feat: update zones

feat(ddns): remove myfritz from zones
fix(server2): wrong ip
2025-05-24 00:26:47 +02:00 · 2025-05-13 11:36:16 +02:00 · 2025-04-03 20:54:48 +02:00 · 2025-04-03 20:11:51 +02:00 · 2025-04-03 20:11:08 +02:00 · 2025-03-13 17:36:54 +01:00
6 changed files with 95 additions and 120 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,3 +5,7 @@ venv/
 .terraform.lock.hcl
 .terraform
 auth.yaml
+tfplan
+plan.log
+.DS_Store
+.DS_Store
--- a/apply.sh
+++ b/apply.sh
@ -1,3 +0,0 @@
-#!/usr/bin/env zsh
-tofu apply -target hetznerdns_zone.zone
-tofu apply
--- a/auth_sample.yaml
+++ b/auth_sample.yaml
@ -1,3 +1,2 @@
 auth:
-  api_token: !add
-  email: !add
+  api_token: !add
--- a/main.tf
+++ b/main.tf
@ -1,7 +1,25 @@

+
 locals {
  api   = yamldecode(file("${path.module}/auth.yaml"))
  zones = yamldecode(file("${path.module}/zones.yaml"))
+  nameservers = data.hetznerdns_nameservers.primary.ns
+
+
+
+
+
+  ns_data = flatten([
+    for zone_name, records in local.zones : [
+      for ns_entry in local.nameservers : {
+        zone_name    = zone_name
+        record_type  = "NS"
+        record_value = ns_entry.name
+        record_name  = "@"
+        extra_data   = ""
+      }
+    ]
+  ])

  zone_data = flatten([
    for zone_name, records in local.zones : [
@ -20,6 +38,10 @@ locals {
  ])
 }

+data "hetznerdns_nameservers" "primary" {
+  type = "authoritative"
+}
+
 resource "hetznerdns_zone" "zone" {
  for_each  = local.zones
  name      = each.key
@ -38,23 +60,16 @@ for_each = {

 }

+
 resource "hetznerdns_record" "ns" {
  for_each = {
-    for entry in flatten([
-      for zone in hetznerdns_zone.zone : [
-        for ns_entry in zone.ns : {
-          zone_id  = zone.id
-          ns_entry = ns_entry
-          key      = "${zone.id}-${ns_entry}"
-        }
-      ]
-    ]) : entry.key => entry
+    for record in local.ns_data :
+      "${record.record_type}-${record.record_name}-${record.zone_name}-${record.record_value}" => record
  }

-  zone_id = each.value.zone_id
-  name    = "@"
-  type    = "NS"
-  value   = each.value.ns_entry
+  zone_id = hetznerdns_zone.zone[each.value.zone_name].id
+  name    = each.value.record_name
+  type    = each.value.record_type
+  value   = each.value.record_value
  ttl     = 300
-
 }
--- a/outputs.tf
+++ b/outputs.tf
@ -1,3 +1,6 @@
 output "zones" {
  value = length(local.zones)
-}
+}
+output "zone_ids" {
+  value = { for name, zone in hetznerdns_zone.zone : name => zone.id }
+}
--- a/zones.yaml
+++ b/zones.yaml
@ -4,8 +4,6 @@ jan-ole.de:
    #server0--------------
    server0: 185.239.239.162
    "*.server0": 185.239.239.162
-    pve: 185.239.239.162
-    "*.pve": 185.239.239.162

    #server1--------------
    server1: 147.189.171.39
@ -24,30 +22,21 @@ jan-ole.de:
    "*.usa.vpn": 181.214.240.124

    #webspace0-------------
-    "@": 185.223.31.112
    www: 185.223.31.112
+    "@": 185.223.31.112
    "*.demo": 185.223.31.112
    demo: 185.223.31.112
-    "*.nuxt": 185.223.31.112
-    nuxt: 185.223.31.112
-
-    #zap-gameserver
-    palworld: 193.23.127.45
-    "*.palworld": 193.23.127.45

  cname:
-    influx: lana.amq25ga7psako0gd.myfritz.net.
-    "*.influx": lana.amq25ga7psako0gd.myfritz.net.
-    books: lana.amq25ga7psako0gd.myfritz.net.
-    sig1_domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com
-    streaming: lana.amq25ga7psako0gd.myfritz.net.
-    "*.streaming": lana.amq25ga7psako0gd.myfritz.net.
-    lana: lana.amq25ga7psako0gd.myfritz.net.
+    sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com.
+    streaming: jan-ole.cloud.
+    "*.streaming": jan-ole.cloud.
+    lana: jan-ole.cloud.
  mx:
    "@/10": mx01.mail.icloud.com.
    "@/20": mx02.mail.icloud.com.
  txt:
-    "@": apple-domain=OQLm26hZZUfPPxoQ
+    "@": apple-domain=QREjDJD5KtZRhlq8
    "@/10": "v=spf1 redirect=icloud.com include:icloud.com ~all"
    "@/20": google-site-verification=rzO53ch4FY1zxgms9_FJAyE0nnj9_uRmLaSKqXw38ww
    "_discord": dh=ddb43cee298d9a23196b21847105f88aafae8350
@ -58,12 +47,41 @@ jan-ole.download:
    www: 185.239.237.65
    "*": 185.239.237.65

