From 78e7effc80abe070c165f295489f6a4530023f09 Mon Sep 17 00:00:00 2001 From: Hubert Cornet Date: Tue, 18 Nov 2025 09:21:19 +0100 Subject: [PATCH] Update networks_connectors.tf --- networks_connectors.tf | 101 ----------------------------------------- 1 file changed, 101 deletions(-) diff --git a/networks_connectors.tf b/networks_connectors.tf index e8f4a8b..cf12b41 100644 --- a/networks_connectors.tf +++ b/networks_connectors.tf @@ -14,104 +14,3 @@ data "cloudflare_zero_trust_tunnel_cloudflared_token" "home_tunnel_token" { account_id = local.cloudflare_account_id tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id } - -# ============================================================================= -# CLOUDFLARE : Networks : Routes -# ============================================================================= - -# -resource "cloudflare_zero_trust_tunnel_cloudflared_route" "home_tunnel_route" { - account_id = local.cloudflare_account_id - network = var.tunnel_network - tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id - comment = var.tunnel_network_comment -} - -# -#data "cloudflare_zero_trust_tunnel_cloudflared_route" "home_tunnel_route_token" { -# account_id = "699d98642c564d2e855e9661899b7252" -# route_id = cloudflare_zero_trust_tunnel_cloudflared_route.home_tunnel_route.id -#} - -# ============================================================================= -# DNS RECORDS (un par application) -# ============================================================================= - -resource "cloudflare_dns_record" "applications" { - for_each = var.applications - - zone_id = local.cloudflare_zone_id - name = each.value.subdomain - content = "${cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id}.cfargotunnel.com" - type = "CNAME" - ttl = var.dns_ttl - proxied = var.dns_proxied - comment = "Managed by Terraform - ${each.key} via Cloudflare Tunnel" -} - -# ============================================================================= -# TUNNEL CONFIGURATION -# ============================================================================= - -resource "cloudflare_zero_trust_tunnel_cloudflared_config" "home_tunnel_config" { - tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id - account_id = local.cloudflare_account_id - - config = { - warp_routing = { - enabled = var.tunnel_warp_routing_enabled - } - - ingress = local.ingress_rules - } - - lifecycle { - # Ignorer les changements manuels dans Cloudflare Dashboard - ignore_changes = [config] - } -} - -# ============================================================================= -# ACCESS POLICIES (optionnel) -# ============================================================================= - -# Exemple de politique d'accès réutilisable -# Décommentez si vous souhaitez utiliser Cloudflare Access -/* -resource "cloudflare_zero_trust_access_policy" "allow_emails" { - account_id = local.cloudflare_account_id - name = "Allow specific emails" - decision = "allow" - - include = [ - { - email = { - email = local.cloudflare_email - } - }, - { - email_domain = { - domain = var.cloudflare_zone - } - } - ] -} - -# Application Access pour chaque application qui l'exige -resource "cloudflare_zero_trust_access_application" "applications" { - for_each = { - for app_name, app_config in var.applications : - app_name => app_config - if app_config.access_enabled - } - - account_id = local.cloudflare_account_id - type = "self_hosted" - name = "Access for ${each.key}" - domain = "${each.value.subdomain}.${var.cloudflare_zone}" - - policies = [ - cloudflare_zero_trust_access_policy.allow_emails.id - ] -} -*/ \ No newline at end of file