diff options
| author | clarkzjw <[email protected]> | 2022-12-11 00:59:31 -0800 |
|---|---|---|
| committer | clarkzjw <[email protected]> | 2022-12-11 00:59:31 -0800 |
| commit | 4ae902ee32a1c60255aaddd6bedbb32d5bad96ed (patch) | |
| tree | b693054cc9e56593688955ae2c6a9505958fa972 | |
| parent | a3a3a00d05851b21bbc540722a5c1a0e25c16723 (diff) | |
| download | jinwei.me-4ae902ee32a1c60255aaddd6bedbb32d5bad96ed.tar.gz | |
infra: add cloudflare argo tunnel route rules
| -rw-r--r-- | jinwei.me/infra/.terraform.lock.hcl | 32 | ||||
| -rw-r--r-- | jinwei.me/infra/cloudflare.tf | 24 | ||||
| -rw-r--r-- | jinwei.me/infra/outputs.tf | 4 | ||||
| -rw-r--r-- | jinwei.me/infra/versions.tf | 2 |
4 files changed, 43 insertions, 19 deletions
diff --git a/jinwei.me/infra/.terraform.lock.hcl b/jinwei.me/infra/.terraform.lock.hcl index e16e9bd..26d65b6 100644 --- a/jinwei.me/infra/.terraform.lock.hcl +++ b/jinwei.me/infra/.terraform.lock.hcl | |||
| @@ -2,22 +2,24 @@ | |||
| 2 | # Manual edits may be lost in future updates. | 2 | # Manual edits may be lost in future updates. |
| 3 | 3 | ||
| 4 | provider "registry.terraform.io/cloudflare/cloudflare" { | 4 | provider "registry.terraform.io/cloudflare/cloudflare" { |
| 5 | version = "2.19.2" | 5 | version = "3.29.0" |
| 6 | constraints = "2.19.2" | 6 | constraints = "~> 3.29" |
| 7 | hashes = [ | 7 | hashes = [ |
| 8 | "h1:gcgDf0Ltyopd5j30oCcnjceCyRpJmSBhTTwldOFnJEc=", | 8 | "h1:iGDvVJ6kdlopyhR3ONeoh8gZWZg8+M/seP7VM7gOp1I=", |
| 9 | "zh:35a4d37c7601b537e156a032730e2987f137017e38c9a1a383f75cfeccb1975e", | 9 | "zh:0947f7f9e0234aaeb6b5f344de4148a6379d05370937e1c255872697803c17cc", |
| 10 | "zh:3bdb1544aef7469813a699ba8d322248c96ffa05573c2bb990e1297aa95473d0", | 10 | "zh:17abb230abd852e0e4ed9921cd9aaf03336ad4a13a25b1040ed86cdbddf05123", |
| 11 | "zh:41a322d3eeeb0dde185ea7a9cafe952c445a683a6a372089f8d003d8d2f4b722", | 11 | "zh:2ddf550dbdf5c58bbb8d14de6b2dc76627bb92787b99328300fb312c51e12d1f", |
| 12 | "zh:447ec6386879ff56cd3a97fc5d20b428451a445f8846a0127f5788de9e213b3c", | 12 | "zh:4645758bdefe52c1aa260368522aff6fcb4e508c918e9b2c263c9debd7d71684", |
| 13 | "zh:4a1fa7c6c9e28916009fe3c7a9f7f944e8b4e307ab3d97a34d81ba66769160f6", | 13 | "zh:6047320a05d07045f7fb4b24c2540600473a94fc15a24ef99339a6690ab47dfe", |
| 14 | "zh:5a2cb0e8ddc725c78ba09a817105136f564c7f4fe0173633d82bc3f8005dc15a", | 14 | "zh:6db2d4e4bc3ab8b6107aec80a8041388c2a7722472c5efa6caf8435a453b1f33", |
| 15 | "zh:83c0edc0ddd6ad8e3c140dcecafccad69edd199d2526cc9be10d857316f3859e", | 15 | "zh:8b6b75a75567ae44a788128aebcbb59cebd9a9dbc4ddc1b05f4455734363d55a", |
| 16 | "zh:a5a1917943a9e8486dc3d0eb315bc899944fe67888e38b35999b6a79907ec762", | 16 | "zh:90c51deb4e96690ed73d8b8498d5ab2d7bb78597861bbef23fab18764371deb0", |
| 17 | "zh:a5cfcd8ec0fd3d0c80de8c519ee07b1e899b8f86d5f6f5800bc959190df9eb93", | 17 | "zh:9b0f89952afb5d00e31fb745f1ebb4ef677591ca62c002c744d23bcaa0d51e9a", |
