feat: update zones

add ciri.*

.gitignore

@@ -5,3 +5,7 @@ venv/
 .terraform.lock.hcl
 .terraform
 auth.yaml
+tfplan
+plan.log
+.DS_Store
+.DS_Store

auth_sample.yaml

@@ -1,3 +1,2 @@
 auth:
-  api_token: !add
+  api_token: !add
-  email: !add

main.tf

@@ -1,10 +1,25 @@
-provider "cloudflare" {
+
-  api_token = local.cloudflare_api.auth.api_token
-}
 
 locals {
-  cloudflare_api = yamldecode(file("${path.module}/auth.yaml"))
+  api   = yamldecode(file("${path.module}/auth.yaml"))
-  zones          = yamldecode(file("${path.module}/zones.yaml"))
+  zones = yamldecode(file("${path.module}/zones.yaml"))
+  nameservers = data.hetznerdns_nameservers.primary.ns
+
+
+
+
+
+  ns_data = flatten([
+    for zone_name, records in local.zones : [
+      for ns_entry in local.nameservers : {
+        zone_name    = zone_name
+        record_type  = "NS"
+        record_value = ns_entry.name
+        record_name  = "@"
+        extra_data   = ""
+      }
+    ]
+  ])
 
   zone_data = flatten([
     for zone_name, records in local.zones : [
@@ -23,18 +38,38 @@ locals {
   ])
 }
 
-data "cloudflare_zone" "zone" {
+data "hetznerdns_nameservers" "primary" {
-  for_each = local.zones
+  type = "authoritative"
-  name = each.key
 }
-resource "cloudflare_record" "myrecord" {
+
+resource "hetznerdns_zone" "zone" {
+  for_each  = local.zones
+  name      = each.key
+  ttl       = 300
+}
+
+resource "hetznerdns_record" "myrecord" {
 for_each = {
   for record in local.zone_data : "${record.record_type}${record.extra_data}-${record.record_name}.${record.zone_name}" => record }
 
-  zone_id = data.cloudflare_zone.zone[each.value.zone_name].id
+  zone_id = hetznerdns_zone.zone[each.value.zone_name].id
-  name      = "${each.value.record_name}.${each.value.zone_name}" == "@.${each.value.zone_name}" ? each.value.zone_name : "${each.value.record_name}.${each.value.zone_name}"
+  name    = "${each.value.record_name}"
-  type      = each.value.record_type
+  type    = each.value.record_type
-  value     = each.value.record_value
+  value   = each.value.record_type == "MX" ? "${each.value.extra_data} ${each.value.record_value}" : each.value.record_value
-  ttl       = 300
+  ttl     = 300
-  priority  = each.value.record_type == "MX" ? tonumber(each.value.extra_data) : 0
+
+}
+
+
+resource "hetznerdns_record" "ns" {
+  for_each = {
+    for record in local.ns_data :
+      "${record.record_type}-${record.record_name}-${record.zone_name}-${record.record_value}" => record
+  }
+
+  zone_id = hetznerdns_zone.zone[each.value.zone_name].id
+  name    = each.value.record_name
+  type    = each.value.record_type
+  value   = each.value.record_value
+  ttl     = 300
 }

outputs.tf

@@ -1,6 +1,6 @@
 output "zones" {
-  value = data.cloudflare_zone.zone
+  value = length(local.zones)
 }
-output "records" {
+output "zone_ids" {
-  value = cloudflare_record.myrecord
+  value = { for name, zone in hetznerdns_zone.zone : name => zone.id }
 }

versions.tf

@@ -1,9 +1,12 @@
 terraform {
   required_providers {
-    cloudflare = {
+    hetznerdns = {
-      source  = "cloudflare/cloudflare"
+      source = "germanbrew/hetznerdns"
-      version = "~> 4"
+      version = "3.3.3"
-
     }
   }
+}
+
+provider "hetznerdns" {
+  api_token = local.api.auth.api_token
 }

