archlinux.tf 42.3 KB
Newer Older
1
terraform {
2
  backend "pg" {
3
    schema_name = "terraform_remote_state_stage1"
4
  }
5
6
}

7
8
9
10
11
12
13
data "external" "vault_hetzner" {
  program = [
    "${path.module}/../misc/get_key.py", "misc/vault_hetzner.yml",
    "hetzner_cloud_api_key",
    "hetzner_dns_api_key",
    "--format", "json"
  ]
14
}
15

16
17
data "hcloud_image" "archlinux" {
  with_selector = "custom_image=archlinux"
18
19
  most_recent   = true
  with_status   = ["available"]
20
21
22
}

provider "hcloud" {
23
24
25
26
27
28
29
30
31
  token = data.external.vault_hetzner.result.hetzner_cloud_api_key
}

provider "hetznerdns" {
  apitoken = data.external.vault_hetzner.result.hetzner_dns_api_key
}

resource "hetznerdns_zone" "archlinux" {
  name = "archlinux.org"
32
  ttl  = 86400
33
34
35
36
}

resource "hetznerdns_zone" "pkgbuild" {
  name = "pkgbuild.com"
37
  ttl  = 86400
38
39
40
41
}

resource "hetznerdns_record" "pkgbuild_com_origin_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
42
43
44
  name    = "@"
  value   = "78.46.178.133"
  type    = "A"
45
46
47
48
}

resource "hetznerdns_record" "pkgbuild_com_origin_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
49
50
51
  name    = "@"
  value   = "2a01:4f8:c2c:51e2::1"
  type    = "AAAA"
52
53
54
55
}

resource "hetznerdns_record" "pkgbuild_com_origin_caa" {
  zone_id = hetznerdns_zone.pkgbuild.id
56
57
58
  name    = "@"
  value   = "0 issue \"letsencrypt.org\""
  type    = "CAA"
59
60
61
62
}

resource "hetznerdns_record" "pkgbuild_com_origin_mx" {
  zone_id = hetznerdns_zone.pkgbuild.id
63
64
65
  name    = "@"
  value   = "0 ."
  type    = "MX"
66
67
68
69
}

resource "hetznerdns_record" "pkgbuild_com_origin_ns3" {
  zone_id = hetznerdns_zone.pkgbuild.id
70
71
72
  name    = "@"
  value   = "robotns3.second-ns.com."
  type    = "NS"
73
74
75
76
}

resource "hetznerdns_record" "pkgbuild_com_origin_ns2" {
  zone_id = hetznerdns_zone.pkgbuild.id
77
78
79
  name    = "@"
  value   = "robotns2.second-ns.de."
  type    = "NS"
80
81
82
83
}

resource "hetznerdns_record" "pkgbuild_com_origin_ns1" {
  zone_id = hetznerdns_zone.pkgbuild.id
84
85
86
  name    = "@"
  value   = "ns1.first-ns.de."
  type    = "NS"
87
88
}

89
90
91
92
93
94
95
96
97
# TODO: Commented currently as we have no idea how to handle SOA stuff with Terraform:
# https://github.com/timohirt/terraform-provider-hetznerdns/issues/20
# https://gitlab.archlinux.org/archlinux/infrastructure/-/merge_requests/62#note_4040
# resource "hetznerdns_record" "pkgbuild_com_origin_soa" {
#   zone_id = hetznerdns_zone.pkgbuild.id
#   name = "@"
#   value = "ns1.first-ns.de. dns.hetzner.com. 2020090604 14400 1800 604800 86400"
#   type = "SOA"
# }
98
99
100

resource "hetznerdns_record" "pkgbuild_com_origin_txt" {
  zone_id = hetznerdns_zone.pkgbuild.id
101
102
103
  name    = "@"
  value   = "\"v=spf1 -all\""
  type    = "TXT"
104
105
106
107
}

resource "hetznerdns_record" "pkgbuild_com_wildcard_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
108
109
110
  name    = "*"
  value   = "78.46.178.133"
  type    = "A"
111
112
113
114
}

resource "hetznerdns_record" "pkgbuild_com_wildcard_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
115
116
117
  name    = "*"
  value   = "2a01:4f8:c2c:51e2::1"
  type    = "AAAA"
118
119
120
121
}

resource "hetznerdns_record" "pkgbuild_com_mirror_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
122
123
124
  name    = "mirror"
  value   = "78.46.209.220"
  type    = "A"
125
126
127
128
}

resource "hetznerdns_record" "pkgbuild_com_mirror_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
129
130
131
  name    = "mirror"
  value   = "2a01:4f8:c2c:c62f::1"
  type    = "AAAA"
132
133
}

Jelle van der Waa's avatar
Jelle van der Waa committed
134
135
136
137
138
139
140
resource "hetznerdns_record" "pkgbuild_com_america_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "america.mirror"
  value   = "143.244.34.62"
  type    = "A"
}

141
142
143
144
145
146
147
resource "hetznerdns_record" "pkgbuild_com_america_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "america.mirror"
  value   = "2a02:6ea0:cc0e::2"
  type    = "AAAA"
}

148
149
150
151
152
153
154
155
156
157
158
159
160
161
resource "hetznerdns_record" "pkgbuild_com_america_archive_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "america.archive"
  value   = "143.244.34.62"
  type    = "A"
}

resource "hetznerdns_record" "pkgbuild_com_america_archive_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "america.archive"
  value   = "2a02:6ea0:cc0e::2"
  type    = "AAAA"
}

