Tips-Of-Mine/terraform-cloudflare-dns-zone
Tips-Of-Mine/terraform-cloudflare-dns-zone
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Modify : add secret in Vault
All checks were successful
terraform validation / Terraform (push) Successful in 12s
Details

Browse Source
This commit is contained in:
Hubert Cornet 2025-01-18 14:23:04 +01:00
parent 3b730dd859
commit c9357e490d
4 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
main.tf
View File

@ -0,0 +1,3 @@
data "vault_generic_secret" "cloudflare" {
path = "secret/cloudflare"
}

14
provider.tf
View File

@ -4,11 +4,23 @@ terraform {
source = "cloudflare/cloudflare" source = "cloudflare/cloudflare"
version = "~> 4.50" version = "~> 4.50"
} }
vault = {
version = "~> 4.6.0"
}
} }
required_version = ">= 1.7.5" required_version = ">= 1.7.5"
} }
provider "cloudflare" { provider "cloudflare" {
api_token = var.cloudflare_api_token api_token = data.vault_generic_secret.cloudflare.data["api_token"]
# email = data.vault_generic_secret.cloudflare.data["email"]
# ip_server = data.vault_generic_secret.kv-cloudflare.data["ip_server"]
# zone_id = data.vault_generic_secret.kv-cloudflare.data["zone_id"]
} }
provider "vault" {
address = var.vault_url
skip_child_token = true
skip_tls_verify = true
token = var.vault_token
}

4
records_a.tf
View File

@ -1,7 +1,7 @@
resource "cloudflare_record" "a-root" { resource "cloudflare_record" "a-root" {
zone_id = var.cloudflare_zone_id zone_id = var.cloudflare_zone_id
comment = "Domain verification record A" comment = "Domain verification record A"
content = var.main_server content = var.ip_server_a
name = "a-root.tips-of-mine.com" name = "a-root.tips-of-mine.com"
proxied = false proxied = false
tags = [] tags = []
@ -12,7 +12,7 @@ resource "cloudflare_record" "a-root" {
resource "cloudflare_record" "b-root" { resource "cloudflare_record" "b-root" {
zone_id = var.cloudflare_zone_id zone_id = var.cloudflare_zone_id
comment = "Domain verification record B" comment = "Domain verification record B"
content = var.main_server content = var.ip_server_a
name = "@" name = "@"
proxied = false proxied = false
tags = [] tags = []

23
variables.tf
View File

@ -5,13 +5,6 @@ variable "cloudflare_email" {
default = "thedjinhn@gmail.com" default = "thedjinhn@gmail.com"
} }
variable "cloudflare_api_token" {
description = "Le jeton de l'API Cloudflare."
type = string
sensitive = true
default = "EiFZGvTTRwOgFB8-OiiNyuLGEPEZvqjM8ckpA-lA"
}
variable "cloudflare_zone_id" { variable "cloudflare_zone_id" {
description = "La zone DNS à laquelle ajouter l'enregistrement." description = "La zone DNS à laquelle ajouter l'enregistrement."
type = string type = string
@ -19,9 +12,23 @@ variable "cloudflare_zone_id" {
default = "82345d1f868f476b080d5ad04d39bd0c" default = "82345d1f868f476b080d5ad04d39bd0c"
} }
variable "main_server" { variable "ip_server_a" {
description = "Le serveur principal" description = "Le serveur principal"
type = string type = string
sensitive = true sensitive = true
default = "10.0.4.50" default = "10.0.4.50"
} }
variable "vault_url" {
description = "URL du serveur Vault"
type = string
sensitive = true
default = "https://vault.tips-of-mine.com"
}
variable "vault_token" {
description = "Token d'acces"
type = string
sensitive = true
default = "hvs.BUXBydP1Iy6leqNIo2wx478p"
}