+jan-ole.sh:
+  cname:
+    "www": janolehuebner.github.io.
+  a:
+    "@/10": 185.199.108.153
+    "@/20": 185.199.109.153
+    "@/30": 185.199.110.153
+    "@/40": 185.199.111.153
+  aaaa:
+    "@/10": 2606:50c0:8000::153
+    "@/20": 2606:50c0:8001::153
+    "@/30": 2606:50c0:8002::153
+    "@/40": 2606:50c0:8003::153
+
+jan-ole.dev:
+  a:
+    "@": 185.239.237.65
+    www: 185.239.237.65
+    "*": 185.239.237.65
+
+ole.monster:
+  a:
+    "@": 185.239.237.65
+    www: 185.239.237.65
+    "*": 185.239.237.65
+
 fairy-feet.de:

 jan-ole.link:
+  mx:
+    "@/10": jan-ole.link.
  a:
    "@": 185.223.31.112
    www: 185.223.31.112
+    webmail: 185.223.31.112
  txt:
    "@": google-site-verification=HKmGUIFhbnE41t_358P10qZKhEufHzMAzlCSrv1iQW4

@ -76,24 +94,26 @@ ole.click:

 jan-ole.cloud:
  a:
-    "*": 185.249.197.56
-    "@": 185.249.197.56
-    pve: 185.239.239.162
-    pfsense: 185.249.197.56
-    vm0: 193.34.69.94
+    #zap-gameserver
+    palworld: 193.23.127.45
+    "*.palworld": 193.23.127.45
  cname:
-    "*.photos": lana.amq25ga7psako0gd.myfritz.net.
-    photos: lana.amq25ga7psako0gd.myfritz.net.
-    "*.next": lana.amq25ga7psako0gd.myfritz.net.
-    next: lana.amq25ga7psako0gd.myfritz.net.
-    ganymede: lana.amq25ga7psako0gd.myfritz.net.
-    "*.ganymede": lana.amq25ga7psako0gd.myfritz.net.
-    hannah: lana.amq25ga7psako0gd.myfritz.net.
-    "*.hannah": lana.amq25ga7psako0gd.myfritz.net.
-    lana: lana.amq25ga7psako0gd.myfritz.net.
-    "*.lana": lana.amq25ga7psako0gd.myfritz.net.
-    tube: lana.amq25ga7psako0gd.myfritz.net.
-    "*.tube": lana.amq25ga7psako0gd.myfritz.net.
+    influx: jan-ole.cloud.
+    "*.influx": jan-ole.cloud.
+    books: jan-ole.cloud.
+    dav: jan-ole.cloud.
+    "*.photos": jan-ole.cloud.
+    photos: jan-ole.cloud.
+    ganymede: jan-ole.cloud.
+    "*.ganymede": jan-ole.cloud.
+    lana: jan-ole.cloud.
+    "*.lana": jan-ole.cloud.
+    tube: jan-ole.cloud.
+    "*.tube": jan-ole.cloud.
+    streaming: jan-ole.cloud.
+    "*.streaming": jan-ole.cloud.
+    git: jan-ole.cloud.
+    "*.git": janole.cloud.

 ole.pink:
  txt:
@ -101,27 +121,11 @@ ole.pink:

 huebner.haus:
  cname:
-    jan-ole: lana.amq25ga7psako0gd.myfritz.net.
-    "*.jan-ole": lana.amq25ga7psako0gd.myfritz.net.
+    jan-ole: jan-ole.cloud.
+    "*.jan-ole": jan-ole.cloud.
    heiko: kgh7xxzoeeajftib.myfritz.net.
    "*.heiko": kgh7xxzoeeajftib.myfritz.net.

