64 lines
1.7 KiB
HCL
64 lines
1.7 KiB
HCL
terraform {
|
|
required_providers {
|
|
digitalocean = {
|
|
source = "digitalocean/digitalocean"
|
|
version = "~> 2.0"
|
|
}
|
|
cloudflare = {
|
|
source = "cloudflare/cloudflare"
|
|
version = "~> 4.0"
|
|
}
|
|
}
|
|
|
|
backend "s3" {
|
|
endpoints = {
|
|
s3 = "https://nyc3.digitaloceanspaces.com"
|
|
}
|
|
bucket = "lunarfront-infra"
|
|
key = "terraform/gitea.tfstate"
|
|
region = "us-east-1" # required by S3 backend, ignored by Spaces
|
|
skip_credentials_validation = true
|
|
skip_metadata_api_check = true
|
|
skip_region_validation = true
|
|
skip_requesting_account_id = true
|
|
force_path_style = true
|
|
}
|
|
}
|
|
|
|
provider "digitalocean" {
|
|
token = var.do_token
|
|
}
|
|
|
|
provider "cloudflare" {
|
|
api_token = var.cloudflare_api_token
|
|
}
|
|
|
|
# ─── Cloudflare zone lookup ───────────────────────────────────────────────────
|
|
|
|
data "cloudflare_zone" "main" {
|
|
name = var.domain
|
|
}
|
|
|
|
# ─── DNS records ──────────────────────────────────────────────────────────────
|
|
|
|
# Proxied through Cloudflare — web UI
|
|
resource "cloudflare_record" "gitea" {
|
|
zone_id = data.cloudflare_zone.main.id
|
|
name = "git"
|
|
type = "A"
|
|
content = var.cluster_lb_ip
|
|
proxied = false
|
|
ttl = 3600
|
|
}
|
|
|
|
# DNS only — no Cloudflare proxy, for SSH git access
|
|
resource "cloudflare_record" "git_ssh" {
|
|
zone_id = data.cloudflare_zone.main.id
|
|
name = "git-ssh"
|
|
type = "A"
|
|
content = var.cluster_lb_ip
|
|
proxied = false
|
|
ttl = 3600
|
|
}
|
|
|