Jelle van der Waa's avatar
Jelle van der Waa committed
162
163
164
165
166
167
168
resource "hetznerdns_record" "pkgbuild_com_asia_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "asia.mirror"
  value   = "84.17.57.98"
  type    = "A"
}

169
170
171
172
173
174
175
resource "hetznerdns_record" "pkgbuild_com_asia_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "asia.mirror"
  value   = "2a02:6ea0:d605::2"
  type    = "AAAA"
}

176
177
178
179
180
181
182
183
184
185
186
187
188
189
resource "hetznerdns_record" "pkgbuild_com_asia_archive_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "asia.archive"
  value   = "84.17.57.98"
  type    = "A"
}

resource "hetznerdns_record" "pkgbuild_com_asia_archive_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "asia.archive"
  value   = "2a02:6ea0:d605::2"
  type    = "AAAA"
}

Jelle van der Waa's avatar
Jelle van der Waa committed
190
191
192
193
194
195
196
resource "hetznerdns_record" "pkgbuild_com_europe_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "europe.mirror"
  value   = "89.187.191.12"
  type    = "A"
}

197
198
199
200
201
202
203
resource "hetznerdns_record" "pkgbuild_com_europe_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "europe.mirror"
  value   = "2a02:6ea0:c237::2"
  type    = "AAAA"
}

204
205
206
207
208
209
210
211
212
resource "hetznerdns_record" "pkgbuild_com_europe_archive_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "europe.archive"
  value   = "89.187.191.12"
  type    = "A"
}

resource "hetznerdns_record" "pkgbuild_com_europe_archive_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
213
  name    = "europe.archive"
214
215
216
217
  value   = "2a02:6ea0:c237::2"
  type    = "AAAA"
}

218
resource "hetznerdns_record" "pkgbuild_com_repro1_a" {
219
  zone_id = hetznerdns_zone.pkgbuild.id
220
  name    = "repro1"
221
222
  value   = "147.75.81.79"
  type    = "A"
223
224
}

225
resource "hetznerdns_record" "pkgbuild_com_repro1_aaaa" {
226
  zone_id = hetznerdns_zone.pkgbuild.id
227
  name    = "repro1"
228
229
  value   = "2604:1380:2001:4500::1"
  type    = "AAAA"
230
231
}

Jelle van der Waa's avatar
Jelle van der Waa committed
232
233
234
235
236
237
238
resource "hetznerdns_record" "pkgbuild_com_repro2_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "repro2"
  value   = "212.102.38.209"
  type    = "A"
}

239
240
241
242
243
244
245
resource "hetznerdns_record" "pkgbuild_com_repro2_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
  name    = "repro2"
  value   = "2a02:6ea0:c238::2"
  type    = "AAAA"
}

246
247
resource "hetznerdns_record" "pkgbuild_com_www_a" {
  zone_id = hetznerdns_zone.pkgbuild.id
248
249
250
  name    = "www"
  value   = "78.46.178.133"
  type    = "A"
251
252
253
254
}

resource "hetznerdns_record" "pkgbuild_com_www_aaaa" {
  zone_id = hetznerdns_zone.pkgbuild.id
255
256
257
  name    = "www"
  value   = "2a01:4f8:c2c:51e2::1"
  type    = "AAAA"
258
259
260
261
}

resource "hetznerdns_record" "archlinux_org_origin_a" {
  zone_id = hetznerdns_zone.archlinux.id
262
  name    = "@"
263
  ttl     = 600
264
  value   = hcloud_server.archlinux.ipv4_address
265
  type    = "A"
266
267
268
269
}

resource "hetznerdns_record" "archlinux_org_origin_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
270
  name    = "@"
271
  ttl     = 600
272
  value   = hcloud_server.archlinux.ipv6_address
273
  type    = "AAAA"
274
275
276
277
}

resource "hetznerdns_record" "archlinux_org_origin_caa" {
  zone_id = hetznerdns_zone.archlinux.id
278
279
280
  name    = "@"
  value   = "0 issue \"letsencrypt.org\""
  type    = "CAA"
281
282
283
284
}

resource "hetznerdns_record" "archlinux_org_origin_ns3" {
  zone_id = hetznerdns_zone.archlinux.id
285
286
287
  name    = "@"
  value   = "robotns3.second-ns.com."
  type    = "NS"
288
289
290
291
}

resource "hetznerdns_record" "archlinux_org_origin_ns2" {
  zone_id = hetznerdns_zone.archlinux.id
292
293
294
  name    = "@"
  value   = "robotns2.second-ns.de."
  type    = "NS"
295
296
297
298
}

resource "hetznerdns_record" "archlinux_org_origin_ns1" {
  zone_id = hetznerdns_zone.archlinux.id
299
300
301
  name    = "@"
  value   = "ns1.first-ns.de."
  type    = "NS"
302
303
}

