Compare commits
5 commits
dc688fb97d
...
8c1785331a
Author | SHA1 | Date | |
---|---|---|---|
Gabriel Simmer | 8c1785331a | ||
Gabriel Simmer | 83e2ea2a78 | ||
Gabriel Simmer | e9a99b886b | ||
Gabriel Simmer | cb5bd7bb4a | ||
Gabriel Simmer | f713cf5e51 |
56
homelab/forgejo-runner.yml
Normal file
56
homelab/forgejo-runner.yml
Normal file
|
@ -0,0 +1,56 @@
|
||||||
|
apiVersion: apps/v1
|
||||||
|
kind: Deployment
|
||||||
|
metadata:
|
||||||
|
labels:
|
||||||
|
app: act-runner
|
||||||
|
name: act-runner
|
||||||
|
spec:
|
||||||
|
replicas: 1
|
||||||
|
selector:
|
||||||
|
matchLabels:
|
||||||
|
app: act-runner
|
||||||
|
strategy: {}
|
||||||
|
template:
|
||||||
|
metadata:
|
||||||
|
creationTimestamp: null
|
||||||
|
labels:
|
||||||
|
app: act-runner
|
||||||
|
spec:
|
||||||
|
restartPolicy: Always
|
||||||
|
volumes:
|
||||||
|
- name: runner-data
|
||||||
|
emptyDir: {}
|
||||||
|
initContainers:
|
||||||
|
- name: runner-config-generation
|
||||||
|
image: code.forgejo.org/forgejo/runner:2.4.0
|
||||||
|
command: [ "sh", "-c", "cd /data && forgejo-runner create-runner-file --instance $GITEA_INSTANCE_URL --secret $RUNNER_SECRET --connect" ]
|
||||||
|
env:
|
||||||
|
- name: RUNNER_SECRET
|
||||||
|
valueFrom:
|
||||||
|
secretKeyRef:
|
||||||
|
name: runner-secret
|
||||||
|
key: token
|
||||||
|
- name: GITEA_INSTANCE_URL
|
||||||
|
value: https://git.gmem.ca
|
||||||
|
volumeMounts:
|
||||||
|
- name: runner-data
|
||||||
|
mountPath: /data
|
||||||
|
containers:
|
||||||
|
- name: runner
|
||||||
|
image: gitea/act_runner:nightly-dind-rootless
|
||||||
|
imagePullPolicy: Always
|
||||||
|
env:
|
||||||
|
- name: DOCKER_HOST
|
||||||
|
value: tcp://localhost:2376
|
||||||
|
- name: DOCKER_CERT_PATH
|
||||||
|
value: /certs/client
|
||||||
|
- name: DOCKER_TLS_VERIFY
|
||||||
|
value: "1"
|
||||||
|
- name: GITEA_INSTANCE_URL
|
||||||
|
value: https://git.gmem.ca
|
||||||
|
securityContext:
|
||||||
|
privileged: true
|
||||||
|
volumeMounts:
|
||||||
|
- name: runner-data
|
||||||
|
mountPath: /data
|
||||||
|
|
|
@ -48,10 +48,10 @@
|
||||||
trustedInterfaces = ["tailscale0"];
|
trustedInterfaces = ["tailscale0"];
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
allowedUDPPorts = [ 41641 ];
|
allowedUDPPorts = [ 41641 ];
|
||||||
allowedTCPPorts = [ 22 53 80 443 ];
|
allowedTCPPorts = [ 22 80 443 6443 10250 ];
|
||||||
enable = true;
|
enable = false;
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
|
@ -89,7 +89,7 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
role = "agent";
|
role = "agent";
|
||||||
serverAddr = "https://100.77.43.133:6443";
|
serverAddr = "https://100.77.43.133:6443";
|
||||||
token = "";
|
token = "K101619438e86a6ea51229321ca58dfb868582ef353adc5512480c185f5797dcf0b::server:bdc3beb6af99d94395d8464384ec60e2";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -47,23 +47,13 @@ let
|
||||||
"dns.db".file = toString ./nas/dns.db;
|
"dns.db".file = toString ./nas/dns.db;
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
