beatz174-bit
1.7 KiB
1.7 KiB
Dynu Terraform Layer (Brownfield DNS Reconciliation)
This Terraform root is for Dynu DNS brownfield import/reconciliation and documentation outputs.
Dynu remains the authoritative DNS provider for existing records. Terraform here is used to mirror and reconcile existing DNS state incrementally, not to casually recreate production DNS from scratch.
Provider
- Source:
beatz174-bit/dynu - Version constraint:
>= 0.1.0
Authentication is local-only and must not be committed.
Credentials and auth
Use local terraform.tfvars (or environment variables if supported by the provider release you use).
Variables included:
dynu_api_key(sensitive)dynu_username(optional, sensitive)dynu_password(optional, sensitive)
Keep real values out of git and out of shared logs.
Safety
- Do not commit
terraform.tfvars,.tfstate*, or.terraform/. - Import/reconcile one domain or record at a time.
- Treat generated config as draft input, not final truth.
Safe validation commands
cd infrastructure/terraform/dynu
terraform fmt -check -recursive
terraform init -backend=false -input=false
terraform validate
Local workflow
cp terraform.tfvars.example terraform.tfvars
$EDITOR terraform.tfvars
terraform init
terraform plan
Import workflow (placeholder examples)
terraform import dynu_dns_domain.lan_ddnsgeek_com '<provider-specific-domain-import-id>'
terraform state show dynu_dns_domain.lan_ddnsgeek_com
terraform plan
Or with import blocks:
cp imports.tf.example imports.tf
$EDITOR imports.tf
terraform plan -generate-config-out=generated-dynu.tf
Confirm exact resource types and import ID formats from the provider docs before running imports.