304
305
306
307
308
309
310
311
312
# TODO: Commented currently as we have no idea how to handle SOA stuff with Terraform:
# https://github.com/timohirt/terraform-provider-hetznerdns/issues/20
# https://gitlab.archlinux.org/archlinux/infrastructure/-/merge_requests/62#note_4040
#; resource "hetznerdns_record" "archlinux_org_origin_soa" {
#   zone_id = hetznerdns_zone.archlinux.id
#   name = "@"
#   value = "ns1.first-ns.de. ibiru.archlinux.org. 2020072502 7200 900 1209600 86400"
#   type = "SOA"
# }
313
314
315

resource "hetznerdns_record" "archlinux_org_origin_apollo_domainkey_txt" {
  zone_id = hetznerdns_zone.archlinux.id
316
  name    = "apollo._domainkey"
317
  ttl     = 600
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
318
  value   = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvZIf8SbjC53RDCbMjTEpo0FCuMSShlKWdwWjY1J+RpT3CL/21z4nXqVBYF1orkUScH8Nlabocraqk8lmpNBlKCUV77lk9mRsLkWhg+XjhvQXL1xfH8zAg1CntEZuaIMLUQ+5Gkw6BlO1qDRkmXS9UtV8Jt1rhjRtSrgN5lhztOCbQLRAtzKty/nMeClqsfT3nL2hbDeh+b/rYc\" \"l2veZAqiGcR2/0bnKlt+Nb5lOBY3oZiYLmZ5g+l9UXVjGUq9jGAooIWpQvuRPmin3RX31kXfr1A+mDBEexiOL1dDST2Zx7i9puXbqYH0u0IxBpweHCO5UqWx52mdXBuhs+DCo/JoZAHU/6eRzK+Sps50LgLFSzJJNfGXk5PUKdww2GHbkK3mCYfoFCpB0SADzl42+1w6YZk1yXoPdOHtChfQpCgjtddf1W8Q09pYO1/bn4l0erdFQsWb1K\" \"4wEVOCn+hHWbV42V+J3TyGxQ4AM8KQ1OPvUEabyTyqcO4evBaH7/S2wA91Z9QDjTbKmlNovs5zoxuOM/mPGPUuQMvhjoAP+rg4AwJ3Xwd3GgUcqQflcokayUYdp7F3aKp1NWAR9ibseU/XBYsSF8Ucjqzf4DJFUfrgjHUr97st7g4HUCyXrQO4tyE0ytiX8OFjjIszWLmF+B7Vup9O7k+dNz2Vj2Vyzkq1UCAwEAAQ==\" "
319
  type    = "TXT"
320
321
322
323
}

resource "hetznerdns_record" "archlinux_org_accounts_a" {
  zone_id = hetznerdns_zone.archlinux.id
324
325
326
  name    = "accounts"
  value   = hcloud_server.accounts.ipv4_address
  type    = "A"
327
328
329
330
}

resource "hetznerdns_record" "archlinux_org_accounts_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
331
332
333
  name    = "accounts"
  value   = hcloud_server.accounts.ipv6_address
  type    = "AAAA"
334
335
336
337
}

resource "hetznerdns_record" "archlinux_org_apollo_a" {
  zone_id = hetznerdns_zone.archlinux.id
338
  name    = "apollo"
339
  ttl     = 600
340
341
  value   = "138.201.81.199"
  type    = "A"
342
343
344
345
}

resource "hetznerdns_record" "archlinux_org_apollo_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
346
  name    = "apollo"
347
  ttl     = 600
348
349
  value   = "2a01:4f8:172:1d86::1"
  type    = "AAAA"
350
351
352
353
}

resource "hetznerdns_record" "archlinux_org_aur_a" {
  zone_id = hetznerdns_zone.archlinux.id
354
355
356
  name    = "aur"
  value   = hcloud_server.aur.ipv4_address
  type    = "A"
357
358
359
360
}

resource "hetznerdns_record" "archlinux_org_aur_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
361
362
363
  name    = "aur"
  value   = hcloud_server.aur.ipv6_address
  type    = "AAAA"
364
365
366
367
}

resource "hetznerdns_record" "archlinux_org_aur_dev_a" {
  zone_id = hetznerdns_zone.archlinux.id
368
369
370
  name    = "aur-dev"
  value   = hcloud_server.aur-dev.ipv4_address
  type    = "A"
371
372
373
374
}

resource "hetznerdns_record" "archlinux_org_aur_dev_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
375
376
377
  name    = "aur-dev"
  value   = hcloud_server.aur-dev.ipv6_address
  type    = "AAAA"
378
379
380
381
}

resource "hetznerdns_record" "archlinux_org_aur4_a" {
  zone_id = hetznerdns_zone.archlinux.id
382
383
384
  name    = "aur4"
  value   = "5.9.250.164"
  type    = "A"
385
386
387
388
}

resource "hetznerdns_record" "archlinux_org_aur4_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
389
390
391
  name    = "aur4"
  value   = "2a01:4f8:160:3033::2"
  type    = "AAAA"
392
393
394
395
}

resource "hetznerdns_record" "archlinux_org_bbs_a" {
  zone_id = hetznerdns_zone.archlinux.id
396
397
398
  name    = "bbs"
  value   = hcloud_server.bbs.ipv4_address
  type    = "A"
399
400
401
402
}

resource "hetznerdns_record" "archlinux_org_bbs_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
403
404
405
  name    = "bbs"
  value   = hcloud_server.bbs.ipv6_address
  type    = "AAAA"
406
407
408
409
}

