terraform: use Gandi for email

Fix the DNS records so we can use the email forwarding service from Gandi.
2023-02-16 11:46:51 +01:00 · 2023-02-16 11:46:51 +01:00 · 8741b30043
commit 8741b30043
parent e6112e5c44
1 changed files with 13 additions and 2 deletions
--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@ -114,14 +114,25 @@ resource "cloudflare_record" "nix-community-org-apex-A" {
  proxied = false
 }

-# Any email coming from that domain are SPAM
 resource "cloudflare_record" "nix-community-org-apex-TXT" {
  zone_id = local.nix_community_zone_id
  name    = "@"
-  value   = "v=spf1 -all"
+  value   = "v=spf1 include:_mailcust.gandi.net -all"
  type    = "TXT"
 }

+resource "cloudflare_record" "nix-community-org-apex-MX" {
+  for_each = {
+    "spool.mail.gandi.net." = 10
+    "fb.mail.gandi.net."    = 50
+  }
+  zone_id  = local.nix_community_zone_id
+  name     = "@"
+  value    = each.key
+  type     = "MX"
+  priority = each.value
+}
+
 resource "cloudflare_record" "nix-community-org-github-challenge-TXT" {
  zone_id = local.nix_community_zone_id
  name    = "_github-challenge-nix-community-org"