Add a wildcard record CNAMEing to Dokku #48

strugee · 2024-03-17T23:30:04Z

I didn't test this but assuming it works this means we can create arbitrary Dokku apps without Terraform involvement.

github-actions · 2024-03-17T23:30:36Z

Terraform Format and Style 🖌``

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`

Show Plan


terraform
module.nc-office-vm.openstack_networking_secgroup_v2.main-sg: Refreshing state... [id=4d84c1c5-484b-45a1-a23f-b32d367f41b4]
module.mailu-vm.openstack_networking_secgroup_v2.main-sg: Refreshing state... [id=ca23c054-f7fd-434e-ae5e-529242766ba3]
module.prod_db.random_password.osem_db_master_pass: Refreshing state... [id=none]
module.mailu-vm.openstack_networking_secgroup_rule_v2.icmp4-ingress: Refreshing state... [id=536162a0-b5d8-40f4-a1e5-62327d031c34]
module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv4-egress: Refreshing state... [id=8fa82fbe-3b58-4f1d-beb3-a371cd7006a1]
module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv6-egress: Refreshing state... [id=bc3215ca-0357-4914-877c-93bd69071fb2]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["465"]: Refreshing state... [id=87d006c0-aec4-4ae4-8999-b156e40950e4]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["993"]: Refreshing state... [id=20cea76b-b319-474f-97ed-1f609c5c6e0d]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["587"]: Refreshing state... [id=60dca189-4b69-4838-b9b7-47e25f9822cd]
module.mailu-vm.openstack_compute_instance_v2.instance: Refreshing state... [id=c388c80b-fa29-40fe-ae0b-e93803e87b22]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["25"]: Refreshing state... [id=e44bcd67-f3e4-4399-a243-40f611c305ac]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["143"]: Refreshing state... [id=2643a76b-3fbd-44cc-aebf-58a1e982d69f]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["443"]: Refreshing state... [id=4122edd4-dc37-46dd-8f6e-2e4db2e79dc3]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["110"]: Refreshing state... [id=ea335d3e-b5c9-4606-bd8d-238afafe2210]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["80"]: Refreshing state... [id=4abb1ded-c162-4de8-b90d-6c40a9061c09]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["22"]: Refreshing state... [id=145b0c38-a81b-4d83-ac82-3cf680eced41]
module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["995"]: Refreshing state... [id=05bbe377-1579-4e54-a92f-88b6cca34449]
aws_route53_record.pretalx: Refreshing state... [id=Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME]
data.aws_vpc.vpc: Reading...
aws_route53_record.alias: Refreshing state... [id=Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME]
aws_ses_domain_identity.email_domain_identity: Refreshing state... [id=seagl.org]
aws_s3_bucket.state: Refreshing state... [id=seagl-terraform]
aws_ses_domain_identity.seagl: Refreshing state... [id=seagl.org]
aws_route53_zone.apex: Refreshing state... [id=Z0173878287JIU5M4KB8R]
aws_instance.dokku: Refreshing state... [id=i-02ee81d4bd0860d30]
module.prod_db.aws_db_subnet_group.osem: Refreshing state... [id=osem]
module.prod_db.aws_secretsmanager_secret.osem-db-pass: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS]
aws_ses_email_identity.email: Refreshing state... [[email protected]]
module.nc-office-vm.openstack_networking_secgroup_rule_v2.icmp4-ingress: Refreshing state... [id=2373bb0c-08d7-4d05-9101-8194e7a86b50]
module.nc-office-vm.openstack_networking_secgroup_rule_v2.ipv6-egress: Refreshing state... [id=cb85269b-39fc-4169-8fd2-ba7e360b16e5]
module.nc-office-vm.openstack_compute_instance_v2.instance: Refreshing state... [id=321fae7f-cbe4-4237-a44e-49c748d82dba]
module.nc-office-vm.openstack_networking_secgroup_rule_v2.ipv4-egress: Refreshing state... [id=b4c16127-ae56-48c8-aa65-ca37c49c9c79]
module.nc-office-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["80"]: Refreshing state... [id=5b266c7d-c72b-4395-a8fe-43ed8df1aa6f]
module.nc-office-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["22"]: Refreshing state... [id=b88334fc-505c-4849-824c-11f03eb59e75]
