From 14fc10a10ac68140f65fa90d2a9df57fe34e00b9 Mon Sep 17 00:00:00 2001 From: = <=> Date: Thu, 24 Oct 2024 18:39:30 +1300 Subject: [PATCH] Cloudflare DNS via TF --- terraform/cloudflare/main.tf | 31 +++++++++++----- terraform/cloudflare/variable_definitions.tf | 25 +++++++------ terraform/cloudflare/variables.auto.tfvars | 37 +++++++++++++++++--- 3 files changed, 68 insertions(+), 25 deletions(-) diff --git a/terraform/cloudflare/main.tf b/terraform/cloudflare/main.tf index 2e3cca9..8a3492b 100644 --- a/terraform/cloudflare/main.tf +++ b/terraform/cloudflare/main.tf @@ -8,7 +8,7 @@ terraform { } } backend "local" { - path = "/home/michael/Nextcloud/Backups/tfstate/cloudflare.tfstate" + path = pathexpand("~/Backups/tfstate/cloudflare.tfstate") } } @@ -16,27 +16,40 @@ provider "cloudflare" { api_token = var.api_token } -data "cloudflare_accounts" "default" { - name = var.account_name -} +data "cloudflare_accounts" "default" {} + +# output "accounts" { +# value = data.cloudflare_accounts.default.accounts[0] +# } resource "cloudflare_zone" "balsillie_net" { - account_id = data.cloudflare_accounts.default[0].id + account_id = data.cloudflare_accounts.default.accounts[0].id zone = "balsillie.net" paused = false plan = "free" type = "full" } -resource "cloudflare_dns_zone_dnssec" "balsillie_net" { +resource "cloudflare_zone_dnssec" "balsillie_net" { zone_id = cloudflare_zone.balsillie_net.id } -resource "cloudflare_dns_record" "example_record" { +resource "cloudflare_record" "a_records" { + for_each = var.a_records zone_id = cloudflare_zone.balsillie_net.id proxied = false type = "A" ttl = 60 - name = "@" - content = "5.161.254.39" + name = each.key + content = each.value +} + +resource "cloudflare_record" "cname_records" { + for_each = var.cname_records + zone_id = cloudflare_zone.balsillie_net.id + proxied = false + type = "CNAME" + ttl = 60 + name = each.key + content = each.value } \ No newline at end of file diff --git a/terraform/cloudflare/variable_definitions.tf b/terraform/cloudflare/variable_definitions.tf index 95bb10d..fe2c83f 100644 --- a/terraform/cloudflare/variable_definitions.tf +++ b/terraform/cloudflare/variable_definitions.tf @@ -5,17 +5,20 @@ variable "api_token" { sensitive = true } -variable "account_name" { - description = "Cloudflare account name" - type = string - default = "" -} - variable "a_records" { description = "DNS A records to create" - type = list(object({ - name = string - content = string - })) - default = [] + type = map(string) + default = {} +} + +variable "cname_records" { + description = "DNS CNAME records to create" + type = map(string) + default = {} +} + +variable "root_records" { + description = "Special root records to create with name @" + type = map(string) + default = {} } \ No newline at end of file diff --git a/terraform/cloudflare/variables.auto.tfvars b/terraform/cloudflare/variables.auto.tfvars index e6f793d..39c3460 100644 --- a/terraform/cloudflare/variables.auto.tfvars +++ b/terraform/cloudflare/variables.auto.tfvars @@ -1,6 +1,33 @@ -account_name = "balsillie" +root_records = { + a = "5.161.254.39", +} -a_records = [ - {name = "@", content = ""}, - {name = "www", content = ""} -] \ No newline at end of file +a_records = { + www = "5.161.254.39" + cloud = "5.161.254.39" + cloud = "5.161.254.39" + hetzner = "5.161.254.39" + imap = "5.161.254.39" + sieve = "5.161.254.39" + smtp = "5.161.254.39" +} + +cname_records = { + auth = "hetzner" + autoconfig = "hetzner" + autodiscover = "hetzner" + code = "hetzner" + discord-bridge = "hetzner" + im = "hetzner" + matrix = "hetzner" + matrix-auth = "hetzner" + matrix-federation = "hetzner" + matrix-sync = "hetzner" + mta-sts = "hetzner" + notify = "hetzner" + office = "hetzner" + signal-bridge = "hetzner" + social = "hetzner" + turn = "hetzner" + whatsapp-bridge = "hetzner" +} \ No newline at end of file