|
|
||||||
nas-k3s-source = lib.evalSource [
|
|
||||||
{
|
|
||||||
nixpkgs.git = {
|
|
||||||
ref = "origin/nixos-23.05";
|
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
|
||||||
};
|
|
||||||
nixos-config.file = toString ./nas/k3s/configuration.nix;
|
|
||||||
"hardware.nix".file = toString ./nas/k3s/hardware.nix;
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
seattle-source = lib.evalSource [
|
seattle-source = lib.evalSource [
|
||||||
{
|
{
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
ref = "origin/nixos-unstable";
|
ref = "6e287913f7b1ef537c97aa301b67c34ea46b640f";
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
|
shallow = true;
|
||||||
};
|
};
|
||||||
nixos-config.file = toString ./seattle/configuration.nix;
|
nixos-config.file = toString ./seattle/configuration.nix;
|
||||||
"hardware.nix".file = toString ./seattle/hardware.nix;
|
"hardware.nix".file = toString ./seattle/hardware.nix;
|
||||||
|
@ -73,8 +63,9 @@ let
|
||||||
glasgow-source = lib.evalSource [
|
glasgow-source = lib.evalSource [
|
||||||
{
|
{
|
||||||
nixpkgs.git = {
|
nixpkgs.git = {
|
||||||
ref = "origin/nixos-unstable";
|
ref = "6e287913f7b1ef537c97aa301b67c34ea46b640f";
|
||||||
url = https://github.com/NixOS/nixpkgs;
|
url = https://github.com/NixOS/nixpkgs;
|
||||||
|
shallow = true;
|
||||||
};
|
};
|
||||||
nixos-config.file = toString ./glasgow/configuration.nix;
|
nixos-config.file = toString ./glasgow/configuration.nix;
|
||||||
"hardware.nix".file = toString ./glasgow/hardware.nix;
|
"hardware.nix".file = toString ./glasgow/hardware.nix;
|
||||||
|
@ -84,23 +75,19 @@ let
|
||||||
in {
|
in {
|
||||||
oracle-gitea-runner = pkgs.krops.writeDeploy "oracle-gitea-runner" {
|
oracle-gitea-runner = pkgs.krops.writeDeploy "oracle-gitea-runner" {
|
||||||
source = oracle-gitea-runner-source;
|
source = oracle-gitea-runner-source;
|
||||||
target = "root@130.162.169.74";
|
target = "root@143.47.229.209";
|
||||||
};
|
};
|
||||||
oracle-nix-cache = pkgs.krops.writeDeploy "oracle-nix-cache" {
|
oracle-nginx-funnel = pkgs.krops.writeDeploy "oracle-nginx-funnel" {
|
||||||
source = oracle-nix-cache-source;
|
source = oracle-nix-cache-source;
|
||||||
target = "root@141.147.94.210";
|
target = "root@141.147.109.157";
|
||||||
};
|
};
|
||||||
nas = pkgs.krops.writeDeploy "nas" {
|
nas = pkgs.krops.writeDeploy "nas" {
|
||||||
source = nas-source;
|
source = nas-source;
|
||||||
target = "root@192.168.50.229";
|
target = "root@192.168.50.229";
|
||||||
};
|
};
|
||||||
nas-k3s = pkgs.krops.writeDeploy "nas-k3s" {
|
|
||||||
source = nas-k3s-source;
|
|
||||||
target = "root@192.168.50.229:22001";
|
|
||||||
};
|
|
||||||
seattle = pkgs.krops.writeDeploy "seattle" {
|
seattle = pkgs.krops.writeDeploy "seattle" {
|
||||||
source = seattle-source;
|
source = seattle-source;
|
||||||
target = "root@192.168.50.146";
|
target = "root@seattle";
|
||||||
};
|
};
|
||||||
glasgow = pkgs.krops.writeDeploy "glasgow" {
|
