forked from public/stack
Add more records, re-order directories
- Mail records from Migadu - NameCheap records
This commit is contained in:
parent
af37dc534d
commit
7225df145d
|
@ -44,22 +44,24 @@ provider "registry.terraform.io/hashicorp/local" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "registry.terraform.io/hashicorp/tls" {
|
provider "registry.terraform.io/namecheap/namecheap" {
|
||||||
version = "4.0.4"
|
version = "2.1.0"
|
||||||
|
constraints = ">= 2.0.0"
|
||||||
hashes = [
|
hashes = [
|
||||||
"h1:Wd3RqmQW60k2QWPN4sK5CtjGuO1d+CRNXgC+D4rKtXc=",
|
"h1:hprk50lXtEO7BrFukatptEoK/B59/GLyuR4gJyBE2Nw=",
|
||||||
"zh:23671ed83e1fcf79745534841e10291bbf34046b27d6e68a5d0aab77206f4a55",
|
"zh:3731f5f14a0958cd27a589ef7daa9be786b6490f2309c429eb2e9862aa4ac5f7",
|
||||||
"zh:45292421211ffd9e8e3eb3655677700e3c5047f71d8f7650d2ce30242335f848",
|
"zh:3cbceb12ec3521d9dfbd890eee731a40f4e1f42de30d28fc1d1e524091148caa",
|
||||||
"zh:59fedb519f4433c0fdb1d58b27c210b27415fddd0cd73c5312530b4309c088be",
|
"zh:44095af1b1d1ee6d4b930e21e3c5bf0f81d9df65fe04f6f1e55d46713c240b21",
|
||||||
"zh:5a8eec2409a9ff7cd0758a9d818c74bcba92a240e6c5e54b99df68fff312bbd5",
|
"zh:693e169228fe0c5fb1989425b1ad42c1206f8187c9932b4daee5a5c5e851a28e",
|
||||||
"zh:5e6a4b39f3171f53292ab88058a59e64825f2b842760a4869e64dc1dc093d1fe",
|
"zh:6b04c3c2666db3050f49bc85151496fe33cf852db9ad8fc6f455d1daf0a2bba6",
|
||||||
"zh:810547d0bf9311d21c81cc306126d3547e7bd3f194fc295836acf164b9f8424e",
|
"zh:85fd126a573cc468f8d5d1b90f4a94f5977ea40623b1c5cd7c799bb95ef233bd",
|
||||||
"zh:824a5f3617624243bed0259d7dd37d76017097dc3193dac669be342b90b2ab48",
|
"zh:99014437ef4e96161b0029efa12f05fa1ab63ff9bc0a255b0a249e17b4f8587a",
|
||||||
"zh:9361ccc7048be5dcbc2fafe2d8216939765b3160bd52734f7a9fd917a39ecbd8",
|
"zh:a4d8288ef01d4002a5aa07d1e64e4504757f07d6ada24fbf7d3670ceb24d2871",
|
||||||
"zh:aa02ea625aaf672e649296bce7580f62d724268189fe9ad7c1b36bb0fa12fa60",
|
"zh:d27f7798cbe1957294bb08459b1fbabe68721cc9cc50afee80bda87ce674dab8",
|
||||||
"zh:c71b4cd40d6ec7815dfeefd57d88bc592c0c42f5e5858dcc88245d371b4b8b1e",
|
"zh:d85483f90380829d05b8a2725ce50bf2ee766d6c1cbef223b388d19c5a92dce2",
|
||||||
"zh:dabcd52f36b43d250a3d71ad7abfa07b5622c69068d989e60b79b2bb4f220316",
|
"zh:ddfecfbefd32e40386b482a2610e4173a52591afea3861f041041439d51d34da",
|
||||||
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
|
"zh:f9a10edfe11dbc4947cbb2f0db8935050693d5fff3b6559096288c689c2dd847",
|
||||||
|
"zh:fae14a74781a94bcaac07b6d533dd9eb1e40c1d152eb6ee49b2a44cdf5740cfe",
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,68 @@
|
||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/digitalocean/digitalocean" {
|
||||||
|
version = "2.25.2"
|
||||||
|
constraints = "2.25.2"
