diff --git a/.gitignore b/.gitignore index aefe81d..0c49583 100644 --- a/.gitignore +++ b/.gitignore @@ -5,7 +5,3 @@ venv/ .terraform.lock.hcl .terraform auth.yaml -tfplan -plan.log -.DS_Store -.DS_Store diff --git a/auth_sample.yaml b/auth_sample.yaml index 247d673..0f62506 100644 --- a/auth_sample.yaml +++ b/auth_sample.yaml @@ -1,2 +1,3 @@ auth: - api_token: !add \ No newline at end of file + api_token: !add + email: !add \ No newline at end of file diff --git a/inputs.tf b/inputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/main.tf b/main.tf index 9dad4b4..aae8130 100644 --- a/main.tf +++ b/main.tf @@ -1,25 +1,10 @@ - +provider "cloudflare" { + api_token = local.cloudflare_api.auth.api_token +} locals { - api = yamldecode(file("${path.module}/auth.yaml")) - zones = yamldecode(file("${path.module}/zones.yaml")) - nameservers = data.hetznerdns_nameservers.primary.ns - - - - - - ns_data = flatten([ - for zone_name, records in local.zones : [ - for ns_entry in local.nameservers : { - zone_name = zone_name - record_type = "NS" - record_value = ns_entry.name - record_name = "@" - extra_data = "" - } - ] - ]) + cloudflare_api = yamldecode(file("${path.module}/auth.yaml")) + zones = yamldecode(file("${path.module}/zones.yaml")) zone_data = flatten([ for zone_name, records in local.zones : [ @@ -38,38 +23,18 @@ locals { ]) } -data "hetznerdns_nameservers" "primary" { - type = "authoritative" +data "cloudflare_zone" "zone" { + for_each = local.zones + name = each.key } - -resource "hetznerdns_zone" "zone" { - for_each = local.zones - name = each.key - ttl = 300 -} - -resource "hetznerdns_record" "myrecord" { +resource "cloudflare_record" "myrecord" { for_each = { for record in local.zone_data : "${record.record_type}${record.extra_data}-${record.record_name}.${record.zone_name}" => record } - zone_id = hetznerdns_zone.zone[each.value.zone_name].id - name = "${each.value.record_name}" - type = each.value.record_type - value = each.value.record_type == "MX" ? "${each.value.extra_data} ${each.value.record_value}" : each.value.record_value - ttl = 300 - -} - - -resource "hetznerdns_record" "ns" { - for_each = { - for record in local.ns_data : - "${record.record_type}-${record.record_name}-${record.zone_name}-${record.record_value}" => record - } - - zone_id = hetznerdns_zone.zone[each.value.zone_name].id - name = each.value.record_name - type = each.value.record_type - value = each.value.record_value - ttl = 300 + zone_id = data.cloudflare_zone.zone[each.value.zone_name].id + name = "${each.value.record_name}.${each.value.zone_name}" == "@.${each.value.zone_name}" ? each.value.zone_name : "${each.value.record_name}.${each.value.zone_name}" + type = each.value.record_type + value = each.value.record_value + ttl = 300 + priority = each.value.record_type == "MX" ? tonumber(each.value.extra_data) : 0 } \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index ecbae45..9848c28 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,6 +1,6 @@ output "zones" { - value = length(local.zones) + value = data.cloudflare_zone.zone } -output "zone_ids" { - value = { for name, zone in hetznerdns_zone.zone : name => zone.id } +output "records" { + value = cloudflare_record.myrecord } diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..e69de29 diff --git a/versions.tf b/versions.tf index f483e09..1e2107a 100644 --- a/versions.tf +++ b/versions.tf @@ -1,12 +1,9 @@ terraform { required_providers { - hetznerdns = { - source = "germanbrew/hetznerdns" - version = "3.3.3" + cloudflare = { + source = "cloudflare/cloudflare" + version = "~> 4" + } } -} - -provider "hetznerdns" { - api_token = local.api.auth.api_token } \ No newline at end of file diff --git a/zones.yaml b/zones.yaml old mode 100755 new mode 100644 index 68ca51b..1ae4f91 --- a/zones.yaml +++ b/zones.yaml @@ -1,198 +1,68 @@ -jan-ole.de: - a: - #---servers - #server0-------------- - server0: 185.239.239.162 - "*.server0": 185.239.239.162 - - #server1-------------- - server1: 147.189.171.39 - "*.server1": 147.189.171.39 - - #server2-------------- - server2: 134.255.232.17 - "*.server2": 134.255.232.17 - - #server3-------------- - server3: 45.141.36.103 - "*.server3": 45.141.36.103 - - #server4-USA---------- - usa.vpn: 181.214.240.124 - "*.usa.vpn": 181.214.240.124 - - #webspace0------------- - www: 185.223.31.112 - "@": 185.223.31.112 - "*.demo": 185.223.31.112 - demo: 185.223.31.112 - - cname: - sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com. - streaming: jan-ole.cloud. - "*.streaming": jan-ole.cloud. - lana: jan-ole.cloud. - mx: - "@/10": mx01.mail.icloud.com. - "@/20": mx02.mail.icloud.com. - txt: - "@": apple-domain=QREjDJD5KtZRhlq8 - "@/10": "v=spf1 redirect=icloud.com include:icloud.com ~all" - "@/20": google-site-verification=rzO53ch4FY1zxgms9_FJAyE0nnj9_uRmLaSKqXw38ww - "_discord": dh=ddb43cee298d9a23196b21847105f88aafae8350 - -jan-ole.download: - a: - "@": 185.239.237.65 - www: 185.239.237.65 - "*": 185.239.237.65 - -jan-ole.sh: - cname: - "www": janolehuebner.github.io. - a: - "@/10": 185.199.108.153 - "@/20": 185.199.109.153 - "@/30": 185.199.110.153 - "@/40": 185.199.111.153 - aaaa: - "@/10": 2606:50c0:8000::153 - "@/20": 2606:50c0:8001::153 - "@/30": 2606:50c0:8002::153 - "@/40": 2606:50c0:8003::153 - -jan-ole.dev: - a: - "@": 185.239.237.65 - www: 185.239.237.65 - "*": 185.239.237.65 - -ole.monster: - a: - "@": 185.239.237.65 - www: 185.239.237.65 - "*": 185.239.237.65 - -fairy-feet.de: - jan-ole.link: - mx: - "@/10": jan-ole.link. a: "@": 185.223.31.112 www: 185.223.31.112 - webmail: 185.223.31.112 - txt: - "@": google-site-verification=HKmGUIFhbnE41t_358P10qZKhEufHzMAzlCSrv1iQW4 + leslie: 185.239.239.162 + "*.leslie": 185.239.239.162 ole.click: a: - "@": 185.239.237.65 - www: 185.239.237.65 + "@": 185.223.31.112 + www: 185.223.31.112 + share: 185.223.31.112 + "*.share": 185.223.31.112 + leslie: 185.239.239.162 + "*.leslie": 185.239.239.162 + +krewella.rocks: + a: + "@": 185.223.31.112 + www: 185.223.31.112 + leslie: 185.239.239.162 + "*.leslie": 185.239.239.162 + +jan-ole.tech: + a: + "@": 192.168.84.1 + www: 192.168.84.1 + leslie: 185.239.239.162 + "*.leslie": 185.239.239.162 + +jan-ole.de: + a: + "@": 185.223.31.112 + www: 185.223.31.112 + "*.demo": 185.223.31.112 + demo: 185.223.31.112 + "influx": 134.255.232.17 + "*.influx": 134.255.232.17 + status: 185.223.31.112 + "*.status": 185.223.31.112 + leslie: 185.239.239.162 + "*.leslie": 185.239.239.162 + lina: 134.255.232.17 + "*.lina": 134.255.232.17 