refactor(ops/glesys): add explicit records pointing to whitby

instead of setting a wildcard record (which causes really weird behaviour if you set your search domain to tvl.su/tvl.fyi, which I do), DNS records for services running on whitby are now set explicitly. Change-Id: Ia05399b62dad326942fe0efda30782ce153df99d Reviewed-on: https://cl.tvl.fyi/c/depot/+/5961 Tested-by: BuildkiteCI Autosubmit: tazjin <tazjin@tvl.su> Reviewed-by: tazjin <tazjin@tvl.su>
2022-07-19 16:57:12 +03:00 · 2022-07-19 16:57:12 +03:00 · 7d3d3b3c8f
commit 7d3d3b3c8f
parent 1edba49adb
3 changed files with 33 additions and 14 deletions
--- a/ops/glesys/dns-tvl-fyi.tf
+++ b/ops/glesys/dns-tvl-fyi.tf
@ -53,13 +53,13 @@ resource "glesys_dnsdomain_record" "tvl_fyi_whitby_AAAA" {
  data   = var.whitby_ipv6
 }

-# This record is responsible for hosting ~all TVL services. Be
-# mindful!
-resource "glesys_dnsdomain_record" "tvl_fyi_wildcard" {
-  domain = glesys_dnsdomain.tvl_fyi.id
-  host   = "*"
-  type   = "CNAME"
-  data   = "whitby.tvl.fyi."
+# Explicit records for all services running on whitby
+resource "glesys_dnsdomain_record" "tvl_fyi_whitby_services" {
+  domain   = glesys_dnsdomain.tvl_fyi.id
+  type     = "CNAME"
+  data     = "whitby.tvl.fyi."
+  host     = each.key
+  for_each = toset(local.whitby_services)
 }

 # Google Domains mail forwarding configuration (no sending)