|
||||||
|
hashes = [
|
||||||
|
"h1:OreINFf349wOcU2trD8gmP2/dFYT85ltyG0YIQ+d4GA=",
|
||||||
|
"zh:0accb40afb05425f20ff93426c69fa9585fd269f5a0caff9e03173ca3a0f66f0",
|
||||||
|
"zh:0e389b5ebfce42a9a1c78b576acffa6d4f1cfa421810537e6e096a254ff3fec8",
|
||||||
|
"zh:12441f028af172a823b452bb017721d7bf2f6f14e343ac90f361c7bb73ff0874",
|
||||||
|
"zh:18e04874d833d014617ee94971b8ef4638931a3ee7c572f86ee816b74911bcb5",
|
||||||
|
"zh:4e728375e24fdc37e791b3f234c991da342dbad8e1bd878531dd45ab6710c4fe",
|
||||||
|
"zh:4f76bea793d71ae85c72275bd1a5d28ce72afbb41e6cf51cc74d19a470b2c4dc",
|
||||||
|
"zh:588fd686e257b9d989427106e16b7d35a805cf6c1f532dca8fd61c09f19cc95a",
|
||||||
|
"zh:5b433b49869a45d96b95e921dd3cc713471dfa78157fe6f89f09d41c689256c2",
|
||||||
|
"zh:5de660180ab655b64e579564ec5f60f63d7c6633f47dfe4c8ac5a6718d19b5ea",
|
||||||
|
"zh:6395f4d9995f525469d88825f56c88f46b3466db26a3962a645c9a2e65e60dad",
|
||||||
|
"zh:7b04b9ca110f3876000616f9f3f046a974a20db93583786f26dccf10ed9372cf",
|
||||||
|
"zh:81b02a7247a0142075315cdbccd41138c01ed3327036c6b3b417859b06fdac0d",
|
||||||
|
"zh:99e4cf8818eed4e0516a939658ae89a8eefeb4dd9d49303b47b28dc844f983ac",
|
||||||
|
"zh:a85ddbfc6db67508a64c95edd333132efbc40ab7b4d6266023750dc7756f6bec",
|
||||||
|
"zh:b7e9ee035192e2f4d8db11d33e0dabd1969135901bae52d96001fce5f2a4dce8",
|
||||||
|
"zh:ec5d133c03319ec103c80d954be31dd673f44e9c93ec9ed951576e110549b59f",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/namecheap/namecheap" {
|
||||||
|
version = "2.1.0"
|
||||||
|
constraints = ">= 2.0.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:hprk50lXtEO7BrFukatptEoK/B59/GLyuR4gJyBE2Nw=",
|
||||||
|
"zh:3731f5f14a0958cd27a589ef7daa9be786b6490f2309c429eb2e9862aa4ac5f7",
|
||||||
|
"zh:3cbceb12ec3521d9dfbd890eee731a40f4e1f42de30d28fc1d1e524091148caa",
|
||||||
|
"zh:44095af1b1d1ee6d4b930e21e3c5bf0f81d9df65fe04f6f1e55d46713c240b21",
|
||||||
|
"zh:693e169228fe0c5fb1989425b1ad42c1206f8187c9932b4daee5a5c5e851a28e",
|
||||||
|
"zh:6b04c3c2666db3050f49bc85151496fe33cf852db9ad8fc6f455d1daf0a2bba6",
|
||||||
|
"zh:85fd126a573cc468f8d5d1b90f4a94f5977ea40623b1c5cd7c799bb95ef233bd",
|
||||||
|
"zh:99014437ef4e96161b0029efa12f05fa1ab63ff9bc0a255b0a249e17b4f8587a",
|
||||||
|
"zh:a4d8288ef01d4002a5aa07d1e64e4504757f07d6ada24fbf7d3670ceb24d2871",
|
||||||
|
"zh:d27f7798cbe1957294bb08459b1fbabe68721cc9cc50afee80bda87ce674dab8",
|
||||||
|
"zh:d85483f90380829d05b8a2725ce50bf2ee766d6c1cbef223b388d19c5a92dce2",
|
||||||
|
"zh:ddfecfbefd32e40386b482a2610e4173a52591afea3861f041041439d51d34da",
|
||||||
|
"zh:f9a10edfe11dbc4947cbb2f0db8935050693d5fff3b6559096288c689c2dd847",
|
||||||
|
"zh:fae14a74781a94bcaac07b6d533dd9eb1e40c1d152eb6ee49b2a44cdf5740cfe",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/vancluever/acme" {
