From f78d8596ab94f45bd2102105c7858b896afe7233 Mon Sep 17 00:00:00 2001
From: Fabian Fischer <glrf@users.noreply.github.com>
Date: Mon, 25 Apr 2022 11:04:54 +0200
Subject: [PATCH] Cleanup DNS records

* Switch to an `ingress.` A record and make the wildcard `*.apps.` a
  CNAME. This allows adding more cnames pointing to the ingress.
* Add `egress.` A record matching the PTR record introduced earlier.
---
 outputs.tf         | 1 +
 templates/dns.zone | 5 ++++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/outputs.tf b/outputs.tf
index 8a7296c..93140ea 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -3,6 +3,7 @@ output "dns_entries" {
     "node_name_suffix" = local.node_name_suffix,
     "api_vip"          = var.lb_count != 0 ? split("/", module.lb.api_vip[0].network)[0] : ""
     "router_vip"       = var.lb_count != 0 ? split("/", module.lb.router_vip[0].network)[0] : ""
+    "egress_vip"       = var.lb_count != 0 ? split("/", module.lb.nat_vip[0].network)[0] : ""
     "internal_vip"     = cidrhost(var.privnet_cidr, 100),
     "masters"          = module.master.ip_addresses,
     "cluster_id"       = var.cluster_id,
diff --git a/templates/dns.zone b/templates/dns.zone
index cb19374..88cf337 100644
--- a/templates/dns.zone
+++ b/templates/dns.zone
@@ -3,7 +3,10 @@ $ORIGIN ${node_name_suffix}.
 
 api       IN A     ${api_vip}
 api-int   IN A     ${internal_vip}
-*.apps    IN A     ${router_vip}
+ingress   IN A     ${router_vip}
+egress    IN A     ${egress_vip}
+
+*.apps    IN CNAME ingress.${node_name_suffix}
 
 %{ for i, addr in lbs ~}
 ${lb_hostnames[i]} IN A     ${addr}