Skip to content

Commit

Permalink
zero_trust
Browse files Browse the repository at this point in the history
  • Loading branch information
@ThomasCardin
ThomasCardin committed Nov 21, 2024
1 parent b5ce054 commit 5d20c83
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 4 deletions.
1 change: 1 addition & 0 deletions terraform/main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ module "cname-records" {

module "zero-trust-app" {
source = "./modules/zero_trust_application"
cloudflare_zone_id = var.cloudflare_zone_id
cloudflare_api_key = var.cloudflare_api_key

names = ["ollama", "argocd", "ceph", "grafana", "oauth2"]
Expand Down
8 changes: 4 additions & 4 deletions terraform/modules/zero_trust_application/main.tf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
resource "cloudflare_access_policy" "github-app-policy" {
zone_id = var.cloudflare_zone_id
name = "github-auth"
decision = "allow"
account_id = var.cloudflare_api_key
name = "github-auth"
decision = "allow"

include {
group = ["dc009146-1f84-4d2c-bbd4-670ee9d65d5d"]
Expand All @@ -12,7 +12,7 @@ resource "cloudflare_zero_trust_access_application" "app" {
depends_on = [cloudflare_access_policy.github-app-policy]
for_each = { for idx, name in var.names : idx => name }

account_id = var.cloudflare_api_key
zone_id = var.cloudflare_zone_id

name = each.value
domain = "${each.value}.ninebasetwo.net"
Expand Down
5 changes: 5 additions & 0 deletions terraform/modules/zero_trust_application/variables.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,11 @@ variable "names" {
type = list(string)
}

variable "cloudflare_zone_id" {
description = "The zone ID for Cloudflare"
type = string
}

variable "cloudflare_api_key" {
description = "The API key for Cloudflare"
type = string
Expand Down

0 comments on commit 5d20c83

Please sign in to comment.