blob: 200289603d0c7d17ba29e5875ddce6859b5a046f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
|
{lib, ...}: let
mkRecord = name: {
value,
type,
...
} @ args:
{
name = args.name or name;
zone_id = lib.tfRef "var.zone_id";
inherit value type;
}
// lib.optionalAttrs (type != "TXT") {proxied = true;};
atlas_tunnel = lib.tfRef "data.cloudflare_tunnel.atlas-nginx.id" + ".cfargotunnel.com";
in {
resource.cloudflare_record = builtins.mapAttrs mkRecord {
website = {
name = "@";
value = "website-86j.pages.dev";
type = "CNAME";
};
www = {
value = "mydadleft.me";
type = "CNAME";
};
api = {
value = atlas_tunnel;
type = "CNAME";
};
miniflux = {
value = atlas_tunnel;
type = "CNAME";
};
msix = {
value = atlas_tunnel;
type = "CNAME";
};
# prevent email spoofing
dmarc = {
name = "_dmarc";
value = "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;";
type = "TXT";
};
domainkey = {
name = "*._domainkey";
value = "v=DKIM1; p=";
type = "TXT";
};
email = {
name = "mydadleft.me";
value = "v=spf1 -all";
type = "TXT";
};
};
}
|
