-
Notifications
You must be signed in to change notification settings - Fork 0
/
devops.care.tf
117 lines (102 loc) · 3.16 KB
/
devops.care.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
module "devopcare" {
source = "git::https://github.com/cloudposse/terraform-null-label.git?ref=tags/0.16.0"
namespace = "devopcare"
environment = "devops.care"
}
resource "cloudflare_zone" "devops_care" {
zone = "devops.care"
plan = "free"
type = "full"
}
#### web site
resource "cloudflare_record" "devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "@"
value = aws_lightsail_static_ip.wordpress.ip_address
type = "A"
ttl = 86400
}
resource "cloudflare_record" "www_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "www"
value = "devops.care"
type = "CNAME"
ttl = 86400
}
#### ADDъ
resource "cloudflare_record" "add-hosting_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "add-hosting"
value = aws_lightsail_static_ip.wordpress.ip_address
type = "A"
proxied = true
}
# Eventually disable and switch to per-host proxied domains
resource "cloudflare_record" "wld-add-hosting_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "*.add-hosting"
value = aws_lightsail_static_ip.wordpress.ip_address
type = "A"
}
#### MX and related
resource "cloudflare_record" "mx1_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "@"
value = "mail.protonmail.ch"
type = "MX"
priority = 10
}
resource "cloudflare_record" "mx2_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "@"
value = "mailsec.protonmail.ch"
type = "MX"
priority = 20
}
resource "cloudflare_record" "pm_verify_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "@"
value = "protonmail-verification=d8a092ba0016b1c5c2b74ba276566ed5820780d7"
type = "TXT"
}
resource "cloudflare_record" "spf_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "@"
value = "v=spf1 include:amazonses.com include:_spf.protonmail.ch mx ~all"
type = "TXT"
}
resource "cloudflare_record" "dmarc_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "_dmarc"
value = "v=DMARC1; p=quarantine; rua=mailto:[email protected]"
type = "TXT"
}
resource "cloudflare_record" "dkim_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "protonmail._domainkey"
value = "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDxfKfxwWYAVvMhdmzJ1Icc8NfNEi+muj8OlCzBRc7GvCVwTcNjVkvKruCP91KEwf/NvnGovNGnpaCqqiPavpJmU2bOKZrFYZHgmZGEEI0yLLQzBar3fgXjM9of6f87OhuwcUm0zOd3QvbuVN7NPAknHMvK5ZVVpz+DbZ5pRv9EwIDAQAB"
type = "TXT"
}
#### misc
resource "cloudflare_record" "github_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "_github-challenge-devopscare"
value = "49419b1831"
type = "TXT"
}
#### new hosting
resource "cloudflare_record" "new_devops_care" {
zone_id = cloudflare_zone.devops_care.id
name = "new"
value = aws_lightsail_static_ip.wordpress.ip_address
type = "A"
ttl = 1
proxied = true
}
#### ses verification
resource "cloudflare_record" "devops_care_ses_verification" {
zone_id = cloudflare_zone.devops_care.id
name = "_amazonses.devops.care"
value = aws_ses_domain_identity.main.verification_token
type = "TXT"
}