mon server in oracle, udpates, etc

3 months ago · d2c28b2c2a
parent 15a2c60662
commit d2c28b2c2a
8 changed files with 297 additions and 116 deletions
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@ -2,67 +2,67 @@
 # Manual edits may be lost in future updates.

 provider "registry.terraform.io/cloudflare/cloudflare" {
-  version = "3.11.0"
+  version = "3.12.2"
  hashes = [
-    "h1:oTTfUShNNcDCOxlXP2XiNleQYHmWswesQFCuicwQztw=",
-    "zh:0dd08c3336b3198e30158b61605674eefbc0b8e331ad8f25322ce1889fd2d8a7",
-    "zh:196d80c7ae594f1b6140de02ecb101ec1afd7e45877be849ace73866f3fcb689",
-    "zh:37bc087b5e858a92faf03c994cfbc4c906b0afecb7df2ff25961b394f3013cc0",
-    "zh:3910c38a3f001879e67aede543ac1de44beab2249704fd016f51b14875815bed",
-    "zh:6092e395636b673b8ee26dce9356331ac6ceaa6b62de17203dd151a22b9d9858",
-    "zh:96167bd63b49df0d4921f30d81cda5162b03af2bd20a6c1da65ba15bd28a2d30",
-    "zh:c168cab43707b4acdb8366074802df630cc4427a7c2e55c9489cdf56907d23fc",
-    "zh:ccdde1cd64fbce75a9266e3df8a8f3dbd481cf72de53fa3a5fb15c78304843ea",
-    "zh:db850c7627a312065867896c2bf0266b187beb24f3f898849c28364682f0646c",
-    "zh:ddbd2d93f7a8ecd131b63a3336e5e1fed00258a9312c218f6fcf3e0f04733160",
-    "zh:e8f02ec1dbf8dc0bcb4fcc29441fde52900f2182f88e1544074f8fb646ae89db",
-    "zh:eef9d202238b76925e28fefd79621d4e5e9d3927cbcbce918222856300aa206b",
-    "zh:f0ad67f42c4d8f3d20ca4e357ead759f651ac4bfbe0cd5006099deead8316e85",
-    "zh:f1a2d6f4a26e193172b8c3a9411582ed3909df93b62314a1460b31d32a782bc6",
+    "h1:8Hj+fxNa4EnoKYYSrQGWmK3wLKipJ01Wweue9J+lIsE=",
+    "zh:0e78da2bd698cd164718b69a86de43f5842ca3e7d62be54706fd0ff25ca5da5c",
+    "zh:45deb5312de674f1b90e6ffb8a3e10c544b852095a0ed71f523e2ec6443c7e60",
+    "zh:4b2bf4411da63950cc413f83a0e4612c1e731d06360326d5e9697c74dd5cbeb6",
+    "zh:5bfc629bf65447c1a293a4410ca9b61c87526b084b81b2cb2f8bc605f81c2da6",
+    "zh:6fc8d57f24e4ceaa3a0a0f43bef2601410f957cefd4d7a8194abd89bcb431eec",
+    "zh:75ef23b472e30189d8a2d41a1b01fbf94ec9e5d90cc1a52753f5123ad763d99a",
+    "zh:7fbe2753519ba870a48a43e7939d70591633b2a32ff576405d50964d8a28755e",
+    "zh:9979599b8f1a7be2e591ae83afdd5249761b5487e7b3cce0ea629ca9350d7e90",
+    "zh:b1ec9a7adfdce85858d5b9495470732d8e162a4444f0ac74b5aa55179bfa632d",
+    "zh:b597923a78bf12e4c77e003c5396c13385ef2cff645bc6904eb7ccccd76f819c",
+    "zh:b904893b6db9f9b0f2fc81053500689d5fee7c43caf032ab830e0418d8339c59",
+    "zh:bb674c6d6da7f5f44208854ac318fab40f4edf4ffd3c49be457b505c14e004b1",
+    "zh:bdd4fbf9274eb249c539295cff4da82727d682d91c1c5d7ee3ee3490ebefad79",
+    "zh:c5b7d7ca0bb5236c8a3fccad4a10cfce03c06eee243d1b0b281df22aa73bb4c8",
  ]
 }

