summaryrefslogtreecommitdiff
path: root/terraform/dns.tf
diff options
context:
space:
mode:
authorSeth Flynn <[email protected]>2025-02-05 21:43:41 -0500
committerSeth Flynn <[email protected]>2025-02-05 21:43:41 -0500
commit178d5606278b5e4bfcb9e3cb8296c4392850b2a8 (patch)
tree092a8bd770954eaee1a09ef6d7c531a50578fd1f /terraform/dns.tf
parentcf0d0a05cafad24eb36102cfed68e51cc0c9b445 (diff)
terraform: proxy dns records by default
Diffstat (limited to 'terraform/dns.tf')
-rw-r--r--terraform/dns.tf10
1 files changed, 6 insertions, 4 deletions
diff --git a/terraform/dns.tf b/terraform/dns.tf
index dbecdac..cd914bf 100644
--- a/terraform/dns.tf
+++ b/terraform/dns.tf
@@ -5,17 +5,17 @@ locals {
{
name = "_dmarc"
type = "TXT"
- content = "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;"
+ content = "'v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;'"
},
{
name = "*._domainkey"
type = "TXT"
- content = "v=DKIM1; p="
+ content = "'v=DKIM1; p='"
},
{
name = "@"
type = "TXT"
- content = "v=spf1 -all"
+ content = "'v=spf1 -all'"
}
]
@@ -57,7 +57,7 @@ locals {
},
{
name = "@"
- content = "$argon2id$v=19$m=512,t=256,p=1$AlA6W5fP7J14zMsw0W5KFQ$EQz/NCE0/TQpE64r2Eo/yOpjtMZ9WXevHsv3YYP7CXg"
+ content = "'$argon2id$v=19$m=512,t=256,p=1$AlA6W5fP7J14zMsw0W5KFQ$EQz/NCE0/TQpE64r2Eo/yOpjtMZ9WXevHsv3YYP7CXg'"
type = "TXT"
}
]
@@ -77,6 +77,8 @@ resource "cloudflare_record" "getchoo_com" {
name = each.value.name
type = each.value.type
content = each.value.content
+
+ proxied = lookup(each.value, "proxied", each.value.type != "TXT")
}
resource "cloudflare_record" "dmarc_hardening" {
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 13:51:35 +0000