From 903adb38a946464259857d04c0fb57d2b2c32381 Mon Sep 17 00:00:00 2001
From: Sven-Hendrik Haase <svenstaro@gmail.com>
Date: Thu, 27 Aug 2020 11:22:04 +0200
Subject: [PATCH] Start managing Hetzner DNS with Terraform
---
misc/vault_hetzner.yml | 39 +-
tf-stage1/archlinux.tf | 844 ++++++++++++++++++++++++++++++++++++++++-
tf-stage1/versions.tf | 3 +
3 files changed, 865 insertions(+), 21 deletions(-)
diff --git a/misc/vault_hetzner.yml b/misc/vault_hetzner.yml
index 5b94f6e0f..b14785f61 100644
--- a/misc/vault_hetzner.yml
+++ b/misc/vault_hetzner.yml
@@ -1,19 +1,22 @@
$ANSIBLE_VAULT;1.1;AES256
-34356164636366663266306235353431363762343164633938353533613437333536306533336461
-3466343038303832376136623532333633353739393035640a373036363866313438666263393630
-62373039313738393633356565343861663461626437343762323231613230663838656465356166
-3933383065376263390a663363363866393264386436313437633237316634386165343838396665
-34366361623866336664326233363834386439373632313837306239653665653063373838313139
-33376139633434346664363933613963656233623937646465656535646333343166313038363364
-36383934633330656364626261356466353561363834306163356236616562376363326239343637
-30663161363135373765383064643331393065303763623762333735343463343361663036323066
-65316534373536323966333663626662633861646264323731383636396539363738613632323164
-63663030643036333763336430643031333762656164393530326636343463633137383637393030
-64306331616237613830363836646337323165363462613237376266653436663063393239383362
-39623535663961646462326432373730306137393665306132663762313635366664663030356364
-30353262376532663031653039643034323236643366313163353838653138616637353431333639
-65333538396438386239633238643633383466333139636438383164396564666137313131366466
-36316364653237353138303437366330623566306330343161333864313164303336396436353236
-34636137623134313335326635666661666439303932303836356139313930383861613031316562
-33363763613664363133666334663564363966323739643634303466373636323233633833633764
-3537333433306535623737633932333465616132376631623831
+62656234353737323166303637356239383530616339393865336433613730386466633436343036
+3733326161643339373036656237636163396135663866300a323666316637326331646363356633
+37366565326539366439613437343436656464633833646238383861396466663164373463353933
+6331616232373736310a326335303735363933663564613032363030333934633933326635363637
+30323738356435666330636234356138303932306565356630643862643930383161343131646437
+39303562613735323132313431313439373334626264363834373265623765326137323631393439
+65346333393466396536666333353532623334303233373139633534383133653633376538613933
+66326662633232363236333138653135633164343639343763613935626530386335336438663261
+35336531636530656136353237333766316437346439633938343931313164363466383233616234
+35333065383239346463653638363332316639623366636165363431323835393234633131356130
+36636235333661336536316232343030323531336662346166366163363933663633623734646561
+65666232373235633265646264313732666165663039363535346139303330303262363836396530
+66633664376332636238363361333663626564313835393735356362633737386339386131323366
+31393733643761393034313361356537656231656163623462353036633963336239313038633737
+33373032636138393130343966393830383064663364383365366134396430656139383661316634
+34343961616530343862346535633963323331343966376339653066363866383130356464393464
+62656439383233646336313331656636333935613162653539343231656133323065353039656534
+32326537383866396263343065666362386561626665383866633339383864646366343530323061
+66363464393734653931663339396365663864386461353133643232653361653839323730633831
+38316531626632666233303365656236623666353839666434646166343839643031396336633835
+37636135313735633537373334666364356362396137326364653766336463633131
diff --git a/tf-stage1/archlinux.tf b/tf-stage1/archlinux.tf
index 687e41308..c8b4b83c3 100644
--- a/tf-stage1/archlinux.tf
+++ b/tf-stage1/archlinux.tf
@@ -4,8 +4,13 @@ terraform {
}
}
-data "external" "hetzner_cloud_api_key" {
- program = ["${path.module}/../misc/get_key.py", "misc/vault_hetzner.yml", "hetzner_cloud_api_key", "--format", "json"]
+data "external" "vault_hetzner" {
+ program = [
+ "${path.module}/../misc/get_key.py", "misc/vault_hetzner.yml",
+ "hetzner_cloud_api_key",
+ "hetzner_dns_api_key",
+ "--format", "json"
+ ]
}
data "hcloud_image" "archlinux" {
@@ -15,7 +20,840 @@ data "hcloud_image" "archlinux" {
}
provider "hcloud" {
- token = data.external.hetzner_cloud_api_key.result.hetzner_cloud_api_key
+ token = data.external.vault_hetzner.result.hetzner_cloud_api_key
+}
+
+provider "hetznerdns" {
+ apitoken = data.external.vault_hetzner.result.hetzner_dns_api_key
+}
+
+resource "hetznerdns_zone" "archlinux" {
+ name = "archlinux.org"
+ ttl = 86400
+}
+
+resource "hetznerdns_zone" "pkgbuild" {
+ name = "pkgbuild.com"
+ ttl = 86400
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "78.46.178.133"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_aaaa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "2a01:4f8:c2c:51e2::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_caa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "0 issue \"letsencrypt.org\""
+ type = "CAA"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_mx" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "0 ."