 provider "registry.terraform.io/digitalocean/digitalocean" {
-  version = "2.18.0"
+  version = "2.19.0"
  hashes = [
-    "h1:xbr9QP1XPwMC6oyK/eobl82m3/ep20BHNwNjBTM4Nz8=",
-    "zh:2c5322ea6de0aff88dd5c19634bc01c1907a0777d926149ea3f86bf3f2047ff8",
-    "zh:4d3a363d5d16362756042f9461a9bb68c6ddd45d16f7da972d696fa3a1d03d5d",
-    "zh:5fc0374435e01d9b8a87351ab91ac384464a71f083ec1d59342da15ffadeb1a6",
-    "zh:6e07f148cf0820d8780d2b5569d7c1817f546bc0a2757d6b42c112f3f8f8d46c",
-    "zh:705326caa2cdf5e4a370cdc27fd29be380c207e4e6c8a411e5494af1155817dc",
-    "zh:8f36faacfa2013750ede964577f9d5c273929ad43b082ca4e31641260f8b5730",
-    "zh:a10e20d534ee12ea8a8aceeb3a96e0d946a511f4981d7ce5bbf479aaff8768ba",
-    "zh:b23d21b59e174a2f02ee1aa95b9cff9f88da0ac2f42765ed6be2b8891cbff7e9",
-    "zh:be9bd194fadcae235910ac08c90d6359a8a51dd76b0897ab3475d1b08e6a50b9",
-    "zh:c093148fbeacddc7b7e08c2c015e413a4ec4805d07349d06e51162460445c05c",
-    "zh:cc3e7b6d21f652f14919a7338aae59e4f181f64583d311f32b440361b933b05b",
-    "zh:ea0096068f2b4c7b11a954469b7f9823cbd6670f92837cd76b0716a3fba83b71",
-    "zh:eeb18c2d2ef7cd95ec0d7b7a57f3d2e0d91de29931aaa44ab9588689695723e2",
-    "zh:f883ba115683a2f126ec78aca3bea6c7aca0c4a8a316f44129dbb5cdc798d46a",
-    "zh:f8aa7e15c90aa231532ed5f2d809acbaf4f3bcff24bb040e185e64cca541f99b",
+    "h1:lpTBlXEjgRRixvRmUuABOIj8P/3H1LULsbav1UHVoxo=",
+    "zh:01cee85343dee2dfc01499e19ef4e56b0c9260eee0a47329231cf500c07b4386",
+    "zh:099eeddf9baf9c282430231da501a8b96b3fb28507ce3b78e3a185cc9d4b3860",
+    "zh:191e090e8553355d91842163737d71051aeb499c8ddb23d2e8aae9dab2f8a1a5",
+    "zh:25356abb47769270730b0ddb0a3eb89aec637395cdcb77c309d23e55839e4461",
+    "zh:28876afb75ba5367d20e508e05c7657f90922142ff80d8a81a4d68b3381adb86",
+    "zh:404a304e37c3dec8017318b16ab701553e5242dc2460211346a9dd39242709a6",
+    "zh:40f53111b01fc78fdc7a6ba47a80d51c9a45e77e5b7d7d5bcae3a0c6f58ffbdf",
+    "zh:48f212068234df3dcfe5544c96b10403b15a190203742756d7d0573ee0857c17",
+    "zh:5189fe4fffdbff5c280f6741f55b2de9cb2b8c653cda0b2339c28cd1e3bc7884",
+    "zh:a7d5840ca789a03a285c67d2838af4d8687c99f3e8fac4ce56fcd23802a66156",
+    "zh:c0bd3c4555e5d7e6c96d3add3ddd8e41aa0df9e4a4518ad3b7f1d726a4e0a9f4",
+    "zh:d70a903a6d75533aa4713e255c9c967ec453195f2209439981f015f203805a6e",
+    "zh:db8110736bd47f99213d72309ebb720718a80b15ddd46e34a8ee9b2125903079",
+    "zh:e2180f334506601e0a6af8863159cc719ce584fdb23bd45ddc120f33d22cec19",
+    "zh:eb515a24d231e7f1ef344b9b88fa2071f760ec34fbb47d80bbacdf7e35f3daca",
  ]
 }