zones.yaml

@@ -1,68 +1,198 @@
+jan-ole.de:
+  a:
+    #---servers
+    #server0--------------
+    server0: 185.239.239.162
+    "*.server0": 185.239.239.162
+
+    #server1--------------
+    server1: 147.189.171.39
+    "*.server1": 147.189.171.39
+
+    #server2--------------
+    server2: 134.255.232.17
+    "*.server2": 134.255.232.17
+
+    #server3--------------
+    server3: 45.141.36.103
+    "*.server3": 45.141.36.103
+
+    #server4-USA----------
+    usa.vpn: 181.214.240.124
+    "*.usa.vpn": 181.214.240.124
+
+    #webspace0-------------
+    www: 185.223.31.112
+    "@": 185.223.31.112
+    "*.demo": 185.223.31.112
+    demo: 185.223.31.112
+
+  cname:
+    sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com.
+    streaming: jan-ole.cloud.
+    "*.streaming": jan-ole.cloud.
+    lana: jan-ole.cloud.
+  mx:
+    "@/10": mx01.mail.icloud.com.
+    "@/20": mx02.mail.icloud.com.
+  txt:
+    "@": apple-domain=QREjDJD5KtZRhlq8
+    "@/10": "v=spf1 redirect=icloud.com include:icloud.com ~all"
+    "@/20": google-site-verification=rzO53ch4FY1zxgms9_FJAyE0nnj9_uRmLaSKqXw38ww
+    "_discord": dh=ddb43cee298d9a23196b21847105f88aafae8350
+
+jan-ole.download:
+  a:
+    "@": 185.239.237.65
+    www: 185.239.237.65
+    "*": 185.239.237.65
+
+jan-ole.sh:
+  cname:
+    "www": janolehuebner.github.io.
+  a:
+    "@/10": 185.199.108.153
+    "@/20": 185.199.109.153
+    "@/30": 185.199.110.153
+    "@/40": 185.199.111.153
+  aaaa:
+    "@/10": 2606:50c0:8000::153
+    "@/20": 2606:50c0:8001::153
+    "@/30": 2606:50c0:8002::153
+    "@/40": 2606:50c0:8003::153
+
+jan-ole.dev:
+  a:
+    "@": 185.239.237.65
+    www: 185.239.237.65
+    "*": 185.239.237.65
+
+ole.monster:
+  a:
+    "@": 185.239.237.65
+    www: 185.239.237.65
+    "*": 185.239.237.65
+
+fairy-feet.de:
+
 jan-ole.link:
+  mx:
+    "@/10": jan-ole.link.
   a:
     "@": 185.223.31.112
     www: 185.223.31.112
-    leslie: 185.239.239.162
+    webmail: 185.223.31.112
-    "*.leslie": 185.239.239.162
+  txt:
+    "@": google-site-verification=HKmGUIFhbnE41t_358P10qZKhEufHzMAzlCSrv1iQW4
 
 ole.click:
   a:
-    "@": 185.223.31.112
+    "@": 185.239.237.65
-    www: 185.223.31.112
+    www: 185.239.237.65
-    share: 185.223.31.112
-    "*.share": 185.223.31.112
-    leslie: 185.239.239.162
-    "*.leslie": 185.239.239.162
-
-krewella.rocks:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-    leslie: 185.239.239.162
-    "*.leslie": 185.239.239.162
-
-jan-ole.tech:
-  a:
-    "@": 192.168.84.1
-    www: 192.168.84.1
-    leslie: 185.239.239.162
-    "*.leslie": 185.239.239.162
-
-jan-ole.de:
-  a:
-    "@": 185.223.31.112
-    www: 185.223.31.112
-    "*.demo": 185.223.31.112
-    demo: 185.223.31.112
-    "influx": 134.255.232.17
-    "*.influx": 134.255.232.17
-    status: 185.223.31.112
-    "*.status": 185.223.31.112
-    leslie: 185.239.239.162
-    "*.leslie": 185.239.239.162
-    lina: 134.255.232.17
-    "*.lina": 134.255.232.17
   txt:
-    "@": v=spf1 redirect=icloud.com
+    "_discord": dh=9f248b2dbca94cc3e47b672ad6a33415750fbc4e
-    "@/10": apple-domain=FsvGrRPoGf8wHqLU
-  mx:
-    "@/10": mx01.mail.icloud.com
-    "@/20": mx02.mail.icloud.com
-  cname:
-    sig1._domainkey: sig1.dkim.jan-ole.de.at.icloudmailadmin.com
-
-ole.pink:
-
-fairy-feet.de:
-  a:
-    "*": 134.255.232.17
-    "@": 134.255.232.17
 