+ type = "MX"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_ns3" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "robotns3.second-ns.com."
+ type = "NS"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_ns2" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "robotns2.second-ns.de."
+ type = "NS"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_ns1" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "ns1.first-ns.de."
+ type = "NS"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_soa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "ns1.first-ns.de. dns.hetzner.com. 2020090604 14400 1800 604800 86400"
+ type = "SOA"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_origin_txt" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "@"
+ value = "\"v=spf1 -all\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_wildcard_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "*"
+ value = "78.46.178.133"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_wildcard_aaaa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "*"
+ value = "2a01:4f8:c2c:51e2::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_archive_ger_mirror_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "archive.ger.mirror"
+ value = "159.122.70.8"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_ger_mirror_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "ger.mirror"
+ value = "159.122.70.8"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_mirror_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "mirror"
+ value = "78.46.209.220"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_mirror_aaaa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "mirror"
+ value = "2a01:4f8:c2c:c62f::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_repro1_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "repro1"
+ value = "169.50.62.117"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_repro3_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "repro3"
+ value = "147.75.81.79"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_repro3_aaaa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "repro3"
+ value = "2604:1380:2001:4500::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_www_a" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "www"
+ value = "78.46.178.133"
+ type = "A"
+}
+
+resource "hetznerdns_record" "pkgbuild_com_www_aaaa" {
+ zone_id = hetznerdns_zone.pkgbuild.id
+ name = "www"
+ value = "2a01:4f8:c2c:51e2::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "138.201.81.199"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "2a01:4f8:172:1d86::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_caa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "0 issue \"letsencrypt.org\""
+ type = "CAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_mx" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "10 mx"
+ type = "MX"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_ns3" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "robotns3.second-ns.com."
+ type = "NS"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_ns2" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "robotns2.second-ns.de."
+ type = "NS"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_ns1" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "ns1.first-ns.de."
+ type = "NS"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_soa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "ns1.first-ns.de. ibiru.archlinux.org. 2020072502 7200 900 1209600 86400"
+ type = "SOA"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "@"
+ value = "\"v=spf1 mx ip4:66.211.214.132/28 ip4:5.9.250.164 ip6:2a01:4f8:160:3033::2 ip4:138.201.81.199/32 ip4:88.198.91.70/32 a:aur.archlinux.org a:apollo.archlinux.org ?all\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_origin_apollo_domainkey_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "apollo._domainkey"
+ value = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvZIf8SbjC53RDCbMjTEpo0FCuMSShlKWdwWjY1J+RpT3CL/21z4nXqVBYF1orkUScH8Nlabocraqk8lmpNBlKCUV77lk9mRsLkWhg+XjhvQXL1xfH8zAg1CntEZuaIMLUQ+5Gkw6BlO1qDRkmXS9UtV8Jt1rhjRtSrgN5lhztOCbQLRAtzKty/nMeClqsfT3nL2hbDeh+b/rYc\" \"l2veZAqiGcR2/0bnKlt+Nb5lOBY3oZiYLmZ5g+l9UXVjGUq9jGAooIWpQvuRPmin3RX31kXfr1A+mDBEexiOL1dDST2Zx7i9puXbqYH0u0IxBpweHCO5UqWx52mdXBuhs+DCo/JoZAHU/6eRzK+Sps50LgLFSzJJNfGXk5PUKdww2GHbkK3mCYfoFCpB0SADzl42+1w6YZk1yXoPdOHtChfQpCgjtddf1W8Q09pYO1/bn4l0erdFQsWb1K\" \"4wEVOCn+hHWbV42V+J3TyGxQ4AM8KQ1OPvUEabyTyqcO4evBaH7/S2wA91Z9QDjTbKmlNovs5zoxuOM/mPGPUuQMvhjoAP+rg4AwJ3Xwd3GgUcqQflcokayUYdp7F3aKp1NWAR9ibseU/XBYsSF8Ucjqzf4DJFUfrgjHUr97st7g4HUCyXrQO4tyE0ytiX8OFjjIszWLmF+B7Vup9O7k+dNz2Vj2Vyzkq1UCAwEAAQ==\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_accounts_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "accounts"
+ value = "95.217.160.183"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_accounts_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "accounts"