txt: - "_discord": dh=9f248b2dbca94cc3e47b672ad6a33415750fbc4e + "@": v=spf1 redirect=icloud.com + "@/10": apple-domain=FsvGrRPoGf8wHqLU + mx: + "@/10": mx01.mail.icloud.com + "@/20": mx02.mail.icloud.com + cname: + sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com + +ole.pink: + +fairy-feet.de: + a: + "*": 134.255.232.17 + "@": 134.255.232.17 jan-ole.cloud: a: - #zap-gameserver - palworld: 193.23.127.45 - "*.palworld": 193.23.127.45 - cname: - influx: jan-ole.cloud. - "*.influx": jan-ole.cloud. - books: jan-ole.cloud. - dav: jan-ole.cloud. - "*.photos": jan-ole.cloud. - photos: jan-ole.cloud. - ganymede: jan-ole.cloud. - "*.ganymede": jan-ole.cloud. - lana: jan-ole.cloud. - "*.lana": jan-ole.cloud. - tube: jan-ole.cloud. - "*.tube": jan-ole.cloud. - streaming: jan-ole.cloud. - "*.streaming": jan-ole.cloud. - git: jan-ole.cloud. - "*.git": janole.cloud. - -ole.pink: + "*": 138.201.67.182 + "@": 138.201.67.182 + www: 138.201.67.182 txt: - "_discord": dh=8be51e2beb64f555b5170ee2da95fa5eba315250 - -huebner.haus: - cname: - jan-ole: jan-ole.cloud. - "*.jan-ole": jan-ole.cloud. - heiko: kgh7xxzoeeajftib.myfritz.net. - "*.heiko": kgh7xxzoeeajftib.myfritz.net. - - -blondii.link: - a: - "@": 185.223.31.112 - www: 185.223.31.112 - txt: - "@": google-site-verification=nCc2Fw7XciUq9-1eWAUPU1LhPaWx1gMeIKBaDDfy3Ks - -blondii.live: - a: - "@": 185.223.31.112 - www: 185.223.31.112 - download: 185.223.31.112 - "*.download": 185.223.31.112 - txt: - "@": google-site-verification=o1EqL6Qo5RTrUz61EGh75YfhX0FkNCk848Hb5qDCes4 - -darkblondii.link: - a: - "@": 185.223.31.112 - www: 185.223.31.112 - txt: - "@": google-site-verification=OtXtrYhaTsngZOMzfAwtgqUgnALh2sUfB8UoS53z0yo - -darkblondii.live: - a: - "@": 185.223.31.112 - www: 185.223.31.112 - txt: - "@": google-site-verification=iwzEIcfA2YXNIPFEs7gjkPJbeS8uJeF9KZIwxDiJeks - -darkblondii.de: - mx: - "@/10": darkblondii.de. - a: - "@": 185.223.31.112 - www: 185.223.31.112 - webmail: 185.223.31.112 - txt: - "@/10": "google-site-verification=u9v4bvqD26WB5o8nO7zW9VMG5ZmjcNTSK_f6sAuNYSc" - "@": "v=spf1 a mx -all" - default._domainkey: "v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/e2vHLlv6CTwMoxHeyJxppb2d7z+voH7DeBOSQI/QM5qBT0yfLBJEg1/ayTrHIyzbXd0DOVfsk/Wv7i3fpPHnFfw9CYSIn8pQEL9+seUc/VP9FJ68+9akPkwUGinqE4nGkT7ByqDrUeZzErQMX1nqXxkwx0JpBZqFTxfNYi6IphbUSu4xatkFbGBFFOPiHxYyIZdp35uiHL8Ub+tpDJpQ7zLf5VVwlY9EeakzslV+UJhG/ANh6dkQwyXrdT0QQ0lC8RS1CF9qs060blqwk/QZvQG6WRON0aq6F/p+FZ4P7hFMoUiHVokdW1GIAXUpleTwXnXGZmJG4g2dM6HFv+fQIDAQAB;" - _domainkey: "o=-" - _dmarc: "v=DMARC1; p=quarantine; rua=mailto:huebner@jan-ole.de; ruf=mailto:huebner@jan-ole.de; fo=1" - -darkblondii.shop: - mx: - "@/10": darkblondii.shop. - a: - "@": 185.223.31.112 - www: 185.223.31.112 - webmail: 185.223.31.112 - -darkblondii.com: - mx: - "@/10": darkblondii.com. - a: - "@": 185.223.31.112 - www: 185.223.31.112 - - -huebner.pink: - cname: - sig1._domainkey: "sig1.dkim.huebner.pink.at.icloudmailadmin.com." - mx: - "@/10": "mx01.mail.icloud.com." - "@/20": "mx02.mail.icloud.com." - txt: - "@": "apple-domain=mOjnPLSTRwMrIocF" - "@/10": "v=spf1 include:icloud.com ~all" + "*": v=spf1 a mx include:ole.click -all + "www": v=spf1 a mx include:ole.click -all \ No newline at end of file