correct : subdomain

2025-11-24 15:20:07 +01:00
parent 044f5d305f
commit 2a26695fec
5 changed files with 60 additions and 19 deletions
--- a/Access_Controls-Applications-rdp.tf
+++ b/Access_Controls-Applications-rdp.tf
@@ -32,7 +32,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_rdp_doma
  custom_non_identity_deny_url = "https://denied.tips-of-mine.org/"

  # Public hostname for browser rendering
-  domain = var.cloudflare_subdomain_rdp
+  domain = var.cloudflare_aws_subdomain_rdp

  # Target criteria - references the existing gcp_rdp_target
  target_criteria = [{
@@ -93,7 +93,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_gcp_app_rdp_doma
  custom_non_identity_deny_url = "https://denied.tips-of-mine.org/"

  # Public hostname for browser rendering
-  domain = var.cloudflare_subdomain_rdp
+  domain = var.cloudflare_gcp_subdomain_rdp

  # Target criteria - references the existing gcp_rdp_target
  target_criteria = [{
--- a/Access_Controls-Applications-ssh.tf
+++ b/Access_Controls-Applications-ssh.tf
@@ -21,7 +21,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_ssh_brow

  destinations = [{
    type = "public"
-    uri  = var.cloudflare_subdomain_ssh
+    uri  = var.cloudflare_aws_subdomain_ssh
  }]

  allowed_idps                = [
@@ -60,7 +60,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_gcp_app_ssh_brow

  destinations = [{
    type = "public"
-    uri  = var.cloudflare_subdomain_ssh
+    uri  = var.cloudflare_gcp_subdomain_ssh
  }]

  allowed_idps                = [
--- a/Access_Controls-Applications-vnc.tf
+++ b/Access_Controls-Applications-vnc.tf
@@ -21,7 +21,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_aws_app_vnc_brow

  destinations = [{
    type = "public"
-    uri  = var.cloudflare_subdomain_vnc
+    uri  = var.cloudflare_aws_subdomain_vnc
  }]

  allowed_idps                = [
@@ -55,7 +55,7 @@ resource "cloudflare_zero_trust_access_application" "cloudflare_gcp_app_vnc_brow

  destinations = [{
    type = "public"
-    uri  = var.cloudflare_subdomain_vnc
+    uri  = var.cloudflare_gcp_subdomain_vnc
  }]

  allowed_idps                = [
--- a/variables.auto.tfvars
+++ b/variables.auto.tfvars
@@ -96,12 +96,19 @@ cloudflare_windows_rdp_tunnel_name_gcp = "Tunnel GCP (Windows RDP)"
 #cloudflare_warp_tunnel_gcp_id   = "ad04a3ed-a1a1-********"

 # Subdomains
-cloudflare_subdomain_ssh            = "ssh-database.tips-of-mine.org"
-cloudflare_subdomain_vnc            = "vnc.tips-of-mine.org"
-cloudflare_subdomain_web            = "intranet.tips-of-mine.org"
-cloudflare_subdomain_rdp            = "rdp.tips-of-mine.org"
-cloudflare_subdomain_web_sensitive  = "competition.tips-of-mine.org"
-cloudflare_subdomain_training_status = "training-status.tips-of-mine.org"
+cloudflare_aws_subdomain_ssh             = "ssh-database.aws.tips-of-mine.org"
+cloudflare_aws_subdomain_vnc             = "vnc.aws.tips-of-mine.org"
+cloudflare_aws_subdomain_web             = "intranet.aws.tips-of-mine.org"
+cloudflare_aws_subdomain_rdp             = "rdp.aws.tips-of-mine.org"
+cloudflare_aws_subdomain_web_sensitive   = "competition.aws.tips-of-mine.org"
+cloudflare_aws_subdomain_training_status = "training-status.aws.tips-of-mine.org"
+
+cloudflare_gcp_subdomain_ssh             = "ssh-database.gcp.tips-of-mine.org"
+cloudflare_gcp_subdomain_vnc             = "vnc.gcp.tips-of-mine.org"
+cloudflare_gcp_subdomain_web             = "intranet.gcp.tips-of-mine.org"
+cloudflare_gcp_subdomain_rdp             = "rdp.gcp.tips-of-mine.org"
+cloudflare_gcp_subdomain_web_sensitive   = "competition.gcp.tips-of-mine.org"
+cloudflare_gcp_subdomain_training_status = "training-status.gcp.tips-of-mine.org"

 # Targets
 cloudflare_aws_target_ssh_name = "AWS-database"
--- a/variables.tf
+++ b/variables.tf
@@ -475,35 +475,69 @@ variable "cloudflare_windows_rdp_tunnel_name_gcp" {
 #}

 #======================================================
-# CLOUDFLARE DNS SUBDOMAIN CONFIGURATION
+# CLOUDFLARE DNS SUBDOMAIN CONFIGURATION AWS
 #======================================================

-variable "cloudflare_subdomain_ssh" {
+variable "cloudflare_aws_subdomain_ssh" {
  description = "Name of the subdomain for ssh public hostname of tunnel"
  type        = string
 }

-variable "cloudflare_subdomain_vnc" {
+variable "cloudflare_aws_subdomain_vnc" {
  description = "Name of the subdomain for VNC public hostname of tunnel"
  type        = string
 }

-variable "cloudflare_subdomain_web" {
+variable "cloudflare_aws_subdomain_web" {
  description = "Name of the subdomain for web public hostname of tunnel"
  type        = string
 }

-variable "cloudflare_subdomain_web_sensitive" {
+variable "cloudflare_aws_subdomain_web_sensitive" {
  description = "Name of the subdomain for web sensitive public hostname of tunnel"
  type        = string
 }

-variable "cloudflare_subdomain_rdp" {
+variable "cloudflare_aws_subdomain_rdp" {
  description = "Name of the subdomain for rdp browser rendered public hostname"
  type        = string
 }

-variable "cloudflare_subdomain_training_status" {
+variable "cloudflare_aws_subdomain_training_status" {
+  description = "Name of the subdomain for training status admin portal (OPTIONAL: only needed if using optional-cloudflare-apps.tf)"
+  type        = string
+}
+
+#======================================================
+# CLOUDFLARE DNS SUBDOMAIN CONFIGURATION GCP
+#======================================================
+
+variable "cloudflare_gcp_subdomain_ssh" {
+  description = "Name of the subdomain for ssh public hostname of tunnel"
+  type        = string
+}
+
+variable "cloudflare_gcp_subdomain_vnc" {
+  description = "Name of the subdomain for VNC public hostname of tunnel"
+  type        = string
+}
+
+variable "cloudflare_gcp_subdomain_web" {
+  description = "Name of the subdomain for web public hostname of tunnel"
+  type        = string
+}
+
+variable "cloudflare_gcp_subdomain_web_sensitive" {
+  description = "Name of the subdomain for web sensitive public hostname of tunnel"
+  type        = string
+}
+
+variable "cloudflare_gcp_subdomain_rdp" {
+  description = "Name of the subdomain for rdp browser rendered public hostname"
+  type        = string
+}
+
+variable "cloudflare_gcp_subdomain_training_status" {
  description = "Name of the subdomain for training status admin portal (OPTIONAL: only needed if using optional-cloudflare-apps.tf)"
  type        = string
 }