 provider "registry.terraform.io/hashicorp/oci" {
-  version = "4.69.0"
+  version = "4.71.0"
  hashes = [
-    "h1:OwRvgIpHYd7j3boiAV7QkIYH70Kmoeuyfc2AApYE3Jw=",
-    "zh:2f90d428bc4d99e85e17fb9b7fe38ccb56d17003c0a4c5f9acfcbed00513b348",
-    "zh:36387ab9a8dcd75a84783975e0f71d57a10efe0a4cd9eef6b4b29fcafca2c730",
-    "zh:800520c1a4ee45101c59168a39f96b375d001cbcb0729c62cd7594de448ff42f",
-    "zh:864e33b73297a55b107d57781cacf4fed0ae69823f114be0ca5e3d38fa8ff2bf",
-    "zh:98b336234afad333aae3bbd2f9771b41d2c495977c265701f57481ef83a5ec58",
+    "h1:ApXXc5OBPlLBgILwVtwaQDOm8MvNDeQ7AWk4BIb9bhk=",
+    "zh:063d24152a99394112ae303e082e03736c79707c2fbadc6a7655908a51900453",
+    "zh:12b54e889af42da909c61979edba0dadc0373689a62554177dd3f55c2e14ebd9",
+    "zh:4411b9b5d6039ea522e1392d09e346698e3f24eab62a7de000aefa9dd12e12e3",
+    "zh:8dd51b41c0ba7d57b4c7c499fb143fd7abac0eb7479fd572d4dd1cce9a4db232",
+    "zh:94950c284fd119744535f9f482284501c148474a5ce94467d7573c532e841102",
    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
-    "zh:9f7c17db474a0017f9885f8bc927047e2627a03b4ef327da8ff8ac513859b71c",
-    "zh:a69ca46f5d008186c364388a496f64ba37b211623ac23d3e01fb2e50f47e9009",
-    "zh:b184875ebf5d1ade4753d8562682ddde2332e2e5a3bc8b958e15c665f7bbd206",
-    "zh:b1da08f95d518d77cb8ca7fb958300c44d6f7b8bac1c5121b968399331479e08",
-    "zh:c1f494f153aed6e94b2a78d7da7415c7cf6f50f675330048b9523a51b7ebded1",
-    "zh:c32b9877eb5e596f2d039a3e399aa8a08f82ce132aa2ea2c688a592e7738dc43",
-    "zh:cd9020bb675881b5e112708cad7a6373bad5a787bcf22b195a59c8766cc3b75c",
-    "zh:e12a5dfc8944c2389c0b78b415ba971ac46a0670fc85e043c9b185fd55eba9a1",
-    "zh:e9ff5656e2fa4709ab63aa2fc739d840016ef1e84d3ab191b8657370c9d89990",
+    "zh:afc27aaf6c9ea569b7c99b9f675e90ed4723cc25b57a9b418a394a7418e5b319",
+    "zh:b7ee9b2fd13c5148d08feff006fc41dc8c8eb8c70468b7a878411ef4ad9a9355",
+    "zh:b8dd6cd7595e00cdd1a335b5d2716d1190f59ae558d98c3f50b5d54cc63feeff",
+    "zh:cca245d0192cf4e78d289acab3ab0ef4b0480eaa0a77476b6c812e3b3d068f31",
+    "zh:dcfe29077f6bffa2aa56a27b89225e19020f5ad294e16eb0043e1eb92138551e",
+    "zh:e2568ef70d2145f11b6fbb51660a48924c101b02b00398a86d675e4088f7bd14",
+    "zh:ed421a67df664a02b2397bf576764904f7a1a7d1878eb34740653f539bcb3455",
+    "zh:f01f0ad5cec4928174237be875f67c7bc4d2f79dea04798d8ffa1869f0ce9fff",
+    "zh:f6460518a358b6d194b408999ad5d6eed0c043d483ffcd4185d15be2cb4bd626",
  ]
 }

