Cloudflare DNS via TF

2024-10-24 18:39:30 +13:00 · 2024-10-24 18:39:30 +13:00 · 14fc10a10a
commit 14fc10a10a
parent fe38bebbd5
3 changed files with 68 additions and 25 deletions
--- a/terraform/cloudflare/main.tf
+++ b/terraform/cloudflare/main.tf
@ -8,7 +8,7 @@ terraform {
    }
  }
  backend "local" {
-    path = "/home/michael/Nextcloud/Backups/tfstate/cloudflare.tfstate"
+    path = pathexpand("~/Backups/tfstate/cloudflare.tfstate")
  }
 }
@ -16,27 +16,40 @@ provider "cloudflare" {
    api_token = var.api_token
 }
-data "cloudflare_accounts" "default" {
+data "cloudflare_accounts" "default" {}
-    name = var.account_name
+
-}
+# output "accounts" {
 #     value = data.cloudflare_accounts.default.accounts[0]
 # }
 resource "cloudflare_zone" "balsillie_net" {
-    account_id = data.cloudflare_accounts.default[0].id
+    account_id = data.cloudflare_accounts.default.accounts[0].id
    zone = "balsillie.net"
    paused = false
    plan = "free"
    type = "full"
 }
-resource "cloudflare_dns_zone_dnssec" "balsillie_net" {
+resource "cloudflare_zone_dnssec" "balsillie_net" {
    zone_id = cloudflare_zone.balsillie_net.id
 }
-resource "cloudflare_dns_record" "example_record" {
+resource "cloudflare_record" "a_records" {
    for_each = var.a_records
    zone_id = cloudflare_zone.balsillie_net.id
    proxied = false
    type    = "A"
    ttl     = 60
-    name    = "@"
+    name    = each.key
-    content   = "5.161.254.39"
+    content   = each.value
 }
 resource "cloudflare_record" "cname_records" {
    for_each = var.cname_records
    zone_id = cloudflare_zone.balsillie_net.id
    proxied = false
    type    = "CNAME"
    ttl     = 60
    name    = each.key
    content   = each.value
 }
--- a/terraform/cloudflare/variable_definitions.tf
+++ b/terraform/cloudflare/variable_definitions.tf
@ -5,17 +5,20 @@ variable "api_token" {
    sensitive   = true
 }
 variable "account_name" {
    description = "Cloudflare account name"
    type        = string
    default     = ""
 }
 variable "a_records" {
    description = "DNS A records to create"
-    type        = list(object({
+    type        = map(string)
-        name    = string
+    default     = {}
-        content = string
+}
-    }))
+
-    default     = []
+variable "cname_records" {
    description = "DNS CNAME records to create"
    type        = map(string)
    default     = {}
 }
 variable "root_records" {
    description = "Special root records to create with name @"
    type        = map(string)
    default     = {}
 }
--- a/terraform/cloudflare/variables.auto.tfvars
+++ b/terraform/cloudflare/variables.auto.tfvars
@ -1,6 +1,33 @@
-account_name = "balsillie"
+root_records = {
    a = "5.161.254.39",
 }
-a_records = [
+a_records = {
-    {name = "@", content = ""},
+    www     =   "5.161.254.39"
-    {name = "www", content = ""}
+    cloud   =   "5.161.254.39"
-]
+    cloud   =   "5.161.254.39"
    hetzner =   "5.161.254.39"
    imap    =   "5.161.254.39"
    sieve   =   "5.161.254.39"
    smtp    =   "5.161.254.39"
 }
 cname_records = {
    auth                    =   "hetzner"
    autoconfig              =   "hetzner"
    autodiscover            =   "hetzner"
    code                    =   "hetzner"
    discord-bridge          =   "hetzner"
    im                      =   "hetzner"
    matrix                  =   "hetzner"
    matrix-auth             =   "hetzner"
    matrix-federation       =   "hetzner"
    matrix-sync             =   "hetzner"
    mta-sts                 =   "hetzner"
    notify                  =   "hetzner"
    office                  =   "hetzner"
    signal-bridge           =   "hetzner"
    social                  =   "hetzner"
    turn                    =   "hetzner"
    whatsapp-bridge         =   "hetzner"
 }