+ value = "2a01:4f9:c010:7978::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_apollo_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "apollo"
+ value = "138.201.81.199"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_apollo_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "apollo"
+ value = "2a01:4f8:172:1d86::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_archive_gemini_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "archive.gemini"
+ value = "49.12.124.107"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur"
+ value = "95.216.144.15"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur"
+ value = "2a01:4f9:c010:50::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur_mx" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur"
+ value = "10 mx"
+ type = "MX"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur"
+ value = "\"v=spf1 a ?all\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur_dev_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur-dev"
+ value = "95.216.149.160"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur_dev_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur-dev"
+ value = "2a01:4f9:c010:f21::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur4_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur4"
+ value = "5.9.250.164"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_aur4_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "aur4"
+ value = "2a01:4f8:160:3033::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_bbs_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "bbs"
+ value = "116.203.93.142"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_bbs_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "bbs"
+ value = "2a01:4f8:c2c:b1cf::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_bugs_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "bugs"
+ value = "78.46.189.112"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_bugs_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "bugs"
+ value = "2a01:4f8:c0c:18c8::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_dragon_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "dragon"
+ value = "195.201.167.210"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_dragon_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "dragon"
+ value = "2a01:4f8:13a:102a::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_gemini_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "gemini"
+ value = "49.12.124.107"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_gemini_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "gemini"
+ value = "2a01:4f8:242:5614::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_gitlab_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "gitlab"
+ value = "159.69.41.129"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_gitlab_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "gitlab"
+ value = "2a01:4f8:c2c:5d2d::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_homedir_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "homedir"
+ value = "78.46.178.133"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_homedir_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "homedir"
+ value = "2a01:4f8:c2c:51e2::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_lists_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "lists"
+ value = "5.9.250.164"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_lists_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "lists"
+ value = "2a01:4f8:160:3033::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_lists_mx" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "lists"
+ value = "10 luna"
+ type = "MX"
+}
+
+resource "hetznerdns_record" "archlinux_org_luna_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "luna"
+ value = "5.9.250.164"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_luna_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "luna"
+ value = "2a01:4f8:160:3033::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_luna_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "luna._domainkey"
+ value = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvXrAPvtdX8Jrk4zmyk8w9T2zdAJGe7z0+4XHWWiuzH8Zse6S7oXiS9CVaPOsu0TZqHqhuclASU7qh0NXFwWyi2xRPyJOqH2Clu7vHS3j5F4TjURFOp4/EbA0iQu4rbItl4AU11z2pGSEj5SykUsrH+jjdqzNqAG9d4lNvkTs6RRzPF3KhhY+XljaeysEyDSS4ap4E0DYcduSIX\" \"oD1exFv4SEbXThD9PC1u81w4xusnmwmfHtR7aazeqPDP+S+FqDRy2woCaQb/VMbqMYVuWTVKJ2RxFyTKredOOV2c5kzih7GViwoetll/rTqO4aVbeir9K4f6YZg85dSQtVwEat7LV+zBnQwp3ivWkrIk8VEdSsCSaJlgattBiPHsfFFv1xw4qi3h+UvfCGgz35dtlnzd/noGhNARg0Z+kaMSTjy75V1mKx5sCH0o8nAX2XU8akJfLz58Vg\" \"kTx/sfealtwNA0gTy1t1jV8q0OF5RA0IeMRgCzeH2USOZI98W+EAUsGG5653Vzmp3FJRWp1tWJwRJ0M/aZ3ka/G1iTx3rNNcadVk+4q3gz3KnlAlun+m58y8pNWKjYuxmu9xkDRwM/33rv98j0R8HZO7HFL+1vjKkxSEuzmnTQ2O9F76/OsQoDPZ1Z6nJRvK8ts8PQr4ASKohby62+1F1M8U2Xn7u84dYLUCAwEAAQ==\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_luna2_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "luna2._domainkey"
