diff options
| author | Seth Flynn <[email protected]> | 2025-01-31 08:14:23 -0500 |
|---|---|---|
| committer | Seth Flynn <[email protected]> | 2025-02-03 05:34:09 -0500 |
| commit | 082ef6167ea188de4a0439fe63baaca41b19b45b (patch) | |
| tree | c51217b3b47601ee95cacfeaeaef426fb7128a6d /terranix/cloudflare | |
| parent | d5ad065e31f4d84824463829eeabfb55dbe9ece4 (diff) | |
terraform: switch to plain hcl
• Removed input 'terranix'
• Removed input 'terranix/bats-assert'
• Removed input 'terranix/bats-support'
• Removed input 'terranix/flake-parts'
• Removed input 'terranix/nixpkgs'
• Removed input 'terranix/systems'
• Removed input 'terranix/terranix-examples'
Diffstat (limited to 'terranix/cloudflare')
| -rw-r--r-- | terranix/cloudflare/default.nix | 10 | ||||
| -rw-r--r-- | terranix/cloudflare/dns.nix | 110 | ||||
| -rw-r--r-- | terranix/cloudflare/pages_domains.nix | 32 | ||||
| -rw-r--r-- | terranix/cloudflare/pages_projects.nix | 60 | ||||
| -rw-r--r-- | terranix/cloudflare/ruleset.nix | 29 | ||||
| -rw-r--r-- | terranix/cloudflare/tls.nix | 15 | ||||
| -rw-r--r-- | terranix/cloudflare/tunnels.nix | 14 |
7 files changed, 0 insertions, 270 deletions
diff --git a/terranix/cloudflare/default.nix b/terranix/cloudflare/default.nix deleted file mode 100644 index a8f6d43..0000000 --- a/terranix/cloudflare/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - imports = [ - ./dns.nix - ./pages_domains.nix - ./pages_projects.nix - ./ruleset.nix - ./tls.nix - ./tunnels.nix - ]; -} diff --git a/terranix/cloudflare/dns.nix b/terranix/cloudflare/dns.nix deleted file mode 100644 index 335562d..0000000 --- a/terranix/cloudflare/dns.nix +++ /dev/null @@ -1,110 +0,0 @@ -{ lib, ... }: -let - mkRecord = - { - name, - content, - type, - zone_id, - }: - { - inherit - name - content - type - zone_id - ; - ttl = 1; - } - // lib.optionalAttrs (type != "TXT") { proxied = true; }; - - zones = { - getchoo_com = lib.tfRef "var.getchoo_com_zone_id"; - }; - inherit (zones) getchoo_com; - - atlas_tunnel = - lib.tfRef "data.cloudflare_zero_trust_tunnel_cloudflared.atlas-nginx.id" + ".cfargotunnel.com"; - - pagesSubdomainFor = project: lib.tfRef "resource.cloudflare_pages_project.${project}.subdomain"; - blockEmailSpoofingFor = - domain: - let - zone_id = zones.${domain}; - in - { - "${domain}_dmarc" = { - name = "_dmarc"; - content = "v=DMARC1; p=reject; sp=reject; adkim=s; aspf=s;"; - type = "TXT"; - inherit zone_id; - }; - - "${domain}_domainkey" = { - name = "*._domainkey"; - content = "v=DKIM1; p="; - type = "TXT"; - inherit zone_id; - }; - - "${domain}_email" = { - name = "@"; - content = "v=spf1 -all"; - type = "TXT"; - inherit zone_id; - }; - }; -in -{ - resource.cloudflare_zone_dnssec = { - getchoo_com_dnssec = { - zone_id = getchoo_com; - }; - }; - - resource.cloudflare_record = - lib.mapAttrs (_: mkRecord) { - getchoo_com_website = { - name = "@"; - content = pagesSubdomainFor "personal_website"; - type = "CNAME"; - zone_id = getchoo_com; - }; - - getchoo_com_www = { - name = "www"; - content = "getchoo.com"; - type = "CNAME"; - zone_id = getchoo_com; - }; - - getchoo_com_api = { - name = "api"; - content = pagesSubdomainFor "teawie_api"; - type = "CNAME"; - zone_id = getchoo_com; - }; - - getchoo_com_miniflux = { - name = "miniflux"; - content = atlas_tunnel; - type = "CNAME"; - zone_id = getchoo_com; - }; - - getchoo_com_git = { - name = "git"; - content = atlas_tunnel; - type = "CNAME"; - zone_id = getchoo_com; - }; - - getchoo_com_keyoxide = { - name = "@"; - content = "$argon2id$v=19$m=512,t=256,p=1$AlA6W5fP7J14zMsw0W5KFQ$EQz/NCE0/TQpE64r2Eo/yOpjtMZ9WXevHsv3YYP7CXg"; - type = "TXT"; - zone_id = getchoo_com; - }; - } - // blockEmailSpoofingFor "getchoo_com"; -} diff --git a/terranix/cloudflare/pages_domains.nix b/terranix/cloudflare/pages_domains.nix deleted file mode 100644 index 531b2de..0000000 --- a/terranix/cloudflare/pages_domains.