Tips-Of-Mine/terraform-cloudflare-tunnel-zone-org
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Update networks_connectors.tf
All checks were successful
Terraform Apply / Terraform Apply (push) Successful in 54s
Details

Browse Source
This commit is contained in:
Hubert Cornet
2025-11-18 09:21:19 +01:00
parent 7c39ee1c77
commit 78e7effc80
1 changed files with 0 additions and 101 deletions
Download Patch File Download Diff File Expand all files Collapse all files

101
networks_connectors.tf
View File

@@ -14,104 +14,3 @@ data "cloudflare_zero_trust_tunnel_cloudflared_token" "home_tunnel_token" {
account_id = local.cloudflare_account_id account_id = local.cloudflare_account_id
tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id
} }
# =============================================================================
# CLOUDFLARE : Networks : Routes
# =============================================================================
#
resource "cloudflare_zero_trust_tunnel_cloudflared_route" "home_tunnel_route" {
account_id = local.cloudflare_account_id
network = var.tunnel_network
tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id
comment = var.tunnel_network_comment
}
#
#data "cloudflare_zero_trust_tunnel_cloudflared_route" "home_tunnel_route_token" {
# account_id = "699d98642c564d2e855e9661899b7252"
# route_id = cloudflare_zero_trust_tunnel_cloudflared_route.home_tunnel_route.id
#}
# =============================================================================
# DNS RECORDS (un par application)
# =============================================================================
resource "cloudflare_dns_record" "applications" {
for_each = var.applications
zone_id = local.cloudflare_zone_id
name = each.value.subdomain
content = "${cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id}.cfargotunnel.com"
type = "CNAME"
ttl = var.dns_ttl
proxied = var.dns_proxied
comment = "Managed by Terraform - ${each.key} via Cloudflare Tunnel"
}
# =============================================================================
# TUNNEL CONFIGURATION
# =============================================================================
resource "cloudflare_zero_trust_tunnel_cloudflared_config" "home_tunnel_config" {
tunnel_id = cloudflare_zero_trust_tunnel_cloudflared.home_tunnel.id
account_id = local.cloudflare_account_id
config = {
warp_routing = {
enabled = var.tunnel_warp_routing_enabled
}
ingress = local.ingress_rules
}
lifecycle {
# Ignorer les changements manuels dans Cloudflare Dashboard
ignore_changes = [config]
}
}
# =============================================================================
# ACCESS POLICIES (optionnel)
# =============================================================================
# Exemple de politique d'accès réutilisable
# Décommentez si vous souhaitez utiliser Cloudflare Access
/*
resource "cloudflare_zero_trust_access_policy" "allow_emails" {
account_id = local.cloudflare_account_id
name = "Allow specific emails"
decision = "allow"
include = [
{
email = {
email = local.cloudflare_email
}
},
{
email_domain = {
domain = var.cloudflare_zone
}
}
]
}
# Application Access pour chaque application qui l'exige
resource "cloudflare_zero_trust_access_application" "applications" {
for_each = {
for app_name, app_config in var.applications :
app_name => app_config
if app_config.access_enabled
}
account_id = local.cloudflare_account_id
type = "self_hosted"
name = "Access for ${each.key}"
domain = "${each.value.subdomain}.${var.cloudflare_zone}"
policies = [
cloudflare_zero_trust_access_policy.allow_emails.id
]
}
*/