infrapuzzle/terraform/ovh.tf

provider "ovh" {
  endpoint           = "ovh-eu"
  application_key    = "grBXP8S9ugOfjfpj"
  application_secret = "6mMRIUxMWaXff631ulc2jj5HybGg4ESx"
  consumer_key       = "m3D43OxSD03iyfKenn1fQ1AVl3eXodKn"
}

locals {
    ttl = "60"
}

## old moritzgrafde

variable "subdomains_moritzgraf" {
  default = ["auth","prometheus","alertmanager","chat","mqtt", "cloud",
  "monitoring","smtp","pop3","imap","jaeger","ldap","code","hub",
  "grafana","phpmyadmin","webapp","kc","phppgadmin","www","rstudio","code" ]
}

resource "ovh_domain_zone_record" "moritzgraf_subdomains" {
    for_each = toset( var.subdomains_moritzgraf )
    zone = "moritzgraf.de"
    subdomain = each.key
    fieldtype = "CNAME"
    ttl = local.ttl
    target = "moritzgraf.de."
}


## new haumdaucher k8s

variable "subdomains_moritzgraf_k8s" {
  default = ["corona","corona-api","tt-rss","git" ]
}

resource "ovh_domain_zone_record" "moritzgraf_subdomains_k8s" {
    for_each = toset( var.subdomains_moritzgraf_k8s )
    zone = "moritzgraf.de"
    subdomain = each.key
    fieldtype = "CNAME"
    ttl = local.ttl
    target = "haumdaucher.de."
}

## nodes

resource "ovh_domain_zone_record" "one" {
    zone = "haumdaucher.de"
    subdomain = "one"
    fieldtype = "A"
    ttl = local.ttl
    #target = "91.121.84.190"
    target = "136.243.23.215"
}
resource "ovh_domain_zone_record" "two" {
    zone = "haumdaucher.de"
    subdomain = "two"
    fieldtype = "A"
    ttl = local.ttl
    target = "37.59.40.95"
}
resource "ovh_domain_zone_record" "three" {
    zone = "haumdaucher.de"
    subdomain = "three"
    fieldtype = "A"
    ttl = local.ttl
    target = "37.59.61.198"
}

## krassescheisse

resource "ovh_domain_zone_record" "krassescheisse_subdomains" {
    for_each = toset( var.subdomains_moritzgraf )
    zone = "krassescheisse.de"
    subdomain = each.key
    fieldtype = "CNAME"
    ttl = local.ttl
    target = "krassescheisse.de."
}


variable "subdomains_haumdaucher" {
  default = ["corona"]
}

# resource "ovh_domain_zone_record" "haumdaucher_subdomains" {
#     for_each = toset( var.subdomains_haumdaucher )
#     zone = "haumdaucher.de"
#     subdomain = each.key
#     fieldtype = "CNAME"
#     ttl = local.ttl
#     target = "haumdaucher.de."
# }

# ## graf.me -> problems with domain
variable "domains" {
    default = [ "moritzgraf.de","haumdaucher.de","ameliegraf.de"
                ,"graf-fam.de","ianaa.art"
                ,"krassescheisse.de"]
}

resource "ovh_domain_zone_record" "haumdaucher_domain" {
    zone = "haumdaucher.de"
    subdomain = ""
    fieldtype = "A"
    ttl = local.ttl
    target = "91.121.84.190"
}

resource "ovh_domain_zone_record" "haumdaucher_wildcard_domain" {
    zone = "haumdaucher.de"
    subdomain = "*"
    fieldtype = "A"
    ttl = local.ttl
    target = "91.121.84.190"
}


resource "ovh_domain_zone_record" "mail_moritzgraf" {
    zone = "moritzgraf.de"
    subdomain = "mail"
    fieldtype = "A"
    ttl = local.ttl
    target = "91.121.64.43" # old
    #target = "91.121.84.190" # new
}
resource "ovh_domain_zone_record" "moritzgraf" {
    zone = "moritzgraf.de"
    fieldtype = "A"
    ttl = local.ttl
    target = "91.121.64.43" # old
    #target = "91.121.84.190" # new
}


resource "ovh_domain_zone_record" "mx_records" {
    for_each = toset(var.domains)
    zone = each.key
    fieldtype = "MX"
    ttl = local.ttl
    target = "10 mail.moritzgraf.de."
}

## SPF
resource "ovh_domain_zone_record" "spf_record_txt" {
    for_each = toset(var.domains)
    zone = each.key
    fieldtype = "TXT"
    ttl = local.ttl
    target = "v=spf1 mx a:mail.moritzgraf.de -all"
}
resource "ovh_domain_zone_record" "spf_record_spf" {
    for_each = toset(var.domains)
    zone = each.key
    fieldtype = "SPF"
    ttl = 600
    target = "\"v=spf1 mx a:mail.moritzgraf.de -all\""
}

## DKIM
resource "ovh_domain_zone_record" "dkim_record" {
    for_each = toset(var.domains)
    zone = each.key
    fieldtype = "TXT"
    ttl = local.ttl
    subdomain = "dkim._domainkey"
    target = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDhnjYV76s63M4zVRTjVf5Z/fTO6Rq3o4DXg62FCgAxQOYB9ANXeBvUPokT+p5SgjGC8HwBYIzzwCTCS6sqHsy8NfnHU1xFH5NcY4LqTopVX//eYpPF+bTwarDVu/lcCxiX4cN84U1yL8lqf0sOJ7ubGlSeZ/SfM/Ppj7Wkh/kBOQIDAQAB"
}

# ## DMARC
resource "ovh_domain_zone_record" "dmarc_record" {
    for_each = toset(var.domains)
    zone = each.key
    fieldtype = "TXT"
    ttl = local.ttl
    subdomain = "_dmarc"
    #target = "v=DMARC1; p=reject; rua=mailto:admin@moritzgraf.de; ruf=mailto:admin@moritzgraf.de; adkim=s; aspf=s"
    target = "v=DMARC1; p=reject; rua=none; ruf=mailto:admin@moritzgraf.de; adkim=s; aspf=s"
}