From a3a3a00d05851b21bbc540722a5c1a0e25c16723 Mon Sep 17 00:00:00 2001 From: clarkzjw Date: Sun, 11 Dec 2022 00:45:11 -0800 Subject: infra: add cloudflare argo tunnel --- jinwei.me/infra/cloudflare.tf | 10 ++++++++++ jinwei.me/infra/outputs.tf | 7 +++++++ jinwei.me/infra/variables.tf | 6 ++++++ 3 files changed, 23 insertions(+) diff --git a/jinwei.me/infra/cloudflare.tf b/jinwei.me/infra/cloudflare.tf index a6ca299..aa94568 100644 --- a/jinwei.me/infra/cloudflare.tf +++ b/jinwei.me/infra/cloudflare.tf @@ -16,3 +16,13 @@ resource "cloudflare_record" "s3_bucket" { ttl = 1 proxied = true } + +resource "random_id" "argo_secret" { + byte_length = 35 +} + +resource "cloudflare_argo_tunnel" "tunnel" { + account_id = var.cloudflare_account_id + name = "${var.name}-aws-tunnel" + secret = random_id.argo_secret.b64_std +} diff --git a/jinwei.me/infra/outputs.tf b/jinwei.me/infra/outputs.tf index bb21fc5..9962113 100644 --- a/jinwei.me/infra/outputs.tf +++ b/jinwei.me/infra/outputs.tf @@ -35,3 +35,10 @@ output "s3" { policy = aws_s3_bucket_policy.main.policy } } + +output "tunnel" { + value = { + tunnel_secret = cloudflare_argo_tunnel.tunnel.secret + } + sensitive = true +} diff --git a/jinwei.me/infra/variables.tf b/jinwei.me/infra/variables.tf index 2ae72ed..192424c 100644 --- a/jinwei.me/infra/variables.tf +++ b/jinwei.me/infra/variables.tf @@ -64,3 +64,9 @@ variable "s3_cloudfront_name" { type = string default = "static.jinwei.me" } + +variable "cloudflare_account_id" { + description = "The Cloudflare UUID for the Account the Zone lives in." + type = string + sensitive = true +} -- cgit v1.2.3