glasgow = pkgs.krops.writeDeploy "glasgow" {
|
||||||
source = glasgow-source;
|
source = glasgow-source;
|
|
@ -1,4 +1,3 @@
|
||||||
|
|
||||||
# WARN: this file will get overwritten by $ cachix use <name>
|
# WARN: this file will get overwritten by $ cachix use <name>
|
||||||
{ pkgs, lib, ... }:
|
{ pkgs, lib, ... }:
|
||||||
|
|
|
@ -1,6 +1,9 @@
|
||||||
git.gmem.ca. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
|
git.gmem.ca. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
|
||||||
|
food.gmem.ca. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
|
||||||
git.gmem.ca. IN A 100.116.48.47
|
git.gmem.ca. IN A 100.116.48.47
|
||||||
git.gmem.ca. IN AAAA fd7a:115c:a1e0:ab12:4843:cd96:6274:302f
|
git.gmem.ca. IN AAAA fd7a:115c:a1e0:ab12:4843:cd96:6274:302f
|
||||||
|
food.gmem.ca. IN A 100.77.43.133
|
||||||
|
food.gmem.ca. IN AAAA fd7a:115c:a1e0:ab12:4843:cd96:624d:2b85
|
||||||
|
|
||||||
gmem.ca. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
|
gmem.ca. IN SOA sns.dns.icann.org. noc.dns.icann.org. 2015082541 7200 3600 1209600 3600
|
||||||
gmem.ca. IN NS ns-1341.awsdns-39.org. ns-1824.awsdns-36.co.uk. ns-354.awsdns-44.com. ns-682.awsdns-21.net.
|
gmem.ca. IN NS ns-1341.awsdns-39.org. ns-1824.awsdns-36.co.uk. ns-354.awsdns-44.com. ns-682.awsdns-21.net.
|
|
@ -17,7 +17,7 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
services.gitea-actions-runner = {
|
services.gitea-actions-runner = {
|
||||||
# package = pkgs.forgejo-actions-runner;
|
package = pkgs.forgejo-actions-runner;
|
||||||
instances = {
|
instances = {
|
||||||
oracle-arm = {
|
oracle-arm = {
|
||||||
name = "oracle-arm";
|
name = "oracle-arm";
|
||||||
|
@ -39,8 +39,8 @@
|
||||||
nix
|
nix
|
||||||
zstd
|
zstd
|
||||||
];
|
];
|
||||||
url = "https://vancouver.scorpion-ghost.ts.net/git";
|
url = "https://git.gmem.ca";
|
||||||
token = "";
|
token = "rclEuf0ZKhWKe7IhvWZqgJpb1y84iYBJsJi7Wslh";
|
||||||
settings = {
|
settings = {
|
||||||
cache.port = 4328;
|
cache.port = 4328;
|
||||||
};
|
};
|
||||||
|
@ -53,7 +53,7 @@
|
||||||
environment.shells = with pkgs; [ zsh fish ];
|
environment.shells = with pkgs; [ zsh fish ];
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
hostName = "gitea-arm-runner";
|
hostName = "forgejo-action-runner";
|
||||||
domain = "gmem.ca";
|
domain = "gmem.ca";
|
||||||
nameservers = [ "1.1.1.1" "1.0.0.1" ];
|
nameservers = [ "1.1.1.1" "1.0.0.1" ];
|
||||||
firewall = {
|
firewall = {
|
||||||
|
@ -79,5 +79,5 @@
|
||||||
|
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
services.tailscale.enable = true;
|
services.tailscale.enable = true;
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.11";
|
||||||
}
|
}
|
|
@ -47,11 +47,11 @@
|
||||||
firewall = {
|
firewall = {
|
||||||
trustedInterfaces = ["tailscale0"];
|
trustedInterfaces = ["tailscale0"];
|
||||||
checkReversePath = "loose";
|
checkReversePath = "loose";
|
||||||
allowedTCPPorts = [ 22 53 80 443 ];
|
allowedTCPPorts = [ 22 80 443 6443 10250 ];
|
||||||
allowedUDPPorts = [ 41641 ];
