diff --git a/.gitignore b/.gitignore index 0c49583..aefe81d 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,7 @@ venv/ .terraform.lock.hcl .terraform auth.yaml +tfplan +plan.log +.DS_Store +.DS_Store diff --git a/auth_sample.yaml b/auth_sample.yaml index 0f62506..247d673 100644 --- a/auth_sample.yaml +++ b/auth_sample.yaml @@ -1,3 +1,2 @@ auth: - api_token: !add - email: !add \ No newline at end of file + api_token: !add \ No newline at end of file diff --git a/inputs.tf b/inputs.tf deleted file mode 100644 index e69de29..0000000 diff --git a/main.tf b/main.tf index aae8130..9dad4b4 100644 --- a/main.tf +++ b/main.tf @@ -1,10 +1,25 @@ -provider "cloudflare" { - api_token = local.cloudflare_api.auth.api_token -} + locals { - cloudflare_api = yamldecode(file("${path.module}/auth.yaml")) - zones = yamldecode(file("${path.module}/zones.yaml")) + api = yamldecode(file("${path.module}/auth.yaml")) + zones = yamldecode(file("${path.module}/zones.yaml")) + nameservers = data.hetznerdns_nameservers.primary.ns + + + + + + ns_data = flatten([ + for zone_name, records in local.zones : [ + for ns_entry in local.nameservers : { + zone_name = zone_name + record_type = "NS" + record_value = ns_entry.name + record_name = "@" + extra_data = "" + } + ] + ]) zone_data = flatten([ for zone_name, records in local.zones : [ @@ -23,18 +38,38 @@ locals { ]) } -data "cloudflare_zone" "zone" { - for_each = local.zones - name = each.key +data "hetznerdns_nameservers" "primary" { + type = "authoritative" } -resource "cloudflare_record" "myrecord" { + +resource "hetznerdns_zone" "zone" { + for_each = local.zones + name = each.key + ttl = 300 +} + +resource "hetznerdns_record" "myrecord" { for_each = { for record in local.zone_data : "${record.record_type}${record.extra_data}-${record.record_name}.${record.zone_name}" => record } - zone_id = data.cloudflare_zone.zone[each.value.zone_name].id - name = "${each.value.record_name}.${each.value.zone_name}" == "@.${each.value.zone_name}" ? each.value.zone_name : "${each.value.record_name}.${each.value.zone_name}" - type = each.value.record_type - value = each.value.record_value - ttl = 300 - priority = each.value.record_type == "MX" ? tonumber(each.value.extra_data) : 0 + zone_id = hetznerdns_zone.zone[each.value.zone_name].id + name = "${each.value.record_name}" + type = each.value.record_type + value = each.value.record_type == "MX" ? "${each.value.extra_data} ${each.value.record_value}" : each.value.record_value + ttl = 300 + +} + + +resource "hetznerdns_record" "ns" { + for_each = { + for record in local.ns_data : + "${record.record_type}-${record.record_name}-${record.zone_name}-${record.record_value}" => record + } + + zone_id = hetznerdns_zone.zone[each.value.zone_name].id + name = each.value.record_name + type = each.value.record_type + value = each.value.record_value + ttl = 300 } \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 9848c28..ecbae45 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,6 +1,6 @@ output "zones" { - value = data.cloudflare_zone.zone + value = length(local.zones) } -output "records" { - value = cloudflare_record.myrecord +output "zone_ids" { + value = { for name, zone in hetznerdns_zone.zone : name => zone.id } } diff --git a/variables.tf