62 lines
1.8 KiB
HCL
62 lines
1.8 KiB
HCL
locals {
|
|
begin-core = <<-EOF
|
|
.:53 {
|
|
errors {
|
|
consolidate 5m ".* i/o timeout$" warning
|
|
consolidate 30s "^Failed to .+"
|
|
}
|
|
health {
|
|
lameduck 5s
|
|
}
|
|
ready
|
|
EOF
|
|
end-core = <<-EOF
|
|
log . {combined} {
|
|
class denial error
|
|
}
|
|
prometheus 0.0.0.0:9153
|
|
forward . ${var.forward}
|
|
cache 30
|
|
loop
|
|
reload
|
|
loadbalance
|
|
}
|
|
EOF
|
|
soa-ns = <<-EOF
|
|
@ IN SOA ${var.sub-domain}.${var.domain-name}. ${var.domain-name}. (
|
|
${formatdate("YYYYMMDDhh",timestamp())} ; Serial
|
|
4H ; Refresh
|
|
1H ; Retry
|
|
7D ; Expire
|
|
4H ) ; Negative Cache TTL
|
|
@ IN NS ${var.sub-domain}.${var.domain-name}.
|
|
EOF
|
|
files = merge({
|
|
"Corefile" = join("\n", concat([local.begin-core],[for z in var.zones: format("file /etc/coredns/%s.db %s", z.name,z.name)],[local.end-core]))
|
|
},[for z in var.zones: {
|
|
"${z.name}.db" = join("\n", concat([
|
|
"$TTL 60",
|
|
"$ORIGIN ${z.name}.",
|
|
local.soa-ns
|
|
],
|
|
[for k,v in z.hosts: format("%s IN A %s", k, v)],
|
|
[for k,v in z.hosts6: format("%s IN AAAA %s", k, v)],
|
|
[for k,v in z.alias: format("%s IN CNAME %s", k, v)],
|
|
z.wildcard!=""?[format("*.%s. IN A %s", z.name, z.wildcard)]:[],
|
|
z.wildcard6!=""?[format("*.%s. IN AAAA %s", z.name, z.wildcard6)]:[],
|
|
))
|
|
}]...)
|
|
}
|
|
|
|
resource "kubectl_manifest" "coredns-config" {
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: "${var.component}-${var.instance}"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.common-labels)}
|
|
data: ${jsonencode(local.files)}
|
|
EOF
|
|
}
|