diff --git a/terraform-modules/zone/gsuite.tf b/terraform-modules/zone/gsuite.tf index 492e677ad..4e09766df 100644 --- a/terraform-modules/zone/gsuite.tf +++ b/terraform-modules/zone/gsuite.tf @@ -1,13 +1,14 @@ -resource "cloudflare_record" "txt_gsuite" { +resource "cloudflare_dns_record" "txt_gsuite" { count = var.enable_gsuite ? 1 : 0 zone_id = cloudflare_zone.zone.id - name = "@" + name = var.domain type = "TXT" + ttl = 1 content = "v=spf1 include:_spf.google.com ~all" } -resource "cloudflare_record" "mx_gsuite_verification" { +resource "cloudflare_dns_record" "mx_gsuite_verification" { for_each = var.enable_gsuite ? { 0 = { priority = 1, value = "aspmx.l.google.com" } 1 = { priority = 5, value = "alt1.aspmx.l.google.com" } @@ -19,24 +20,27 @@ resource "cloudflare_record" "mx_gsuite_verification" { zone_id = cloudflare_zone.zone.id name = var.domain type = "MX" + ttl = 1 priority = each.value["priority"] content = each.value["value"] } -resource "cloudflare_record" "txt_gsuite_dkim" { +resource "cloudflare_dns_record" "txt_gsuite_dkim" { count = var.gsuite_dkim_value != "" ? 1 : 0 zone_id = cloudflare_zone.zone.id - name = "google._domainkey" + name = "google._domainkey.${var.domain}" type = "TXT" + ttl = 1 content = var.gsuite_dkim_value } -resource "cloudflare_record" "txt_gsuite_dmarc" { +resource "cloudflare_dns_record" "txt_gsuite_dmarc" { count = var.gsuite_dkim_value != "" ? 1 : 0 zone_id = cloudflare_zone.zone.id - name = "_dmarc" + name = "_dmarc.${var.domain}" type = "TXT" + ttl = 1 content = "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s; pct=100; rua=mailto:sean+dmarc@lingren.com" } diff --git a/terraform-modules/zone/site_verification.tf b/terraform-modules/zone/site_verification.tf index fe11c878d..c62b0e6e0 100644 --- a/terraform-modules/zone/site_verification.tf +++ b/terraform-modules/zone/site_verification.tf @@ -1,8 +1,9 @@ -resource "cloudflare_record" "txt_base" { +resource "cloudflare_dns_record" "txt_base" { for_each = var.google_site_verifications zone_id = cloudflare_zone.zone.id - name = "@" + name = var.domain type = "TXT" + ttl = 1 content = each.key } diff --git a/terraform-modules/zone/zone.tf b/terraform-modules/zone/zone.tf index 31b040089..9b4fccf7c 100644 --- a/terraform-modules/zone/zone.tf +++ b/terraform-modules/zone/zone.tf @@ -1,8 +1,13 @@ resource "cloudflare_zone" "zone" { - account_id = var.cloudflare_account_id - zone = var.domain + name = var.domain + + account = { + id = var.cloudflare_account_id + } + } resource "cloudflare_zone_dnssec" "zone" { zone_id = cloudflare_zone.zone.id + status = "active" } diff --git a/terraform/aws/accounts/prod/.terraform.lock.hcl b/terraform/aws/accounts/prod/.terraform.lock.hcl index cf184cbc8..dacb54c9a 100644 --- a/terraform/aws/accounts/prod/.terraform.lock.hcl +++ b/terraform/aws/accounts/prod/.terraform.lock.hcl @@ -2,14 +2,14 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/backblaze/b2" { - version = "0.9.0" + version = "0.10.0" hashes = [ - "h1:tKJCA9Kqa+qVM2xRbHBfvmnmAG07zAsvgvtmxQ3CsHY=", - "zh:07619330ef01d26946465f2c81fb91ad5a206c0cc990ba80509cdb5035f1dec4", - "zh:610e9bc95581a166614eb91b1e92debef829a6a29c3a868a24f8df6a80eb8051", - "zh:62920a6b287a8967785f5bc74c094bc5ef97073ae5ef7745d9b7e39fbecae45a", - "zh:67396c26433016b7ad3c4cbb149148b34c6f5ddd2c9656b92f7a9541a2707657", - "zh:7bca40abd15b07bade2a37644e7721274ed0d192c7af650c9af038b7dca9947d", + "h1:XopbGPMYulGkGsOipKMYwwiWkL4vfMRQ1gHhH61dFfI=", + "zh:03d4ec22a8a47dfc4e1beccd261f37b22113646d246853195fe5d8cb6febf90c", + "zh:08c9ea953b3dcb01aeebd372b9bd2c1a6c1f0b996125bde03c094bc5e75fb55b", + "zh:4f8589276b11f00feb511bd500e2f02abe41371ce2ab74507dd53a7e1110e944", + "zh:8bfcdb1b1cfaa20fa0f717758fca38290e6bd5ff6499ad196dd2f68f95aeab18", + "zh:dfac030714a098956d6df3bf6277d08c19b5b037cd7ec30821ec2edb0de49328", ] } diff --git a/terraform/aws/accounts/prod/data.tf b/terraform/aws/accounts/prod/data.tf index f88534301..9f716d98b 100644 --- a/terraform/aws/accounts/prod/data.tf +++ b/terraform/aws/accounts/prod/data.tf @@ -1 +1,12 @@ -data "cloudflare_api_token_permission_groups" "all" {} +data "cloudflare_accounts" "lingrino" { + name = "lingrino" +} + +data "cloudflare_api_token_permissions_groups_list" "all" { + account_id = data.cloudflare_accounts.lingrino.result[0].id +} + +locals { + account_permission_group_ids = [for k, v in data.cloudflare_api_token_permissions_groups_list.all.result : { id = v.id } if v.scopes[0] == "com.cloudflare.api.account" && v.name != "Account API Tokens Write"] + zone_permission_group_ids = [for k, v in data.cloudflare_api_token_permissions_groups_list.all.result : { id = v.id } if v.scopes[0] == "com.cloudflare.api.account.zone"] +} diff --git a/terraform/aws/accounts/prod/meta.tf b/terraform/aws/accounts/prod/meta.tf index 9a73b0615..81000aade 100644 --- a/terraform/aws/accounts/prod/meta.tf +++ b/terraform/aws/accounts/prod/meta.tf @@ -20,6 +20,11 @@ provider "b2" { } provider "cloudflare" { + api_token = jsondecode(ephemeral.aws_secretsmanager_secret_version.cloudflare_keys_terraform_cloud.secret_string)["CLOUDFLARE_API_TOKEN"] +} + +provider "cloudflare" { + alias = "create-tokens" api_token = jsondecode(ephemeral.aws_secretsmanager_secret_version.cloudflare_keys_create_tokens.secret_string)["CLOUDFLARE_API_TOKEN"] } diff --git a/terraform/aws/accounts/prod/secrets_cloudflare.tf b/terraform/aws/accounts/prod/secrets_cloudflare.tf index e5a53aa5f..98ab8d85a 100644 --- a/terraform/aws/accounts/prod/secrets_cloudflare.tf +++ b/terraform/aws/accounts/prod/secrets_cloudflare.tf @@ -24,29 +24,42 @@ resource "aws_secretsmanager_secret" "cloudflare_keys_terraform_cloud" { } } +ephemeral "aws_secretsmanager_secret_version" "cloudflare_keys_terraform_cloud" { + secret_id = aws_secretsmanager_secret.cloudflare_keys_terraform_cloud.id +} + resource "aws_secretsmanager_secret_version" "cloudflare_keys_terraform_cloud" { secret_id = aws_secretsmanager_secret.cloudflare_keys_terraform_cloud.id secret_string = jsonencode({ CLOUDFLARE_API_TOKEN = cloudflare_api_token.terraform_cloud.value, }) + + lifecycle { + ignore_changes = [secret_string] + } } resource "cloudflare_api_token" "terraform_cloud" { - name = "terraform-cloud" + provider = cloudflare.create-tokens - policy { - resources = { - "com.cloudflare.api.account.*" = "*" - } - permission_groups = values(data.cloudflare_api_token_permission_groups.all.account) - } + name = "terraform-cloud" - policy { - resources = { - "com.cloudflare.api.account.zone.*" = "*" + policies = [ + { + effect = "allow" + resources = { + "com.cloudflare.api.account.*" = "*" + } + permission_groups = local.account_permission_group_ids + }, + { + effect = "allow" + resources = { + "com.cloudflare.api.account.zone.*" = "*" + } + permission_groups = local.zone_permission_group_ids } - permission_groups = values(data.cloudflare_api_token_permission_groups.all.zone) - } + ] } ################################# @@ -65,22 +78,31 @@ resource "aws_secretsmanager_secret_version" "cloudflare_keys_local" { secret_string = jsonencode({ CLOUDFLARE_API_TOKEN = cloudflare_api_token.local.value, }) + + lifecycle { + ignore_changes = [secret_string] + } } resource "cloudflare_api_token" "local" { - name = "local" + provider = cloudflare.create-tokens - policy { - resources = { - "com.cloudflare.api.account.