Merge pull request 'Terraform creates tunnel and cname record' (#2) from develop into main

Reviewed-on: #2
2024-03-19 10:16:55 -05:00 · 2024-03-19 10:16:55 -05:00 · 1126049762
commit 1126049762
parent 08f640cc64 e2912c4610
6 changed files with 71 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,9 @@
 .idea/
 *.iml
 terraform/.secrets
+/terraform/.terraform/
+/terraform/.terraform.lock.hcl
+/terraform/destroy.tfplan
+/terraform/exercise.tfplan
+/terraform/terraform.tfstate
+/terraform/terraform.tfstate.backup
--- a/README.md
+++ b/README.md
@ -16,6 +16,7 @@ Secrets required for Terraform can be stored in a file:
 ex. terraform/.secrets which is already ignored by Git

 Required variables:
+
 ```shell
 export TF_VAR_cloudflare_token=<cloudflare_token>
 export TF_VAR_zone_id=<cloudflare_zone_id>
--- a/terraform/hose.sh
+++ b/terraform/hose.sh
@ -0,0 +1,5 @@
+#!/usr/bin/env sh
+
+terraform plan -destroy -out destroy.tfplan
+
+terraform apply destroy.tfplan
--- a/terraform/main.tf
+++ b/terraform/main.tf
@ -0,0 +1,26 @@
+terraform {
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~>4.0"
+    }
+  }
+}
+
+provider "cloudflare" {
+  api_token = var.cloudflare_token
+}
+
+resource "cloudflare_tunnel" "tunnel" {
+  account_id = var.account_id
+  name       = "exercise"
+  secret     = var.tunnel_secret
+}
+
+resource "cloudflare_record" "notfound" {
+  name    = "notfound"
+  type    = "CNAME"
+  zone_id = var.zone_id
+  value   = cloudflare_tunnel.tunnel.cname
+  proxied = true
+}
--- a/terraform/run.sh
+++ b/terraform/run.sh
@ -0,0 +1,14 @@
+#!/usr/bin/env sh
+
+export TF_IN_AUTOMATION=true
+
+terraform init -upgrade
+
+terraform fmt -recursive
+
+terraform validate || exit
+
+terraform plan -out exercise.tfplan
+
+terraform apply exercise.tfplan
+
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@ -0,0 +1,19 @@
+variable "cloudflare_token" {
+  type        = string
+  description = "The token used to authenticate with Cloudflare (must have DNS:edit Account/Cloudflare Tunnel: edit privs)"
+}
+
+variable "account_id" {
+  type        = string
+  description = "The ID for the Cloudflare account to make the tunnel under"
+}
+
+variable "zone_id" {
+  type        = string
+  description = "The ID for the Cloudflare zone (the domain the tunnel will be running on)"
+}
+
+variable "tunnel_secret" {
+  type    = string
+  default = "The secret for the tunnel"
+}