setup dns for turifer.dev mail

2025-07-17 23:52:12 +02:00
parent 1493d2ec0b
commit ee84c83582
6 changed files with 67 additions and 0 deletions
--- a/infra/.terraform.lock.hcl
+++ b/infra/.terraform.lock.hcl
@@ -42,3 +42,25 @@ provider "registry.opentofu.org/hetznercloud/hcloud" {
    "zh:f20f7379876ede225f3b6f0719826706a171ea4c1dd438a8a3103dee8fe43ccc",
  ]
 }
+
+provider "registry.opentofu.org/ovh/ovh" {
+  version     = "2.5.0"
+  constraints = "2.5.0"
+  hashes = [
+    "h1:CrmFEWjczVhLWc2qzOktKSu8Q0U78uV8fnSHo54lMQg=",
+    "zh:1a11c3bc191c3417b41af5c56a66ac7071980f7babb390096b43aab3ac60fe7c",
+    "zh:1d46fa7c37468becb01d117463838f694a093e58a9b7d28347db2c377933db76",
+    "zh:22b83b15e878a9627477fe49e03dada3f4cd4357cb91cdb621394da690238542",
+    "zh:316541fc8bbf2fe14f4a484d878c63e4b949bd21a352e0ebf60d4848c96a338e",
+    "zh:50e72847a4b1d532e7abd5669408832ac1b49dcfda266378b8e2419d97f0f49a",
+    "zh:7582c8630edb3e83642e7a4b06fababeaf4833ce622c71220c38724d0e0231af",
+    "zh:a26714d6bd8e04acbbc94c708b151405c4b6fc20dc7060e0daef8395f1bb9ce0",
+    "zh:aa8be95462c5ca909c923cc3d44636eccc71cb25b51572fe7e2f68bc93c57612",
+    "zh:b520c0661c514586b2aa3105c4345eda4d34ef08b62fda2cc20a2bcb8cb88ab2",
+    "zh:be8125f1b6bc8aa93441ec9dd96db5f49d21b4dcc100c13028404b461da545c9",
+    "zh:c6aab9b6b04fa8483aa10c194eaab8e4a1fbffc64ad495f5027d496e5b2da214",
+    "zh:d537d85afc71c51d86b1031586c619c503df9462e0240d94984bc32273a03df2",
+    "zh:eaa9f41d33fa7731c4a937e80554a1b6b2042d273705e4c8fc983ba251193206",
+    "zh:f0d085065a0ada787ad080ddd6e7c646b8ca3a351712961de735d18c9d59af7c",
+  ]
+}
--- a/infra/dns.tf
+++ b/infra/dns.tf
@@ -21,3 +21,12 @@ resource "gandi_livedns_record" "rpqt_fr_radicle_aaaa" {
    hcloud_server.crocus_server.ipv6_address,
  ]
 }
+
+data "ovh_domain_zone" "turifer_dev" {
+  name = "turifer.dev"
+}
+
+resource "ovh_domain_zone_import" "turifer_dev_import" {
+  zone_name = "turifer.dev"
+  zone_file = file("./turifer.dev.zone")
+}
--- a/infra/main.tf
+++ b/infra/main.tf
@@ -8,5 +8,9 @@ terraform {
      source  = "hetznercloud/hcloud"
      version = "~> 1.45"
    }
+    ovh = {
+      source  = "ovh/ovh"
+      version = "2.5.0"
+    }
  }
 }
--- a/infra/providers.tf
+++ b/infra/providers.tf
@@ -5,3 +5,9 @@ provider "gandi" {
 provider "hcloud" {
  token = var.hcloud_token
 }
+
+provider "ovh" {
+  endpoint      = "ovh-eu"
+  client_id     = var.ovh_client_id
+  client_secret = var.ovh_client_secret
+}
--- a/infra/turifer.dev.zone
+++ b/infra/turifer.dev.zone
@@ -0,0 +1,18 @@
+$TTL 3600
+@	IN SOA dns100.ovh.net. tech.ovh.net. (2025071505 86400 3600 3600000 60)
+    IN NS     dns100.ovh.net.
+	IN NS     ns100.ovh.net.
+
+turifer.dev. 3000 IN TXT "hosted-email-verify=k5z4lcfc"
+turifer.dev. 3000 IN MX 10 aspmx1.migadu.com.
+turifer.dev. 3000 IN MX 20 aspmx2.migadu.com.
+turifer.dev. 3000 IN TXT "v=spf1 include:spf.migadu.com -all"
+key1._domainkey.turifer.dev. 3000 IN CNAME key1.turifer.dev._domainkey.migadu.com.
+key2._domainkey.turifer.dev. 3000 IN CNAME key2.turifer.dev._domainkey.migadu.com.
+key3._domainkey.turifer.dev. 3000 IN CNAME key3.turifer.dev._domainkey.migadu.com.
+_dmarc.turifer.dev. 3000 IN TXT "v=DMARC1; p=quarantine;"
+autoconfig.turifer.dev. 3000 IN CNAME autoconfig.migadu.com.
+_autodiscover._tcp.turifer.dev. 3000 IN SRV 0 1 443 autodiscover.migadu.com.
+_submissions._tcp.turifer.dev. 3000 IN SRV 0 1 465 smtp.migadu.com.
+_imaps._tcp.turifer.dev. 3000 IN SRV 0 1 993 imap.migadu.com.
+_pop3s._tcp.turifer.dev. 3000 IN SRV 0 1 995 pop.migadu.com.
--- a/infra/variables.tf
+++ b/infra/variables.tf
@@ -5,3 +5,11 @@ variable "gandi_token" {
 variable "hcloud_token" {
  sensitive = true
 }
+
+variable "ovh_client_id" {
+  sensitive = true
+}
+
+variable "ovh_client_secret" {
+  sensitive = true
+}