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ lib, ... }: -let - setDomainsFor = - { - account_id, - project, - domains, - }: - lib.listToAttrs ( - map (domain: { - name = "${project}_${builtins.replaceStrings [ "." ] [ "_" ] domain}"; - value = { - inherit account_id; - project_name = lib.tfRef "resource.cloudflare_pages_project.${project}.name"; - inherit domain; - }; - }) domains - ); -in -{ - resource.cloudflare_pages_domain = - setDomainsFor { - account_id = lib.tfRef "var.account_id"; - project = "personal_website"; - domains = [ "getchoo.com" ]; - } - // setDomainsFor { - account_id = lib.tfRef "var.account_id"; - project = "teawie_api"; - domains = [ "api.getchoo.com" ]; - }; -} diff --git a/terranix/cloudflare/pages_projects.nix b/terranix/cloudflare/pages_projects.nix deleted file mode 100644 index 4c0b076..0000000 --- a/terranix/cloudflare/pages_projects.nix +++ /dev/null @@ -1,60 +0,0 @@ -{ lib, ... }: -let - getGitHubRepo = - { owner, repo_name }: - { - type = "github"; - config = { - inherit owner repo_name; - production_branch = "main"; - }; - }; -in -{ - resource.cloudflare_pages_project = { - personal_website = { - account_id = lib.tfRef "var.account_id"; - name = "getchoo-website"; - production_branch = "main"; - - source = getGitHubRepo { - owner = "getchoo"; - repo_name = "website"; - }; - - build_config = { - build_caching = true; - build_command = "./build-site.sh"; - destination_dir = "/dist"; - }; - - deployment_configs = - let - environment_variables = { - ZOLA_VERSION = "0.19.2"; - }; - in - { - production = [ { inherit environment_variables; } ]; - preview = [ { inherit environment_variables; } ]; - }; - }; - - teawie_api = { - account_id = lib.tfRef "var.account_id"; - name = "teawie-api"; - production_branch = "main"; - - source = getGitHubRepo { - owner = "getchoo"; - repo_name = "teawieAPI"; - }; - - build_config = { - build_caching = true; - build_command = "pnpm run lint && pnpm run build"; - destination_dir = "/dist"; - }; - }; - }; -} diff --git a/terranix/cloudflare/ruleset.nix b/terranix/cloudflare/ruleset.nix deleted file mode 100644 index 98364d9..0000000 --- a/terranix/cloudflare/ruleset.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ lib, ... }: -{ - resource.cloudflare_ruleset = { - getchoo_com_redirects = { - kind = "zone"; - name = "default"; - phase = "http_request_dynamic_redirect"; - zone_id = lib.tfRef "var.getchoo_com_zone_id"; - - rules = [ - { - action = "redirect"; - action_parameters = { - from_value = { - preserve_query_string = false; - status_code = 301; - target_url = { - value = "https://www.youtube.com/watch?v=RvVdFXOFcjw"; - }; - }; - }; - description = "funny"; - enabled = true; - expression = "(http.request.uri.path eq \"/hacks\" and http.host eq \"getchoo.com\")"; - } - ]; - }; - }; -} diff --git a/terranix/cloudflare/tls.nix b/terranix/cloudflare/tls.nix deleted file mode 100644 index 77450ad..0000000 --- a/terranix/cloudflare/tls.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ lib, ... }: -let - baseSettings = { - always_use_https = "on"; - ssl = "strict"; - }; -in -{ - resource.cloudflare_zone_settings_override = { - getchoo_com_settings = { - zone_id = lib.tfRef "var.getchoo_com_zone_id"; - settings = baseSettings; - }; - }; -} diff --git a/terranix/cloudflare/tunnels.nix b/terranix/cloudflare/tunnels.nix deleted file mode 100644 index 717a887..0000000 --- a/terranix/cloudflare/tunnels.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ lib, ... }: -{ - data.cloudflare_zero_trust_tunnel_cloudflared = lib.genAttrs [ "atlas-nginx" ] (name: { - inherit name; - account_id = lib.tfRef "var.account_id"; - }); - - resource.cloudflare_authenticated_origin_pulls = { - getchoo_com_origin = { - zone_id = lib.tfRef "var.getchoo_com_zone_id"; - enabled = true; - }; - }; -} |