# Argo tunnel resource "cloudflare_argo_tunnel" "atlas_main_tunnel" { account_id = var.cloudflare_account_id name = "${var.homelab_main_domain}-tunnel" secret = random_id.atlas_tunnel_secret.b64_std } resource "cloudflare_tunnel_config" "atlas_tunnel_route" { account_id = var.cloudflare_account_id tunnel_id = cloudflare_argo_tunnel.atlas_main_tunnel.id config { // TODO: https://github.com/cloudflare/terraform-provider-cloudflare/issues/2072 // It seems the `origin_request` here doesn't enable `no_tls_verify` in each ingress_rule // For now, you have to enable `no_tls_verify` in the dashboard # origin_request { # no_tls_verify = true # } ingress_rule { hostname = "bt.${var.homelab_main_domain}" path = "/" service = "http://127.0.0.1:8080" } ingress_rule { hostname = "edgerouterx.${var.homelab_main_domain}" path = "/" service = "https://${var.edgerouterx_ip}" } ingress_rule { hostname = "proxmox.${var.homelab_main_domain}" path = "/" service = "https://${var.proxmox_ip}:8006" } ingress_rule { service = "http_status:404" } } }