From 2ca11ef3049e8a839dcc1220715458bbb094fe85 Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Wed, 5 Feb 2020 23:12:19 +0000 Subject: [PATCH 1/7] Abstract the DNS provider using a submodule See https://www.terraform.io/docs/modules/composition.html#multi-cloud-abstractions. --- modules/ovh-dns/dns-records.tf | 25 +++++++++++++++++++ modules/ovh-dns/main.tf | 9 +++++++ modules/ovh-dns/outputs.tf | 4 +++ modules/ovh-dns/providers.tf | 7 ++++++ modules/ovh-dns/variables.tf | 45 ++++++++++++++++++++++++++++++++++ 5 files changed, 90 insertions(+) create mode 100644 modules/ovh-dns/dns-records.tf create mode 100644 modules/ovh-dns/main.tf create mode 100644 modules/ovh-dns/outputs.tf create mode 100644 modules/ovh-dns/providers.tf create mode 100644 modules/ovh-dns/variables.tf diff --git a/modules/ovh-dns/dns-records.tf b/modules/ovh-dns/dns-records.tf new file mode 100644 index 0000000..858914d --- /dev/null +++ b/modules/ovh-dns/dns-records.tf @@ -0,0 +1,25 @@ +locals { + records = flatten([ + for record in var.records : [ + for target in record.targets : { + name = record.name + type = record.type + ttl = record.ttl + target = target + } + ] + ]) +} + +resource "ovh_domain_zone_record" "this" { + for_each = { + for record in local.records : + "${record.name}_${record.type}_${record.target}" => record + } + + zone = var.zone + subdomain = each.value.name + fieldtype = each.value.type + ttl = each.value.ttl + target = each.value.target +} diff --git a/modules/ovh-dns/main.tf b/modules/ovh-dns/main.tf new file mode 100644 index 0000000..cef2a7d --- /dev/null +++ b/modules/ovh-dns/main.tf @@ -0,0 +1,9 @@ +# https://www.terraform.io/docs/configuration/terraform.html#terraform-block-syntax. +terraform { + required_version = ">= 0.12.0" + + required_providers { + # https://www.terraform.io/docs/providers/ovh/. + ovh = "~> 0.6" + } +} diff --git a/modules/ovh-dns/outputs.tf b/modules/ovh-dns/outputs.tf new file mode 100644 index 0000000..78d5969 --- /dev/null +++ b/modules/ovh-dns/outputs.tf @@ -0,0 +1,4 @@ +output "records" { + description = "DNS records" + value = ovh_domain_zone_record.this +} diff --git a/modules/ovh-dns/providers.tf b/modules/ovh-dns/providers.tf new file mode 100644 index 0000000..ae8f1ae --- /dev/null +++ b/modules/ovh-dns/providers.tf @@ -0,0 +1,7 @@ +# https://www.terraform.io/docs/providers/ovh/. +provider "ovh" { + endpoint = var.ovh_endpoint + application_key = var.ovh_application_key + application_secret = var.ovh_application_secret + consumer_key = var.ovh_consumer_key +} diff --git a/modules/ovh-dns/variables.tf b/modules/ovh-dns/variables.tf new file mode 100644 index 0000000..22ec638 --- /dev/null +++ b/modules/ovh-dns/variables.tf @@ -0,0 +1,45 @@ +# ---------------------------------------- +# Required Variables +# ---------------------------------------- + +variable "ovh_endpoint" { + description = "Specify which API endpoint to use" + type = string +} + +variable "zone" { + description = "The domain to add the records to" + type = string +} + +variable "records" { + description = "DNS records" + type = set(object({ + name = string + type = string + ttl = number + targets = list(string) + })) +} + +# ---------------------------------------- +# Optional Variables +# ---------------------------------------- + +variable "ovh_application_key" { + description = "The OVH API application key" + type = string + default = null +} + +variable "ovh_application_secret" { + description = "The OVH API application secret" + type = string + default = null +} + +variable "ovh_consumer_key" { + description = "The OVH API consumer key" + type = string + default = null +} From d2a69fd6e7926565a5949301f0740ba5ec57977b Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Thu, 6 Feb 2020 09:22:11 +0000 Subject: [PATCH 2/7] Instantiate the 'ovh-dns' submodule --- README.md | 18 ++++++++++++++++++ dns-records.tf | 27 +++++++++++++++++++++++++++ outputs.tf | 4 ++++ variables.tf | 30 ++++++++++++++++++++++++++++++ 4 files changed, 79 insertions(+) create mode 100644 dns-records.tf diff --git a/README.md b/README.md index 1b75a73..4766d00 100644 --- a/README.md +++ b/README.md @@ -5,6 +5,24 @@ Template of a minimal Terraform module. This module follows the [standard structure][standard-module-structure] described in the [Terraform documentation][terraform-docs]. +## Providers + +No provider. + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:-----:| +| ovh\_application\_key | The OVH API application key | `string` | n/a | yes | +| ovh\_application\_secret | The OVH API application secret | `string` | n/a | yes | +| ovh\_consumer\_key | The OVH API consumer key | `string` | n/a | yes | +| ovh\_endpoint | Specify which API endpoint to use | `string` | n/a | yes | + +## Outputs + +| Name | Description | +|------|-------------| +| records | DNS records | diff --git a/dns-records.tf b/dns-records.tf new file mode 100644 index 0000000..af8fb3d --- /dev/null +++ b/dns-records.tf @@ -0,0 +1,27 @@ +locals { + zone = "zerowastesgp.fr" + + dns_records = [ + { + name = "" + type = "NS" + ttl = 0, + targets = [ + "dns100.ovh.net.", + "ns100.ovh.net.", + ] + }, + ] +} + +module "dns_records" { + source = "./modules/ovh-dns" + + ovh_application_key = var.ovh_application_key + ovh_application_secret = var.ovh_application_secret + ovh_consumer_key = var.ovh_consumer_key + ovh_endpoint = var.ovh_endpoint + + zone = local.zone + records = local.dns_records +} diff --git a/outputs.tf b/outputs.tf index e69de29..54a59a7 100644 --- a/outputs.tf +++ b/outputs.tf @@ -0,0 +1,4 @@ +output "records" { + description = "DNS records" + value = module.dns_records.records +} diff --git a/variables.tf b/variables.tf index e69de29..e0f4260 100644 --- a/variables.tf +++ b/variables.tf @@ -0,0 +1,30 @@ +# ---------------------------------------- +# Required Variables +# ---------------------------------------- + +variable "ovh_endpoint" { + description = "Specify which API endpoint to use" + type = string +} + +# ---------------------------------------- +# Optional Variables +# ---------------------------------------- + +variable "ovh_application_key" { + description = "The OVH API application key" + type = string + default = null +} + +variable "ovh_application_secret" { + description = "The OVH API application secret" + type = string + default = null +} + +variable "ovh_consumer_key" { + description = "The OVH API consumer key" + type = string + default = null +} From 2feebde5dd4295cf6499512a35c3faa6e0eec1e2 Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Thu, 6 Feb 2020 12:47:21 +0000 Subject: [PATCH 3/7] Add 'remote' backend (Terraform Cloud) --- main.tf | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/main.tf b/main.tf index e03d2e9..d91cb62 100644 --- a/main.tf +++ b/main.tf @@ -4,4 +4,14 @@ terraform { required_providers { } + + # https://www.terraform.io/docs/backends/types/remote.html. + backend "remote" { + hostname = "app.terraform.io" + organization = "zerowastesgp" + + workspaces { + name = "tf-dns-zerowastesgp-fr" + } + } } From 6319e1dcd3882208ccbbb821dca9af5d6ae3a540 Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Thu, 6 Feb 2020 21:36:22 +0000 Subject: [PATCH 4/7] Import existing DNS records --- dns-records.tf | 128 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 128 insertions(+) diff --git a/dns-records.tf b/dns-records.tf index af8fb3d..5ab9d99 100644 --- a/dns-records.tf +++ b/dns-records.tf @@ -11,6 +11,134 @@ locals { "ns100.ovh.net.", ] }, + { + name = "" + type = "MX" + ttl = 0, + targets = [ + "1 redirect.ovh.net.", + ] + }, + { + name = "" + type = "A" + ttl = 0, + targets = [ + "213.186.33.5", + ] + }, + { + name = "" + type = "TXT" + ttl = 0, + targets = [ + "\"1|www.zerowastesgp.fr\"", + ] + }, + { + name = "" + type = "SPF" + ttl = 600, + targets = [ + "\"v=spf1 include:mx.ovh.com ~all\"", + ] + }, + { + name = "autoconfig" + type = "CNAME" + ttl = 0, + targets = [ + "mailconfig.ovh.net.", + ] + }, + { + name = "autodiscover" + type = "CNAME" + ttl = 0, + targets = [ + "mailconfig.ovh.net.", + ] + }, + { + name = "_autodiscover._tcp" + type = "SRV" + ttl = 0, + targets = [ + "0 0 443 mailconfig.ovh.net.", + ] + }, + { + name = "imap" + type = "CNAME" + ttl = 0, + targets = [ + "ssl0.ovh.net.", + ] + }, + { + name = "_imaps._tcp" + type = "SRV" + ttl = 0, + targets = [ + "0 0 993 ssl0.ovh.net.", + ] + }, + { + name = "mail" + type = "CNAME" + ttl = 0, + targets = [ + "ssl0.ovh.net.", + ] + }, + { + name = "pop3" + type = "CNAME" + ttl = 0, + targets = [ + "ssl0.ovh.net.", + ] + }, + { + name = "smtp" + type = "CNAME" + ttl = 0, + targets = [ + "ssl0.ovh.net.", + ] + }, + { + name = "_submission._tcp" + type = "SRV" + ttl = 0, + targets = [ + "0 0 465 ssl0.ovh.net.", + ] + }, + { + name = "www" + type = "TXT" + ttl = 0, + targets = [ + "\"3|welcome\"", + ] + }, + { + name = "www" + type = "TXT" + ttl = 0, + targets = [ + "\"l|fr\"", + ] + }, + { + name = "www" + type = "CNAME" + ttl = 0, + targets = [ + "zerowastesgp.fr.", + ] + }, ] } From c9317ca7b9fdc6a7f9f82d718304dcb37f34fada Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Thu, 6 Feb 2020 22:16:35 +0000 Subject: [PATCH 5/7] Change the license to Apache 2.0 --- LICENSE | 225 ++++++++++++++++++++++++++++++++++++++++++++++++++------ NOTICE | 2 + 2 files changed, 203 insertions(+), 24 deletions(-) create mode 100644 NOTICE diff --git a/LICENSE b/LICENSE index 68a49da..261eeb9 100644 --- a/LICENSE +++ b/LICENSE @@ -1,24 +1,201 @@ -This is free and unencumbered software released into the public domain. - -Anyone is free to copy, modify, publish, use, compile, sell, or -distribute this software, either in source code form or as a compiled -binary, for any purpose, commercial or non-commercial, and by any -means. - -In jurisdictions that recognize copyright laws, the author or authors -of this software dedicate any and all copyright interest in the -software to the public domain. We make this dedication for the benefit -of the public at large and to the detriment of our heirs and -successors. We intend this dedication to be an overt act of -relinquishment in perpetuity of all present and future rights to this -software under copyright law. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. -IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR -OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, -ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR -OTHER DEALINGS IN THE SOFTWARE. - -For more information, please refer to + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/NOTICE b/NOTICE new file mode 100644 index 0000000..2f396a7 --- /dev/null +++ b/NOTICE @@ -0,0 +1,2 @@ +tf-dns-zerowastesgp-fr +Copyright 2020 Zero Waste Sud Grand Paris From 5d5f60241ff590a62aaa2b4444b859b9036e661e Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Thu, 6 Feb 2020 22:17:17 +0000 Subject: [PATCH 6/7] Add changelog --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..bd4bedb --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,3 @@ +## v0.1.0 - Feb 6, 2020 + +First pre-release. From 3eded87350322ef25a66a427633d84dfa5d4e09e Mon Sep 17 00:00:00 2001 From: Paul-Emmanuel Raoul Date: Thu, 6 Feb 2020 22:25:03 +0000 Subject: [PATCH 7/7] Update title and description in readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 4766d00..ed442d9 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# Terraform Module Template +# Terraform DNS zone - zerowastesgp.fr -Template of a minimal Terraform module. +Terraform module for managing the `zerowastesgp.fr` DNS zone. This module follows the [standard structure][standard-module-structure] described in the [Terraform documentation][terraform-docs].