From 80e6d8067903c1cb1f631f6efd86f99e9abf8e94 Mon Sep 17 00:00:00 2001
From: ahuston-0 <aliceghuston@gmail.com>
Date: Thu, 27 Feb 2025 22:53:30 -0500
Subject: [PATCH] migrate dynamic dns to desec

Signed-off-by: ahuston-0 <aliceghuston@gmail.com>
---
 .terraform.lock.hcl | 22 ++++++++++++++++++++++
 main.tf             |  8 ++++++++
 nayeonie.com.tf     |  8 ++++++--
 secrets.yaml        |  6 +++---
 4 files changed, 39 insertions(+), 5 deletions(-)

diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index 0075f5d..e8b4538 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -38,3 +38,25 @@ provider "registry.terraform.io/dnsimple/dnsimple" {
     "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
   ]
 }
+
+provider "registry.terraform.io/valodim/desec" {
+  version     = "0.5.0"
+  constraints = "0.5.0"
+  hashes = [
+    "h1:cjk3hxvxbu70hluQ2mZ+NUhN8818ESaddHmPhMLlwtM=",
+    "zh:02a1a8c93fdf480683518580d95660c26e4a573c03ecc145b8f7cf4a94206e50",
+    "zh:08d84a229c20b78da4426195047805fb5b1dd0b803a0d0d219528782fa4fc638",
+    "zh:15159f119c4afceca551abca814a085a0f2c277d69ff3a2a235a1e5100969e58",
+    "zh:1a23c57a25e258d26a86f3b01e6ee7e6b5cd75867ea6e9460765261cdc0a4a02",
+    "zh:2417beec12f72d6a82474737880988c7499dcd7cacfb2a91bc26d440c3335820",
+    "zh:46cde27d77f1bf1d5ca0e051504727073a9318016f18f3ba61e796a80493e8d6",
+    "zh:7a8f392dc6cc48328e7783d4f7bae3f9b8fec4047f4f5b3bab0bd3adfd9cd061",
+    "zh:88e849be319b262caa5d6c8aa1926109c69934292d1c7740dedf979ef6c87f55",
+    "zh:8c722a10660ddef51f087611fdc202ae087f16d10da1f5e8c5afcec2ee920dc2",
+    "zh:90335bf608b845ac59fdd0860faacadd195c94422aa19dc44342ece458de0ef6",
+    "zh:939273e7453421f1570dfd96792d3c72566474e9087007fbda4bc7d1b47c926a",
+    "zh:c42e33dce10ab70fdcf1cd18dc44672c4894a36369fb59964156a7072d21eb3d",
+    "zh:d57d776833aa1af41e1a037c8d6b176eb75562f9933fb3050587bb5097aa1e97",
+    "zh:d65cb7d81f9ac31b107cfebd100d6baca93edc7be85ff6ee8488531265cfcc9e",
+  ]
+}
diff --git a/main.tf b/main.tf
index 4b6ad7f..e13d497 100644
--- a/main.tf
+++ b/main.tf
@@ -1,5 +1,9 @@
 terraform {
   required_providers {
+    desec = {
+      source = "Valodim/desec"
+      version = "0.5.0"
+    }
     sops = {
       source  = "carlpett/sops"
       version = "1.1.1"
@@ -33,6 +37,10 @@ terraform {
 
