diff options
Diffstat (limited to 'clarkzjw.cc/infra/cloudflare_access.tf')
-rw-r--r-- | clarkzjw.cc/infra/cloudflare_access.tf | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/clarkzjw.cc/infra/cloudflare_access.tf b/clarkzjw.cc/infra/cloudflare_access.tf index 00dfcee..0708a53 100644 --- a/clarkzjw.cc/infra/cloudflare_access.tf +++ b/clarkzjw.cc/infra/cloudflare_access.tf | |||
@@ -1,5 +1,6 @@ | |||
1 | # Cloudflare Access Policy | 1 | # Cloudflare Access Policy |
2 | 2 | ||
3 | # bt | ||
3 | resource "cloudflare_access_application" "bt" { | 4 | resource "cloudflare_access_application" "bt" { |
4 | zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id | 5 | zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id |
5 | name = "bt.${var.homelab_main_domain}" | 6 | name = "bt.${var.homelab_main_domain}" |
@@ -20,3 +21,25 @@ resource "cloudflare_access_policy" "bt" { | |||
20 | email = [var.cloudflare_access_application_email] | 21 | email = [var.cloudflare_access_application_email] |
21 | } | 22 | } |
22 | } | 23 | } |
24 | |||
25 | # router | ||
26 | resource "cloudflare_access_application" "edgerouterx" { | ||
27 | zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id | ||
28 | name = "edgerouterx.${var.homelab_main_domain}" | ||
29 | domain = "edgerouterx.${var.homelab_main_domain}" | ||
30 | type = "self_hosted" | ||
31 | session_duration = "24h" | ||
32 | auto_redirect_to_identity = false | ||
33 | } | ||
34 | |||
35 | resource "cloudflare_access_policy" "edgerouterx" { | ||
36 | application_id = cloudflare_access_application.edgerouterx.id | ||
37 | zone_id = data.cloudflare_zones.homelab_main_domain.zones[0].id | ||
38 | name = "Allow" | ||
39 | precedence = "1" | ||
40 | decision = "allow" | ||
41 | |||
42 | include { | ||
43 | email = [var.cloudflare_access_application_email] | ||
44 | } | ||
45 | } | ||