From 32bf20525f2db86927b62bc90d80f7807def4ded Mon Sep 17 00:00:00 2001 From: Erich Blume Date: Tue, 3 Mar 2026 07:54:20 -0800 Subject: [PATCH] Add forge.eblu.me DNS CNAME and Fly.io TLS certificate Add CNAME record pointing forge.eblu.me to blumeops-proxy.fly.dev in Pulumi Gandi config. Add forge.eblu.me to fly-setup cert list. Co-Authored-By: Claude Opus 4.6 --- mise-tasks/fly-setup | 1 + pulumi/gandi/__main__.py | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/mise-tasks/fly-setup b/mise-tasks/fly-setup index 63304db..0c5cb56 100755 --- a/mise-tasks/fly-setup +++ b/mise-tasks/fly-setup @@ -22,6 +22,7 @@ echo "IPs allocated" # Add certs for all public domains (idempotent — fly ignores duplicates) fly certs add docs.eblu.me -a "$APP" 2>/dev/null || true fly certs add cv.eblu.me -a "$APP" 2>/dev/null || true +fly certs add forge.eblu.me -a "$APP" 2>/dev/null || true echo "Certificates configured" echo "Done. Run 'mise run fly-deploy' to deploy." diff --git a/pulumi/gandi/__main__.py b/pulumi/gandi/__main__.py index df6ad34..e448ed2 100644 --- a/pulumi/gandi/__main__.py +++ b/pulumi/gandi/__main__.py @@ -76,6 +76,15 @@ cv_public = gandi.livedns.Record( values=["blumeops-proxy.fly.dev."], ) +forge_public = gandi.livedns.Record( + "forge-public", + zone=domain, + name="forge", + type="CNAME", + ttl=300, + values=["blumeops-proxy.fly.dev."], +) + # ============== Exports ============== pulumi.export("domain", domain) pulumi.export("wildcard_fqdn", f"*.{subdomain}.{domain}") @@ -83,3 +92,4 @@ pulumi.export("base_fqdn", f"{subdomain}.{domain}") pulumi.export("target_ip", tailscale_ip) pulumi.export("docs_public_fqdn", f"docs.{domain}") pulumi.export("cv_public_fqdn", f"cv.{domain}") +pulumi.export("forge_public_fqdn", f"forge.{domain}")