resource "hetznerdns_record" "archlinux_org_bugs_a" {
  zone_id = hetznerdns_zone.archlinux.id
410
411
412
  name    = "bugs"
  value   = hcloud_server.bugs.ipv4_address
  type    = "A"
413
414
415
416
}

resource "hetznerdns_record" "archlinux_org_bugs_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
417
418
419
  name    = "bugs"
  value   = hcloud_server.bugs.ipv6_address
  type    = "AAAA"
420
421
422
423
}

resource "hetznerdns_record" "archlinux_org_dragon_a" {
  zone_id = hetznerdns_zone.archlinux.id
424
425
426
  name    = "dragon"
  value   = "195.201.167.210"
  type    = "A"
427
428
429
430
}

resource "hetznerdns_record" "archlinux_org_dragon_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
431
432
433
  name    = "dragon"
  value   = "2a01:4f8:13a:102a::2"
  type    = "AAAA"
434
435
436
437
}

resource "hetznerdns_record" "archlinux_org_gemini_a" {
  zone_id = hetznerdns_zone.archlinux.id
438
439
440
  name    = "gemini"
  value   = "49.12.124.107"
  type    = "A"
441
442
443
444
}

resource "hetznerdns_record" "archlinux_org_gemini_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
445
446
447
  name    = "gemini"
  value   = "2a01:4f8:242:5614::2"
  type    = "AAAA"
448
449
450
451
}

resource "hetznerdns_record" "archlinux_org_gitlab_a" {
  zone_id = hetznerdns_zone.archlinux.id
452
453
454
  name    = "gitlab"
  value   = hcloud_server.gitlab.ipv4_address
  type    = "A"
455
456
457
458
}

resource "hetznerdns_record" "archlinux_org_gitlab_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
459
460
461
  name    = "gitlab"
  value   = hcloud_server.gitlab.ipv6_address
  type    = "AAAA"
462
463
464
465
}

resource "hetznerdns_record" "archlinux_org_homedir_a" {
  zone_id = hetznerdns_zone.archlinux.id
466
467
468
  name    = "homedir"
  value   = hcloud_server.homedir.ipv4_address
  type    = "A"
469
470
471
472
}

resource "hetznerdns_record" "archlinux_org_homedir_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
473
474
475
  name    = "homedir"
  value   = hcloud_server.homedir.ipv6_address
  type    = "AAAA"
476
477
478
479
}

resource "hetznerdns_record" "archlinux_org_lists_a" {
  zone_id = hetznerdns_zone.archlinux.id
480
481
482
  name    = "lists"
  value   = "5.9.250.164"
  type    = "A"
483
484
485
486
}

resource "hetznerdns_record" "archlinux_org_lists_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
487
488
489
  name    = "lists"
  value   = "2a01:4f8:160:3033::2"
  type    = "AAAA"
490
491
492
493
}

resource "hetznerdns_record" "archlinux_org_lists_mx" {
  zone_id = hetznerdns_zone.archlinux.id
494
  name    = "lists"
495
  ttl     = 600
496
497
  value   = "10 luna"
  type    = "MX"
498
499
}

500
501
502
503
504
505
506
507
508
resource "hetznerdns_record" "archlinux_org_lists_txt" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "lists"
  ttl     = 600
  # lists.archlinux.org
  value = "\"v=spf1 ip4:5.9.250.164 ip6:2a01:4f8:160:3033::2 ~all\""
  type  = "TXT"
}

509
510
resource "hetznerdns_record" "archlinux_org_luna_a" {
  zone_id = hetznerdns_zone.archlinux.id
511
  name    = "luna"
512
  ttl     = 600
513
514
  value   = "5.9.250.164"
  type    = "A"
515
516
517
518
}

resource "hetznerdns_record" "archlinux_org_luna_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
519
  name    = "luna"
520
  ttl     = 600
521
522
  value   = "2a01:4f8:160:3033::2"
  type    = "AAAA"
523
524
525
526
}

resource "hetznerdns_record" "archlinux_org_luna_txt" {
  zone_id = hetznerdns_zone.archlinux.id
527
  name    = "luna._domainkey"
528
  ttl     = 600
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
529
  value   = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvXrAPvtdX8Jrk4zmyk8w9T2zdAJGe7z0+4XHWWiuzH8Zse6S7oXiS9CVaPOsu0TZqHqhuclASU7qh0NXFwWyi2xRPyJOqH2Clu7vHS3j5F4TjURFOp4/EbA0iQu4rbItl4AU11z2pGSEj5SykUsrH+jjdqzNqAG9d4lNvkTs6RRzPF3KhhY+XljaeysEyDSS4ap4E0DYcduSIX\" \"oD1exFv4SEbXThD9PC1u81w4xusnmwmfHtR7aazeqPDP+S+FqDRy2woCaQb/VMbqMYVuWTVKJ2RxFyTKredOOV2c5kzih7GViwoetll/rTqO4aVbeir9K4f6YZg85dSQtVwEat7LV+zBnQwp3ivWkrIk8VEdSsCSaJlgattBiPHsfFFv1xw4qi3h+UvfCGgz35dtlnzd/noGhNARg0Z+kaMSTjy75V1mKx5sCH0o8nAX2XU8akJfLz58Vg\" \"kTx/sfealtwNA0gTy1t1jV8q0OF5RA0IeMRgCzeH2USOZI98W+EAUsGG5653Vzmp3FJRWp1tWJwRJ0M/aZ3ka/G1iTx3rNNcadVk+4q3gz3KnlAlun+m58y8pNWKjYuxmu9xkDRwM/33rv98j0R8HZO7HFL+1vjKkxSEuzmnTQ2O9F76/OsQoDPZ1Z6nJRvK8ts8PQr4ASKohby62+1F1M8U2Xn7u84dYLUCAwEAAQ==\" "
530
  type    = "TXT"
531
532
533
534
}