b/variables.tf deleted file mode 100644 index e69de29..0000000 diff --git a/versions.tf b/versions.tf index 1e2107a..f483e09 100644 --- a/versions.tf +++ b/versions.tf @@ -1,9 +1,12 @@ terraform { required_providers { - cloudflare = { - source = "cloudflare/cloudflare" - version = "~> 4" - + hetznerdns = { + source = "germanbrew/hetznerdns" + version = "3.3.3" } } +} + +provider "hetznerdns" { + api_token = local.api.auth.api_token } \ No newline at end of file diff --git a/zones.yaml b/zones.yaml old mode 100644 new mode 100755 index 1ae4f91..68ca51b --- a/zones.yaml +++ b/zones.yaml @@ -1,68 +1,198 @@ +jan-ole.de: + a: + #---servers + #server0-------------- + server0: 185.239.239.162 + "*.server0": 185.239.239.162 + + #server1-------------- + server1: 147.189.171.39 + "*.server1": 147.189.171.39 + + #server2-------------- + server2: 134.255.232.17 + "*.server2": 134.255.232.17 + + #server3-------------- + server3: 45.141.36.103 + "*.server3": 45.141.36.103 + + #server4-USA---------- + usa.vpn: 181.214.240.124 + "*.usa.vpn": 181.214.240.124 + + #webspace0------------- + www: 185.223.31.112 + "@": 185.223.31.112 + "*.demo": 185.223.31.112 + demo: 185.223.31.112 + + cname: + sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com. + streaming: jan-ole.cloud. + "*.streaming": jan-ole.cloud. + lana: jan-ole.cloud. + mx: + "@/10": mx01.mail.icloud.com. + "@/20": mx02.mail.icloud.com. + txt: + "@": apple-domain=QREjDJD5KtZRhlq8 + "@/10": "v=spf1 redirect=icloud.com include:icloud.com ~all" + "@/20": google-site-verification=rzO53ch4FY1zxgms9_FJAyE0nnj9_uRmLaSKqXw38ww + "_discord": dh=ddb43cee298d9a23196b21847105f88aafae8350 + +jan-ole.download: + a: + "@": 185.239.237.65 + www: 185.239.237.65 + "*": 185.239.237.65 + +jan-ole.sh: + cname: + "www": janolehuebner.github.io. + a: + "@/10": 185.199.108.153 + "@/20": 185.199.109.153 + "@/30": 185.199.110.153 + "@/40": 185.199.111.153 + aaaa: + "@/10": 2606:50c0:8000::153 + "@/20": 2606:50c0:8001::153 + "@/30": 2606:50c0:8002::153 + "@/40": 2606:50c0:8003::153 + +jan-ole.dev: + a: + "@": 185.239.237.65 + www: 185.239.237.65 + "*": 185.239.237.65 + +ole.monster: + a: + "@": 185.239.237.65 + www: 185.239.237.65 + "*": 185.239.237.65 + +fairy-feet.de: + jan-ole.link: + mx: + "@/10": jan-ole.link. a: "@": 185.223.31.112 www: 185.223.31.112 - leslie: 185.239.239.162 - "*.leslie": 185.239.239.162 + webmail: 185.223.31.112 + txt: + "@": google-site-verification=HKmGUIFhbnE41t_358P10qZKhEufHzMAzlCSrv1iQW4 ole.click: a: - "@": 185.223.31.112 - www: 185.223.31.112 - share: 185.223.31.112 - "*.share": 185.223.31.112 - leslie: 185.239.239.162 - "*.leslie": 185.239.239.162 - -krewella.rocks: - a: - "@": 185.223.31.112 - www: 185.223.31.112 - leslie: 185.239.239.162 - "*.leslie": 185.239.239.162 - -jan-ole.tech: - a: - "@": 192.168.84.1 - www: 192.168.84.1 - leslie: 185.239.239.162 - "*.leslie": 185.239.239.162 - -jan-ole.de: - a: - "@": 185.223.31.112 - www: 185.223.31.112 - "*.demo": 185.223.31.112 - demo: 185.223.31.112 - "influx": 134.255.232.17 - "*.influx": 134.255.232.17 - status: 185.223.31.112 - "*.status": 185.223.31.112 - leslie: 185.239.239.162 - "*.leslie": 185.239.239.162 - lina: 134.255.232.17 - "*.lina": 134.255.232.17 + "@": 185.239.237.65 + www: 