fairlabs/terraform-provider-porkbun
1
0
Fork 0
Code Issues Pull requests Projects Releases 2 Packages Wiki Activity Actions
Porkbun terraform provider (only dns for now)
8 commits 1 branch 2 tags 55 KiB
  • Go 83.4%
  • Nix 16.6%
Find a file
Exact
ferrumboll 1142e2b176
All checks were successful
ci / go-test (push) Successful in 1m7s
Details
Publish registry releases from Forgejo
2026-05-26 06:27:46 +02:00
.forgejo/workflows Publish registry releases from Forgejo 2026-05-26 06:27:46 +02:00
internal/provider Adopt existing matching DNS record on create 2026-05-25 11:40:33 +02:00
.gitignore Publish provider to Fairlabs registry 2026-05-25 19:21:43 +02:00
.goreleaser.yml Publish provider to Fairlabs registry 2026-05-25 19:21:43 +02:00
devenv.lock Initial minimal Porkbun DNS provider 2026-05-25 11:36:47 +02:00
devenv.nix Publish provider to Fairlabs registry 2026-05-25 19:21:43 +02:00
devenv.yaml Initial minimal Porkbun DNS provider 2026-05-25 11:36:47 +02:00
go.mod Rename provider source to porkbun and add releases 2026-05-25 11:53:59 +02:00
go.sum Initial minimal Porkbun DNS provider 2026-05-25 11:36:47 +02:00
LICENSE Initial minimal Porkbun DNS provider 2026-05-25 11:36:47 +02:00
main.go Rename provider source to porkbun and add releases 2026-05-25 11:53:59 +02:00
README.md Publish registry releases from Forgejo 2026-05-26 06:27:46 +02:00

README.md

terraform-provider-porkbun

Minimal OpenTofu/Terraform provider for Porkbun DNS records.

This provider intentionally implements only what this repo needs: porkbun_dns_record CRUD against Porkbun's DNS API. It treats Porkbun record IDs as strings and accepts string, number, or nested ID response shapes from the create endpoint.

Development

devenv shell
fmt
build
test

Provider configuration

terraform {
  required_providers {
    porkbun = {
      source  = "opentofu.fairlabs.dev/fairlabs/porkbun"
      version = "0.1.0"
    }
  }
}

provider "porkbun" {}

Credentials are read from:

export PORKBUN_API_KEY="pk1_..."
export PORKBUN_SECRET_API_KEY="sk1_..."

PORKBUN_SECRET_KEY is also accepted for compatibility with other Porkbun tooling.

DNS record

resource "porkbun_dns_record" "forgejo" {
  domain  = "fairlabs.dev"
  name    = "forgejo"
  type    = "A"
  content = "46.225.253.235"
  ttl     = 600
}

Import format:

tofu import porkbun_dns_record.forgejo fairlabs.dev/123456789

Local development override

Build the provider:

devenv shell build

Then configure OpenTofu/Terraform with a development override, for example in a temporary CLI config:

provider_installation {
  dev_overrides {
    "opentofu.fairlabs.dev/fairlabs/porkbun" = "/home/fer/repos/terraform-provider-porkbun/dist"
  }
  direct {}
}

Run OpenTofu with:

TF_CLI_CONFIG_FILE=/path/to/tofurc tofu init

Publishing to the Fairlabs registry

The provider is published to opentofu.fairlabs.dev/fairlabs/porkbun by GoReleaser's S3-compatible blob publisher.

One-time or when rotating the GPG release key:

init-registry-signing-key

Release from a clean tagged commit:

release-registry

The scripts read registry credentials from root@app-server-1 opentofu-registry-env when local AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY are unset. The Garage S3 API is reachable over the tailnet at http://app-server-1:3900.

Forgejo tag releases run GoReleaser in the tailnet and publish directly to Garage. Configure the workflow secrets REGISTRY_AWS_ACCESS_KEY_ID and REGISTRY_AWS_SECRET_ACCESS_KEY with the registry publisher key.