|
allowedUDPPorts = [ 41641 80 443 ];
|
||||||
enable = true;
|
enable = false;
|
||||||
};
|
};
|
||||||
nftables.enable = true;
|
nftables.enable = false;
|
||||||
};
|
};
|
||||||
|
|
||||||
time.timeZone = "Europe/London";
|
time.timeZone = "Europe/London";
|
||||||
|
@ -89,7 +89,7 @@
|
||||||
enable = true;
|
enable = true;
|
||||||
role = "server";
|
role = "server";
|
||||||
extraFlags = toString [
|
extraFlags = toString [
|
||||||
"--secrets-encryption"
|
"--secrets-encryption --disable=traefik"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
2
pulumi/.gitignore
vendored
2
pulumi/.gitignore
vendored
|
@ -1,2 +0,0 @@
|
||||||
/bin/
|
|
||||||
/node_modules/
|
|
|
@ -1,6 +0,0 @@
|
||||||
encryptionsalt: v1:v/2Egaf4eCE=:v1:2Vc2k1lWnahiE1Ce:83nVXz3moeXDWxGg/gjobA9cHw8zYg==
|
|
||||||
config:
|
|
||||||
aws:region: eu-west-2
|
|
||||||
tailscale:apiKey:
|
|
||||||
secure: v1:4IfYF+gWnunbS4mK:HyJkqNAOvflbV3SZYTh/0F/is4fVMYGJLaYPhOA3xqrFu1CCzy38k2ADhvvpYIbK0PxHdibN6iW9VtCKHeTXhE8rWpv97dEb
|
|
||||||
tailscale:tailnet: gmem.ca
|
|
|
@ -1,3 +0,0 @@
|
||||||
name: gmem-pulumi
|
|
||||||
runtime: nodejs
|
|
||||||
description: gmem's AWS Infra
|
|
|
@ -1,47 +0,0 @@
|
||||||
import * as pulumi from "@pulumi/pulumi";
|
|
||||||
import * as aws from "@pulumi/aws";
|
|
||||||
import * as tailscale from "@pulumi/tailscale";
|
|
||||||
|
|
||||||
const r53_domains: { [key: string]: any } = {"gmem.ca": "", "gabrielsimmer.com": ""};
|
|
||||||
|
|
||||||
export = async () => {
|
|
||||||
for (const domain in r53_domains) {
|
|
||||||
r53_domains[domain] = new aws.route53.Zone(domain, {
|
|
||||||
comment: "Managed by Pulumi",
|
|
||||||
name: domain,
|
|
||||||
}, {
|
|
||||||
protect: true,
|
|
||||||
}).id;
|
|
||||||
}
|
|
||||||
|
|
||||||
const vancouver_ts = await tailscale.getDevice({ name: "vancouver.scorpion-ghost.ts.net" });
|
|
||||||
new aws.route53.Record("vancouver", {
|
|
||||||
zoneId: r53_domains["gmem.ca"],
|
|
||||||
name: "vancouver.gmem.ca",
|
|
||||||
type: "A",
|
|
||||||
ttl: 300,
|
|
||||||
records: [vancouver_ts.addresses[0]]
|
|
||||||
});
|
|
||||||
new aws.route53.Record("galleon", {
|
|
||||||
zoneId: r53_domains["gmem.ca"],
|
|
||||||
name: "galleon.gmem.ca",
|
|
||||||
type: "A",
|
|
||||||
ttl: 300,
|
|
||||||
records: [vancouver_ts.addresses[0]]
|
|
||||||
});
|
|
||||||
new aws.route53.Record("gabrielsimmercom", {
|
|
||||||
zoneId: r53_domains["gabrielsimmer.com"],
|
|
||||||
name: "gabrielsimmer.com",
|
|
||||||
type: "A",
|
|
||||||
ttl: 3600,
|
|
||||||
records: ["66.241.124.117"]
|
|
||||||
});
|
|
||||||
new aws.route53.Record("gabrielsimmercom-aaaa", {
|
|
||||||
zoneId: r53_domains["gabrielsimmer.com"],
|
|
||||||
name: "gabrielsimmer.com",
|
|
||||||
type: "AAAA",
|
|
||||||
ttl: 3600,
|
|
||||||
records: ["2a09:8280:1::4e:42fd"]
|
|
||||||
});
|
|
||||||
return { "vancouver ts ip": vancouver_ts.addresses[0] };
|
|
||||||
}
|
|
2404
pulumi/package-lock.json
generated
2404
pulumi/package-lock.json
generated