resource "hetznerdns_record" "archlinux_org_luna2_txt" {
  zone_id = hetznerdns_zone.archlinux.id
535
  name    = "luna2._domainkey"
536
  ttl     = 600
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
537
  value   = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvXrAPvtdX8Jrk4zmyk8w9T2zdAJGe7z0+4XHWWiuzH8Zse6S7oXiS9CVaPOsu0TZqHqhuclASU7qh0NXFwWyi2xRPyJOqH2Clu7vHS3j5F4TjURFOp4/EbA0iQu4rbItl4AU11z2pGSEj5SykUsrH+jjdqzNqAG9d4lNvkTs6RRzPF3KhhY+XljaeysEyDSS4ap4E0DYcduSIX\" \"oD1exFv4SEbXThD9PC1u81w4xusnmwmfHtR7aazeqPDP+S+FqDRy2woCaQb/VMbqMYVuWTVKJ2RxFyTKredOOV2c5kzih7GViwoetll/rTqO4aVbeir9K4f6YZg85dSQtVwEat7LV+zBnQwp3ivWkrIk8VEdSsCSaJlgattBiPHsfFFv1xw4qi3h+UvfCGgz35dtlnzd/noGhNARg0Z+kaMSTjy75V1mKx5sCH0o8nAX2XU8akJfLz58Vg\" \"kTx/sfealtwNA0gTy1t1jV8q0OF5RA0IeMRgCzeH2USOZI98W+EAUsGG5653Vzmp3FJRWp1tWJwRJ0M/aZ3ka/G1iTx3rNNcadVk+4q3gz3KnlAlun+m58y8pNWKjYuxmu9xkDRwM/33rv98j0R8HZO7HFL+1vjKkxSEuzmnTQ2O9F76/OsQoDPZ1Z6nJRvK8ts8PQr4ASKohby62+1F1M8U2Xn7u84dYLUCAwEAAQ==\" "
538
  type    = "TXT"
539
540
}

541
542
543
544
545
546
547
548
resource "hetznerdns_record" "archlinux_org_luna3_txt" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "luna"
  ttl     = 600
  value   = "\"v=spf1 include:lists.archlinux.org -all\""
  type    = "TXT"
}

549
550
resource "hetznerdns_record" "archlinux_org_mailman3_a" {
  zone_id = hetznerdns_zone.archlinux.id
551
552
553
  name    = "mailman3"
  value   = hcloud_server.mailman3.ipv4_address
  type    = "A"
554
555
}

556
557
558
559
560
561
562
resource "hetznerdns_record" "archlinux_org_mailman3_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "mailman3"
  value   = hcloud_server.mailman3.ipv6_address
  type    = "AAAA"
}

563
564
resource "hetznerdns_record" "archlinux_org_master_key_a" {
  zone_id = hetznerdns_zone.archlinux.id
565
  name    = "master-key"
566
  ttl     = 600
567
  value   = hcloud_server.archlinux.ipv4_address
568
  type    = "A"
569
570
}

571
572
573
574
resource "hetznerdns_record" "archlinux_org_master_key_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "master-key"
  ttl     = 600
575
  value   = hcloud_server.archlinux.ipv6_address
576
577
578
  type    = "AAAA"
}

579
580
resource "hetznerdns_record" "archlinux_org_matrix_a" {
  zone_id = hetznerdns_zone.archlinux.id
581
582
583
  name    = "matrix"
  value   = hcloud_server.matrix.ipv4_address
  type    = "A"
584
585
}

586
587
588
589
590
591
592
resource "hetznerdns_record" "archlinux_org_matrix_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "matrix"
  value   = hcloud_server.matrix.ipv6_address
  type    = "AAAA"
}

593
594
resource "hetznerdns_record" "archlinux_org_monitoring_a" {
  zone_id = hetznerdns_zone.archlinux.id
595
596
597
  name    = "monitoring"
  value   = hcloud_server.monitoring.ipv4_address
  type    = "A"
598
599
}

Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
600
601
resource "hetznerdns_record" "archlinux_org_monitoring_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
602
603
604
  name    = "monitoring"
  value   = hcloud_server.monitoring.ipv6_address
  type    = "AAAA"
Sven-Hendrik Haase's avatar
Sven-Hendrik Haase committed
605
606
}

607
resource "hetznerdns_record" "archlinux_org_mail_a" {
608
  zone_id = hetznerdns_zone.archlinux.id
609
  name    = "mail"
610
  ttl     = 600
611
  value   = hcloud_server.mail.ipv4_address
612
  type    = "A"
613
614
}

615
resource "hetznerdns_record" "archlinux_org_mail_aaaa" {
616
  zone_id = hetznerdns_zone.archlinux.id
617
  name    = "mail"
618
  ttl     = 600
619
  value   = hcloud_server.mail.ipv6_address
620
  type    = "AAAA"
621
622
}