|
||||||
|
version = "2.12.0"
|
||||||
|
constraints = "~> 2.0"
|
||||||
|
hashes = [
|
||||||
|
"h1:/vWhC9ly4N+BehMDxETXSeCWe2w+1MZgM6Ai6cHxpYY=",
|
||||||
|
"zh:10f52acfdc36510ece0790af4c93f88bc8bb3270cd23fac1f740900dbceff317",
|
||||||
|
"zh:24e52840e1d7a369a522465b7ab3ab3b13236fb9731867cfaa1957c3a0d09254",
|
||||||
|
"zh:354f87de829707e625cb6da2318796b314897a6dd639ce367e397496a86af9fb",
|
||||||
|
"zh:3569b27c707fa4170c9c736116aa6ecbd25c3d3c94558e9001e2aed858ee6ac6",
|
||||||
|
"zh:429427787e450138db9100fec60966b26810d1447b9b675cea56259e0b3bf4c6",
|
||||||
|
"zh:533ae7a09e83b2ed5235ef607815468daadfa78c722e85d3f3c6f6a740dee40e",
|
||||||
|
"zh:772b346540392b43dd422b5e77e1008953f9df1538545d61cba35d12bc569fa1",
|
||||||
|
"zh:7a9e6f5b6470f16a640e5751f95375b654fa63bbf702d2c20ef616be0b2fe80f",
|
||||||
|
"zh:a186f1121c9a802cce71045245b861aa09b7a7dc0e93fd913b261f8d892ff2d5",
|
||||||
|
"zh:b1521cb89a7166e26dd2b9dedd1f45e43a037de50ea19e42856e740b64bdaba9",
|
||||||
|
"zh:c152efb60e50e8a298fc66a3446cb47d1b110c642681df8fe3ab4892711b530a",
|
||||||
|
"zh:c6491988233db2691f26e821c1b81aa30c017f194fa3a17b98447076cae30d41",
|
||||||
|
"zh:ea564dcf2cc65610103495f8b18baf0fe4a0664e06f4fc7006c0938ac15227c1",
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,238 @@
|
||||||
|
# Main domain resource
|
||||||
|
resource "digitalocean_domain" "default" {
|
||||||
|
name = "distrust.co"
|
||||||
|
}
|
||||||
|
|
||||||
|
# # Let's Encrypt
|
||||||
|
# ## Private key
|
||||||
|
# resource "tls_private_key" "private_key" {
|
||||||
|
# algorithm = "RSA"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# ## ACME registration
|
||||||
|
# resource "acme_registration" "reg" {
|
||||||
|
# account_key_pem = tls_private_key.private_key.private_key_pem
|
||||||
|
# email_address = "team@distrust.co"
|
||||||
|
# }
|
||||||
|
|
||||||
|
# ## ACME certificate
|
||||||
|
# resource "acme_certificate" "certificate" {
|
||||||
|
# account_key_pem = acme_registration.reg.account_key_pem
|
||||||
|
# common_name = "www.distrust.co"
|
||||||
|
# subject_alternative_names = []
|
||||||
|
|
||||||
|
# dns_challenge {
|
||||||
|
# provider = "digitalociean"
|
||||||
|
# }
|
||||||
|
# }
|
||||||
|
|
||||||
|
# Spaces Bucket
|
||||||
|
## Create a new Spaces Bucket
|
||||||
|
resource "digitalocean_spaces_bucket" "distrust_co" {
|
||||||
|
name = "distrust-co-website"
|
||||||
|
region = "nyc3"
|
||||||
|
acl = "public-read"
|
||||||
|
}
|
||||||
|
|
||||||
|
## Handle record for CDN redirect
|
||||||
|
resource "digitalocean_record" "cdn" {
|
||||||
|
domain = "distrust.co"
|
||||||
|
type = "CNAME"
|
||||||
|
name = "${digitalocean_cdn.distrust_co.origin}."