--- a/cloudflare.tf
+++ b/cloudflare.tf
@ -209,6 +209,13 @@ resource "cloudflare_record" "bear-s21-sudo-is" {
  value  = "192.168.21.10"
  ttl    = 60
 }
+resource "cloudflare_record" "benvm-s21-sudo-is" {
+  zone_id = cloudflare_zone.sudois.id
+  type   = "A"
+  name   = "benvm.s21"
+  value  = "192.168.21.140"
+  ttl    = 60
+}
 resource "cloudflare_record" "endor" {
  zone_id = cloudflare_zone.sudois.id
  type   = "A"
--- a/hetznercloud.tf
+++ b/hetznercloud.tf
@ -40,37 +40,24 @@ resource "hcloud_firewall" "fw0" {

    ]
  }
+}
+resource "hcloud_firewall" "fw-lb" {
+  name = "fw-lb"
+
  rule {
    direction = "in"
    protocol  = "tcp"
-    port = "80"
-    source_ips = [
-      "0.0.0.0/0",
-      "::/0"
-    ]
-  }
-  rule {
-    direction = "in"
-    protocol  = "tcp"
-    port = "443"
-    source_ips = [
-      "0.0.0.0/0",
-      "::/0"
-    ]
-  }
-  rule {
-    direction = "in"
-    protocol  = "udp"
-    port = "4004"
+    port = "22"
    source_ips = [
-      "0.0.0.0/0",
-      "::/0"
+      "${local.mainframe_ip}/32",
+      "${local.mainframe_ip6}/128",
+      "${local.freespace_ip}/32",
+      "${local.freespace_ip6}/128",
+      "${local.fsn_g0_ip}/32",
+      #"${local.ora1_ip6}/128",
+
    ]
  }
-}
-resource "hcloud_firewall" "fw-lb" {
-  name = "fw-lb"
-
  rule {
    direction = "in"
    protocol  = "tcp"
@ -298,7 +285,7 @@ resource "hcloud_server" "fsn-lb-g0" {
  ssh_keys = [hcloud_ssh_key.default.id]
  location = "fsn1"

-  firewall_ids = [hcloud_firewall.fw0.id]
+  firewall_ids = [hcloud_firewall.fw-lb.id]

  labels = {
    group = "fsn-lb"
@ -345,7 +332,7 @@ resource "hcloud_server" "fsn-lb-g1" {
  ssh_keys = [hcloud_ssh_key.default.id]
  location = "fsn1"

-  firewall_ids = [hcloud_firewall.fw0.id]
+  firewall_ids = [hcloud_firewall.fw-lb.id]

  labels = {
    group = "fsn-lb"
--- a/oracle-core.tf
+++ b/oracle-core.tf
@ -18,14 +18,27 @@ variable "sshonly_cidr" {

 variable "lon_instances_ips" {
  default = {
+    ## green
+    # SSH+WG+HTTPS
+    lon-lb-g0 = "10.103.3.10"
+    lon-lb-g1 = "10.103.3.12"
+    lon-mon-g0 = "10.103.3.14"
+    # SSH+WG
    lon-matrix-bridges-g0 = "10.103.4.26"
-    lon-matrix-bridges-b0 = "10.103.4.25"
+    lon-kubeworker-g0 = "10.103.4.10"
+    lon-kubeworker-g1 = "10.103.4.11"
+
+    ## blue
+    # SSH+WG+HTTPS
+    lon-lb-b0 = ""
+    lon-lb-b1 = ""
+    lon-mon-b0 = ""
+    # SSH+WG
+    lon-matrix-bridges-b0 = ""
+    lon-kubeworker-b0 = ""
+    lon-kubeworker-b1 = ""