*" = "*" - } - permission_groups = values(data.cloudflare_api_token_permission_groups.all.account) - } + name = "local" - policy { - resources = { - "com.cloudflare.api.account.zone.*" = "*" + policies = [ + { + effect = "allow" + resources = { + "com.cloudflare.api.account.*" = "*" + } + permission_groups = local.account_permission_group_ids + }, + { + effect = "allow" + resources = { + "com.cloudflare.api.account.zone.*" = "*" + } + permission_groups = local.zone_permission_group_ids } - permission_groups = values(data.cloudflare_api_token_permission_groups.all.zone) - } + ] } diff --git a/terraform/cloudflare/.terraform.lock.hcl b/terraform/cloudflare/.terraform.lock.hcl index bb8d39d8a..8d06d2c56 100644 --- a/terraform/cloudflare/.terraform.lock.hcl +++ b/terraform/cloudflare/.terraform.lock.hcl @@ -21,23 +21,23 @@ provider "registry.terraform.io/cloudflare/cloudflare" { } provider "registry.terraform.io/hashicorp/aws" { - version = "5.77.0" + version = "5.87.0" hashes = [ - "h1:7yv9NDANq8B0hKcxySR053tYoG8rKHC2EobEEXjUdDg=", - "zh:0bb61ed8a86a231e466ceffd010cb446418483853aa7e35ecb628cf578fa3905", - "zh:15d37511e55db46a50e703195858b816b7bbfd7bd6d193abf45aec1cb31cfc29", - "zh:1cdaec2ca4408e90aee6ea550ff4ff01a46033854c26d71309541975aa6317bd", - "zh:1dd2d1af44004b35a1597e82f9aa9d6396a77808371aa4dfd2045a2a144b7329", - "zh:329bf790ef57b29b95eee847090bffb74751b2b5e5a4c23e07367cc0bf9cce10", - "zh:40949e13342a0a738036e66420b7a546bda91ef68038981badbe454545076f16", - "zh:5674eb93c8edd308abac408ae45ee90e59e171d45011f00f5036ff4d43a1de52", - "zh:747624ce0e938dd773bca295df226d39d425d3805e6afe50248159d0f2ec6d3a", - "zh:761795909c5cba10f138d276384fb034031eb1e8c5cdfe3b93794c8a78d909ce", + "h1:IYq3by7O/eJuXzJwOF920z2nZEkw08PkDFdw2xkyhrs=", + "zh:017f237466875c919330b9e214fb33af14fffbff830d3755e8976d8fa3c963c2", + "zh:0776d1e60aa93c85ecbb01144aed2789c8e180bb0f1c811a0aba17ca7247b26c", + "zh:0dfa5c6cfb3724494fdc73f7d042515e88a20da8968959f48b3ec0b937bd8c8f", + "zh:1707a5ead36a7980cb3f83e8b69a67a14ae725bfc990ddfcc209b59400b57b04", + "zh:1c71f54fdd6adcbe547d6577dbb843d72a30fef0ab882d0afbeb8a7b348bc442", + "zh:3563c850a29790957ec3f4d3ba203bfa2e084ac7319035b3f43b91f818a2c9b4", + "zh:520bf6cef53785a92226651d5bebacbbf9314bdbc3211d0bf0903bce4e45149d", + "zh:56f9778575830f6e5c23462c2eccbf2c9afaddb00a69275fcfb33cd1a6d17f4d", + "zh:73e381cb0b1e76d471d7b0952f3d2a80350b507d15bda9b7041ea69077e3b5b5", + "zh:7da74b48f8fa088be758a92407980400cb4b039a8d9ba3c108907e4055e9ad6f", + "zh:8dacfa9623ba2e0197fe7db6faaaa0820a3b91fe00ba9e5d8a646340522bc8dd", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:9b95901dae3f2c7eea870d57940117ef5391676689efc565351bb087816674e4", - "zh:9bb86e159828dedc1302844d29ee6d79d6fee732c830a36838c359b9319ab304", - "zh:9e72dfbd7c28da259d51af92c21e580efd0045103cba2bb01cd1a8acb4185883", - "zh:a226b88521022598d1be8361b4f2976834d305ff58c8ea9b9a12c82f9a23f2c2", - "zh:faabcdfa36365359dca214da534cfb2fd5738edb40786c2afd09702f42ad1651", + "zh:9c2ebd21d697e1a611fe201788dc9e1678949a088afc85d4589563bca484d835", + "zh:ac5d0bbf36f9a6cedbfb63993f6baf0aabdaf21c8d7fc3b1e69ba8cbf344b5f3", + "zh:c2329644179f78a0458b6cf2dd5eaadca4c610fc3577a1b50620544d92df13e8", ] } diff --git a/terraform/cloudflare/account.tf b/terraform/cloudflare/account.tf index 796e36066..e57881590 100644 --- a/terraform/cloudflare/account.tf +++ b/terraform/cloudflare/account.tf @@ -1,14 +1,8 @@ resource "cloudflare_account" "account" { - name = "lingrino" - type = "standard" - enforce_twofactor = true -} - -resource "cloudflare_account_member" "lingrino" { - account_id = cloudflare_account.account.id - email_address = "sean@lingren.com" + name = "lingrino" + type = "standard" - role_ids = [ - "33666b9c79b9a5273fc7344ff42f953d", - ] + settings = { + enforce_twofactor = true + } } diff --git a/terraform/cloudflare/notifications.tf b/terraform/cloudflare/notifications.tf index c66f913cf..01915c4e3 100644 --- a/terraform/cloudflare/notifications.tf +++ b/terraform/cloudflare/notifications.tf @@ -7,7 +7,9 @@ resource "cloudflare_notification_policy" "origin_availability" { name = "Origin Availability" description = "a cloudflare origin is detected as down" - email_integration { - id = "sean@lingren.com" + mechanisms = { + email = [{ + id = "sean@lingren.com" + }] } } diff --git a/terraform/cloudflare/site_lingren_com.tf b/terraform/cloudflare/site_lingren_com.tf index d0a4a538a..60a56b6fb 100644 --- a/terraform/cloudflare/site_lingren_com.tf +++ b/terraform/cloudflare/site_lingren_com.tf @@ -13,26 +13,29 @@ module "zone_lingren_com" { ] } -resource "cloudflare_record" "lingren_com" { +resource "cloudflare_dns_record" "lingren_com" { zone_id = module.zone_lingren_com.id proxied = true name = "lingren.com" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } -resource "cloudflare_record" "star_lingren_com" { +resource "cloudflare_dns_record" "star_lingren_com" { zone_id = module.zone_lingren_com.id proxied = true name = "*.lingren.com" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } -resource "cloudflare_record" "atproto_lingren_com" { +resource "cloudflare_dns_record" "atproto_lingren_com" { zone_id = module.zone_lingren_com.id name = "_atproto.lingren.com" type = "TXT" + ttl = 1 content = "did=did:plc:k6ylnfky52hxfl7yoxfnbwot" } @@ -45,18 +48,20 @@ resource "cloudflare_ruleset" "redirect_lingren_com_to_lingrino_com" { kind = "zone" phase = "http_request_dynamic_redirect" - rules { - action = "redirect" - description = "redirect [*.]lingren.com to lingrino.com" - expression = "true" + rules = [ + { + action = "redirect" + description = "redirect [*.]lingren.com to lingrino.com" + expression = "true" - action_parameters { - from_value { - status_code = 301 - target_url { - value = "https://lingrino.com" + action_parameters = { + from_value = { + status_code = 301 + target_url = { + value = "https://lingrino.com" + } } } } - } + ] } diff --git a/terraform/cloudflare/site_lingren_dev.tf b/terraform/cloudflare/site_lingren_dev.tf index 302613c7c..3fff55b87 100644 --- a/terraform/cloudflare/site_lingren_dev.tf +++ b/terraform/cloudflare/site_lingren_dev.tf @@ -9,19 +9,21 @@ module "zone_lingren_dev" { ] } -resource "cloudflare_record" "lingren_dev" { +resource "cloudflare_dns_record" "lingren_dev" { zone_id = module.zone_lingren_dev.id proxied = true name = "lingren.dev" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } -resource "cloudflare_record" "star_lingren_dev" { +resource "cloudflare_dns_record" "star_lingren_dev" { zone_id = module.zone_lingren_dev.id proxied = true name = "*.lingren.dev" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } @@ -34,18 +36,20 @@ resource "cloudflare_ruleset" "redirect_lingren_dev_to_lingrino_com" { kind = "zone" phase = "http_request_dynamic_redirect" - rules { - action = "redirect" - description = "redirect [*.]lingren.dev to lingrino.com" - expression = "true" - - action_parameters { - from_value { - status_code = 301 - target_url { - value = "https://lingrino.com" + rules = [ + { + action = "redirect" + description = "redirect [*.]lingren.dev to lingrino.com" + expression = "true" + + action_parameters = { + from_value = { + status_code = 301 + target_url = { + value = "https://lingrino.com" + } } } } - } + ] } diff --git a/terraform/cloudflare/site_lingren_org.tf b/terraform/cloudflare/site_lingren_org.tf index 027627a6b..efe3476e6 100644 --- a/terraform/cloudflare/site_lingren_org.tf +++ b/terraform/cloudflare/site_lingren_org.tf @@ -9,19 +9,21 @@ module "zone_lingren_org" { ] } -resource "cloudflare_record" "lingren_org" { +resource "cloudflare_dns_record" "lingren_org" { zone_id = module.zone_lingren_org.id proxied = true name = "lingren.org" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } -resource "cloudflare_record" "star_lingren_org" { +resource "cloudflare_dns_record" "star_lingren_org" { zone_id = module.zone_lingren_org.id proxied = true name = "*.lingren.org" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } @@ -34,18 +36,20 @@ resource "cloudflare_ruleset" "redirect_lingren_org_to_lingrino_com" { kind = "zone" phase = "http_request_dynamic_redirect" - rules { - action = "redirect" - description = "redirect [*.]lingren.org to lingrino.com" - expression = "true" - - action_parameters { - from_value { - status_code = 301 - target_url { - value = "https://lingrino.com" + rules = [ + { + action = "redirect" + description = "redirect [*.]lingren.org to lingrino.com" + expression = "true" + + action_parameters = { + from_value = { + status_code = 301 + target_url = { + value = "https://lingrino.com" + } } } } - } + ] } diff --git a/terraform/cloudflare/site_lingrino_com.tf b/terraform/cloudflare/site_lingrino_com.tf index 7ca648d8e..c6d6784d6 100644 --- a/terraform/cloudflare/site_lingrino_com.tf +++ b/terraform/cloudflare/site_lingrino_com.tf @@ -12,51 +12,50 @@ module "zone_lingrino_com" { ] } -resource "cloudflare_record" "lingrino_com" { +resource "cloudflare_dns_record" "lingrino_com" { zone_id = module.zone_lingrino_com.id proxied = true name = "lingrino.com" type = "CNAME" + ttl = 1 content = "site-personal.pages.dev" } resource "cloudflare_pages_domain" "website" { - account_id = cloudflare_account.account.id - project_name = cloudflare_pages_project.website.name - domain = "lingrino.com" + account_id = cloudflare_account.account.id + # project_name = cloudflare_pages_project.website.name + project_name = "website" + name = "lingrino.com" } -resource "cloudflare_pages_project" "website" { - account_id = cloudflare_account.account.id - name = "website" - production_branch = "main" - - source { - type = "github" - - config { - owner = "lingrino" - repo_name = "website" - production_branch = "main" - } - } - - build_config { - build_command = "go run build.go" - destination_dir = "public" - build_caching = true - } - - deployment_configs { - preview { - fail_open = true - always_use_latest_compatibility_date = true - usage_model = "standard" - } - production { - fail_open = true - compatibility_date = "2023-12-01" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history - usage_model = "standard" - } - } -} +# https://github.com/cloudflare/terraform-provider-cloudflare/issues/5146 +# tfim 'cloudflare_pages_project.website' '27a6422e1d64fbe9408ab703847ecdab/website' +# resource "cloudflare_pages_project" "website" { +# account_id = cloudflare_account.account.id +# name = "website" +# production_branch = "main" + +# build_config = { +# build_command = "go run build.go" +# destination_dir = "public" +# build_caching = true +# root_dir = "" +# web_analytics_tag = "" +# web_analytics_token = "" +# } + +# deployment_configs = { +# preview = { +# fail_open = true +# compatibility_date = "2024-11-11" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history +# compatibility_flags = [] +# usage_model = "standard" +# } +# production = { +# fail_open = true +# compatibility_date = "2024-11-11" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history +# compatibility_flags = [] +# usage_model = "standard" +# } +# } +# } diff --git a/terraform/cloudflare/site_lingrino_dev.tf b/terraform/cloudflare/site_lingrino_dev.tf index 2f16d14a3..5c1854419 100644 --- a/terraform/cloudflare/site_lingrino_dev.tf +++ b/terraform/cloudflare/site_lingrino_dev.tf @@ -9,19 +9,21 @@ module "zone_lingrino_dev" { ] } -resource "cloudflare_record" "lingrino_dev" { +resource "cloudflare_dns_record" "lingrino_dev" { zone_id = module.zone_lingrino_dev.id proxied = true name = "lingrino.dev" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } -resource "cloudflare_record" "star_lingrino_dev" { +resource "cloudflare_dns_record" "star_lingrino_dev" { zone_id = module.zone_lingrino_dev.id proxied = true name = "*.lingrino.dev" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } @@ -34,18 +36,20 @@ resource "cloudflare_ruleset" "redirect_lingrino_dev_to_lingrino_com" { kind = "zone" phase = "http_request_dynamic_redirect" - rules { - action = "redirect" - description = "redirect [*.]lingrino.dev to lingrino.com" - expression = "true" - - action_parameters { - from_value { - status_code = 301 - target_url { - value = "https://lingrino.com" + rules = [ + { + action = "redirect" + description = "redirect [*.]lingrino.dev to lingrino.com" + expression = "true" + + action_parameters = { + from_value = { + status_code = 301 + target_url = { + value = "https://lingrino.com" + } } } } - } + ] } diff --git a/terraform/cloudflare/site_srlingren_com.tf b/terraform/cloudflare/site_srlingren_com.tf index e5e3debc9..c4f756d1a 100644 --- a/terraform/cloudflare/site_srlingren_com.tf +++ b/terraform/cloudflare/site_srlingren_com.tf @@ -9,19 +9,21 @@ module "zone_srlingren_com" { ] } -resource "cloudflare_record" "srlingren_com" { +resource "cloudflare_dns_record" "srlingren_com" { zone_id = module.zone_srlingren_com.id proxied = true name = "srlingren.com" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } -resource "cloudflare_record" "star_srlingren_com" { +resource "cloudflare_dns_record" "star_srlingren_com" { zone_id = module.zone_srlingren_com.id proxied = true name = "*.srlingren.com" type = "CNAME" + ttl = 1 content = "lingrino.com" # superseded by below redirect } @@ -34,18 +36,20 @@ resource "cloudflare_ruleset" "redirect_srlingren_com_to_lingrino_com" { kind = "zone" phase = "http_request_dynamic_redirect" - rules { - action = "redirect" - description = "redirect [*.]srlingren.com to lingrino.com" - expression = "true" - - action_parameters { - from_value { - status_code = 301 - target_url { - value = "https://lingrino.com" + rules = [ + { + action = "redirect" + description = "redirect [*.]srlingren.com to lingrino.com" + expression = "true" + + action_parameters = { + from_value = { + status_code = 301 + target_url = { + value = "https://lingrino.com" + } } } } - } + ] } diff --git a/terraform/cloudflare/site_uptime_how.tf b/terraform/cloudflare/site_uptime_how.tf index 427116ab9..505285f08 100644 --- a/terraform/cloudflare/site_uptime_how.tf +++ b/terraform/cloudflare/site_uptime_how.tf @@ -9,51 +9,50 @@ module "zone_uptime_how" { ] } -resource "cloudflare_record" "uptime_how" { +resource "cloudflare_dns_record" "uptime_how" { zone_id = module.zone_uptime_how.id proxied = true name = "uptime.how" type = "CNAME" + ttl = 1 content = "uptime-pcd3.pages.dev" } resource "cloudflare_pages_domain" "uptime" { - account_id = cloudflare_account.account.id - project_name = cloudflare_pages_project.uptime.name - domain = "uptime.how" + account_id = cloudflare_account.account.id + # project_name = cloudflare_pages_project.uptime.name + project_name = "uptime" + name = "uptime.how" } -resource "cloudflare_pages_project" "uptime" { - account_id = cloudflare_account.account.id - name = "uptime" - production_branch = "main" - - source { - type = "github" - - config { - owner = "lingrino" - repo_name = "uptime" - production_branch = "main" - } - } - - build_config { - build_command = "npm run build" - destination_dir = ".svelte-kit/cloudflare" - build_caching = true - } - - deployment_configs { - preview { - fail_open = true - always_use_latest_compatibility_date = true - usage_model = "standard" - } - production { - fail_open = true - compatibility_date = "2023-12-01" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history - usage_model = "standard" - } - } -} +# https://github.com/cloudflare/terraform-provider-cloudflare/issues/5146 +# tfim 'cloudflare_pages_project.uptime' '27a6422e1d64fbe9408ab703847ecdab/uptime' +# resource "cloudflare_pages_project" "uptime" { +# account_id = cloudflare_account.account.id +# name = "uptime" +# production_branch = "main" + +# build_config = { +# build_command = "npm run build" +# destination_dir = ".svelte-kit/cloudflare" +# build_caching = true +# root_dir = "" +# web_analytics_tag = "" +# web_analytics_token = "" +# } + +# deployment_configs = { +# preview = { +# fail_open = true +# compatibility_date = "2024-11-11" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history +# compatibility_flags = [] +# usage_model = "standard" +# } +# production = { +# fail_open = true +# compatibility_date = "2024-11-11" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history +# compatibility_flags = [] +# usage_model = "standard" +# } +# } +# } diff --git a/terraform/cloudflare/site_vaku_dev.tf b/terraform/cloudflare/site_vaku_dev.tf index a49582534..675601c54 100644 --- a/terraform/cloudflare/site_vaku_dev.tf +++ b/terraform/cloudflare/site_vaku_dev.tf @@ -9,50 +9,50 @@ module "zone_vaku_dev" { ] } -resource "cloudflare_record" "vaku_dev" { +resource "cloudflare_dns_record" "vaku_dev" { zone_id = module.zone_vaku_dev.id proxied = true name = "vaku.dev" type = "CNAME" + ttl = 1 content = "vaku.pages.dev" } resource "cloudflare_pages_domain" "vaku" { - account_id = cloudflare_account.account.id - project_name = cloudflare_pages_project.vaku.name - domain = "vaku.dev" + account_id = cloudflare_account.account.id + # project_name = cloudflare_pages_project.vaku.name + project_name = "vaku" + name = "vaku.dev" } -resource "cloudflare_pages_project" "vaku" { - account_id = cloudflare_account.account.id - name = "vaku" - production_branch = "main" - - source { - type = "github" - - config { - owner = "lingrino" - repo_name = "vaku" - production_branch = "main" - } - } - - build_config { - destination_dir = "www" - build_caching = true - } - - deployment_configs { - preview { - fail_open = true - always_use_latest_compatibility_date = true - usage_model = "standard" - } - production { - fail_open = true - compatibility_date = "2023-12-01" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history - usage_model = "standard" - } - } -} +# https://github.com/cloudflare/terraform-provider-cloudflare/issues/5146 +# tfim 'cloudflare_pages_project.vaku' '27a6422e1d64fbe9408ab703847ecdab/vaku' +# resource "cloudflare_pages_project" "vaku" { +# account_id = cloudflare_account.account.id +# name = "vaku" +# production_branch = "main" + +# build_config = { +# destination_dir = "www" +# build_caching = true +# build_command = "" +# root_dir = "" +# web_analytics_tag = "" +# web_analytics_token = "" +# } + +# deployment_configs = { +# preview = { +# fail_open = true +# compatibility_date = "2024-11-11" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history +# compatibility_flags = [] +# usage_model = "standard" +# } +# production = { +# fail_open = true +# compatibility_date = "2024-11-11" # https://developers.cloudflare.com/workers/configuration/compatibility-dates/#change-history +# compatibility_flags = [] +# usage_model = "standard" +# } +# } +# }