72 lines
1.5 KiB
HCL
72 lines
1.5 KiB
HCL
terraform {
|
|
required_providers {
|
|
kubernetes = {
|
|
source = "hashicorp/kubernetes"
|
|
version = "2.27.0"
|
|
}
|
|
cloudflare = {
|
|
source = "cloudflare/cloudflare"
|
|
version = "4.28.0"
|
|
}
|
|
tls = {
|
|
source = "hashicorp/tls"
|
|
version = "4.0.5"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "cloudflare" {
|
|
api_token = var.cloudflare_api_token
|
|
}
|
|
|
|
provider "kubernetes" {
|
|
config_path = var.kube_config_path
|
|
}
|
|
|
|
data "cloudflare_zone" "module" {
|
|
zone_id = var.cloudflare_zone_id
|
|
}
|
|
|
|
resource "cloudflare_record" "module" {
|
|
zone_id = data.cloudflare_zone.module.id
|
|
name = var.cloudflare_subdomain
|
|
value = var.cloudflare_ingress_host
|
|
type = "CNAME"
|
|
proxied = true
|
|
}
|
|
|
|
locals {
|
|
domain_name = "${cloudflare_record.module.name}.${data.cloudflare_zone.module.name}"
|
|
}
|
|
|
|
resource "tls_private_key" "origin" {
|
|
algorithm = "RSA"
|
|
}
|
|
|
|
resource "tls_cert_request" "origin" {
|
|
private_key_pem = tls_private_key.origin.private_key_pem
|
|
subject {
|
|
common_name = ""
|
|
organization = "paltiverse"
|
|
}
|
|
}
|
|
|
|
resource "cloudflare_origin_ca_certificate" "origin" {
|
|
request_type = "origin-rsa"
|
|
requested_validity = 5475
|
|
hostnames = [local.domain_name]
|
|
csr = tls_cert_request.origin.cert_request_pem
|
|
}
|
|
|
|
resource "kubernetes_secret_v1" "tls" {
|
|
metadata {
|
|
namespace = kubernetes_namespace_v1.gitea.metadata[0].name
|
|
name = "tls"
|
|
}
|
|
data = {
|
|
"tls.crt" : cloudflare_origin_ca_certificate.origin.certificate
|
|
"tls.key" : tls_private_key.origin.private_key_pem
|
|
}
|
|
type = "kubernetes.io/tls"
|
|
}
|