module.nc-office-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress["443"]: Refreshing state... [id=f9de80b9-a92e-4629-96a6-4a896cbf9f9e]
aws_ses_domain_dkim.email_dkim: Refreshing state... [id=seagl.org]
module.prod_db.aws_secretsmanager_secret_version.osem-db-pass-val: Refreshing state... [id=arn:aws:secretsmanager:us-west-2:663166083306:secret:db-pass-osem-5KW1mS|5E8ED816-E9AA-4E8E-A382-2EEE9FC74A66]
data.aws_vpc.vpc: Read complete after 1s [id=vpc-231ecb46]
module.prod_db.aws_security_group.osem_rds_security_group: Refreshing state... [id=sg-006c493d98f3c7f1a]
aws_route53_record.route_53_root_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__TXT]
aws_route53_record.mailu-test-dmarc: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.mail-test.seagl.org_TXT]
aws_route53_record.mailu-test-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail.mail-test.seagl.org_A]
aws_route53_record.mailu-test-autoconfig-cname: Refreshing state... [id=Z0173878287JIU5M4KB8R_autoconfig.mail-test.seagl.org_CNAME]
aws_route53_record.mailu-test-spf: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_TXT]
aws_route53_record.route_53_dmarc_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R__dmarc.seagl.org_TXT]
aws_route53_record.route_53_cloud_txt: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_TXT]
aws_route53_record.email_dkim_records[1]: Refreshing state... [id=Z0173878287JIU5M4KB8R_zjerfwsrr5wpwp5p5klnsrrzp6ralpcp._domainkey.seagl.org_CNAME]
aws_route53_record.email_dkim_records[2]: Refreshing state... [id=Z0173878287JIU5M4KB8R_o7o3tsrrlwgkmmx3a7f5njkrvi75woso._domainkey.seagl.org_CNAME]
aws_route53_record.email_dkim_records[0]: Refreshing state... [id=Z0173878287JIU5M4KB8R_nldzqxeyq5fyslu3tzvj4ltbwbexupuj._domainkey.seagl.org_CNAME]
aws_route53_record.mailu-test-autoconfig-srv["_submissions._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submissions._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_imaps._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imaps._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_pop3._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_pop3s._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__pop3s._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_imap._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__imap._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-autoconfig-srv["_submission._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__submission._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-dkim: Refreshing state... [id=Z0173878287JIU5M4KB8R_dkim._domainkey.mail-test.seagl.org_TXT]
aws_route53_record.mailu-test-autoconfig-srv["_autodiscover._tcp"]: Refreshing state... [id=Z0173878287JIU5M4KB8R__autodiscover._tcp.mail-test.seagl.org_SRV]
aws_route53_record.mailu-test-mx: Refreshing state... [id=Z0173878287JIU5M4KB8R_mail-test.seagl.org_MX]
aws_route53_record.cloud-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_A]
module.mailu-vm.aws_route53_record.dns-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_mailu.host.seagl.org_A]
aws_route53_record.email_dkim_hubspot_records["hs1-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs1-40081384._domainkey.seagl.org_CNAME]
aws_route53_record.email_dkim_hubspot_records["hs2-40081384"]: Refreshing state... [id=Z0173878287JIU5M4KB8R_hs2-40081384._domainkey.seagl.org_CNAME]
aws_route53_record.cloud-aaaa: Refreshing state... [id=Z0173878287JIU5M4KB8R_cloud.seagl.org_AAAA]
module.prod_db.aws_db_instance.osem: Refreshing state... [id=osem]
module.prod_db.aws_security_group_rule.private_in: Refreshing state... [id=sgrule-3182957500]
module.prod_db.aws_security_group_rule.private_out: Refreshing state... [id=sgrule-1612436969]
module.nc-office-vm.aws_route53_record.dns-a: Refreshing state... [id=Z0173878287JIU5M4KB8R_nc-office.host.seagl.org_A]
aws_s3_bucket_versioning.state: Refreshing state... [id=seagl-terraform]
aws_s3_bucket_public_access_block.state: Refreshing state... [id=seagl-terraform]

