pinpox/infra
1
0
Fork 0
forked from pub-solar/infra
Code Pull requests Activity

Merge pull request 'docs: add how to manage DNS records with terraform' (#79) from docs-terraform-dns into main

Browse source 
Reviewed-on: pub-solar/infra#79
Reviewed-by: Akshay Mankar <axeman@noreply.git.pub.solar>
This commit is contained in:
teutat3s 2023-12-08 15:35:55 +00:00
parent 75e4179f42 21e620a12c
commit ac582d3f6f
Signed by: pub.solar gitea
GPG key ID: F0332B04B7054873
2 changed files with 39 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

41
docs/dns.md
View file

@ -1,17 +1,44 @@
# Changing DNS entries
Our current DNS provider is [namecheap](https://www.namecheap.com/).
We use [Terraform](https://www.terraform.io) to declaratively manage our pub.solar DNS records.
### Initial setup
Change into the terraform directory and initialize the terraform providers.
Skip this step if you already have a `triton` profile setup.
```
triton profile create
```
Please follow https://docs.greenbaum.cloud/en/devops/triton-cli.html for the details.
You will need to setup the following [namecheap API credentials](https://www.namecheap.com/support/api/intro),
look for "namecheap API key" in the pub.solar Keepass database.
```
NAMECHEAP_API_KEY
NAMECHEAP_API_USER
NAMECHEAP_USER_NAME
```
You will probably also need to add your external IP to the [API allow list](https://ap.www.namecheap.com/settings/tools/apiaccess/whitelisted-ips).
```
dig -4 ip @dns.toys
```
Now, change into the terraform directory and initialize the terraform providers.
```
cd terraform
cat ~/.config/triton/profiles.d/lev-1-pub_solar.json | grep keyId
export TRITON_KEY_ID=
export TRITON_KEY_ID=$(cat ~/.config/triton/profiles.d/lev-1-pub_solar.json | jq --raw-output .keyId)
terraform init
```
Make your changes, e.g. in `dns.tf`.
```
$EDITOR dns.tf
```
Plan your changes using:
```
terraform plan -out pub-solar-infra.plan
@ -21,3 +48,11 @@ After verification, apply your changes with:
```
terraform apply "pub-solar-infra.plan"
```
### Useful links
We use the Manta remote backend to save the terraform state for collaboration.
- https://www.terraform.io/language/v1.2.x/settings/backends/manta
Namecheap Terraform provider docs:
- https://registry.terraform.io/providers/namecheap/namecheap/latest/docs

1
flake.nix
View file

@ -72,6 +72,7 @@
treefmt
nixos-generators
inputs.nixpkgs-2205.legacyPackages.${system}.terraform
jq
];
};
};