 provider "sops" {}
 
+provider "desec" {
+  api_token = data.sops_file.secrets.data["desec.api"]
+}
+
 provider "dnsimple" {
   account = data.sops_file.secrets.data["dnsimple.account"]
   token   = data.sops_file.secrets.data["dnsimple.token"]
diff --git a/nayeonie.com.tf b/nayeonie.com.tf
index 4124262..9cd7a49 100644
--- a/nayeonie.com.tf
+++ b/nayeonie.com.tf
@@ -1,3 +1,7 @@
+resource "desec_domain" "nayeonie_dedyn_io" {
+  name = "nayeonie.dedyn.io"
+}
+
 # Create a zone
 resource "dnsimple_zone" "nayeonie_com" {
   name = "nayeonie.com"
@@ -7,7 +11,7 @@ resource "dnsimple_zone" "nayeonie_com" {
 resource "dnsimple_zone_record" "root_nayeonie_com_cname" {
   zone_name = "nayeonie.com"
   name      = ""
-  value     = "alicehuston.duckdns.org"
+  value     = "nayeonie.dedyn.io"
   type      = "ALIAS"
   ttl       = 3600
 }
@@ -16,7 +20,7 @@ resource "dnsimple_zone_record" "root_nayeonie_com_cname" {
 resource "dnsimple_zone_record" "wildcard_nayeonie_com_cname" {
   zone_name  = "nayeonie.com"
   name       = "*"
-  value      = "alicehuston.duckdns.org"
+  value      = "nayeonie.dedyn.io"
   type       = "ALIAS"
   ttl        = 3600
   depends_on = [dnsimple_zone.nayeonie_com]
diff --git a/secrets.yaml b/secrets.yaml
index b2905c2..950a918 100644
--- a/secrets.yaml
+++ b/secrets.yaml
@@ -1,5 +1,5 @@
 desec:
-    api: ENC[AES256_GCM,data:208LIsuEe06aDWOucVnNmVjbUdXjT/9OLVKM1Q==,iv:ft8+ui1/EcGCXM7/FBEk6UwgRJ6CDX5Gy7AMlCSrbsk=,tag:jV0wuKK2Ok0BESMUPNapwA==,type:str]
+    api: ENC[AES256_GCM,data:6gJGRHfAfqHtKkFU3tioSn4vHF6TyXeJl/WyTw==,iv:LZMvPb5cyIhuFBsWKR2fwLbZGfDov5kfIFLWRlnT9MY=,tag:SIozQSLsefuT7lozGeavdw==,type:str]
 tiktok:
     txt: ENC[AES256_GCM,data:XHtpPSPf/IHh1n9qn7QIBeWIolAS8hNugAryOcpsLAGukSZCHubtPjiRWcErm3rJz2iRgs9IE197AhBORhLa9kNYb0w=,iv:+0K8qxM7hEHVfw+ZZ0suPILjxtjOQLCd4unbrXff61c=,tag:e/t2yltQu/X5zcJZOSA70w==,type:str]
 dnsimple:
@@ -38,8 +38,8 @@ sops:
             Y0pZNTZRNWFiS2o3YmlwbXpHSjU3WEUKeP/QqhWgbVrNO2NNqQq2JzvOugUKmjLZ
             1VfsllJBQGzcWAllecbV6ZjfuVNLt1btnX4Yug0VDdQs8Ds38xIU5g==
             -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-02-27T06:09:54Z"
-    mac: ENC[AES256_GCM,data:T5QplfNf2yU8ZHHF0LFHx72v06OXDHw1a+/T5UbIB0GU8Hsdg45VIAMEQed+QqeTIINMjzEEzfZvDcVQYnhHHjCeWjtq3ZsBE8n49FvnkjltnIvXBZO3pH2Zp7K+sDxPol+CgRSx0SUOF24boUDYFMNitG0BZ5wL6V0+7l6I3Zg=,iv:8+MwOaj5NnB2emAATaXJ2NdlUmwOcTWdQSQe7O0St28=,tag:8ce4QcAHZxOgG/zd4OeTsw==,type:str]
+    lastmodified: "2025-02-28T03:39:10Z"
+    mac: ENC[AES256_GCM,data:ENhmlPsmm95SenAWFpX0ltyzljknIMYZwF3r4SHp1BuD3c0ymd9M834rlSJi4lFus+cOp8Rz4p720UShVc4XP+bCXE93XuOo80fzlHXFCQZUKonfMvp4q+VsZKlTx9y6Mp200iRhcJajD9g1GiKYE8t6V1spPr/gwQJfF+6GwHQ=,iv:xwvMAsMugqojVlWPXWirzwPKL9xgGLrt49llsc+rEPE=,tag:NILXdfvTeESkQ63tqscuzQ==,type:str]
     pgp:
         - created_at: "2025-02-27T06:09:54Z"
           enc: |-