-    lon-lb-g0 = "10.103.3.10"
-    lon-lb-b0 = "10.103.3.11"

-    lon-lb-g1 = "10.103.3.12"
-    lon-lb-b1 = "10.103.3.13"
  }
 }

--- a/oracle-kubeworker.tf
+++ b/oracle-kubeworker.tf
@ -0,0 +1,102 @@
+resource "oci_core_instance" "lon-kubeworker-g0" {
+  availability_domain = "JnpY:UK-LONDON-1-AD-3"
+  compartment_id      = var.compartment_ocid
+  display_name        = "lon-kubeworker-g0"
+  shape               = "VM.Standard.A1.Flex"
+
+  # preserve the volume if instance is deleted
+  preserve_boot_volume = true
+
+  source_details {
+    source_type = "image"
+    # https://docs.oracle.com/en-us/iaas/images/ubuntu-2004/
+    source_id   = "ocid1.image.oc1.uk-london-1.aaaaaaaaajga6k2rnywbyuyvwpw446vcfcokumn4ddrjpdvrddqhhlfvanuq"
+    boot_volume_size_in_gbs = "50"
+  }
+
+  metadata = {
+    ssh_authorized_keys = var.ssh_public_key
+  }
+
+  timeouts {
+    create = "60m"
+  }
+
+  agent_config {
+    are_all_plugins_disabled = true
+    is_management_disabled   = true
+    is_monitoring_disabled   = true
+  }
+  create_vnic_details {
+    assign_public_ip          = false
+    private_ip                = var.lon_instances_ips["lon-kubeworker-g0"]
+    skip_source_dest_check    = true
+    subnet_id                 = oci_core_subnet.sshonly.id
+    display_name              = "lon-kubeworker-g0_vnic"
+    hostname_label            = "lon-kubeworker-g0"
+    #nsg_ids                   = [ oci_core_security_list.ssh.id ]
+  }
+  shape_config {
+    memory_in_gbs = "6"
+    ocpus = "1"
+  }
+}
+resource "cloudflare_record" "lon-kubeworker-g0" {
+  zone_id = cloudflare_zone.sudois.id
+  type   = "A"
+  name   = "lon-kubeworker-g0.lon"
+  value  = oci_core_instance.lon-kubeworker-g0.private_ip
+  ttl    = 60
+}
+
+
+# resource "oci_core_instance" "lon-kubeworker-g1" {
+#   availability_domain = "JnpY:UK-LONDON-1-AD-3"
+#   compartment_id      = var.compartment_ocid
+#   display_name        = "lon-kubeworker-g1"
+#   shape               = "VM.Standard.A1.Flex"
+
+#   # preserve the volume if instance is deleted
+#   preserve_boot_volume = true
+
+#   source_details {
+#     source_type = "image"
+#     # https://docs.oracle.com/en-us/iaas/images/ubuntu-2004/
+#     source_id   = "ocid1.image.oc1.uk-london-1.aaaaaaaaajga6k2rnywbyuyvwpw446vcfcokumn4ddrjpdvrddqhhlfvanuq"
+#     boot_volume_size_in_gbs = "50"
+#   }
+
+#   metadata = {
+#     ssh_authorized_keys = var.ssh_public_key
+#   }
+
+#   timeouts {
+#     create = "60m"
+#   }
+
+#   agent_config {
+#     are_all_plugins_disabled = true
+#     is_management_disabled   = true
+#     is_monitoring_disabled   = true
+#   }
+#   create_vnic_details {
+#     assign_public_ip          = false
+#     private_ip                = var.lon_instances_ips["lon-kubeworker-g1"]
+#     skip_source_dest_check    = true
+#     subnet_id                 = oci_core_subnet.sshonly.id
+#     display_name              = "lon-kubeworker-g1_vnic"
+#     hostname_label            = "lon-kubeworker-g1"
+#     #nsg_ids                   = [ oci_core_security_list.ssh.id ]
+#   }
+#   shape_config {
+#     memory_in_gbs = "6"
+#     ocpus = "1"
+#   }
+# }
+# resource "cloudflare_record" "lon-kubeworker-g1" {
+#   zone_id = cloudflare_zone.sudois.id
+#   type   = "A"
+#   name   = "lon-kubeworker-g1.lon"
+#   value  = oci_core_instance.lon-kubeworker-g1.private_ip
+#   ttl    = 60
+# }
--- a/oracle-matrix-bridges.tf
+++ b/oracle-matrix-bridges.tf
@ -1,7 +1,7 @@
 resource "oci_core_instance" "lon-matrix-bridges-g0" {
  availability_domain = "JnpY:UK-LONDON-1-AD-3"
  compartment_id      = var.compartment_ocid
-  display_name        = "lon-matrix-bridges-matrix-g0"
+  display_name        = "lon-matrix-bridges-g0"
  shape               = "VM.Standard.A1.Flex"

