whatnow.site/tofu/main.tf

terraform {
  required_providers {
    linode = {
      source = "linode/linode"
    }
    porkbun = {
      source = "kyswtn/porkbun"
      version = "0.1.3"
    }
  }
}

variable "linode_root_password" {}
variable "linode_username" {}
variable "linode_user_password" {}

provider "linode" {
  token = var.linode_token
}

provider "porkbun" {
  api_key = var.porkbun_api_key
  secret_api_key = var.porkbun_secret_api_key
}

variable "linode_token" {
  description = "Linode API token"
  sensitive = true
}

variable "porkbun_api_key" {
  description = "Porkbun API key"
}

variable "porkbun_secret_api_key" {
  description = "Porkbun API secret"
  sensitive = true
}

resource "linode_sshkey" "key" {
  label = "act_runner"
  ssh_key = chomp(file("act_runner.pub"))
}

resource "linode_instance" "wn_lin_deb_use_01" {
  label = "wn-lin-deb-use-01"
  type = "g6-nanode-1"
  region = "us-east"
  image = "linode/debian11"
  root_pass = var.linode_root_password

  tags = ["tofu"]

  // connection {
  //   host = linode_instance.wn_lin_deb_use_01.ip_address
  //   user = "root"
  //   password = var.linode_root_password
  // }

  // provisioner "remote-exec" {
  //   inline = [
  //     // Set hostname
  //     "hostnamectl set-hostname wn-lin-deb-use-01.whatnow.site",
  //     // Create required groups
  //     "groupadd ssh",
  //     "groupadd sudo",
  //     "useradd -m -G ssh,sudo -s /usr/bin/bash act_runner",
  //     "usermod -aG ssh ${var.linode_username}",
  //     "echo \"${chomp(file("act_runner.pub"))} >> /home/act_username/.ssh/authorized_keys",
  //   ]
  // }
}

resource "porkbun_dns_record" "whatnowsite" {
  domain = "whatnow.site"
  type = "A"
  content = linode_instance.wn_lin_deb_use_01.ip_address
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "www" {
  domain = "whatnow.site"
  type = "CNAME"
  name = "www"
  priority = 0
  content = "whatnow.site"
  ttl = 600
  notes = "Redirect www.whatnow.site to whatnow.site"
}

resource "porkbun_dns_record" "protonverification" {
  domain = "whatnow.site"
  type = "TXT"
  content = "protonmail-verification=a498c4f361abb4493f3734f6c4d5fdb91cc2edeb"
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "protonmx10" {
  domain = "whatnow.site"
  type = "MX"
  content = "mail.protonmail.ch"
  priority = 10
  ttl = 600
}

resource "porkbun_dns_record" "protonmx20" {
  domain = "whatnow.site"
  type = "MX"
  content = "mailsec.protonmail.ch"
  priority = 20
  ttl = 600
}

resource "porkbun_dns_record" "spf" {
  domain = "whatnow.site"
  type = "TXT"
  content = "v=spf1 include:_spf.protonmail.ch -all"
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "protondkim1" {
  domain = "whatnow.site"
  type = "CNAME"
  name = "protonmail._domainkey"
  content = "protonmail.domainkey.d3rb67w6crkvj3orrugsd3np7l3huitnpx4gj5uri636jans5er3a.domains.proton.ch."
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "protondkim2" {
  domain = "whatnow.site"
  type = "CNAME"
  name = "protonmail2._domainkey"
  content = "protonmail2.domainkey.d3rb67w6crkvj3orrugsd3np7l3huitnpx4gj5uri636jans5er3a.domains.proton.ch."
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "protondkim3" {
  domain = "whatnow.site"
  type = "CNAME"
  name = "protonmail3._domainkey"
  content = "protonmail3.domainkey.d3rb67w6crkvj3orrugsd3np7l3huitnpx4gj5uri636jans5er3a.domains.proton.ch."
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "dmarc" {
  domain = "whatnow.site"
  type = "TXT"
  name = "_dmarc"
  content = "v=DMARC1; p=reject; aspf=s; adkim=s; fo=1; ri=86400"
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "caa_issue" {
  domain = "whatnow.site"
  type = "CAA"
  priority = 0
  content = "0 issue letsencrypt.org"
  ttl = 600
}

resource "porkbun_dns_record" "caa_issuewild" {
  domain = "whatnow.site"
  type = "CAA"
  content = "0 issuewild letsencrypt.org"
  priority = 0
  ttl = 600
}

resource "porkbun_dns_record" "caa_iodef" {
  domain = "whatnow.site"
  type = "CAA"
  content = "0 iodef mailto:info@whatnow.site"
  priority = 0
  ttl = 600
}