github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(infra): Add CAA record for trust.firezone.dev (#6668)

Browse Source 
Why:

* `trust.firezone.dev` is actually being hosted by `trust.oneleet.com`
which means Oneleet needs to issue the cert for `trust.firezone.dev` and
can't use the Google CA used for the rest of `firezone.dev`.

Closes #6661
This commit is contained in:
Brian Manifold
2024-09-11 12:02:21 -04:00
committed by GitHub
parent b657c18f18
commit 319a185af2
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
terraform/environments/production/dns.tf
View File

@@ -155,6 +155,19 @@ resource "google_dns_record_set" "google-dkim" {
# Oneleet Trust page
resource "google_dns_record_set" "trust-dns-caa" {
project = module.google-cloud-project.project.project_id
managed_zone = module.google-cloud-dns.zone_name
type = "CAA"
name = "trust.${module.google-cloud-dns.dns_name}"
rrdatas = [
"0 issue \"letsencrypt.org\"",
"0 iodef \"mailto:security@firezone.dev\""
]
ttl = 3600
}
resource "google_dns_record_set" "oneleet-trust" {
project = module.google-cloud-project.project.project_id
managed_zone = module.google-cloud-dns.zone_name