623
resource "hetznerdns_record" "archlinux_org_mtasts_cname" {
624
625
  for_each = toset(["", ".aur", ".master-key", ".lists"])

626
  zone_id = hetznerdns_zone.archlinux.id
627
  name    = "mta-sts${each.value}"
628
629
630
631
632
  value   = "mail"
  type    = "CNAME"
}

resource "hetznerdns_record" "archlinux_org__mtasts_txt" {
633
634
  for_each = toset(["", ".aur", ".master-key", ".lists"])

635
  zone_id = hetznerdns_zone.archlinux.id
636
  name    = "_mta-sts${each.value}"
637
638
639
640
641
642
  ttl     = 600
  # date +%s
  value = "\"v=STSv1; id=1608210175\""
  type  = "TXT"
}

643
644
645
resource "hetznerdns_record" "archlinux_org_origin_mx" {
  for_each = toset(["@", "aur", "master-key"])

646
  zone_id = hetznerdns_zone.archlinux.id
647
  name    = each.value
648
  ttl     = 600
649
650
  value   = "10 mail"
  type    = "MX"
651
652
}

653
654
655
resource "hetznerdns_record" "archlinux_org_origin_txt" {
  for_each = toset(["@", "aur", "mail", "master-key"])

656
  zone_id = hetznerdns_zone.archlinux.id
657
  name    = each.value
658
  ttl     = 600
659
660
661
  # mail.archlinux.org
  value = "\"v=spf1 ip4:95.216.189.61 ip6:2a01:4f9:c010:3052::1 ~all\""
  type  = "TXT"
662
663
}

664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
resource "hetznerdns_record" "archlinux_org_domainkey_dkim-ed25519_txt" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "dkim-ed25519._domainkey"
  ttl     = 600
  value   = "\"v=DKIM1; k=ed25519; \" \"p=XOHB7b7V1puX+FryNIhsjXHYIFqk+q6JRu4XQ7Jc8MQ=\" "
  type    = "TXT"
}

resource "hetznerdns_record" "archlinux_org_domainkey_dkim-rsa_txt" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "dkim-rsa._domainkey"
  ttl     = 600
  value   = "\"v=DKIM1; k=rsa; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA1GjGrEczq7iHZbvT7wa4ltJz2jwSndUGdRHgfEPnGBeevOXEAlEFr4zsdkfZEaNaQLIhZNpvKAt/A+kkyalkj4u9AnxqeNsNmZflFl6TKgvh0tWNEP3+XNxfdQ7zfml4WggL/YdAjXngg42oZEUsnS/6iozOFn7bNvzqBx5PFJ21pgyuR8DWyLaeOt+p55dVed7DCKnKi11Xjiu7k\" \"H68W8rose7g8Fv9fecBatEE4jwloOXsjh+tH0iab1NSSSpIq6EdgcPrpmrllN3/n2J/kCGK6ztISB6vR7xWgvgHSMjmEL0GPWzohGPrw2UQhZhrNV8dJpiLRYmfK+rXaKF0Kqag/F0e4C4jCKFX7NYFcYXYRlN5QlDFjZvUmOILlgnZ8w/SdZUKzpLObGuwnANLG+WSOjw42p9mXVGN6AfOQPu8OjRjS1MyhcdDIbUvZiQjbmiVJ5frpYZ39BTg\" \"CIzYLJJ5932+3gnwROu1OeljWkpBkfHZXPzADus80l3Vxsk91XZVB36rN8tyuMownR/M4HNC7ZE/EBwOnn1mGH7bLd6pva8u5Qy8Y6LrDdYea5Kk7aZ2WJSSRTV+nkPvOEIx+DfsIWNfmkVWzmuVky96fRvwOCuh38w8zpmlqzhDuGSQrBaLFXwAC7LYQ6kPDHzrjQhs99ScR0ix6YclrmpimMcCAwEAAQ==\" "
  type    = "TXT"
}

680
681
682
683
684
685
686
resource "hetznerdns_record" "archlinux_org_dmarc_txt" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "_dmarc"
  value   = "\"v=DMARC1; p=none; rua=mailto:dmarc-reports@archlinux.org; ruf=mailto:dmarc-reports@archlinux.org;\""
  type    = "TXT"
}

Kristian Klausen's avatar
Kristian Klausen committed
687
resource "hetznerdns_record" "archlinux_org_smtp_tlsrpt_txt" {
688
689
  for_each = toset(["", ".aur", ".master-key", ".lists"])

Kristian Klausen's avatar
Kristian Klausen committed
690
  zone_id = hetznerdns_zone.archlinux.id
691
  name    = "_smtp._tls${each.value}"
Kristian Klausen's avatar
Kristian Klausen committed
692
693
694
695
  value   = "\"v=TLSRPTv1;rua=mailto:postmaster@archlinux.org\""
  type    = "TXT"
}

696
697
698
699
700
701
702
703
704
705
706
707
708
709
resource "hetznerdns_record" "archlinux_org_openpgpkey_a" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "openpgpkey"
  value   = hcloud_server.openpgpkey.ipv4_address
  type    = "A"
}

resource "hetznerdns_record" "archlinux_org_openpgpkey_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "openpgpkey"
  value   = hcloud_server.openpgpkey.ipv6_address
  type    = "AAAA"
}

