I use gandi for all my DNS needs and while I used to run my own dns it got tiresome after a while. So a long time ago I switched to using gandi to do it. Back then they had an api I was able to manipulate rather easily with python.
But a few years ago they changed to a new api and I put it on the long finger to migrate over. Happily in the meantime I learned terraform and discovered that there was a gandi terraform provider.
There are a number of nice things about managing DNS via terraform, but one nice bit is modules. I have a number of domains that use G Suite for email and collaboration. To make that work I made a module like so:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | resource "gandi_zonerecord" "spf" {
zone = "${var.zone_id}"
name = "@"
type = "TXT"
ttl = 3600
values = [
"\"v=spf1 ip4:${local.isp_ip}/32 ip4:${local.aws1_ip}/32 ip4:${local.aws2_ip}/32 include:aspmx.googlemail.com ~all\"",
]
}
resource "gandi_zonerecord" "mx" {
zone = "${var.zone_id}"
name = "@"
type = "MX"
ttl = 3600
values = [
"1 ASPMX.L.GOOGLE.com.",
"5 ALT1.ASPMX.L.GOOGLE.com.",
"5 ALT2.ASPMX.L.GOOGLE.com.",
"10 ASPMX2.GOOGLEMAIL.com.",
"10 ASPMX3.GOOGLEMAIL.com.",
"10 ASPMX4.GOOGLEMAIL.com.",
"10 ASPMX5.GOOGLEMAIL.com.",
]
} |
To use this all I need to pass in is the zone id. If Google changes their MX records, I just chnage them here and all domains using G Suite are fixed. I have similar modules for github hosted sites, mailgun configs and so forth.
Now my “zone files” describe the services I’ve configured, but in a much more maintainable way.