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create
  - destroy

Terraform will perform the following actions:

  # aws_route53_record.alias will be destroyed
  # (because aws_route53_record.alias is not in configuration)
  - resource "aws_route53_record" "alias" {
      - fqdn    = "alias.seagl.org" -> null
      - id      = "Z0173878287JIU5M4KB8R_alias.seagl.org_CNAME" -> null
      - name    = "alias.seagl.org" -> null
      - records = [
          - "dokku.seagl.org",
        ] -> null
      - ttl     = 300 -> null
      - type    = "CNAME" -> null
      - zone_id = "Z0173878287JIU5M4KB8R" -> null
    }

  # aws_route53_record.dokku_wildcard will be created
  + resource "aws_route53_record" "dokku_wildcard" {
      + allow_overwrite = (known after apply)
      + fqdn            = (known after apply)
      + id              = (known after apply)
      + name            = "*.seagl.org"
      + records         = [
          + "dokku.seagl.org",
        ]
      + ttl             = 300
      + type            = "CNAME"
      + zone_id         = "Z0173878287JIU5M4KB8R"
    }

  # aws_route53_record.pretalx will be destroyed
  # (because aws_route53_record.pretalx is not in configuration)
  - resource "aws_route53_record" "pretalx" {
      - fqdn    = "pretalx.seagl.org" -> null
      - id      = "Z0173878287JIU5M4KB8R_pretalx.seagl.org_CNAME" -> null
      - name    = "pretalx.seagl.org" -> null
      - records = [
          - "dokku.seagl.org",
        ] -> null
      - ttl     = 300 -> null
      - type    = "CNAME" -> null
      - zone_id = "Z0173878287JIU5M4KB8R" -> null
    }

Plan: 1 to add, 0 to change, 2 to destroy.

Warning: Argument is deprecated

  with aws_s3_bucket.state,
  on s3.tf line 1, in resource "aws_s3_bucket" "state":
   1: resource "aws_s3_bucket" "state" {

Use the aws_s3_bucket_lifecycle_configuration resource instead

(and 3 more similar warnings elsewhere)

─────────────────────────────────────────────────────────────────────────────

Note: You didn't use the -out option to save this plan, so Terraform can't
guarantee to take exactly these actions if you run "terraform apply" now.

Pushed by: @strugee, Action: pull_request

Add a wildcard record CNAMEing to Dokku

4222645

strugee requested a review from AndrewKvalheim March 17, 2024 23:31

strugee mentioned this pull request Mar 17, 2024

Add status.seagl.org #22

Closed

strugee merged commit ba3c7e4 into main Mar 18, 2024
1 check passed

strugee deleted the aj/dokku-wildcard branch March 18, 2024 01:46

strugee mentioned this pull request Mar 18, 2024

Import vault.seagl.org #19

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add a wildcard record CNAMEing to Dokku #48

Add a wildcard record CNAMEing to Dokku #48

strugee commented Mar 17, 2024

github-actions bot commented Mar 17, 2024

Add a wildcard record CNAMEing to Dokku #48

Add a wildcard record CNAMEing to Dokku #48

Conversation

strugee commented Mar 17, 2024

github-actions bot commented Mar 17, 2024

Terraform Format and Style 🖌``

Terraform Initialization ⚙️success

Terraform Plan 📖success

Terraform Validation 🤖success

Terraform Initialization ⚙️`success`

Terraform Plan 📖`success`

Terraform Validation 🤖`success`