github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 10:18:54 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d9eb2d18df496b59d16f2f48556df83a45b71abc
firezone/terraform/modules/google-cloud-dns/main.tf
Andrew Dryga d9eb2d18df Deployment for the cloud version (#1638) 
TODO:
- [x] Cluster formation for all API and web nodes
- [x] Injest Docker logs to Stackdriver
- [x] Fix assets building for prod

To finish later:
- [ ] Structured logging:
https://issuetracker.google.com/issues/285950891
- [ ] Better networking policy (eg. use public postmark ranges and deny
all unwanted egress)
- [ ] OpenTelemetry collector for Google Stackdriver
- [ ] LoggerJSON.Plug integration

---------

Signed-off-by: Andrew Dryga <andrew@dryga.com>
Co-authored-by: Jamil <jamilbk@users.noreply.github.com>
2023-06-06 15:03:26 -06:00

49 lines
940 B
HCL
Raw Blame History

resource "google_project_service" "dns" {
project = var.project_id
service = "dns.googleapis.com"
disable_on_destroy = false
}
resource "google_dns_managed_zone" "main" {
project = var.project_id
name = join("-", compact(split(".", var.tld)))
dns_name = "${var.tld}."
labels = {
managed = true
managed_by = "terraform"
}
dnssec_config {
kind = "dns#managedZoneDnsSecConfig"
non_existence = "nsec3"
state = var.dnssec_enabled ? "on" : "off"
default_key_specs {
algorithm = "rsasha256"
key_length = 2048
key_type = "keySigning"
kind = "dns#dnsKeySpec"
}
default_key_specs {
algorithm = "rsasha256"
key_length = 1024
key_type = "zoneSigning"
kind = "dns#dnsKeySpec"
}
}
lifecycle {
# prevent_destroy = true
ignore_changes = []
}
depends_on = [
google_project_service.dns
]
}
Reference in New Issue View Git Blame Copy Permalink