madundead/homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(dns): setup cloudflared tunnel and DNS records

Browse Source
This commit is contained in:
Kostiantyn Bukliei
2025-09-28 22:20:40 +03:00
parent b94d6e6f22
commit c29eeb5d14
12 changed files with 270 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
cloudflare/policies/main.tf Normal file
View File

@@ -0,0 +1,46 @@
resource "cloudflare_zero_trust_list" "family_emails" {
account_id = var.cloudflare_account_id
name = "Me & Family"
type = "EMAIL"
items = [
{
value = "madundead@gmail.com",
},
{
value = "mail.elenka@gmail.com"
}
]
}
resource "cloudflare_zero_trust_access_policy" "allow_myself" {
account_id = var.cloudflare_account_id
name = "Allow myself, by OTP via email"
decision = "allow"
include = [
{
email = {
email = var.cloudflare_email
}
}
]
}
resource "cloudflare_zero_trust_access_policy" "allow_myself_and_family" {
account_id = var.cloudflare_account_id
name = "Allow myself & Olena by OTP via email"
decision = "allow"
include = [
{
email_list = cloudflare_zero_trust_list.family_emails
}
]
}
resource "cloudflare_zero_trust_access_policy" "allow_everyone" {
account_id = var.cloudflare_account_id
name = "Allow everyone"
decision = "bypass"
include = [{
everyone = {}
}]
}

15
cloudflare/policies/output.tf Normal file
View File

@@ -0,0 +1,15 @@
output "allow_myself" {
description = "TODO"
value = cloudflare_zero_trust_access_policy.allow_myself
}
output "allow_myself_and_family" {
description = "TODO"
value = cloudflare_zero_trust_access_policy.allow_myself_and_family
}
output "allow_everyone" {
description = "TODO"
value = cloudflare_zero_trust_access_policy.allow_everyone
}

14
cloudflare/policies/variables.tf Normal file
View File

@@ -0,0 +1,14 @@
variable "cloudflare_zone_id" {
type = string
sensitive = true
}
variable "cloudflare_account_id" {
type = string
sensitive = true
}
variable "cloudflare_email" {
type = string
sensitive = true
}