+ value = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAvXrAPvtdX8Jrk4zmyk8w9T2zdAJGe7z0+4XHWWiuzH8Zse6S7oXiS9CVaPOsu0TZqHqhuclASU7qh0NXFwWyi2xRPyJOqH2Clu7vHS3j5F4TjURFOp4/EbA0iQu4rbItl4AU11z2pGSEj5SykUsrH+jjdqzNqAG9d4lNvkTs6RRzPF3KhhY+XljaeysEyDSS4ap4E0DYcduSIX\" \"oD1exFv4SEbXThD9PC1u81w4xusnmwmfHtR7aazeqPDP+S+FqDRy2woCaQb/VMbqMYVuWTVKJ2RxFyTKredOOV2c5kzih7GViwoetll/rTqO4aVbeir9K4f6YZg85dSQtVwEat7LV+zBnQwp3ivWkrIk8VEdSsCSaJlgattBiPHsfFFv1xw4qi3h+UvfCGgz35dtlnzd/noGhNARg0Z+kaMSTjy75V1mKx5sCH0o8nAX2XU8akJfLz58Vg\" \"kTx/sfealtwNA0gTy1t1jV8q0OF5RA0IeMRgCzeH2USOZI98W+EAUsGG5653Vzmp3FJRWp1tWJwRJ0M/aZ3ka/G1iTx3rNNcadVk+4q3gz3KnlAlun+m58y8pNWKjYuxmu9xkDRwM/33rv98j0R8HZO7HFL+1vjKkxSEuzmnTQ2O9F76/OsQoDPZ1Z6nJRvK8ts8PQr4ASKohby62+1F1M8U2Xn7u84dYLUCAwEAAQ==\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_mailman3_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "mailman3"
+ value = "116.203.49.58"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_master_key_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "master-key"
+ value = "138.201.81.199"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_master_key_mx" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "master-key"
+ value = "10 mx"
+ type = "MX"
+}
+
+resource "hetznerdns_record" "archlinux_org_matrix_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "matrix"
+ value = "116.203.198.193"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_monitoring_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "monitoring"
+ value = "95.217.220.31"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_mx_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "mx"
+ value = "88.198.91.70"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_mx_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "mx"
+ value = "2a01:4f8:160:6087::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_orion_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "orion"
+ value = "88.198.91.70"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_orion_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "orion"
+ value = "2a01:4f8:160:6087::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_orion_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "orion._domainkey"
+ value = "\"v=DKIM1; k=rsa; s=email; \" \"p=MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAyK/JZ94O4TXYnmDhWTdbouEsLI3cBBbocliExS9Xa1si7dWMT22y619EhtHx5hRvSlN+ur3eaUC/85MN30dEDYTxO4EnNjgNRqQlE2NHd6lpAlpfHpE2vd5YcJMcx1/gy1PBCWiGv3F6n+XpoPby0Ayy0UhklQZ/gRRuspinxACDzWCMp7prncGOF42TnU81sKAVGGAmrt6Hpz\" \"wzq218BFWbxjcEIfSR+7rJXVT2DmPxBzuic0iXJhZSHmyODf7R3eAmvHgEUnz4+tk4PyXhBzp04bkMcV/I4NWS4juPqeb5x0dl0i9YYhqDPArnxnKBSyz6ABJLY1NE+5UJaxNnGLgsimvn4qt/uWxC/TuqjhNA7LcdqMUboWEB85mhabr3WNbabOhOXgEQQfh43g/E81ddEfLlXKL69D7B5YE6QjwsqKYb+fogpXiqMjoLKp9SHvuyqX+A\" \"eFFgrX8bcP2bzGjO5M8T+kT8K+OJeqdwEXBHyBFY9cCSrekYPa9zVQltw4TR4QTacz0UTAQOFwn6M+y2guXROlfImJm6PZrbPsqPUFjaf3vVw3/TdUTA32CuXdIZc9O7PZQUjIMPI2lTX3U6XRPk9zG0PqGYkRfYnYVD+1es44zgOGU8RTe1beQXKYqv9vjMQB67hcYUPUv0ZO++TmztvUjMJPvfJT7SOkkCAwEAAQ==\" "
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_phrik_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "phrik"
+ value = "159.69.213.214"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_quassel_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "quassel"
+ value = "159.69.111.245"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_quassel_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "quassel"
+ value = "2a01:4f8:c2c:507e::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_reproducible_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "reproducible"
+ value = "95.217.216.117"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_runner1_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "runner1"
+ value = "169.50.62.125"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_runner2_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "runner2"
+ value = "147.75.80.217"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_runner2_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "runner2"
+ value = "2604:1380:2001:4500::3"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_secure_runner1_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "secure-runner1"
+ value = "116.202.134.150"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_secure_runner1_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "secure-runner1"
+ value = "2a01:4f8:231:4e1e::2"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_secure_runner2_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "secure-runner2"
+ value = "95.216.219.65"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_secure_runner2_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "secure-runner2"
+ value = "2a01:4f9:c010:4c27::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_state_a" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "state"
+ value = "116.203.16.252"
+ type = "A"
+}
+
+resource "hetznerdns_record" "archlinux_org_state_aaaa" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "state"
+ value = "2a01:4f8:c2c:474::1"