 jan-ole.cloud:
   a:
-    "*": 138.201.67.182
+    #zap-gameserver
-    "@": 138.201.67.182
+    palworld: 193.23.127.45
-    www: 138.201.67.182
+    "*.palworld": 193.23.127.45
+  cname:
+    influx: jan-ole.cloud.
+    "*.influx": jan-ole.cloud.
+    books: jan-ole.cloud.
+    dav: jan-ole.cloud.
+    "*.photos": jan-ole.cloud.
+    photos: jan-ole.cloud.
+    ganymede: jan-ole.cloud.
+    "*.ganymede": jan-ole.cloud.
+    lana: jan-ole.cloud.
+    "*.lana": jan-ole.cloud.
+    tube: jan-ole.cloud.
+    "*.tube": jan-ole.cloud.
+    streaming: jan-ole.cloud.
+    "*.streaming": jan-ole.cloud.
+    git: jan-ole.cloud.
+    "*.git": janole.cloud.
+
+ole.pink:
   txt:
-    "*": v=spf1 a mx include:ole.click -all
+    "_discord": dh=8be51e2beb64f555b5170ee2da95fa5eba315250
-    "www": v=spf1 a mx include:ole.click -all
+
+huebner.haus:
+  cname:
+    jan-ole: jan-ole.cloud.
+    "*.jan-ole": jan-ole.cloud.
+    heiko: kgh7xxzoeeajftib.myfritz.net.
+    "*.heiko": kgh7xxzoeeajftib.myfritz.net.
+
+
+blondii.link:
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+  txt:
+    "@": google-site-verification=nCc2Fw7XciUq9-1eWAUPU1LhPaWx1gMeIKBaDDfy3Ks
+
+blondii.live:
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+    download: 185.223.31.112
+    "*.download": 185.223.31.112
+  txt:
+    "@": google-site-verification=o1EqL6Qo5RTrUz61EGh75YfhX0FkNCk848Hb5qDCes4
+
+darkblondii.link:
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+  txt:
+    "@": google-site-verification=OtXtrYhaTsngZOMzfAwtgqUgnALh2sUfB8UoS53z0yo
+
+darkblondii.live:
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+  txt:
+    "@": google-site-verification=iwzEIcfA2YXNIPFEs7gjkPJbeS8uJeF9KZIwxDiJeks
+
+darkblondii.de:
+  mx:
+    "@/10": darkblondii.de.
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+    webmail: 185.223.31.112
+  txt:
+    "@/10": "google-site-verification=u9v4bvqD26WB5o8nO7zW9VMG5ZmjcNTSK_f6sAuNYSc"
+    "@": "v=spf1 a mx -all"
+    default._domainkey: "v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/e2vHLlv6CTwMoxHeyJxppb2d7z+voH7DeBOSQI/QM5qBT0yfLBJEg1/ayTrHIyzbXd0DOVfsk/Wv7i3fpPHnFfw9CYSIn8pQEL9+seUc/VP9FJ68+9akPkwUGinqE4nGkT7ByqDrUeZzErQMX1nqXxkwx0JpBZqFTxfNYi6IphbUSu4xatkFbGBFFOPiHxYyIZdp35uiHL8Ub+tpDJpQ7zLf5VVwlY9EeakzslV+UJhG/ANh6dkQwyXrdT0QQ0lC8RS1CF9qs060blqwk/QZvQG6WRON0aq6F/p+FZ4P7hFMoUiHVokdW1GIAXUpleTwXnXGZmJG4g2dM6HFv+fQIDAQAB;"
+    _domainkey: "o=-"
+    _dmarc: "v=DMARC1; p=quarantine; rua=mailto:huebner@jan-ole.de; ruf=mailto:huebner@jan-ole.de; fo=1"
+
+darkblondii.shop:
+  mx:
+    "@/10": darkblondii.shop.
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+    webmail: 185.223.31.112
+
+darkblondii.com:
+  mx:
+    "@/10": darkblondii.com.
+  a:
+    "@": 185.223.31.112
+    www: 185.223.31.112
+
+
+huebner.pink:
+  cname:
+    sig1._domainkey: "sig1.dkim.huebner.pink.at.icloudmailadmin.com."
+  mx:
+    "@/10": "mx01.mail.icloud.com."
+    "@/20": "mx02.mail.icloud.com."
+  txt:
+    "@": "apple-domain=mOjnPLSTRwMrIocF"
+    "@/10": "v=spf1 include:icloud.com ~all"