# DNS Configuration for vrije.cloud using hcloud provider # The zone already exists in Hetzner Console, so we reference it as a data source # Reference the existing DNS zone data "hcloud_zone" "main" { name = var.base_domain } # A Records for client servers with public IPs (e.g., test.vrije.cloud -> 78.47.191.38) # Clients without public IPs (behind edge proxy) point to edge server instead resource "hcloud_zone_rrset" "client_a" { for_each = var.clients zone = data.hcloud_zone.main.name name = each.value.subdomain type = "A" ttl = 300 records = [ { value = lookup(each.value, "public_ip_enabled", true) ? hcloud_server.client[each.key].ipv4_address : hcloud_server.edge.ipv4_address comment = lookup(each.value, "public_ip_enabled", true) ? "Client ${each.key} server" : "Client ${each.key} via edge proxy" } ] } # Wildcard A record for each client (e.g., *.test.vrije.cloud for zitadel.test.vrije.cloud) resource "hcloud_zone_rrset" "client_wildcard" { for_each = var.clients zone = data.hcloud_zone.main.name name = "*.${each.value.subdomain}" type = "A" ttl = 300 records = [ { value = lookup(each.value, "public_ip_enabled", true) ? hcloud_server.client[each.key].ipv4_address : hcloud_server.edge.ipv4_address comment = lookup(each.value, "public_ip_enabled", true) ? "Wildcard for ${each.key} subdomains" : "Wildcard for ${each.key} via edge proxy" } ] } # AAAA Records for IPv6 (only for servers with public IPs) resource "hcloud_zone_rrset" "client_aaaa" { for_each = { for k, v in var.clients : k => v if lookup(v, "public_ip_enabled", true) } zone = data.hcloud_zone.main.name name = each.value.subdomain type = "AAAA" ttl = 300 records = [ { value = hcloud_server.client[each.key].ipv6_address comment = "Client ${each.key} server IPv6" } ] } # Static A record for monitoring server (status.vrije.cloud -> external monitoring server) resource "hcloud_zone_rrset" "monitoring" { zone = data.hcloud_zone.main.name name = "status" type = "A" ttl = 300 records = [ { value = "94.130.231.155" comment = "Uptime Kuma monitoring server" } ] }