mail.moritzgraf.de -all\""
-}
+# ## SPF
+# resource "ovh_domain_zone_record" "spf_record_txt" {
+#     for_each = toset(var.domains)
+#     zone = each.key
+#     fieldtype = "TXT"
+#     ttl = local.ttl
+#     target = "v=spf1 mx a:mail.moritzgraf.de -all"
+# }
+# resource "ovh_domain_zone_record" "spf_record_spf" {
+#     for_each = toset(var.domains)
+#     zone = each.key
+#     fieldtype = "SPF"
+#     ttl = 600
+#     target = "\"v=spf1 mx a:mail.moritzgraf.de -all\""
+# }
 
 ## DKIM
 resource "ovh_domain_zone_record" "dkim_record" {