feat(dns): setup cloudflared tunnel and DNS records

2025-09-28 22:20:40 +03:00
parent b94d6e6f22
commit 5093bb6187
12 changed files with 270 additions and 0 deletions
--- a/cloudflare/policies/main.tf
+++ b/cloudflare/policies/main.tf
@@ -0,0 +1,46 @@
+resource "cloudflare_zero_trust_list" "family_emails" {
+  account_id = var.cloudflare_account_id
+  name       = "Me & Family"
+  type = "EMAIL"
+  items = [
+    {
+      value = "madundead@gmail.com",
+    },
+    {
+      value = "mail.elenka@gmail.com"
+    }
+  ]
+}
+
+resource "cloudflare_zero_trust_access_policy" "allow_myself" {
+  account_id = var.cloudflare_account_id
+  name       = "Allow myself, by OTP via email"
+  decision   = "allow"
+  include = [
+    {
+      email = {
+        email = var.cloudflare_email
+      }
+    }
+  ]
+}
+
+resource "cloudflare_zero_trust_access_policy" "allow_myself_and_family" {
+  account_id = var.cloudflare_account_id
+  name       = "Allow myself & Olena by OTP via email"
+  decision   = "allow"
+  include = [
+    {
+      email_list = cloudflare_zero_trust_list.family_emails
+    }
+  ]
+}
+
+resource "cloudflare_zero_trust_access_policy" "allow_everyone" {
+  account_id = var.cloudflare_account_id
+  name       = "Allow everyone"
+  decision   = "bypass"
+  include = [{
+      everyone = { }
+  }]
+}