|
||||||
|
value = "distrust.co"
|
||||||
|
}
|
||||||
|
|
||||||
|
## Create a DigitalOcean managed Let's Encrypt Certificate
|
||||||
|
resource "digitalocean_certificate" "cert" {
|
||||||
|
name = "cdn-cert"
|
||||||
|
type = "lets_encrypt"
|
||||||
|
domains = ["static.distrust.co"]
|
||||||
|
}
|
||||||
|
|
||||||
|
# Add a CDN endpoint to the Spaces Bucket
|
||||||
|
resource "digitalocean_cdn" "distrust_co" {
|
||||||
|
origin = digitalocean_spaces_bucket.distrust_co.bucket_domain_name
|
||||||
|
certificate_name = digitalocean_certificate.cert.name
|
||||||
|
custom_domain = "static.distrust.co"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Output the endpoint for the CDN resource
|
||||||
|
output "fqdn" {
|
||||||
|
value = digitalocean_cdn.distrust_co.endpoint
|
||||||
|
}
|
||||||
|
#
|
||||||
|
output "cdn_origin" {
|
||||||
|
value = digitalocean_cdn.distrust_co.origin
|
||||||
|
}
|
||||||
|
|
||||||
|
# Handle record for distrust.co
|
||||||
|
resource "digitalocean_record" "distrust_co" {
|
||||||
|
domain = "distrust.co"
|
||||||
|
type = "CNAME"
|
||||||
|
name = "@"
|
||||||
|
value = digitalocean_cdn.distrust_co.origin
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "CNAME-www" {
|
||||||
|
domain = digitalocean_domain.default.name
|
||||||
|
type = "CNAME"
|
||||||
|
name = "www"
|
||||||
|
value = "@"
|
||||||
|
}
|
||||||
|
|
||||||
|
# NameCheap Records
|
||||||
|
resource "digitalocean_record" "main" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "A"
|
||||||
|
name = "@"
|
||||||
|
value = "143.198.235.76"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "billing" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "A"
|
||||||
|
name = "billing"
|
||||||
|
value = "45.16.98.153"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "chat" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "A"
|
||||||
|
name = "chat"
|
||||||
|
value = "143.198.235.76"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "www" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "A"
|
||||||
|
name = "www"
|
||||||
|
value = "143.198.235.76"
|
||||||
|
}
|
||||||
|
|
||||||
|
# Mail records
|
||||||
|
## MX main
|
||||||
|
resource "digitalocean_record" "mx1-main" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "MX"
|
||||||
|
name = "@"
|
||||||
|
priority = 10
|
||||||
|
value = "aspmx1.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mx2-main" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "MX"
|
||||||
|
name = "@"
|
||||||
|
priority = 20
|
||||||
|
value = "aspmx2.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
## MX subdomain wildcard
|
||||||
|
resource "digitalocean_record" "mx1-wildcard" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "MX"
|
||||||
|
name = "*"
|
||||||
|
priority = 10
|
||||||
|
value = "aspmx1.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mx2-wildcard" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "MX"
|
||||||
|
name = "*"
|
||||||
|
priority = 20
|
||||||
|
value = "aspmx2.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-verification" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "TXT"
|
||||||
|
name = "@"
|
||||||
|
value = "hosted-email-verify=kezkgvsn"
|
||||||
|
}
|
||||||
|
|
||||||
|
## DKIM+ARC
|
||||||
|
resource "digitalocean_record" "mail-dkim-primary" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "CNAME"
|
||||||
|
name = "key1._domainkey"
|
||||||
|
value = "key1.distrust.co._domainkey.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-dkim-secondary" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "CNAME"
|
||||||
|
name = "key2._domainkey"
|
||||||
|
value = "key2.distrust.co._domainkey.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-dkim-tertiary" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "CNAME"
|
||||||
|
name = "key3._domainkey"
|
||||||
|
value = "key3.distrust.co._domainkey.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
## SPF
|
||||||
|
resource "digitalocean_record" "mail-spf" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "TXT"
|
||||||
|
name = "@"
|
||||||
|
value = "v=spf1 include:spf.migadu.com -all"
|
||||||
|
}
|
||||||
|
|
||||||
|
## DMARC
|
||||||
|
resource "digitalocean_record" "mail-dmarc" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "TXT"
|
||||||
|
name = "_dmarc"
|
||||||
|
value = "v=DMARC1; p=quarantine;"
|
||||||
|
}
|
||||||
|
|
||||||
|
## Autodiscovery
|
||||||
|
resource "digitalocean_record" "mail-discovery" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "CNAME"
|
||||||
|
name = "autoconfig"
|
||||||
|
value = "autoconfig.migadu.com."
