Cloudflare DNS via TF

2024-10-24 18:39:30 +13:00 · 2024-10-24 18:39:30 +13:00 · 14fc10a10a
commit 14fc10a10a
parent fe38bebbd5
3 changed files with 68 additions and 25 deletions
--- a/terraform/cloudflare/main.tf
+++ b/terraform/cloudflare/main.tf
@ -8,7 +8,7 @@ terraform {
    }
  }
  backend "local" {
-    path = "/home/michael/Nextcloud/Backups/tfstate/cloudflare.tfstate"
+    path = pathexpand("~/Backups/tfstate/cloudflare.tfstate")
  }
 }

@ -16,27 +16,40 @@ provider "cloudflare" {
    api_token = var.api_token
 }

-data "cloudflare_accounts" "default" {
-    name = var.account_name
-}
+data "cloudflare_accounts" "default" {}
+
+# output "accounts" {
+#     value = data.cloudflare_accounts.default.accounts[0]
+# }

 resource "cloudflare_zone" "balsillie_net" {
-    account_id = data.cloudflare_accounts.default[0].id
+    account_id = data.cloudflare_accounts.default.accounts[0].id
    zone = "balsillie.net"
    paused = false
    plan = "free"
    type = "full"
 }

-resource "cloudflare_dns_zone_dnssec" "balsillie_net" {
+resource "cloudflare_zone_dnssec" "balsillie_net" {
    zone_id = cloudflare_zone.balsillie_net.id
 }

-resource "cloudflare_dns_record" "example_record" {
+resource "cloudflare_record" "a_records" {
+    for_each = var.a_records
    zone_id = cloudflare_zone.balsillie_net.id
    proxied = false
    type    = "A"
    ttl     = 60
-    name    = "@"
-    content   = "5.161.254.39"
+    name    = each.key
+    content   = each.value
+}
+
+resource "cloudflare_record" "cname_records" {
+    for_each = var.cname_records
+    zone_id = cloudflare_zone.balsillie_net.id
+    proxied = false
+    type    = "CNAME"
+    ttl     = 60
+    name    = each.key
+    content   = each.value
 }
--- a/terraform/cloudflare/variable_definitions.tf
+++ b/terraform/cloudflare/variable_definitions.tf
@ -5,17 +5,20 @@ variable "api_token" {
    sensitive   = true
 }

-variable "account_name" {
-    description = "Cloudflare account name"
-    type        = string
-    default     = ""
-}
-
 variable "a_records" {
    description = "DNS A records to create"
-    type        = list(object({
-        name    = string
-        content = string
-    }))
-    default     = []
+    type        = map(string)
+    default     = {}
+}
+
+variable "cname_records" {
+    description = "DNS CNAME records to create"
+    type        = map(string)
+    default     = {}
+}
+
+variable "root_records" {
+    description = "Special root records to create with name @"
+    type        = map(string)
+    default     = {}
 }
--- a/terraform/cloudflare/variables.auto.tfvars
+++ b/terraform/cloudflare/variables.auto.tfvars
@ -1,6 +1,33 @@
-account_name = "balsillie"
+root_records = {
+    a = "5.161.254.39",
+}

-a_records = [
-    {name = "@", content = ""},
-    {name = "www", content = ""}
-]
+a_records = {
+    www     =   "5.161.254.39"
+    cloud   =   "5.161.254.39"
+    cloud   =   "5.161.254.39"
+    hetzner =   "5.161.254.39"
+    imap    =   "5.161.254.39"
+    sieve   =   "5.161.254.39"
+    smtp    =   "5.161.254.39"
+}
+
+cname_records = {
+    auth                    =   "hetzner"
+    autoconfig              =   "hetzner"
+    autodiscover            =   "hetzner"
+    code                    =   "hetzner"
+    discord-bridge          =   "hetzner"
+    im                      =   "hetzner"
+    matrix                  =   "hetzner"
+    matrix-auth             =   "hetzner"
+    matrix-federation       =   "hetzner"
+    matrix-sync             =   "hetzner"
+    mta-sts                 =   "hetzner"
+    notify                  =   "hetzner"
+    office                  =   "hetzner"
+    signal-bridge           =   "hetzner"
+    social                  =   "hetzner"
+    turn                    =   "hetzner"
+    whatsapp-bridge         =   "hetzner"
+}