-huebner.homes:
-
-littleblondii.link:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-  txt:
-    "@": google-site-verification=t7GFUeWz5_o8uNCiVC2neG9fykDyBNJpvrKOsm_rgJg
-
-littleblondii.live:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-
-  txt:
-    "@": google-site-verification=o1EqL6Qo5RTrUz61EGh75YfhX0FkNCk848Hb5qDCes4

 blondii.link:
  a:
@ -139,35 +143,6 @@ blondii.live:
  txt:
    "@": google-site-verification=o1EqL6Qo5RTrUz61EGh75YfhX0FkNCk848Hb5qDCes4

-littleblondii.de:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-  txt:
-    "@": google-site-verification=QDQCs2MeR73I0xPktUMmsqa9PuPkytpXYdCQEI-ekaM
-
-cirii.link:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-    download: 185.223.31.112
-  txt:
-    "@": google-site-verification=mz-r1UCGgDSf_SrblpLFRBmCUyzFuvbd_ROTsQF_8oA
-
-cirii.live:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-  txt:
-    "@": google-site-verification=znOYwzJskM1sIZhpSikU7e1-QFCVWXlcPl3VVk5o68o
-
-cirii.de:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-  txt:
-    "@": google-site-verification=RVjsHk1eDqRo0PCffqxguk3YRfFZtUdsUUgfEs_lzvo
-
 darkblondii.link:
  a:
    "@": 185.223.31.112
@ -190,27 +165,11 @@ darkblondii.de:
    www: 185.223.31.112
    webmail: 185.223.31.112
  txt:
+    "@/10": "google-site-verification=u9v4bvqD26WB5o8nO7zW9VMG5ZmjcNTSK_f6sAuNYSc"
    "@": "v=spf1 a mx -all"
    default._domainkey: "v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/e2vHLlv6CTwMoxHeyJxppb2d7z+voH7DeBOSQI/QM5qBT0yfLBJEg1/ayTrHIyzbXd0DOVfsk/Wv7i3fpPHnFfw9CYSIn8pQEL9+seUc/VP9FJ68+9akPkwUGinqE4nGkT7ByqDrUeZzErQMX1nqXxkwx0JpBZqFTxfNYi6IphbUSu4xatkFbGBFFOPiHxYyIZdp35uiHL8Ub+tpDJpQ7zLf5VVwlY9EeakzslV+UJhG/ANh6dkQwyXrdT0QQ0lC8RS1CF9qs060blqwk/QZvQG6WRON0aq6F/p+FZ4P7hFMoUiHVokdW1GIAXUpleTwXnXGZmJG4g2dM6HFv+fQIDAQAB;"
    _domainkey: "o=-"
    _dmarc: "v=DMARC1; p=quarantine; rua=mailto:huebner@jan-ole.de; ruf=mailto:huebner@jan-ole.de; fo=1"
-  srv:
-    "_smtps._tcp": "0 0 465 darkblondii.de."
-    "_imaps._tcp": "0 0 993 darkblondii.de."
-    "_pop3s._tcp": "0 0 995 darkblondii.de."
-    "_autodiscover._tcp": "0 0 443 darkblondii.de."
-    "_autoconfig._tcp": "0 0 80 darkblondii.de."
-
-rosadirk.live:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-    webmail: 185.223.31.112
-rosadirk.de:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-    webmail: 185.223.31.112

 darkblondii.shop:
  mx:
@ -226,9 +185,7 @@ darkblondii.com:
  a:
    "@": 185.223.31.112
    www: 185.223.31.112
-    webmail: 185.223.31.112

-huebner.software:

 huebner.pink:
  cname:
Author	SHA1	Message	Date
Jan-Ole Hübner	8cf1b3fe33	feat: update zones	2025-05-24 00:26:47 +02:00
Jan-Ole Hübner	d66c0cbc69	feat(ddns): remove myfritz from zones	2025-05-13 11:36:16 +02:00
Jan-Ole Hübner	5856a2beca	fix(server2): wrong ip	2025-04-03 20:54:48 +02:00
Jan-Ole Hübner	134a0682b8	feat: update zones	2025-04-03 20:11:51 +02:00
Jan-Ole Hübner	097672f827	feat: add output for zone ids	2025-04-03 20:11:08 +02:00
Jan-Ole Hübner	a9d32d6c5e	feat: update zones	2025-03-13 17:36:54 +01:00
Jan-Ole Hübner	d0bae0c629	chore: update auth sample for new provider	2025-02-05 22:02:54 +01:00
Jan-Ole Hübner	3f960fe68f	feat: fixed zone creation	2025-02-05 21:58:39 +01:00
Jan-Ole Hübner	3fe945f4d2	chore: update gitignore and handle no changes in apply script	2025-02-05 20:44:57 +01:00
Jan-Ole Hübner	5f6a9b801a	feat: add apply script that handles new zones	2025-02-05 20:30:35 +01:00