185.239.237.65 txt: - "@": v=spf1 redirect=icloud.com - "@/10": apple-domain=FsvGrRPoGf8wHqLU - mx: - "@/10": mx01.mail.icloud.com - "@/20": mx02.mail.icloud.com - cname: - sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com - -ole.pink: - -fairy-feet.de: - a: - "*": 134.255.232.17 - "@": 134.255.232.17 + "_discord": dh=9f248b2dbca94cc3e47b672ad6a33415750fbc4e jan-ole.cloud: a: - "*": 138.201.67.182 - "@": 138.201.67.182 - www: 138.201.67.182 + #zap-gameserver + palworld: 193.23.127.45 + "*.palworld": 193.23.127.45 + cname: + influx: jan-ole.cloud. + "*.influx": jan-ole.cloud. + books: jan-ole.cloud. + dav: jan-ole.cloud. + "*.photos": jan-ole.cloud. + photos: jan-ole.cloud. + ganymede: jan-ole.cloud. + "*.ganymede": jan-ole.cloud. + lana: jan-ole.cloud. + "*.lana": jan-ole.cloud. + tube: jan-ole.cloud. + "*.tube": jan-ole.cloud. + streaming: jan-ole.cloud. + "*.streaming": jan-ole.cloud. + git: jan-ole.cloud. + "*.git": janole.cloud. + +ole.pink: txt: - "*": v=spf1 a mx include:ole.click -all - "www": v=spf1 a mx include:ole.click -all \ No newline at end of file + "_discord": dh=8be51e2beb64f555b5170ee2da95fa5eba315250 + +huebner.haus: + cname: + jan-ole: jan-ole.cloud. + "*.jan-ole": jan-ole.cloud. + heiko: kgh7xxzoeeajftib.myfritz.net. + "*.heiko": kgh7xxzoeeajftib.myfritz.net. + + +blondii.link: + a: + "@": 185.223.31.112 + www: 185.223.31.112 + txt: + "@": google-site-verification=nCc2Fw7XciUq9-1eWAUPU1LhPaWx1gMeIKBaDDfy3Ks + +blondii.live: + a: + "@": 185.223.31.112 + www: 185.223.31.112 + download: 185.223.31.112 + "*.download": 185.223.31.112 + txt: + "@": google-site-verification=o1EqL6Qo5RTrUz61EGh75YfhX0FkNCk848Hb5qDCes4 + +darkblondii.link: + a: + "@": 185.223.31.112 + www: 185.223.31.112 + txt: + "@": google-site-verification=OtXtrYhaTsngZOMzfAwtgqUgnALh2sUfB8UoS53z0yo + +darkblondii.live: + a: + "@": 185.223.31.112 + www: 185.223.31.112 + txt: + "@": google-site-verification=iwzEIcfA2YXNIPFEs7gjkPJbeS8uJeF9KZIwxDiJeks + +darkblondii.de: + mx: + "@/10": darkblondii.de. + a: + "@": 185.223.31.112 + www: 185.223.31.112 + webmail: 185.223.31.112 + txt: + "@/10": "google-site-verification=u9v4bvqD26WB5o8nO7zW9VMG5ZmjcNTSK_f6sAuNYSc" + "@": "v=spf1 a mx -all" + default._domainkey: "v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/e2vHLlv6CTwMoxHeyJxppb2d7z+voH7DeBOSQI/QM5qBT0yfLBJEg1/ayTrHIyzbXd0DOVfsk/Wv7i3fpPHnFfw9CYSIn8pQEL9+seUc/VP9FJ68+9akPkwUGinqE4nGkT7ByqDrUeZzErQMX1nqXxkwx0JpBZqFTxfNYi6IphbUSu4xatkFbGBFFOPiHxYyIZdp35uiHL8Ub+tpDJpQ7zLf5VVwlY9EeakzslV+UJhG/ANh6dkQwyXrdT0QQ0lC8RS1CF9qs060blqwk/QZvQG6WRON0aq6F/p+FZ4P7hFMoUiHVokdW1GIAXUpleTwXnXGZmJG4g2dM6HFv+fQIDAQAB;" + _domainkey: "o=-" + _dmarc: "v=DMARC1; p=quarantine; rua=mailto:huebner@jan-ole.de; ruf=mailto:huebner@jan-ole.de; fo=1" + +darkblondii.shop: + mx: + "@/10": darkblondii.shop. + a: + "@": 185.223.31.112 + www: 185.223.31.112 + webmail: 185.223.31.112 + +darkblondii.com: + mx: + "@/10": darkblondii.com. + a: + "@": 185.223.31.112 + www: 185.223.31.112 + + +huebner.pink: + cname: + sig1._domainkey: "sig1.dkim.huebner.pink.at.icloudmailadmin.com." + mx: + "@/10": "mx01.mail.icloud.com." + "@/20": "mx02.mail.icloud.com." + txt: + "@": "apple-domain=mOjnPLSTRwMrIocF" + "@/10": "v=spf1 include:icloud.com ~all"