infrastructure/modules/infrastructure/ovh.tf

locals {
  server_addresses = flatten([
    for key, host in hcloud_server.nodes : [
      {
        key = key
        hostname = host.name
        ipv4_address = host.ipv4_address
        ipv6_address = host.ipv6_address
      },
    ]
  ])

  server_addresses_separated = merge([
    for host in local.server_addresses : {
      "${host.key}:ipv4" = {
        hostname = host.hostname
        address  = host.ipv4_address
      },
      "${host.key}:ipv6" = {
        hostname = host.hostname
        address  = host.ipv6_address
      },
    }
  ]...)

  tailscale_host_addresses_separated = merge([
    for host in data.tailscale_devices.nodes.devices : {
      for address in host.addresses :
        "${host.hostname}:${strcontains(address, ":") ? "ipv6" : "ipv4"}" => {
          hostname = host.hostname
          address  = address
        }
    }
  ]...)
}

resource "ovh_domain_zone_record" "server_records" {
  for_each  = local.server_addresses_separated
  zone      = "serguzim.net"
  subdomain = each.value.hostname
  fieldtype = strcontains(each.value.address, ":") ? "AAAA" : "A"
  ttl       = 3600
  target    = each.value.address
}

resource "ovh_domain_zone_record" "tailscale_vpn" {
  for_each  = local.tailscale_host_addresses_separated
  zone      = "serguzim.net"
  subdomain = "${each.value.hostname}.vpn"
  fieldtype = strcontains(each.value.address, ":") ? "AAAA" : "A"
  ttl       = 600
  target    = each.value.address
}

resource "ovh_domain_zone_record" "gpg_verify" {
  zone      = "serguzim.net"
  subdomain = ""
  fieldtype = "TXT"
  ttl       = 3600
  target    = "openpgp4fpr:723B78C0BF8D8C721D2C4EEF41E544A54E2533B2"
}