From c598c891591702db5c1653eba94d7e6985c599bd Mon Sep 17 00:00:00 2001
From: Hubert Cornet <hcornet@noreply@tips-of-mine.fr>
Date: Tue, 4 Nov 2025 16:59:52 +0100
Subject: [PATCH] Add variables.auto.tfvars

---
 variables.auto.tfvars | 57 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 57 insertions(+)
 create mode 100644 variables.auto.tfvars

diff --git a/variables.auto.tfvars b/variables.auto.tfvars
new file mode 100644
index 0000000..32ddc3f
--- /dev/null
+++ b/variables.auto.tfvars
@@ -0,0 +1,57 @@
+#cloudflare_zone           = "tips-of-mine.org"
+#cloudflare_zone_id        = "a5eb1b667ba2fde356ecf6707d0dd309"
+#cloudflare_account_id     = "72a90903bb240f6679aae982d4432d96"
+#cloudflare_email          = "admin@tips-of-mine.org"
+#cloudflare_token          = "d4yvKXkGXQZsVIBWWu2aouXI4O9L406ZmQJleUT0"
+
+# =============================================================================
+# CONFIGURATION TERRAFORM - SANS SECRETS
+# =============================================================================
+# Les secrets sont gérés via Vault
+# Le vault_token est fourni par la CI/CD via variable d'environnement
+
+# Configuration Vault
+vault_url                = "https://vault.tips-of-mine.com"
+vault_cloudflare_path    = "secret/cloudflare"
+
+# Configuration Cloudflare
+cloudflare_zone          = "tips-of-mine.org"
+tunnel_name              = "home-tunnel"
+
+# Configuration DNS
+dns_ttl                  = 1
+dns_proxied              = true
+
+# Options avancées
+tunnel_warp_routing_enabled = false
+
+# =============================================================================
+# APPLICATIONS
+# =============================================================================
+applications = {
+  # Application 1 : Service HTTP classique
+  "http-app" = {
+    subdomain      = "http-app"
+    origin_url     = "https://10.0.4.133"
+    no_tls_verify  = true
+    access_enabled = false
+  }
+
+  # Application 2 : Service avec Access activé
+  "secure-app" = {
+    subdomain        = "secure"
+    origin_url       = "http://10.0.4.134:8080"
+    no_tls_verify    = false
+    access_enabled   = true
+    access_team_name = "tips-of-mine"
+    access_aud_tags  = ["secure-app-tag"]
+  }
+
+  # Application 3 : Autre service
+  "homeassistant" = {
+    subdomain      = "home"
+    origin_url     = "http://10.0.4.135:8123"
+    no_tls_verify  = false
+    access_enabled = false
+  }
+}
\ No newline at end of file