Skip to content

Commit

Permalink
Desactivo ClamAV, Agrego SPF, DMARC y volumen para datos
Browse files Browse the repository at this point in the history
  • Loading branch information
@imcosta
imcosta committed Feb 28, 2020
1 parent e6b6ece commit 0120c50
Show file tree
Hide file tree
Showing 6 changed files with 91 additions and 10 deletions.
6 changes: 3 additions & 3 deletions terraform/3/01_ssh_key.tf
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
#
# Exportamos nuestra key SSH

resource "digitalocean_ssh_key" "pelado" {
name = "pelado"
public_key = "${file("id_rsa.pub")}"
resource "digitalocean_ssh_key" "imcosta" {
name = "imcosta"
public_key = file("id_rsa.pub")
}

12 changes: 7 additions & 5 deletions terraform/3/02_droplet.tf
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,13 @@
#
# Creamos el droplet

variable "domain" {}

resource "digitalocean_droplet" "mail" {
image = "ubuntu-18-04-x64"
name = "mail.pablokbs.com"
image = "debian-10-x64"
name = "mail.${var.domain}"
region = "nyc1"
size = "s-1vcpu-1gb"
user_data = "${file("userdata.yaml")}"
ssh_keys = ["${digitalocean_ssh_key.pelado.fingerprint}"]
}
user_data = file("userdata.yaml")
ssh_keys = ["${digitalocean_ssh_key.imcosta.fingerprint}"]
}
13 changes: 13 additions & 0 deletions terraform/3/03_volume.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@

resource "digitalocean_volume" "mail" {
region = "nyc1"
name = "mail"
size = 5
initial_filesystem_type = "ext4"
description = "Email disk"
}

resource "digitalocean_volume_attachment" "mail" {
droplet_id = digitalocean_droplet.mail.id
volume_id = digitalocean_volume.mail.id
}
65 changes: 65 additions & 0 deletions terraform/3/04_dns.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,65 @@
# Creamos un dominio nuevo

# Add a record to the domain
resource "digitalocean_record" "mail" {
domain = var.domain
type = "A"
name = "mail"
ttl = "30"
value = digitalocean_droplet.mail.ipv4_address
}

# Add mx record to the domain (so it can receive emails)
resource "digitalocean_record" "mx" {
domain = var.domain
type = "MX"
name = "@"
priority = "10"
ttl = "14400"
value = "mail.${var.domain}."
}

# SPF
resource "digitalocean_record" "spf" {
domain = var.domain
type = "TXT"
name = "@"
ttl = "14400"
value = "v=spf1 mx ~all"
}

# DMARC
resource "digitalocean_record" "dmarc" {
domain = var.domain
type = "TXT"
name = "_dmarc.${var.domain}"
ttl = "14400"
value = "v=DMARC1; p=none; rua=mailto:dmarc-reports@${var.domain}"
}

# SMTP
resource "digitalocean_record" "smtp" {
domain = var.domain
type = "CNAME"
name = "smtp"
ttl = "14400"
value = "mail.${var.domain}."
}

# POP
resource "digitalocean_record" "pop" {
domain = var.domain
type = "CNAME"
name = "pop"
ttl = "14400"
value = "mail.${var.domain}."
}

# IMAP
resource "digitalocean_record" "imap" {
domain = var.domain
type = "CNAME"
name = "imap"
ttl = "14400"
value = "mail.${var.domain}."
}
2 changes: 1 addition & 1 deletion terraform/3/_provider.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,6 @@ variable "digitalocean_token" {}

# Configure the DigitalOcean Provider
provider "digitalocean" {
token = "${var.digitalocean_token}"
token = var.digitalocean_token
}

3 changes: 2 additions & 1 deletion terraform/3/userdata.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,9 @@ write_files:
- 993
- 995
volumes:
- /root/mail-data:/data
- /mnt/mail:/data
environment:
- HTTPS=ON
- DISABLE_CLAMAV=TRUE
runcmd:
- docker-compose -f /root/docker-compose.yaml up -d

0 comments on commit 0120c50

Please sign in to comment.