diff --git a/mgmt/do-jeremydormitzer-com/main.tf b/mgmt/do-jeremydormitzer-com/main.tf new file mode 100644 index 0000000..271a1da --- /dev/null +++ b/mgmt/do-jeremydormitzer-com/main.tf @@ -0,0 +1,96 @@ +provider "digitalocean" { + token = var.do_token + spaces_access_id = var.spaces_access_id + spaces_secret_key = var.spaces_secret_key +} + +# This domain is registered via Google Domains, so the nameservers +# there need to point to DO's nameservers +resource "digitalocean_domain" "jeremydormitzer_com" { + name = "jeremydormitzer.com" +} + +# TODO once these services are managed by Terraform, update the IP +# addresses to pull from Terraform state + +resource "digitalocean_record" "top_level_a" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "A" + name = "@" + value = "67.205.191.63" + ttl = 3600 +} + +resource "digitalocean_record" "www" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "A" + name = "www" + value = "67.205.191.63" + ttl = 3600 +} + +resource "digitalocean_record" "keybase_verification" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "TXT" + name = "@" + value = "\"keybase-site-verification=pF7Kp3dUfmTQHrf54uJht5O0aiTZjy1bRgpT4NGX8fk\"" + ttl = 3600 +} + +resource "digitalocean_record" "git_mailgun_cname" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "CNAME" + name = "mail.mg.git" + value = "mailgun.org." + ttl = 3600 +} + +resource "digitalocean_record" "git" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "A" + name = "git" + value = "159.203.78.16" + ttl = 3600 +} + +resource "digitalocean_record" "git_mxa" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "MX" + name = "mg.git" + value = "mxa.mailgun.org." + priority = 10 + ttl = 3600 +} + +resource "digitalocean_record" "git_mxb" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "MX" + name = "mg.git" + value = "mxb.mailgun.org." + priority = 10 + ttl = 3600 +} + +resource "digitalocean_record" "git_txt" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "TXT" + name = "mx._domainkey.mg.git" + value = "\"k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpGHgB9oj3UdxdGUp9389PihevWCs+YKdkXv+C9DRv7nXY+L1bGjgqooIXwW9Bte5QC9lFpCN81NzK95gDYkX9rgo+huaeSw2B4slGBBWIBet4Wk6OafcQ2LsT9/VFUYeFyKD8AF4hV44CC5ZSWYVC6TiYCrNhEscQo9OYBhKicwIDAQAB\"" + ttl = 3600 +} + +resource "digitalocean_record" "syncthing" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "A" + name = "syncthing" + value = "198.199.86.10" + ttl = 3600 +} + +resource "digitalocean_record" "wallabag" { + domain = digitalocean_domain.jeremydormitzer_com.name + type = "A" + name = "wallabag" + value = "67.205.191.63" + ttl = 3600 +} diff --git a/mgmt/do-jeremydormitzer-com/terraform.tf b/mgmt/do-jeremydormitzer-com/terraform.tf new file mode 100644 index 0000000..da96f10 --- /dev/null +++ b/mgmt/do-jeremydormitzer-com/terraform.tf @@ -0,0 +1,18 @@ +terraform { + required_providers { + digitalocean = { + source = "digitalocean/digitalocean" + version = "~> 2.3.0" + } + } + + backend "s3" { + skip_credentials_validation = true + skip_metadata_api_check = true + # Need to specify an AWS region to stop Terraform complaining + region = "us-east-1" + endpoint = "nyc3.digitaloceanspaces.com" + bucket = "jdormit-tf-state" + key = "mgmt/do-dns.tfstate" + } +} diff --git a/mgmt/do-jeremydormitzer-com/variables.tf b/mgmt/do-jeremydormitzer-com/variables.tf new file mode 100644 index 0000000..1b3748a --- /dev/null +++ b/mgmt/do-jeremydormitzer-com/variables.tf @@ -0,0 +1,11 @@ +variable "do_token" { + type = string +} + +variable "spaces_access_id" { + type = string +} + +variable "spaces_secret_key" { + type = string +}