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-src-autodiscover" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "SRV"
|
||||||
|
name = "_autodiscover"
|
||||||
|
port = 443
|
||||||
|
priority = 0
|
||||||
|
weight = 1
|
||||||
|
value = "smtp.migadu.com"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-srv-submissions" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "SRV"
|
||||||
|
name = "_submissions"
|
||||||
|
port = 465
|
||||||
|
priority = 0
|
||||||
|
weight = 1
|
||||||
|
value = "smtp.migadu.com"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-srv-imaps" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "SRV"
|
||||||
|
name = "_imaps"
|
||||||
|
port = 993
|
||||||
|
priority = 0
|
||||||
|
weight = 1
|
||||||
|
value = "imap.migadu.com"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "digitalocean_record" "mail-srv-pop3s" {
|
||||||
|
domain = digitalocean_domain.default.id
|
||||||
|
type = "SRV"
|
||||||
|
name = "_pop3s"
|
||||||
|
port = 995
|
||||||
|
priority = 0
|
||||||
|
weight = 1
|
||||||
|
value = "pop.migadu.com"
|
||||||
|
}
|
|
@ -0,0 +1,39 @@
|
||||||
|
terraform {
|
||||||
|
required_providers {
|
||||||
|
digitalocean = {
|
||||||
|
source = "digitalocean/digitalocean"
|
||||||
|
version = "2.25.2"
|
||||||
|
}
|
||||||
|
acme = {
|
||||||
|
source = "vancluever/acme"
|
||||||
|
version = "~> 2.0"
|
||||||
|
}
|
||||||
|
namecheap = {
|
||||||
|
source = "namecheap/namecheap"
|
||||||
|
version = ">= 2.0.0"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "digitalocean" {
|
||||||
|
token = var.do_token
|
||||||
|
spaces_access_id = var.spaces_access_id
|
||||||
|
spaces_secret_key = var.spaces_secret
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "acme" {
|
||||||
|
server_url = "https://acme-v02.api.letsencrypt.org/directory"
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "namecheap" {
|
||||||
|
user_name = var.namecheap_user
|
||||||
|
api_user = var.namecheap_api_user
|
||||||
|
api_key = var.namecheap_api_key
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "do_token" {}
|
||||||
|
variable "spaces_access_id" {}
|
||||||
|
variable "spaces_secret" {}
|
||||||
|
variable "namecheap_user" {}
|
||||||
|
variable "namecheap_api_user" {}
|
||||||
|
variable "namecheap_api_key" {}
|
|
@ -1,38 +0,0 @@
|
||||||
resource "digitalocean_domain" "default" {
|
|
||||||
name = "distrust.co"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Handle record for www redirect
|
|
||||||
resource "digitalocean_record" "www" {
|
|
||||||
domain = "distrust.co"
|
|
||||||
type = "CNAME"
|
|
||||||
name = "www"
|
|
||||||
value = digitalocean_cdn.distrust_co.origin
|
|
||||||
}
|
|
||||||
|
|
||||||
# Handle record for distrust.co
|
|
||||||
resource "digitalocean_record" "distrust_co" {
|
|
||||||
domain = "distrust.co"
|
|
||||||
type = "CNAME"
|
|
||||||
name = "@"
|
|
||||||
value = digitalocean_cdn.distrust_co.origin
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "tls_private_key" "private_key" {
|
|
||||||
algorithm = "RSA"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "acme_registration" "reg" {
|
|
||||||
account_key_pem = tls_private_key.private_key.private_key_pem
|
|
||||||
email_address = "team@distrust.co"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "acme_certificate" "certificate" {