  # preserve the volume if instance is deleted
--- a/oracle-mon.tf
+++ b/oracle-mon.tf
@ -0,0 +1,72 @@
+resource "oci_core_instance" "lon-mon-g0" {
+  availability_domain = "JnpY:UK-LONDON-1-AD-3"
+  compartment_id      = var.compartment_ocid
+  display_name        = "lon-mon-g0"
+  shape               = "VM.Standard.A1.Flex"
+
+  # preserve the volume if instance is deleted
+  preserve_boot_volume = true
+
+  source_details {
+    source_type = "image"
+    # https://docs.oracle.com/en-us/iaas/images/ubuntu-2004/
+    source_id   = "ocid1.image.oc1.uk-london-1.aaaaaaaaajga6k2rnywbyuyvwpw446vcfcokumn4ddrjpdvrddqhhlfvanuq"
+    boot_volume_size_in_gbs = "50"
+  }
+
+  metadata = {
+    ssh_authorized_keys = var.ssh_public_key
+  }
+
+  timeouts {
+    create = "60m"
+  }
+
+  agent_config {
+    are_all_plugins_disabled = true
+    is_management_disabled   = true
+    is_monitoring_disabled   = true
+  }
+  create_vnic_details {
+    assign_public_ip          = true
+    private_ip                = var.lon_instances_ips["lon-mon-g0"]
+    skip_source_dest_check    = true
+    subnet_id                 = oci_core_subnet.ssh-https.id
+    display_name              = "lon-mon-g0_vnic"
+    hostname_label            = "lon-mon-g0"
+    #nsg_ids                   = [ oci_core_security_list.ssh.id ]
+  }
+  shape_config {
+    memory_in_gbs = "6"
+    ocpus = "1"
+  }
+}
+# terraform import "oci_core_vnic_attachment.lon-mon-g0_vnic" ocid1.vnicattachment.oc1.uk-london-1.anwgiljsyefuk7ycqco7uueex7n3yzwlenaxlh2rthm4dszrqwcfgsur4enq
+# resource "oci_core_vnic_attachment" "lon-mon-g0_vnic" {
+#   instance_id  = oci_core_instance.lon-mon-g0.id
+
+#   create_vnic_details {
+#     assign_public_ip          = true
+#     private_ip                = var.lon_instances_ips["lon-mon-g0"]
+#     skip_source_dest_check    = true
+#     subnet_id                 = oci_core_subnet.ssh-https.id
+#     display_name              = "lon-mon-g0_vnic"
+#     hostname_label            = "lon-mon-g0"
+#    }
+# }
+# # terraform import "oci_core_private_ip.lon-mon-g0" ocid1.privateip.oc1.uk-london-1.abwgiljsdbqpvyvgyczxzqtdqndalgibmcc4vbocklvbji2v4fuzk2idrifq
+# resource "oci_core_private_ip" "lon-mon-g0" {
+#   ip_address = var.lon_instances_ips["lon-mon-g0"]
+#   vnic_id = oci_core_vnic_attachment.lon-mon-g0_vnic.vnic_id
+# }
+
+resource "cloudflare_record" "lon-mon-g0" {
+  zone_id = cloudflare_zone.sudois.id
+  type   = "A"
+  name   = "lon-mon-g0.lon"
+  value  = oci_core_instance.lon-mon-g0.public_ip
+  ttl    = 60
+}
+# data "oci_core_private_ip" "imported_lon-mon-g0" {
+#   private_ip_id = "ocid1.privateip.oc1.uk-london-1.abwgiljsswdgcav62ktbc4lgu3dctjd5y7534hkusyhl67el57pce3p3arpq"
+# }
--- a/vpn-dns.tf
+++ b/vpn-dns.tf
@ -1,27 +1,5 @@