File diff suppressed because it is too large
Load diff
|
@ -1,13 +0,0 @@
|
||||||
{
|
|
||||||
"name": "gmem-pulumi",
|
|
||||||
"main": "index.ts",
|
|
||||||
"devDependencies": {
|
|
||||||
"@types/node": "^16"
|
|
||||||
},
|
|
||||||
"dependencies": {
|
|
||||||
"@pulumi/aws": "^5.0.0",
|
|
||||||
"@pulumi/awsx": "^1.0.0",
|
|
||||||
"@pulumi/pulumi": "^3.0.0",
|
|
||||||
"@pulumi/tailscale": "^0.12.2"
|
|
||||||
}
|
|
||||||
}
|
|
|
@ -1,18 +0,0 @@
|
||||||
{
|
|
||||||
"compilerOptions": {
|
|
||||||
"strict": true,
|
|
||||||
"outDir": "bin",
|
|
||||||
"target": "es2016",
|
|
||||||
"module": "commonjs",
|
|
||||||
"moduleResolution": "node",
|
|
||||||
"sourceMap": true,
|
|
||||||
"experimentalDecorators": true,
|
|
||||||
"pretty": true,
|
|
||||||
"noFallthroughCasesInSwitch": true,
|
|
||||||
"noImplicitReturns": true,
|
|
||||||
"forceConsistentCasingInFileNames": true
|
|
||||||
},
|
|
||||||
"files": [
|
|
||||||
"index.ts"
|
|
||||||
]
|
|
||||||
}
|
|
|
@ -65,6 +65,29 @@ provider "registry.terraform.io/hetznercloud/hcloud" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/sharkyrawr/cloudns" {
|
||||||
|
version = "0.0.7"
|
||||||
|
constraints = "0.0.7"
|
||||||
|
hashes = [
|
||||||
|
"h1:9j02xibBw0ol2nDg7dd/w5A3IwT9Ih2fQWC3LWmPrBw=",
|
||||||
|
"zh:00981e00a0efacc99e118cf72708b3889622afc8e997a18e29649a646bb25e83",
|
||||||
|
"zh:357235742de49011118f173e121e1406ef26a2bdda6864cd2f13c4cc9af73d3e",
|
||||||
|
"zh:3fa3db9190f8d44452f8d6528f7aebda15e66f5c33a8423bae32c352b157df38",
|
||||||
|
"zh:4bae8164457b0f94bcdcfed18d7296fabc01a46ac03f6ec21e38dbf442aabddb",
|
||||||
|
"zh:a27c5153b1fde30e7037ed19b354af8e1d9a4952ec420e5f6e09bdc148263e9e",
|
||||||
|
"zh:aa7d6555c0a345dbb094bb903d2ae5261ced464d8b58c2e24c561970130be824",
|
||||||
|
"zh:bc188c2ff5351453ae23e65b3baa00567cd0be8ca26c2be08fb0168a9b88d5d2",
|
||||||
|
"zh:c8e72151976d2bcdc107a926c3d9c9cee6e5ac0ce7e446544a60cca1d35217c3",
|
||||||
|
"zh:d648371729035dc52b0437462e9f91b24f3fea6427e043c0016e02a91c60b7eb",
|
||||||
|
"zh:d8dc24aa0c586a12ea19e46cf14e3e6fc1ec6e3281aafaba35da9d4e26f23cd0",
|
||||||
|
"zh:e43b20807b37db5c2bd2806350321b0bd6831c0675abe0d74d42c1cc894f711d",
|
||||||
|
"zh:fa101cec498688add26a3f5cee96bc409d09e1d611b4e934d4233a56d812f81b",
|
||||||
|
"zh:fbd1fee2c9df3aa19cf8851ce134dea6e45ea01cb85695c1726670c285797e25",
|
||||||
|
"zh:fd5bc423d1d68aa6905ba01e0e5e3f552e4f656f636117cd26e1f2394a6d1bf4",
|
||||||
|
"zh:fe80010ea109e573561da1c93d91af7d8525387e0d2ff1185672f7464fb26956",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
provider "registry.terraform.io/vercel/vercel" {
|
provider "registry.terraform.io/vercel/vercel" {
|
||||||
version = "0.14.0"
|
version = "0.14.0"
|
||||||
constraints = "0.14.0"
|
constraints = "0.14.0"
|
||||||
|
|
|
@ -27,16 +27,6 @@ resource "aws_route53_record" "gabrielsimmercom-a" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "gabrielsimmercom-aaaa" {
|
|
||||||
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
|
||||||
