Destroy 2023 DNS records

[strugee]

No description provided.

[github-actions]

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Show Plan

terraform
openstack_compute_instance_v2.mailu: Refreshing state... [id=da7e224f-b0d4-4c22-b87a-0e2dc093a538]
module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none]
aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT]
aws_route53_record.jitsi-2023: Refreshing state... [id=Z0173878287JIU5M4KB8R_meet.seagl.org_A]
aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT]
aws_route53_record.matrix-2023-ephemeral-delegation-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_2023.seagl.org_A]
aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV]
aws_route53_record.matrix-2023-ephemeral-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_matrix.2023.seagl.org_A]
aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV]
aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A]
aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT]
aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME]
aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME]
aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A]
aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT]
aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA]
aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org]
aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org]
aws_s3_bucket.state: Refreshing state... [id=seagl-terraform]
aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME]
aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT]
data.aws_vpc.vpc: Reading...
aws_ses_email_identity.email: Refreshing state... [[email protected]]
module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS]
module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem]
aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME]
aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT]
aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX]
aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30]
aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org]
module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66]
aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME]
aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME]
aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME]
data.aws_vpc.vpc: Read complete after 1s [id=vpc-231ecb46]
module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a]
module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem]
module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969]
module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500]
aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform]
aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  - destroy
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # aws_route53_record.jitsi-2023 will be destroyed
  # (because aws_route53_record.jitsi-2023 is not in configuration)
  - resource "aws_route53_record" "jitsi-2023" {
      - fqdn    = "meet.seagl.org" -> null
      - id      = "Z0173878287JIU5M4KB8R_meet.seagl.org_A" -> null
      - name    = "meet.seagl.org" -> null
      - records = [
          - "146.190.2.208",
        ] -> null
      - ttl     = 300 -> null
      - type    = "A" -> null
      - zone_id = "Z0173878287JIU5M4KB8R" -> null
    }

  # aws_route53_record.matrix-2023-ephemeral-a will be destroyed
  # (because aws_route53_record.matrix-2023-ephemeral-a is not in configuration)
  - resource "aws_route53_record" "matrix-2023-ephemeral-a" {
      - fqdn    = "matrix.2023.seagl.org" -> null
      - id      = "Z0173878287JIU5M4KB8R_matrix.2023.seagl.org_A" -> null
      - name    = "matrix.2023.seagl.org" -> null
      - records = [
          - "140.211.167.238",
        ] -> null
      - ttl     = 300 -> null
      - type    = "A" -> null
      - zone_id = "Z0173878287JIU5M4KB8R" -> null
    }

  # aws_route53_record.matrix-2023-ephemeral-delegation-a will be destroyed
  # (because aws_route53_record.matrix-2023-ephemeral-delegation-a is not in configuration)
  - resource "aws_route53_record" "matrix-2023-ephemeral-delegation-a" {
      - fqdn    = "2023.seagl.org" -> null
      - id      = "Z0173878287JIU5M4KB8R_2023.seagl.org_A" -> null
      - name    = "2023.seagl.org" -> null
      - records = [] -> null
      - ttl     = 0 -> null
      - type    = "A" -> null
      - zone_id = "Z0173878287JIU5M4KB8R" -> null

      - alias {
          - evaluate_target_health = false -> null
          - name                   = "d34bgs5yccfcw9.cloudfront.net" -> null
          - zone_id                = "Z2FDTNDATAQYW2" -> null
        }
    }

  # openstack_compute_instance_v2.mailu is tainted, so must be replaced
-/+ resource "openstack_compute_instance_v2" "mailu" {
      + access_ip_v4        = (known after apply)
      + access_ip_v6        = (known after apply)
      ~ all_metadata        = {} -> (known after apply)
      ~ all_tags            = [] -> (known after apply)
      + availability_zone   = (known after apply)
      ~ created             = "2023-11-03 02:36:43 +0000 UTC" -> (known after apply)
      ~ flavor_id           = "952b0e9a-6ded-46c4-9704-ce6745e9f2c1" -> (known after apply)
      ~ id                  = "da7e224f-b0d4-4c22-b87a-0e2dc093a538" -> (known after apply)
      ~ image_id            = "Attempt to boot from volume - no image supplied" -> (known after apply)
      + image_name          = (known after apply)
        name                = "mailu"
      ~ power_state         = "error" -> "active"
      ~ region              = "RegionOne" -> (known after apply)
      ~ security_groups     = [
          + "mailu",
        ]
      - tags                = [] -> null
      ~ updated             = "2023-11-03 02:37:27 +0000 UTC" -> (known after apply)
        # (4 unchanged attributes hidden)

      ~ block_device {
          - boot_index            = 0 -> null
            # (5 unchanged attributes hidden)
        }

      + network {
          + access_network = false
          + fixed_ip_v4    = "140.211.167.146"
          + fixed_ip_v6    = (known after apply)
          + floating_ip    = (known after apply)
          + mac            = (known after apply)
          + name           = "general_servers2"
          + port           = (known after apply)
          + uuid           = (known after apply)
        }
    }

Plan: 1 to add, 0 to change, 4 to destroy.

Warning: Argument is deprecated

  with aws_s3_bucket.state,
  on s3.tf line 1, in resource "aws_s3_bucket" "state":
   1: resource "aws_s3_bucket" "state" {

Use the aws_s3_bucket_versioning resource instead

(and 3 more similar warnings elsewhere)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pushed by: @strugee, Action: pull_request

[AndrewKvalheim]

I’d skimmed this yesterday and the DNS changes look good but I don’t understand what’s going on with Mailu:

openstack_compute_instance_v2.mailu is tainted, so must be replaced

[strugee]

Buggy OSUOSL OpenStack config that causes the instance to constantly fail to fully provision, causing recreation cycles