stack/letsencrypt.tf

38 lines
897 B
HCL

resource "digitalocean_domain" "default" {
name = "distrust.co"
}
# Handle record for www redirect
resource "digitalocean_record" "www" {
domain = "distrust.co"
type = "CNAME"
name = "www"
value = digitalocean_cdn.distrust_co.origin
}
# Handle record for distrust.co
resource "digitalocean_record" "distrust_co" {
domain = "distrust.co"
type = "CNAME"
name = "@"
value = digitalocean_cdn.distrust_co.origin
}
resource "tls_private_key" "private_key" {
algorithm = "RSA"
}
resource "acme_registration" "reg" {
account_key_pem = tls_private_key.private_key.private_key_pem
email_address = "team@distrust.co"
}
resource "acme_certificate" "certificate" {
account_key_pem = acme_registration.reg.account_key_pem
common_name = "www.distrust.co"
subject_alternative_names = []
dns_challenge {
provider = "digitalociean"
}
}