diff options
| author | clarkzjw <[email protected]> | 2022-12-12 11:08:00 -0800 |
|---|---|---|
| committer | clarkzjw <[email protected]> | 2022-12-12 11:08:00 -0800 |
| commit | cb4a8bf8f4ffa263838d82b24b38845a74a6db60 (patch) | |
| tree | 8822a114a2c9e3a24d463f44797ed41041c84898 | |
| parent | 16145f12002624f098be35b4108d38d9d23146df (diff) | |
| download | jinwei.me-cb4a8bf8f4ffa263838d82b24b38845a74a6db60.tar.gz | |
infra: add argo tunnel ingress rule for ttrss, refactor needed
| -rw-r--r-- | jinwei.me/infra/cloudflare.tf | 17 | ||||
| -rw-r--r-- | jinwei.me/infra/variables.tf | 5 |
2 files changed, 22 insertions, 0 deletions
diff --git a/jinwei.me/infra/cloudflare.tf b/jinwei.me/infra/cloudflare.tf index 5d81462..ce1add3 100644 --- a/jinwei.me/infra/cloudflare.tf +++ b/jinwei.me/infra/cloudflare.tf | |||
| @@ -35,6 +35,18 @@ resource "cloudflare_record" "tunnel_dns" { | |||
| 35 | proxied = true | 35 | proxied = true |
| 36 | } | 36 | } |
| 37 | 37 | ||
| 38 | # TODO | ||
| 39 | # since cloudflare terraform provider does not provide an argo tunnel data source | ||
| 40 | # refactor this as a separate module? | ||
| 41 | # https://registry.terraform.io/providers/cloudflare/cloudflare/3.29.0 | ||
| 42 | resource "cloudflare_record" "rss_dns" { | ||
| 43 | zone_id = data.cloudflare_zones.domain.zones[0].id | ||
| 44 | name = var.feed_domain | ||
| 45 | value = "${cloudflare_argo_tunnel.tunnel.id}.cfargotunnel.com" | ||
| 46 | type = "CNAME" | ||
| 47 | proxied = true | ||
| 48 | } | ||
| 49 | |||
| 38 | resource "cloudflare_tunnel_config" "tunnel_route" { | 50 | resource "cloudflare_tunnel_config" "tunnel_route" { |
| 39 | account_id = var.cloudflare_account_id | 51 | account_id = var.cloudflare_account_id |
| 40 | tunnel_id = cloudflare_argo_tunnel.tunnel.id | 52 | tunnel_id = cloudflare_argo_tunnel.tunnel.id |
| @@ -46,6 +58,11 @@ resource "cloudflare_tunnel_config" "tunnel_route" { | |||
| 46 | service = "http://wordpress:80" | 58 | service = "http://wordpress:80" |
| 47 | } | 59 | } |
| 48 | ingress_rule { | 60 | ingress_rule { |
| 61 | hostname = "feed.jinwei.me" | ||
| 62 | path = "/" | ||
| 63 | service = "http://ttrss:80" | ||
| 64 | } | ||
| 65 | ingress_rule { | ||
| 49 | service = "http_status:404" | 66 | service = "http_status:404" |
| 50 | } | 67 | } |
| 51 | } | 68 | } |
diff --git a/jinwei.me/infra/variables.tf b/jinwei.me/infra/variables.tf index 87283cc..a3cf8bb 100644 --- a/jinwei.me/infra/variables.tf +++ b/jinwei.me/infra/variables.tf | |||
| @@ -55,6 +55,11 @@ variable "site_domain" { | |||
| 55 | default = "jinwei.me" | 55 | default = "jinwei.me" |
| 56 | } | 56 | } |
| 57 | 57 | ||
| 58 | variable "feed_domain" { | ||
| 59 | type = string | ||
| 60 | default = "feed.jinwei.me" | ||
| 61 | } | ||
| 62 | |||
| 58 | variable "s3_cdn_name" { | 63 | variable "s3_cdn_name" { |
| 59 | type = string | 64 | type = string |
| 60 | default = "static" | 65 | default = "static" |