Terraform creates tunnel and cname record #2
6
.gitignore
vendored
6
.gitignore
vendored
@ -1,3 +1,9 @@
|
||||
.idea/
|
||||
*.iml
|
||||
terraform/.secrets
|
||||
/terraform/.terraform/
|
||||
/terraform/.terraform.lock.hcl
|
||||
/terraform/destroy.tfplan
|
||||
/terraform/exercise.tfplan
|
||||
/terraform/terraform.tfstate
|
||||
/terraform/terraform.tfstate.backup
|
||||
|
@ -16,6 +16,7 @@ Secrets required for Terraform can be stored in a file:
|
||||
ex. terraform/.secrets which is already ignored by Git
|
||||
|
||||
Required variables:
|
||||
|
||||
```shell
|
||||
export TF_VAR_cloudflare_token=<cloudflare_token>
|
||||
export TF_VAR_zone_id=<cloudflare_zone_id>
|
||||
|
5
terraform/hose.sh
Executable file
5
terraform/hose.sh
Executable file
@ -0,0 +1,5 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
terraform plan -destroy -out destroy.tfplan
|
||||
|
||||
terraform apply destroy.tfplan
|
26
terraform/main.tf
Normal file
26
terraform/main.tf
Normal file
@ -0,0 +1,26 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
cloudflare = {
|
||||
source = "cloudflare/cloudflare"
|
||||
version = "~>4.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "cloudflare" {
|
||||
api_token = var.cloudflare_token
|
||||
}
|
||||
|
||||
resource "cloudflare_tunnel" "tunnel" {
|
||||
account_id = var.account_id
|
||||
name = "exercise"
|
||||
secret = var.tunnel_secret
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "notfound" {
|
||||
name = "notfound"
|
||||
type = "CNAME"
|
||||
zone_id = var.zone_id
|
||||
value = cloudflare_tunnel.tunnel.cname
|
||||
proxied = true
|
||||
}
|
14
terraform/run.sh
Executable file
14
terraform/run.sh
Executable file
@ -0,0 +1,14 @@
|
||||
#!/usr/bin/env sh
|
||||
|
||||
export TF_IN_AUTOMATION=true
|
||||
|
||||
terraform init -upgrade
|
||||
|
||||
terraform fmt -recursive
|
||||
|
||||
terraform validate || exit
|
||||
|
||||
terraform plan -out exercise.tfplan
|
||||
|
||||
terraform apply exercise.tfplan
|
||||
|
19
terraform/variables.tf
Normal file
19
terraform/variables.tf
Normal file
@ -0,0 +1,19 @@
|
||||
variable "cloudflare_token" {
|
||||
type = string
|
||||
description = "The token used to authenticate with Cloudflare (must have DNS:edit Account/Cloudflare Tunnel: edit privs)"
|
||||
}
|
||||
|
||||
variable "account_id" {
|
||||
type = string
|
||||
description = "The ID for the Cloudflare account to make the tunnel under"
|
||||
}
|
||||
|
||||
variable "zone_id" {
|
||||
type = string
|
||||
description = "The ID for the Cloudflare zone (the domain the tunnel will be running on)"
|
||||
}
|
||||
|
||||
variable "tunnel_secret" {
|
||||
type = string
|
||||
default = "The secret for the tunnel"
|
||||
}
|
Loading…
Reference in New Issue
Block a user