|
|
||||||
account_key_pem = acme_registration.reg.account_key_pem
|
|
||||||
common_name = "www.distrust.co"
|
|
||||||
subject_alternative_names = []
|
|
||||||
|
|
||||||
dns_challenge {
|
|
||||||
provider = "digitalociean"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,10 +1,3 @@
|
||||||
# Upload files to Digital Ocean
|
|
||||||
## The Digital Ocean Spaces API is compatible with Amazon S3
|
|
||||||
# resource "local_exec" "s3cmd" {
|
|
||||||
# command = "s3cmd put --recursive --acl-public --guess-mime-type --verbose static/ s3://static-site/"
|
|
||||||
# depends_on = [local_file.index_html, local_file.static_dir]
|
|
||||||
# }
|
|
||||||
|
|
||||||
# Create local directories as scratch space
|
# Create local directories as scratch space
|
||||||
resource "local_file" "openpgpkey" {
|
resource "local_file" "openpgpkey" {
|
||||||
filename = ".well-known/openpgpkey/policy"
|
filename = ".well-known/openpgpkey/policy"
|
||||||
|
@ -27,32 +20,9 @@ resource "local_file" "policy" {
|
||||||
depends_on = [local_file.openpgpkey]
|
depends_on = [local_file.openpgpkey]
|
||||||
}
|
}
|
||||||
|
|
||||||
# # Execute commands required to fetch PGP keys
|
# Upload files to Digital Ocean
|
||||||
# resource "local_exec" "command1" {
|
## The Digital Ocean Spaces API is compatible with Amazon S3
|
||||||
# command = "command1 arg1 arg2"
|
# resource "local_exec" "s3cmd" {
|
||||||
# output = var.output1
|
# command = "s3cmd put --recursive --acl-public --guess-mime-type --verbose static/ s3://static-site/"
|
||||||
# depends_on = [local_file.openpgpkey]
|
# depends_on = [local_file.index_html, local_file.static_dir]
|
||||||
# }
|
# }
|
||||||
|
|
||||||
# # Execute commands to build static site
|
|
||||||
# resource "local_exec" "command2" {
|
|
||||||
# command = "command2 ${var.output1} arg2"
|
|
||||||
# depends_on = [local_exec.command1]
|
|
||||||
# }
|
|
||||||
|
|
||||||
# Create a new Spaces Bucket
|
|
||||||
resource "digitalocean_spaces_bucket" "distrust_co" {
|
|
||||||
name = "distrust-co"
|
|
||||||
region = "nyc3"
|
|
||||||
acl = "public-read"
|
|
||||||
}
|
|
||||||
|
|
||||||
# Add a CDN endpoint to the Spaces Bucket
|
|
||||||
resource "digitalocean_cdn" "distrust_co" {
|
|
||||||
origin = digitalocean_spaces_bucket.distrust_co.bucket_domain_name
|
|
||||||
}
|
|
||||||
|
|
||||||
# Output the endpoint for the CDN resource
|
|
||||||
output "fqdn" {
|
|
||||||
value = digitalocean_cdn.distrust_co.endpoint
|
|
||||||
}
|
|
|
@ -4,10 +4,6 @@ terraform {
|
||||||
source = "digitalocean/digitalocean"
|
source = "digitalocean/digitalocean"
|
||||||
version = "2.25.2"
|
version = "2.25.2"
|
||||||
}
|
}
|
||||||
acme = {
|
|
||||||
source = "vancluever/acme"
|
|
||||||
version = "~> 2.0"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -17,10 +13,6 @@ provider "digitalocean" {
|
||||||
spaces_secret_key = var.spaces_secret
|
spaces_secret_key = var.spaces_secret
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "acme" {
|
|
||||||
server_url = "https://acme-v02.api.letsencrypt.org/directory"
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "do_token" {}
|
variable "do_token" {}
|
||||||
variable "spaces_access_id" {}
|
variable "spaces_access_id" {}
|
||||||
variable "spaces_secret" {}
|
variable "spaces_secret" {}
|
Loading…
Reference in New Issue