From 73bde3c212b3e8e0f301c3c9c0445fcd27ffaaa1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= Date: Wed, 22 Jan 2020 21:03:28 +0100 Subject: [PATCH] upgrade CloudFlare provider MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jakub SokoĊ‚owski --- Makefile | 6 +++--- main.tf | 26 +++++++++++++++++++++----- variables.tf | 18 +++++++++--------- versions.tf | 5 ++++- 4 files changed, 37 insertions(+), 18 deletions(-) diff --git a/Makefile b/Makefile index 849c60d..07ff576 100644 --- a/Makefile +++ b/Makefile @@ -56,12 +56,12 @@ secrets: pass services/consul/client-crt > ansible/files/consul-client.crt pass services/consul/client-key > ansible/files/consul-client.key echo "Saving secrets to: terraform.tfvars" - @echo "\ + @echo -e "\ # secrets extracted from password-store\n\ -digitalocean_token = \"$(shell pass cloud/DigitalOcean/token)\"\n\ cloudflare_token = \"$(shell pass cloud/Cloudflare/token)\"\n\ cloudflare_email = \"$(shell pass cloud/Cloudflare/email)\"\n\ -cloudflare_org_id = \"$(shell pass cloud/Cloudflare/org_id)\"\n\ +cloudflare_account = \"$(shell pass cloud/Cloudflare/account)\"\n\ +digitalocean_token = \"$(shell pass cloud/DigitalOcean/token)\"\n\ alicloud_access_key = \"$(shell pass cloud/Alibaba/access-key)\"\n\ alicloud_secret_key = \"$(shell pass cloud/Alibaba/secret-key)\"\n\ " > terraform.tfvars diff --git a/main.tf b/main.tf index 2d4dfef..8f1b779 100644 --- a/main.tf +++ b/main.tf @@ -5,9 +5,9 @@ provider "digitalocean" { } provider "cloudflare" { - email = var.cloudflare_email - token = var.cloudflare_token - org_id = var.cloudflare_org_id + email = var.cloudflare_email + api_key = var.cloudflare_token + account_id = var.cloudflare_account } provider "google" { @@ -40,6 +40,22 @@ terraform { } } +/* CF Zones ------------------------------------*/ + +/* CloudFlare Zone IDs required for records */ +data "cloudflare_zones" "active" { + filter { status = "active" } +} + +/* For easier access to zone ID by domain name */ +locals { + zones = { + for zone in data.cloudflare_zones.active.zones: + zone.name => zone.id + } +} + + /* RESOURCES ------------------------------------*/ module "nimbus-master" { @@ -79,7 +95,7 @@ module "nimbus-nodes" { /* DNS ------------------------------------------*/ resource "cloudflare_record" "nimbus-test-stats" { - domain = var.public_domain + zone_id = local.zones["status.im"] name = "nimbus-test-stats" type = "A" proxied = true @@ -88,7 +104,7 @@ resource "cloudflare_record" "nimbus-test-stats" { } resource "cloudflare_record" "serenity-testnets" { - domain = var.public_domain + zone_id = local.zones["status.im"] name = "serenity-testnets" type = "A" proxied = true diff --git a/variables.tf b/variables.tf index 1058c0a..64657b4 100644 --- a/variables.tf +++ b/variables.tf @@ -1,21 +1,21 @@ /* REQUIRED -------------------------------------*/ -variable "cloudflare_token" { - description = "Token for interacting with Cloudflare API." -} - -variable "digitalocean_token" { - description = "Token for interacting with DigitalOcean API." -} - variable "cloudflare_email" { description = "Email address of Cloudflare account." } -variable "cloudflare_org_id" { +variable "cloudflare_token" { + description = "Token for interacting with Cloudflare API." +} + +variable "cloudflare_account" { description = "ID of the CloudFlare organization." } +variable "digitalocean_token" { + description = "Token for interacting with DigitalOcean API." +} + variable "alicloud_access_key" { description = "Alibaba Cloud API access key." } diff --git a/versions.tf b/versions.tf index ac97c6a..07aa8f0 100644 --- a/versions.tf +++ b/versions.tf @@ -1,4 +1,7 @@ - terraform { required_version = ">= 0.12" + required_providers { + cloudflare = " = 2.3.0" + digitalocean = " = 1.12.0" + } }