-resource "cloudflare_record" "lon1-vpn-sudo-is" {
-  zone_id = cloudflare_zone.sudois.id
-  type     = "A"
-  name     = "lon1.vpn"
-  value    = "10.102.47.1"
-  proxied  = false
-  ttl      = 60
-}
-
-
-
-resource "cloudflare_record" "lon0-vpn-sudo-is" {
-  zone_id = cloudflare_zone.sudois.id
-  type     = "A"
-  name     = "lon0.vpn"
-  value    = "10.102.47.13"
-  proxied  = false
-  ttl      = 60
-}
-
-
-
 resource "cloudflare_record" "iphone-uk-vpn-sudo-is" {
  zone_id = cloudflare_zone.sudois.id
  type     = "A"
@ -99,17 +77,6 @@ resource "cloudflare_record" "mathom-vpn-sudo-is" {



-resource "cloudflare_record" "fra0-vpn-sudo-is" {
-  zone_id = cloudflare_zone.sudois.id
-  type     = "A"
-  name     = "fra0.vpn"
-  value    = "10.102.47.131"
-  proxied  = false
-  ttl      = 60
-}
-
-
-
 resource "cloudflare_record" "iphone-vpn-sudo-is" {
  zone_id = cloudflare_zone.sudois.id
  type     = "A"
@ -296,6 +263,28 @@ resource "cloudflare_record" "lon-matrix-bridges-g0-vpn-sudo-is" {
 }


+
+resource "cloudflare_record" "hh17-vpn-sudo-is" {
+  zone_id = cloudflare_zone.sudois.id
+  type     = "A"
+  name     = "hh17.vpn"
+  value    = "10.102.47.150"
+  proxied  = false
+  ttl      = 60
+}
+
+
+
+resource "cloudflare_record" "lon-mon-g0-vpn-sudo-is" {
+  zone_id = cloudflare_zone.sudois.id
+  type     = "A"
+  name     = "lon-mon-g0.vpn"
+  value    = "10.102.47.151"
+  proxied  = false
+  ttl      = 60
+}
+
+
 resource "cloudflare_record" "mariadb-sudo-is" {
  zone_id = cloudflare_zone.sudois.id
  type     = "A"
@ -472,6 +461,17 @@ resource "cloudflare_record" "archivebox-sudo-is" {



+resource "cloudflare_record" "pihole-sudo-is" {
+  zone_id = cloudflare_zone.sudois.id
+  type     = "A"
+  name     = "pihole"
+  value    = "78.46.252.187"
+  proxied  = false
+  ttl      = 60
+}
+
+
+
 resource "cloudflare_record" "pirate-sudo-is" {
  zone_id = cloudflare_zone.sudois.id
  type     = "A"
@ -575,7 +575,7 @@ resource "cloudflare_record" "matrix-sudo-is" {
  zone_id = cloudflare_zone.sudois.id
  type     = "A"
  name     = "matrix"
-  value    = "176.9.51.165"
+  value    = "78.46.252.187"
  proxied  = false
  ttl      = 60
 }