| 18 | "zh:be3a37ef3f0991989a4e51e5fe16d9cf71571cb1ecb7a41b31d91c2ae2a3313d", | 18 | "zh:9cfe38d8ef5515d164f59b5f4ddc14bb8817051ea4efed54cb7834c66492dd79", |
| 19 | "zh:ef1155fd12e3528f686b6a59fc732e35265f8d08450bc27baf8ccebbcd4cff0c", | 19 | "zh:acf89e44b8643d52186ef5155c8889845681471abb60a933017cda9bc38d86ef", |
| 20 | "zh:f3a2293a7ccb14fa16472c7948498d5a19cb5f26e3aeb1b59756c7f9045c277b", | 20 | "zh:c09205c6f1e39994c2f707cce0758a2cd16949b33566a724644593d2a616ea41", |
| 21 | "zh:c5412f2868592db091b91361b7a85fa3a1a97282e9e6e1c5883dd5f6b5f2e86c", | ||
| 22 | "zh:ff93702ca9a99863914718ae4214acffa1a72d481c8e1d3254ccf5930a2d7e10", | ||
| 21 | ] | 23 | ] |
| 22 | } | 24 | } |
| 23 | 25 | ||
diff --git a/jinwei.me/infra/cloudflare.tf b/jinwei.me/infra/cloudflare.tf index aa94568..4f23b40 100644 --- a/jinwei.me/infra/cloudflare.tf +++ b/jinwei.me/infra/cloudflare.tf | |||
| @@ -26,3 +26,27 @@ resource "cloudflare_argo_tunnel" "tunnel" { | |||
| 26 | name = "${var.name}-aws-tunnel" | 26 | name = "${var.name}-aws-tunnel" |
| 27 | secret = random_id.argo_secret.b64_std | 27 | secret = random_id.argo_secret.b64_std |
| 28 | } | 28 | } |
| 29 | |||
| 30 | resource "cloudflare_record" "tunnel_dns" { | ||
| 31 | zone_id = data.cloudflare_zones.domain.zones[0].id | ||
| 32 | name = "next.${var.site_domain}" | ||
| 33 | value = "${cloudflare_argo_tunnel.tunnel.id}.cfargotunnel.com" | ||
| 34 | type = "CNAME" | ||
| 35 | proxied = true | ||
| 36 | } | ||
| 37 | |||
| 38 | resource "cloudflare_tunnel_config" "tunnel_route" { | ||
| 39 | account_id = var.cloudflare_account_id | ||
| 40 | tunnel_id = cloudflare_argo_tunnel.tunnel.id | ||
| 41 | |||
| 42 | config { | ||
| 43 | ingress_rule { | ||
| 44 | hostname = "next.jinwei.me" | ||
| 45 | path = "/" | ||
| 46 | service = "http://127.0.0.1:30080" | ||
| 47 | } | ||
| 48 | ingress_rule { | ||
| 49 | service = "http_status:404" | ||
| 50 | } | ||
| 51 | } | ||
| 52 | } | ||
diff --git a/jinwei.me/infra/outputs.tf b/jinwei.me/infra/outputs.tf index 9962113..46c9486 100644 --- a/jinwei.me/infra/outputs.tf +++ b/jinwei.me/infra/outputs.tf | |||
| @@ -37,8 +37,6 @@ output "s3" { | |||
| 37 | } | 37 | } |
| 38 | 38 | ||
| 39 | output "tunnel" { | 39 | output "tunnel" { |
| 40 | value = { | 40 | value = cloudflare_argo_tunnel.tunnel |
| 41 | tunnel_secret = cloudflare_argo_tunnel.tunnel.secret | ||
| 42 | } | ||
| 43 | sensitive = true | 41 | sensitive = true |
| 44 | } | 42 | } |
diff --git a/jinwei.me/infra/versions.tf b/jinwei.me/infra/versions.tf index 3200530..62b3386 100644 --- a/jinwei.me/infra/versions.tf +++ b/jinwei.me/infra/versions.tf | |||
| @@ -6,7 +6,7 @@ terraform { | |||
| 6 | } | 6 | } |
| 7 | cloudflare = { | 7 | cloudflare = { |
| 8 | source = "cloudflare/cloudflare" | 8 | source = "cloudflare/cloudflare" |
| 9 | version = "2.19.2" | 9 | version = "~> 3.29" |
| 10 | } | 10 | } |
| 11 | } | 11 | } |
| 12 | } | 12 | } |