terraform { required_providers { linode = { source = "linode/linode" } porkbun = { source = "kyswtn/porkbun" version = "0.1.3" } } } variable "linode_root_password" {} variable "linode_username" {} variable "linode_user_password" {} provider "linode" { token = var.linode_token } provider "porkbun" { api_key = var.porkbun_api_key secret_api_key = var.porkbun_secret_api_key } variable "linode_token" { description = "Linode API token" sensitive = true } variable "porkbun_api_key" { description = "Porkbun API key" } variable "porkbun_secret_api_key" { description = "Porkbun API secret" sensitive = true } resource "linode_sshkey" "key" { label = "act_runner" ssh_key = chomp(file("act_runner.pub")) } resource "linode_instance" "wn_lin_deb_use_01" { label = "wn-lin-deb-use-01" type = "g6-nanode-1" region = "us-east" image = "linode/debian11" root_pass = var.linode_root_password tags = ["tofu"] // connection { // host = linode_instance.wn_lin_deb_use_01.ip_address // user = "root" // password = var.linode_root_password // } // provisioner "remote-exec" { // inline = [ // // Set hostname // "hostnamectl set-hostname wn-lin-deb-use-01.whatnow.site", // // Create required groups // "groupadd ssh", // "groupadd sudo", // "useradd -m -G ssh,sudo -s /usr/bin/bash act_runner", // "usermod -aG ssh ${var.linode_username}", // "echo \"${chomp(file("act_runner.pub"))} >> /home/act_username/.ssh/authorized_keys", // ] // } } resource "porkbun_dns_record" "whatnowsite" { domain = "whatnow.site" type = "A" content = linode_instance.wn_lin_deb_use_01.ip_address priority = 0 ttl = 600 } resource "porkbun_dns_record" "www" { domain = "whatnow.site" type = "CNAME" name = "www" priority = 0 content = "whatnow.site" ttl = 600 notes = "Redirect www.whatnow.site to whatnow.site" } resource "porkbun_dns_record" "protonverification" { domain = "whatnow.site" type = "TXT" content = "protonmail-verification=a498c4f361abb4493f3734f6c4d5fdb91cc2edeb" priority = 0 ttl = 600 } resource "porkbun_dns_record" "protonmx10" { domain = "whatnow.site" type = "MX" content = "mail.protonmail.ch" priority = 10 ttl = 600 } resource "porkbun_dns_record" "protonmx20" { domain = "whatnow.site" type = "MX" content = "mailsec.protonmail.ch" priority = 20 ttl = 600 } resource "porkbun_dns_record" "spf" { domain = "whatnow.site" type = "TXT" content = "v=spf1 include:_spf.protonmail.ch -all" priority = 0 ttl = 600 } resource "porkbun_dns_record" "protondkim1" { domain = "whatnow.site" type = "CNAME" name = "protonmail._domainkey" content = "protonmail.domainkey.d3rb67w6crkvj3orrugsd3np7l3huitnpx4gj5uri636jans5er3a.domains.proton.ch." priority = 0 ttl = 600 } resource "porkbun_dns_record" "protondkim2" { domain = "whatnow.site" type = "CNAME" name = "protonmail2._domainkey" content = "protonmail2.domainkey.d3rb67w6crkvj3orrugsd3np7l3huitnpx4gj5uri636jans5er3a.domains.proton.ch." priority = 0 ttl = 600 } resource "porkbun_dns_record" "protondkim3" { domain = "whatnow.site" type = "CNAME" name = "protonmail3._domainkey" content = "protonmail3.domainkey.d3rb67w6crkvj3orrugsd3np7l3huitnpx4gj5uri636jans5er3a.domains.proton.ch." priority = 0 ttl = 600 } resource "porkbun_dns_record" "dmarc" { domain = "whatnow.site" type = "TXT" name = "_dmarc" content = "v=DMARC1; p=reject; aspf=s; adkim=s; fo=1; ri=86400" priority = 0 ttl = 600 } resource "porkbun_dns_record" "caa_issue" { domain = "whatnow.site" type = "CAA" priority = 0 content = "0 issue letsencrypt.org" ttl = 600 } resource "porkbun_dns_record" "caa_issuewild" { domain = "whatnow.site" type = "CAA" content = "0 issuewild letsencrypt.org" priority = 0 ttl = 600 } resource "porkbun_dns_record" "caa_iodef" { domain = "whatnow.site" type = "CAA" content = "0 iodef mailto:info@whatnow.site" priority = 0 ttl = 600 }