710
711
resource "hetznerdns_record" "archlinux_org_phrik_a" {
  zone_id = hetznerdns_zone.archlinux.id
712
713
714
  name    = "phrik"
  value   = hcloud_server.phrik.ipv4_address
  type    = "A"
715
716
}

717
718
719
720
resource "hetznerdns_record" "archlinux_org_phrik_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "phrik"
  value   = hcloud_server.phrik.ipv6_address
Frederik Schwan's avatar
Frederik Schwan committed
721
  type    = "AAAA"
722
723
}

724
725
resource "hetznerdns_record" "archlinux_org_quassel_a" {
  zone_id = hetznerdns_zone.archlinux.id
726
727
728
  name    = "quassel"
  value   = hcloud_server.quassel.ipv4_address
  type    = "A"
729
730
731
732
}

resource "hetznerdns_record" "archlinux_org_quassel_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
733
734
735
  name    = "quassel"
  value   = hcloud_server.quassel.ipv6_address
  type    = "AAAA"
736
737
738
739
}

resource "hetznerdns_record" "archlinux_org_reproducible_a" {
  zone_id = hetznerdns_zone.archlinux.id
740
741
742
  name    = "reproducible"
  value   = hcloud_server.reproducible.ipv4_address
  type    = "A"
743
744
}

745
746
747
748
resource "hetznerdns_record" "archlinux_org_reproducible_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "reproducible"
  value   = hcloud_server.reproducible.ipv6_address
Frederik Schwan's avatar
Frederik Schwan committed
749
  type    = "AAAA"
750
751
}

Jelle van der Waa's avatar
Jelle van der Waa committed
752
753
754
755
756
757
758
resource "hetznerdns_record" "archlinux_org_runner1_a" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "runner1"
  value   = "84.17.49.250"
  type    = "A"
}

759
760
761
762
763
764
765
resource "hetznerdns_record" "archlinux_org_runner1_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "runner1"
  value   = "2a02:6ea0:c719::2"
  type    = "AAAA"
}

766
767
resource "hetznerdns_record" "archlinux_org_runner2_a" {
  zone_id = hetznerdns_zone.archlinux.id
768
769
770
  name    = "runner2"
  value   = "147.75.80.217"
  type    = "A"
771
772
773
774
}

resource "hetznerdns_record" "archlinux_org_runner2_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
775
776
777
  name    = "runner2"
  value   = "2604:1380:2001:4500::3"
  type    = "AAAA"
778
779
780
781
}

resource "hetznerdns_record" "archlinux_org_secure_runner1_a" {
  zone_id = hetznerdns_zone.archlinux.id
782
783
784
  name    = "secure-runner1"
  value   = "116.202.134.150"
  type    = "A"
785
786
787
788
}

resource "hetznerdns_record" "archlinux_org_secure_runner1_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
789
790
791
  name    = "secure-runner1"
  value   = "2a01:4f8:231:4e1e::2"
  type    = "AAAA"
792
793
}

794
795
resource "hetznerdns_record" "archlinux_org_svn2gittest_a" {
  zone_id = hetznerdns_zone.archlinux.id
796
797
798
  name    = "svn2gittest"
  value   = hcloud_server.svn2gittest.ipv4_address
  type    = "A"
799
800
801
802
}

resource "hetznerdns_record" "archlinux_org_svn2gittest_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
803
804
805
  name    = "svn2gittest"
  value   = hcloud_server.svn2gittest.ipv6_address
  type    = "AAAA"
806
807
}

808
809
resource "hetznerdns_record" "archlinux_org_state_a" {
  zone_id = hetznerdns_zone.archlinux.id
810
811
812
  name    = "state"
  value   = "116.203.16.252"
  type    = "A"
813
814
815
816
}

resource "hetznerdns_record" "archlinux_org_state_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
817
818
819
  name    = "state"
  value   = "2a01:4f8:c2c:474::1"
  type    = "AAAA"
820
821
822
823
}

resource "hetznerdns_record" "archlinux_org_archive_cname" {
  zone_id = hetznerdns_zone.archlinux.id
824
825
826
  name    = "archive"
  value   = "gemini"
  type    = "CNAME"
827
828
829
830
}

resource "hetznerdns_record" "archlinux_org_conf_cname" {
  zone_id = hetznerdns_zone.archlinux.id
831
  name    = "conf"
832
  value   = "pages.archlinux.org."
833
  type    = "CNAME"
834
835
}

836
837
838
839
840
841
842
resource "hetznerdns_record" "gitlab_pages_conf_verification" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "_gitlab-pages-verification-code.conf"
  value   = "gitlab-pages-verification-code=60a06a1c02e42b36c3b4919f4d6de6bf"
  type    = "TXT"
}

