diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index d7c9c38..f19f50d 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -28,30 +28,6 @@ provider "registry.terraform.io/digitalocean/digitalocean" { ] } -provider "registry.terraform.io/linode/linode" { - version = "1.29.4" - constraints = "1.29.4" - hashes = [ - "h1:5t+Ukc8Lb3rInXrlZ4IeHf5Svgk4TsvVLTjEkkEUSnw=", - "h1:M6/1OYoR8fb/4cMCILgQMGyHypEf3plTzxyivTu3jxo=", - "h1:pdhSuNr3SQWvHHI+C1zF8J8tJetxGJoCQNxgsg1QHQs=", - "zh:06ccda35d968429a1184aaf981c8104394fa1d719de86b718c56d93c27c1fcd6", - "zh:1fb2497917094e77bde90fe6ee781e20cee739142b891391480c1b3376d81dbb", - "zh:27960e9c07e995aad07a9c5ebfd7fe0304fffd4cb159fd215e82932b798c6d55", - "zh:4ed29807c423c77aab1338972aa1ec3cc16c6b14f4c25c86f4427e8a86bfc467", - "zh:7a39103dc0dc8538f5258d3b64db1e6c91335640763bd05da0478e99748a4949", - "zh:95b3e418e6fcb4b826be9b289a834f1b9893977bd330ac418e0285e56a4644c1", - "zh:ac69c992a5cbaaa6ed9bb65206309ab2c71b5eb17740b7a5295532f9840c67fd", - "zh:ae943e8975075cd9664f00a028838566fdf879c772e518b7adcc82e757916a67", - "zh:b3a85a52489bc3777b5e8c4428b8ea42ae8e0f2398077699c1eb99acea931a34", - "zh:c1a2e945f5691ed97b9cf01351dd3a99c2f9871f172bd71ba0c8a810c75740cd", - "zh:ce86a03d73ee3d2ed58c6fe853cd2a9d0974710d94a0aeb4c195a9d1e78a3481", - "zh:d34afbbf848d8b541a068d64fa04ace13c3bd37ad19fd8b0796662f553ca9652", - "zh:e13b4847098d295cd8216eeec55d940cfc4544672fdc89e0048dd067e69b63f8", - "zh:fc62e9f8fc5d37d28aba2077db10355839cae6d7770eaf8711f97877bac046ab", - ] -} - provider "registry.terraform.io/namecheap/namecheap" { version = "2.1.0" constraints = ">= 2.0.0" diff --git a/do_dns.tf b/do_dns.tf index 49311ec..5a797db 100644 --- a/do_dns.tf +++ b/do_dns.tf @@ -207,3 +207,65 @@ resource "digitalocean_record" "evlfctrypro_github_domain_verification" { name = "_github-challenge-evilfactorylabs" value = "877b53fd61" } + +resource "digitalocean_domain" "evilfactorylabs_social" { + name = "evilfactorylabs.social" +} + +resource "digitalocean_record" "evilfactorylabs_social_apex" { + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.a + + name = "@" + value = resource.digitalocean_droplet.evilfactorylabs_social.ipv4_address +} + +resource "digitalocean_record" "evilfactorylabs_social_u" { + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.a + + name = "u" + value = resource.digitalocean_droplet.evilfactorylabs_social.ipv4_address +} + +resource "digitalocean_record" "evilfactorylabs_social_cdn" { + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.cname + + name = "cdn" + value = "evilfactorylabs-social-sgp1-digitaloceanspaces.b-cdn.net." +} + +resource "digitalocean_record" "evilfactorylabs_social_mailgun" { + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.cname + + name = "email.mg" + value = "eu.mailgun.org." +} + +resource "digitalocean_record" "evilfactorylabs_social_mailgun_mx" { + for_each = { for i, v in local.mailgun_mx : i => v } + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.mx + + name = "@" + value = each.value.domain + priority = each.value.priority +} + +resource "digitalocean_record" "evilfactorylabs_social_mailgun_spf" { + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.txt + + name = "mg" + value = "v=spf1 include:mailgun.org ~all" +} + +resource "digitalocean_record" "evilfactorylabs_social_mailgun_dkim" { + domain = digitalocean_domain.evilfactorylabs_social.id + type = local.dns_record.txt + + name = "mta._domainkey.mg" + value = "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrPKiwLlHzORW+15yUzFqA3qaVqs8oCmz69hNOaEx5sAnxpP7GpVvapEB/Bt2LNb1memDHcNfwwc7aUYI7YYUAQtPB8Tmfy1p91skVIdeNpJ3TM8qemKmZ3JIeO/JztzOIwwUjUY8dg7OuoP9zJAK/JU6lcbpdDBHUpSVEYqBsKQIDAQAB" +} diff --git a/do_droplets.tf b/do_droplets.tf index b353a7f..1a27e35 100644 --- a/do_droplets.tf +++ b/do_droplets.tf @@ -4,3 +4,10 @@ resource "digitalocean_droplet" "forem" { region = "sgp1" size = "s-2vcpu-2gb" } + +resource "digitalocean_droplet" "evilfactorylabs_social" { + name = "evilfactorylabs.social" + image = "ubuntu-22-04-x64" + region = "sgp1" + size = "s-2vcpu-4gb" +} diff --git a/linode_dns.tf b/linode_dns.tf deleted file mode 100644 index 5ca0fe5..0000000 --- a/linode_dns.tf +++ /dev/null @@ -1,52 +0,0 @@ -resource "linode_domain" "evilfactorylabs_social" { - domain = "evilfactorylabs.social" - soa_email = "hostmaster@evilfactorylabs.org" - type = "master" -} - -resource "linode_domain_record" "evilfactorylabs_social_apex" { - domain_id = linode_domain.evilfactorylabs_social.id - target = linode_instance.evilfactorylabs_social.ip_address - record_type = local.dns_record.a -} - -resource "linode_domain_record" "evilfactorylabs_social_s3" { - domain_id = linode_domain.evilfactorylabs_social.id - name = "s3" - target = linode_instance.evilfactorylabs_social.ip_address - record_type = local.dns_record.a -} - -resource "linode_domain_record" "evilfactorylabs_social_mailgun_mx" { - for_each = { for i, v in local.mailgun_mx : i => v } - domain_id = linode_domain.evilfactorylabs_social.id - record_type = local.dns_record.mx - - name = trim(each.value.domain, ".") - target = "mg.evilfactorylabs.social" - priority = each.value.priority -} - -resource "linode_domain_record" "evilfactorylabs_social_mailgun_cname" { - domain_id = linode_domain.evilfactorylabs_social.id - record_type = local.dns_record.cname - - name = "email.mg" - target = "eu.mailgun.org" -} - -resource "linode_domain_record" "evilfactorylabs_social_mailgun_spf" { - domain_id = linode_domain.evilfactorylabs_social.id - record_type = local.dns_record.txt - - name = "mg" - target = "v=spf1 include:mailgun.org ~all" -} - -resource "linode_domain_record" "evilfactorylabs_social_mailgun_dkim" { - domain_id = linode_domain.evilfactorylabs_social.id - record_type = local.dns_record.txt - - name = "mta._domainkey.mg" - target = "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrPKiwLlHzORW+15yUzFqA3qaVqs8oCmz69hNOaEx5sAnxpP7GpVvapEB/Bt2LNb1memDHcNfwwc7aUYI7YYUAQtPB8Tmfy1p91skVIdeNpJ3TM8qemKmZ3JIeO/JztzOIwwUjUY8dg7OuoP9zJAK/JU6lcbpdDBHUpSVEYqBsKQIDAQAB" -} diff --git a/linode_firewall.tf b/linode_firewall.tf deleted file mode 100644 index 55cfe2b..0000000 --- a/linode_firewall.tf +++ /dev/null @@ -1,55 +0,0 @@ -resource "linode_firewall" "evilfactorylabs_social" { - inbound_policy = "ACCEPT" - label = linode_instance.evilfactorylabs_social.label - linodes = [ - linode_instance.evilfactorylabs_social.id, - ] - outbound_policy = "ACCEPT" - - inbound { - action = "ACCEPT" - ipv4 = [ - local.allowed_subnets.tailnet, - ] - ipv6 = [] - label = "accept-inbound-SSH" - ports = "22" - protocol = "TCP" - } - inbound { - action = "DROP" - ipv4 = [ - local.allowed_subnets.internet, - ] - ipv6 = [ - "::/0", - ] - label = "drop-inbound-SSH" - ports = "22" - protocol = "TCP" - } - inbound { - action = "ACCEPT" - ipv4 = [ - local.allowed_subnets.internet, - ] - ipv6 = [ - "::/0", - ] - label = "accept-inbound-HTTP" - ports = "80" - protocol = "TCP" - } - inbound { - action = "ACCEPT" - ipv4 = [ - local.allowed_subnets.internet, - ] - ipv6 = [ - "::/0", - ] - label = "accept-inbound-HTTPS" - ports = "443" - protocol = "TCP" - } -} diff --git a/linode_instance.tf b/linode_instance.tf deleted file mode 100644 index c832b67..0000000 --- a/linode_instance.tf +++ /dev/null @@ -1,30 +0,0 @@ -resource "linode_instance" "evilfactorylabs_social" { - label = "evilfactorylabs.social" - region = "ap-south" - type = "g6-standard-1" - - config { - kernel = "linode/grub2" - label = "My Rocky Linux 9 Disk Profile" - root_device = "/dev/sda" - - devices { - sda { - disk_label = "Rocky Linux 9 Disk" - } - - sdb { - disk_label = "512 MB Swap Image" - } - } - } - - disk { - label = "Rocky Linux 9 Disk" - size = 50688 - } - disk { - label = "512 MB Swap Image" - size = 512 - } -} diff --git a/main.tf b/main.tf index d10e6c9..acdc9ef 100644 --- a/main.tf +++ b/main.tf @@ -8,10 +8,6 @@ terraform { source = "namecheap/namecheap" version = ">= 2.0.0" } - linode = { - source = "linode/linode" - version = "1.29.4" - } } cloud { @@ -26,10 +22,6 @@ provider "digitalocean" { token = var.do_token } -provider "linode" { - token = var.linode_token -} - provider "namecheap" { user_name = var.namecheap_username api_user = var.namecheap_api_user diff --git a/outputs.tf b/outputs.tf index 9584d33..8645d1c 100644 --- a/outputs.tf +++ b/outputs.tf @@ -2,6 +2,10 @@ output "evilfactorylabs_forem_ip" { value = resource.digitalocean_droplet.forem.ipv4_address } +output "evilfactorylabs_social_ip" { + value = resource.digitalocean_droplet.evilfactorylabs_social.ipv4_address +} + output "evilfactorylabs_forem_vpc" { value = resource.digitalocean_droplet.forem.vpc_uuid } @@ -14,10 +18,3 @@ output "evilfactorylabs_forem_image_id" { value = resource.digitalocean_droplet.forem.image } -output "evilfactorylabs_social_ip" { - value = resource.linode_instance.evilfactorylabs_social.ip_address -} - -output "evilfactorylabs_social_region" { - value = resource.linode_instance.evilfactorylabs_social.region -} diff --git a/variables.tf b/variables.tf index a066053..c3c6350 100644 --- a/variables.tf +++ b/variables.tf @@ -2,10 +2,6 @@ variable "do_token" { description = "get it from https://cloud.digitalocean.com/account/api/tokens" } -variable "linode_token" { - description = "get it from https://cloud.linode.com/profile/tokens" -} - variable "dns_authoritative_nameservers" { default = ["ns1.digitalocean.com", "ns2.digitalocean.com", "ns3.digitalocean.com"] }