nemoinho/base-infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Configure dns-zones via variables, instead of as static values

Browse Source 
This change makes it a bit easier for me to manage specific domains.
Note, that in the long-run these settings should _not_ belong to this
repository. Instead I'm going to maintain these in projects where the
domain is more meaningful.
This commit is contained in:
Felix Nehrke
2025-10-17 00:45:51 +02:00
parent 4f9ea90f8e
commit 6ca0a07522
2 changed files with 34 additions and 95 deletions
Download Patch File Download Diff File Expand all files Collapse all files

99
main.tf
View File

@@ -70,91 +70,20 @@ resource "local_file" "ansible_inventory" {
locals {
dns_zones = {
# costs-table (incl. taxes):
# domain | amount | hetzner (einzel) | tecspace (einzel)
# --------+--------+------------------+-------------------
# de | 3 | 35.70€ (11.90€) | 15.85€ (5.95€)
# info | 1 | 30.94€ (30.94€) | 21.95€ (21.95€)
# net | 2 | 33.32€ (16.66€) | 35.90€ (17.95€)
# org | 1 | 17.85€ (17.85€) | 21.95€ (21.95€)
# --------+--------+------------------+-------------------
# sum | 7 | 117.21€ | 97.65€
#
# Note, that Hetzner usually shows prices w/o taxes!
#
# Reference: https://www.hetzner.com/de/whois/
# Reference: https://www.tecspace.de/domain-preisliste
"goperte.de" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
]
},
"nehrke.info" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "@", ttl = 86400, type = "MX", value = "1 smtp.google.com." },
{ name = "@", ttl = 86400, type = "TXT", value = "v=spf1 include:_spf.google.com a mx ~all" },
{ name = "_dmarc", ttl = 86400, type = "TXT", value = "v=DMARC1; p=none;" },
{ name = "google._domainkey", ttl = 86400, type = "TXT", value = var.nehrke_info_dkim },
]
},
"sozpaedil.net" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "@", ttl = 86400, type = "MX", value = "1 smtp.google.com." },
{ name = "@", ttl = 86400, type = "TXT", value = "v=spf1 include:_spf.google.com a mx ~all" },
{ name = "_dmarc", ttl = 86400, type = "TXT", value = "v=DMARC1; p=none;" },
{ name = "google._domainkey", ttl = 86400, type = "TXT", value = var.sozpaedil_net_dkim },
]
},
"tovot.de" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
]
},
"tovot.net" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
]
},
"tovot.org" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
]
},
"xn--alleingnger-r8a.de" = {
zone_ttl = 900
records = [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
]
},
for key, values in var.dns_zones : key => {
zone_ttl = values.zone_ttl
records = toset(concat(
values.default_A ? [
{ name = "@", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
{ name = "*", type = "A", value = hcloud_primary_ip.k8s_ipv4[0].ip_address },
] : [],
values.default_AAAA ? [
{ name = "@", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
{ name = "*", type = "AAAA", value = "${hcloud_primary_ip.k8s_ipv6[0].ip_address}1" },
] : [],
tolist(values.custom_records)
))
}
}
}

30
variables.tf
View File

@@ -11,16 +11,6 @@ variable "hetzner_cloud_apitoken" {
type = string
}
variable "nehrke_info_dkim" {
type = string
sensitive = true
}
variable "sozpaedil_net_dkim" {
type = string
sensitive = true
}
variable "ssh_keys" {
type = map(string)
}
@@ -72,3 +62,23 @@ variable "k8s_agent_type" {
type = string
default = "cax11"
}
variable "dns_zones" {
type = map(object({
zone_ttl = optional(number, 900)
default_A = optional(bool, true)
default_AAAA = optional(bool, true)
custom_records = optional(set(object({
name = string
value = string
type = string
ttl = optional(number, null)
})), [])
}))
description = <<EOF
A map of dns-zones to be configured in the hetzner-dns system.
The fields default_A and default_AAAA control if the records gets a default A and AAAA record.
This default-record will point to the kubernetes-cluster.
If this is not desired, simply set these to false and apply a custom-record.
EOF
}