From 61b547c9444ac0f2ae925b794f8c65f3b1a429ce Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Fri, 13 Jan 2023 22:12:56 -0800
Subject: cloudflare: add edgerouterx

---
 clarkzjw.cc/infra/tunnel.tf | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'clarkzjw.cc/infra/tunnel.tf')

diff --git a/clarkzjw.cc/infra/tunnel.tf b/clarkzjw.cc/infra/tunnel.tf
index 4ec9a7f..ba929c2 100644
--- a/clarkzjw.cc/infra/tunnel.tf
+++ b/clarkzjw.cc/infra/tunnel.tf
@@ -10,11 +10,23 @@ resource "cloudflare_tunnel_config" "atlas_tunnel_route" {
   tunnel_id  = cloudflare_argo_tunnel.atlas_main_tunnel.id
 
   config {
+    // TODO: https://github.com/cloudflare/terraform-provider-cloudflare/issues/2072
+    // It seems the `origin_request` here doesn't enable `no_tls_verify` in each ingress_rule
+    // For now, you have to enable `no_tls_verify` in the dashboard
+    origin_request {
+        no_tls_verify            = true
+    }
     ingress_rule {
       hostname = "bt.${var.homelab_main_domain}"
       path     = "/"
       service  = "http://127.0.0.1:8080"
     }
+    ingress_rule {
+      hostname = "edgerouterx.${var.homelab_main_domain}"
+      path     = "/"
+      service  = "https://${var.edgerouterx_ip}"
+
+    }
     ingress_rule {
       service = "http_status:404"
     }
-- 
cgit v1.2.3