843
844
resource "hetznerdns_record" "archlinux_org_dev_cname" {
  zone_id = hetznerdns_zone.archlinux.id
845
  name    = "dev"
846
  ttl     = 600
847
  value   = "www"
848
  type    = "CNAME"
849
850
851
852
}

resource "hetznerdns_record" "archlinux_org_g2kjxsblac7x_cname" {
  zone_id = hetznerdns_zone.archlinux.id
853
854
855
  name    = "g2kjxsblac7x"
  value   = "gv-i5y6mnrelvpfiu.dv.googlehosted.com."
  type    = "CNAME"
856
857
858
859
}

resource "hetznerdns_record" "archlinux_org_git_cname" {
  zone_id = hetznerdns_zone.archlinux.id
860
861
862
  name    = "git"
  value   = "luna"
  type    = "CNAME"
863
864
865
866
}

resource "hetznerdns_record" "archlinux_org_grafana_cname" {
  zone_id = hetznerdns_zone.archlinux.id
867
868
869
  name    = "grafana"
  value   = "apollo"
  type    = "CNAME"
870
871
872
873
}

resource "hetznerdns_record" "archlinux_org_ipxe_cname" {
  zone_id = hetznerdns_zone.archlinux.id
874
  name    = "ipxe"
875
  ttl     = 600
876
  value   = "www"
877
  type    = "CNAME"
878
879
880
881
}

resource "hetznerdns_record" "archlinux_org_luna2_domainkey_aur_cname" {
  zone_id = hetznerdns_zone.archlinux.id
882
883
884
  name    = "luna2._domainkey.aur"
  value   = "luna2._domainkey"
  type    = "CNAME"
885
886
887
888
}

resource "hetznerdns_record" "archlinux_org_luna2_domainkey_lists_cname" {
  zone_id = hetznerdns_zone.archlinux.id
889
890
891
  name    = "luna2._domainkey.lists"
  value   = "luna2._domainkey"
  type    = "CNAME"
892
893
894
895
}

resource "hetznerdns_record" "archlinux_org_mailman_cname" {
  zone_id = hetznerdns_zone.archlinux.id
896
897
898
  name    = "mailman"
  value   = "apollo"
  type    = "CNAME"
899
900
901
902
}

resource "hetznerdns_record" "archlinux_org_packages_cname" {
  zone_id = hetznerdns_zone.archlinux.id
903
  name    = "packages"
904
  ttl     = 600
905
  value   = "www"
906
  type    = "CNAME"
907
908
}

909
resource "hetznerdns_record" "archlinux_org_patchwork_a" {
910
  zone_id = hetznerdns_zone.archlinux.id
911
  name    = "patchwork"
912
  ttl     = 600
913
914
915
916
917
918
919
920
921
922
  value   = hcloud_server.patchwork.ipv4_address
  type    = "A"
}

resource "hetznerdns_record" "archlinux_org_patchwork_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "patchwork"
  ttl     = 600
  value   = hcloud_server.patchwork.ipv6_address
  type    = "AAAA"
923
924
925
926
}

resource "hetznerdns_record" "archlinux_org_planet_cname" {
  zone_id = hetznerdns_zone.archlinux.id
927
  name    = "planet"
928
  ttl     = 600
929
  value   = "www"
930
  type    = "CNAME"
931
932
933
934
}

resource "hetznerdns_record" "archlinux_org_projects_cname" {
  zone_id = hetznerdns_zone.archlinux.id
935
936
937
  name    = "projects"
  value   = "luna"
  type    = "CNAME"
938
939
940
941
}

resource "hetznerdns_record" "archlinux_org_repos_cname" {
  zone_id = hetznerdns_zone.archlinux.id
942
943
944
  name    = "repos"
  value   = "gemini"
  type    = "CNAME"
945
946
947
948
}

resource "hetznerdns_record" "archlinux_org_rsync_cname" {
  zone_id = hetznerdns_zone.archlinux.id
949
950
951
  name    = "rsync"
  value   = "gemini"
  type    = "CNAME"
952
953
}

954
resource "hetznerdns_record" "archlinux_org_security_a" {
955
  zone_id = hetznerdns_zone.archlinux.id
956
  name    = "security"
957
  ttl     = 600
958
959
960
961
962
963
964
965
966
967
  value   = hcloud_server.security.ipv4_address
  type    = "A"
}

resource "hetznerdns_record" "archlinux_org_security_aaaa" {
  zone_id = hetznerdns_zone.archlinux.id
  name    = "security"
  ttl     = 600
  value   = hcloud_server.security.ipv6_address
  type    = "AAAA"
968
969
970
971
}

resource "hetznerdns_record" "archlinux_org_sources_cname" {
  zone_id = hetznerdns_zone.archlinux.id
972
973
974
  name    = "sources"
  value   = "gemini"
  type    = "CNAME"
975
976
977
978
}

resource "hetznerdns_record" "archlinux_org_static_cname" {
  zone_id = hetznerdns_zone.archlinux.id
979
980
981
  name    = "static"
  value   = "apollo"
  type    = "CNAME"
982
983
984
985
}

resource "hetznerdns_record" "archlinux_org_static_conf_cname" {
  zone_id = hetznerdns_zone.archlinux.id
986
987
988
  name    = "static.conf"
  value   = "apollo"
  type    = "CNAME"
989
990
991
992
}

resource "hetznerdns_record" "archlinux_org_status_cname" {
  zone_id = hetznerdns_zone.archlinux.id
993
994
995
  name    = "status"
  value   = "stats.uptimerobot.com."
  type    = "CNAME"
996
997
998
999
}

resource "hetznerdns_record" "archlinux_org_svn_cname" {
  zone_id = hetznerdns_zone.archlinux.id
1000
  name    = "svn"
For faster browsing, not all history is shown. View entire blame