name = "gabrielsimmer.com"
|
|
||||||
type = "AAAA"
|
|
||||||
ttl = 3600
|
|
||||||
records = [
|
|
||||||
"2a09:8280:1::4e:42fd"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "gabrielsimmercom-next" {
|
resource "aws_route53_record" "gabrielsimmercom-next" {
|
||||||
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
||||||
name = "next"
|
name = "next"
|
||||||
|
|
|
@ -23,7 +23,15 @@ resource "aws_route53_record" "git" {
|
||||||
name = "git"
|
name = "git"
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 300
|
ttl = 300
|
||||||
records = ["141.147.94.210"]
|
records = ["141.147.109.157"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "food" {
|
||||||
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
|
name = "food"
|
||||||
|
type = "A"
|
||||||
|
ttl = 300
|
||||||
|
records = ["141.147.109.157"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "nix-cache" {
|
resource "aws_route53_record" "nix-cache" {
|
||||||
|
@ -116,10 +124,27 @@ resource "aws_route53_record" "gmem-ca-mail-txt" {
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
name = "gmem.ca"
|
name = "gmem.ca"
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
records = ["v=spf1 include:spf.messagingengine.com ?all"]
|
records = ["v=spf1 include:spf.messagingengine.com include:spf.mushu.services.floofy.tech ?all"]
|
||||||
ttl = 300
|
ttl = 300
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "postal-dkim" {
|
||||||
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
|
name = "postal-d6U33J._domainkey"
|
||||||
|
type = "TXT"
|
||||||
|
ttl = 300
|
||||||
|
records = ["v=DKIM1; t=s; h=sha256; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCoSvi65zRk8yn0IySfXWyNzeQpz8DEg8ZnmR/Kqq+Ga890KoINkQHB0toQu/iURjmLo+2mYKMxkAMWZPEsKaNsBCLBB55NCvq3/jeJdjOKYLplc51KSdxSb3AGokGqwCDhQ8u+MJty/R3QOHbzndddQTnSG0ApDkJNiPdFVnXnewIDAQAB;"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "postal-cname" {
|
||||||
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
|
name = "psrp"
|
||||||
|
type = "CNAME"
|
||||||
|
ttl = 300
|
||||||
|
records = ["rp.mushu.services.floofy.tech"]
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
# S3 bucket static site
|
# S3 bucket static site
|
||||||
resource "aws_s3_bucket" "gmem-ca-static_site" {
|
resource "aws_s3_bucket" "gmem-ca-static_site" {
|
||||||
bucket = "gmem.ca"
|
bucket = "gmem.ca"
|
||||||
|
|
|
@ -15,6 +15,10 @@ terraform {
|
||||||
cloudflare = {
|
cloudflare = {
|
||||||
source = "cloudflare/cloudflare"
|
source = "cloudflare/cloudflare"
|
||||||
version = "3.33.1"
|
version = "3.33.1"
|
||||||
|
}
|
||||||
|
cloudns = {
|
||||||
|
source = "SharkyRawr/cloudns"
|
||||||
|
version = "0.0.7"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
backend "s3" {
|
backend "s3" {
|
||||||
|
@ -40,3 +44,5 @@ provider "hcloud" {}
|
||||||
variable "tailscale_key" {
|
variable "tailscale_key" {
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
provider "cloudns" {}
|
||||||
|
|
Loading…
Reference in a new issue