gensokyo-zone/infrastructure
1
0
Fork 0
mirror of https://github.com/gensokyo-zone/infrastructure.git synced 2026-02-09 12:29:19 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(tf): system records

Browse source
This commit is contained in:
arcnmx 2024-01-15 11:00:45 -08:00
parent e7f87e4892
commit 9d274bbe73
8 changed files with 191 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ci/deploy.sh
View file

@ -9,7 +9,7 @@ NF_ADDR=${NF_ADDR-${NF_HOST}.local}
if [[ $NF_ADDR = tewi.local ]]; then if [[ $NF_ADDR = tewi.local ]]; then
# work around homekit namespace clash # work around homekit namespace clash
NF_ADDR=tewi.local.cutie.moe NF_ADDR=tewi.local.gensokyo.zone
fi fi
if [[ $# -eq 0 ]]; then if [[ $# -eq 0 ]]; then

6
modules/nixos/access.nix
View file

@ -19,9 +19,9 @@ in {
config.networking.access = { config.networking.access = {
hostnameForNetwork = { hostnameForNetwork = {
local = mkIf config.services.avahi.enable "${hostName}.local.cutie.moe"; local = mkIf config.services.avahi.enable "${hostName}.local.gensokyo.zone";
tail = mkIf config.services.tailscale.enable "${hostName}.tail.cutie.moe"; tail = mkIf config.services.tailscale.enable "${hostName}.tail.gensokyo.zone";
global = mkIf config.networking.enableIPv6 "${hostName}.cutie.moe"; global = mkIf config.networking.enableIPv6 "${hostName}.gensokyo.zone";
}; };
}; };
} }

33
tf/cloudflare_records.tf Normal file
View file

@ -0,0 +1,33 @@
module "reisen_system_records" {
source = "./system/records"
name = "reisen"
zone_id = cloudflare_zone.gensokyo-zone_zone.id
zone_zone = cloudflare_zone.gensokyo-zone_zone.zone
local_v4 = "10.1.1.40"
}
module "tewi_system_records" {
source = "./system/records"
name = "tei"
zone_id = cloudflare_zone.gensokyo-zone_zone.id
zone_zone = cloudflare_zone.gensokyo-zone_zone.zone
tailscale_v4 = "100.74.104.29"
tailscale_v6 = "fd7a:115c:a1e0::fd8a:681d"
local_v4 = "10.1.1.39"
local_v6 = "fd0a::be24:11ff:fecc:6657"
local_subdomains = [
"mqtt",
"home"
]
}
module "tewi_legacy_system_records" {
source = "./system/records"
name = "tewi"
zone_id = cloudflare_zone.gensokyo-zone_zone.id
zone_zone = cloudflare_zone.gensokyo-zone_zone.zone
tailscale_v4 = "100.88.107.41"
tailscale_v6 = "fd7a:115c:a1e0:ab12:4843:cd96:6258:6b29"
local_v4 = "10.1.1.38"
local_v6 = "fd0a::eea8:6bff:fefe:3986"
}

4
tf/cloudflare_tunnels.tf
View file

@ -22,7 +22,7 @@ output "cloudflare_tunnel_id_tewi" {
} }
output "cloudflare_tunnel_token_tewi" { output "cloudflare_tunnel_token_tewi" {
value = module.tewi.token value = module.tewi.token
sensitive = true sensitive = true
} }
@ -58,7 +58,7 @@ output "cloudflare_tunnel_id_mediabox" {
} }
output "cloudflare_tunnel_token_mediabox" { output "cloudflare_tunnel_token_mediabox" {
value = module.mediabox.token value = module.mediabox.token
sensitive = true sensitive = true
} }

27
tf/system/records/cnames.tf Normal file
View file

@ -0,0 +1,27 @@
variable "local_subdomains" {
type = list(string)
default = []
}
locals {
cname_records = concat(
[for subdomain in var.local_subdomains : {
name = "${subdomain}.local",
value = "${local.local_name}.${var.zone_zone}",
}],
local.has_tailscale ? [for subdomain in var.local_subdomains : {
name = "${subdomain}.tail",
value = "${local.tailscale_name}.${var.zone_zone}",
}] : [],
)
}
resource "cloudflare_record" "cname_records" {
for_each = { for i, cname in local.cname_records : cname.name => i }
name = local.cname_records[each.value].name
proxied = false
ttl = 360
type = "CNAME"
value = local.cname_records[each.value].value
zone_id = var.zone_id
}

114
tf/system/records/records.tf Normal file
View file

@ -0,0 +1,114 @@
variable "zone_id" {
type = string
}
variable "zone_zone" {
type = string
}
variable "name" {
type = string
}
variable "tailscale_name" {
type = string
default = null
}
variable "tailscale_v4" {
type = string
default = null
}
variable "tailscale_v6" {
type = string
default = null
}
variable "local_name" {
type = string
default = null
}
variable "local_v4" {
type = string
default = null
}
variable "local_v6" {
type = string
default = null
}
variable "global_name" {
type = string
default = null
}
variable "global_v4" {
type = string
default = null
}
variable "global_v6" {
type = string
default = null
}
locals {
local_name = coalesce(var.local_name, "${var.name}.local")
tailscale_name = coalesce(var.tailscale_name, "${var.name}.tail")
global_name = coalesce(var.global_name, var.name)
has_tailscale = var.tailscale_v4 != null || var.tailscale_v6 != null
a_records = [
{
name = local.local_name,
value = var.local_v4,
},
{
name = local.global_name,
value = var.global_v4,
},
{
name = local.tailscale_name,
value = var.tailscale_v4,
}
]
aaaa_records = [
{
name = local.local_name,
value = var.local_v6,
},
{
name = local.global_name,
value = var.global_v6,
},
{
name = local.tailscale_name,
value = var.tailscale_v6,
}
]
}
resource "cloudflare_record" "a_records" {
for_each = { for i, a in local.a_records : a.name => i if a.value != null }
name = local.a_records[each.value].name
proxied = false
ttl = 3600
type = "A"
value = local.a_records[each.value].value
zone_id = var.zone_id
}
resource "cloudflare_record" "aaaa_records" {
for_each = { for i, aaaa in local.aaaa_records : aaaa.name => i if aaaa.value != null }
name = local.aaaa_records[each.value].name
proxied = false
ttl = 3600
type = "AAAA"
value = local.aaaa_records[each.value].value
zone_id = var.zone_id
}

10
tf/system/records/terraform.tf Normal file
View file

@ -0,0 +1,10 @@
terraform {
required_version = ">= 1.6.0"
required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = ">= 4.22.0"
}
}
}

2
tf/tunnel/tunnel.tf
View file

@ -25,7 +25,7 @@ output "id" {
} }
output "token" { output "token" {
value = cloudflare_tunnel.tunnel.tunnel_token value = cloudflare_tunnel.tunnel.tunnel_token
sensitive = true sensitive = true
} }