1 files changed, 39 insertions, 0 deletions
diff --git a/clarkzjw.cc/infra/cloudflare.tf b/clarkzjw.cc/infra/cloudflare.tf
index 61d9868..0b40e57 100644
--- a/clarkzjw.cc/infra/cloudflare.tf
+++ b/clarkzjw.cc/infra/cloudflare.tf
@@ -1,3 +1,7 @@
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
 data "cloudflare_zones" "homelab_main_domain" {
  filter {
    name = var.homelab_main_domain
@@ -23,6 +27,41 @@ resource "cloudflare_record" "main" {
  proxied = true
 }
+# Argo tunnel
+resource "random_id" "atlas_tunnel_secret" {
+  byte_length = 35
+}
+resource "cloudflare_argo_tunnel" "atlas_main_tunnel" {
+  account_id = var.cloudflare_account_id
+  name       = "${var.homelab_main_domain}-tunnel"
+  secret     = random_id.atlas_tunnel_secret.b64_std
+}
+resource "cloudflare_record" "bt" {
+  zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id
+  name    = "bt.${var.homelab_main_domain}"
+  value   = "${cloudflare_argo_tunnel.atlas_main_tunnel.id}.cfargotunnel.com"
+  type    = "CNAME"
+  proxied = true
+}
+resource "cloudflare_tunnel_config" "atlas_tunnel_route" {
+  account_id = var.cloudflare_account_id
+  tunnel_id  = cloudflare_argo_tunnel.atlas_main_tunnel.id
+  config {
+    ingress_rule {
+      hostname = "bt.${var.homelab_main_domain}"
+      path     = "/"
+      service  = "http://127.0.0.1:8080"
+    }
+    ingress_rule {
+      service = "http_status:404"
+    }
+  }
+}
 # notify
 resource "cloudflare_record" "notify_SPF" {
  zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id

diff --git a/clarkzjw.cc/infra/cloudflare.tf b/clarkzjw.cc/infra/cloudflare.tf index 61d9868..0b40e57 100644 --- a/clarkzjw.cc/infra/cloudflare.tf +++ b/clarkzjw.cc/infra/cloudflare.tf
@@ -1,3 +1,7 @@
		1	provider "cloudflare" {
		2	api_token = var.cloudflare_api_token
		3	}
		4
1	data "cloudflare_zones" "homelab_main_domain" {	5	data "cloudflare_zones" "homelab_main_domain" {
2	filter {	6	filter {
3	name = var.homelab_main_domain	7	name = var.homelab_main_domain
@@ -23,6 +27,41 @@ resource "cloudflare_record" "main" {
23	proxied = true	27	proxied = true
24	}	28	}
25		29
		30	# Argo tunnel
		31	resource "random_id" "atlas_tunnel_secret" {
		32	byte_length = 35
		33	}
		34
		35	resource "cloudflare_argo_tunnel" "atlas_main_tunnel" {
		36	account_id = var.cloudflare_account_id
		37	name = "${var.homelab_main_domain}-tunnel"
		38	secret = random_id.atlas_tunnel_secret.b64_std
		39	}
		40
		41	resource "cloudflare_record" "bt" {
		42	zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id
		43	name = "bt.${var.homelab_main_domain}"
		44	value = "${cloudflare_argo_tunnel.atlas_main_tunnel.id}.cfargotunnel.com"
		45	type = "CNAME"
		46	proxied = true
		47	}
		48
		49	resource "cloudflare_tunnel_config" "atlas_tunnel_route" {
		50	account_id = var.cloudflare_account_id
		51	tunnel_id = cloudflare_argo_tunnel.atlas_main_tunnel.id
		52
		53	config {
		54	ingress_rule {
		55	hostname = "bt.${var.homelab_main_domain}"
		56	path = "/"
		57	service = "http://127.0.0.1:8080"
		58	}
		59	ingress_rule {
		60	service = "http_status:404"
		61	}
		62	}
		63	}
		64
26	# notify	65	# notify
27	resource "cloudflare_record" "notify_SPF" {	66	resource "cloudflare_record" "notify_SPF" {
28	zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id	67	zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id