+ type = "AAAA"
+}
+
+resource "hetznerdns_record" "archlinux_org_archive_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "archive"
+ value = "gemini"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_conf_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "conf"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_dev_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "dev"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_g2kjxsblac7x_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "g2kjxsblac7x"
+ value = "gv-i5y6mnrelvpfiu.dv.googlehosted.com."
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_git_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "git"
+ value = "luna"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_grafana_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "grafana"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_ipxe_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "ipxe"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_kanboard_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "kanboard"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_luna2_domainkey_aur_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "luna2._domainkey.aur"
+ value = "luna2._domainkey"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_luna2_domainkey_lists_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "luna2._domainkey.lists"
+ value = "luna2._domainkey"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_mail_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "mail"
+ value = "orion"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_mailman_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "mailman"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_openpgpkey_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "openpgpkey"
+ value = "orion"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_packages_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "packages"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_patchwork_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "patchwork"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_planet_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "planet"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_projects_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "projects"
+ value = "luna"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_repos_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "repos"
+ value = "gemini"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_rsync_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "rsync"
+ value = "gemini"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_security_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "security"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_sources_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "sources"
+ value = "gemini"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_static_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "static"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_static_conf_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "static.conf"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_status_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "status"
+ value = "stats.uptimerobot.com."
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_svn_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "svn"
+ value = "gemini"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_wiki_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "wiki"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_www_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "www"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_zabbix_cname" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "zabbix"
+ value = "apollo"
+ type = "CNAME"
+}
+
+resource "hetznerdns_record" "archlinux_org_matrix_tcp_srv" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "_matrix._tcp"
+ value = "10 0 8448 matrix"
+ type = "SRV"
+}
+
+resource "hetznerdns_record" "archlinux_org_dmarc_txt" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "_dmarc"
+ value = "\"v=DMARC1; p=none; rua=mailto:dmarc-reports@archlinux.org; ruf=mailto:dmarc-reports@archlinux.org;\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_github_challenge_archlinux" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "_github-challenge-archlinux"
+ value = "\"824af4446e\""
+ type = "TXT"
+}
+
+resource "hetznerdns_record" "archlinux_org_github_challenge_archlinux_www" {
+ zone_id = hetznerdns_zone.archlinux.id
+ name = "_github-challenge-archlinux.www"
+ value = "\"b53f311f86\""
+ type = "TXT"
}
resource "hcloud_rdns" "quassel_ipv4" {
diff --git a/tf-stage1/versions.tf b/tf-stage1/versions.tf
index 89510bd4e..bc0669153 100644
--- a/tf-stage1/versions.tf
+++ b/tf-stage1/versions.tf
@@ -6,6 +6,9 @@ terraform {
hcloud = {
source = "hetznercloud/hcloud"
}
+ hetznerdns = {
+ source = "timohirt/hetznerdns"
+ }
}
required_version = ">= 0.13"
}
--
GitLab