From 88094ac43622804239c114484a81170cffb55751 Mon Sep 17 00:00:00 2001
From: Hubert Cornet <hcornet@noreply@tips-of-mine.fr>
Date: Mon, 17 Nov 2025 14:47:23 +0100
Subject: [PATCH] Update gateway_policy.tf

---
 gateway_policy.tf | 41 +++++++++++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 14 deletions(-)

diff --git a/gateway_policy.tf b/gateway_policy.tf
index 897d1be..bf0c0c1 100644
--- a/gateway_policy.tf
+++ b/gateway_policy.tf
@@ -36,6 +36,25 @@ locals {
   pihole_ad_filter  = join(" or ", local.pihole_ad_filters)
 }
 
+resource "cloudflare_teams_rule" "block_ads" {
+  account_id = local.cloudflare_account_id
+
+  name        = "Block Ads"
+  description = "Block Ads domains"
+
+  enabled    = true
+  precedence = 11
+
+  # Block domain belonging to lists (defined below)
+  filters = ["dns"]
+  action  = "block"
+  traffic = local.pihole_ad_filter
+
+  rule_settings {
+    block_page_enabled = false
+  }
+}
+
 locals {
   # The full path of the list holding the domain list
   pihole_domain_list_file = "${path.module}/lists/pihole_domain_list.txt"
@@ -54,23 +73,17 @@ locals {
   pihole_list_count = length(local.pihole_aggregated_lists)
 }
 
-resource "cloudflare_teams_rule" "block_ads" {
+resource "cloudflare_teams_list" "pihole_domain_lists" {
   account_id = local.cloudflare_account_id
 
-  name        = "Block Ads"
-  description = "Block Ads domains"
-
-  enabled    = true
-  precedence = 11
-
-  # Block domain belonging to lists (defined below)
-  filters = ["dns"]
-  action  = "block"
-  traffic = local.pihole_ad_filter
-
-  rule_settings {
-    block_page_enabled = false
+  for_each = {
+    for i in range(0, local.pihole_list_count) :
+    i => element(local.pihole_aggregated_lists, i)
   }
+
+  name  = "pihole_domain_list_${each.key}"
+  type  = "DOMAIN"
+  items = each.value
 }
 
 #