diff --git a/modules/dns/main.tf b/modules/dns/main.tf index 5d9664a..aa94611 100644 --- a/modules/dns/main.tf +++ b/modules/dns/main.tf @@ -1,3 +1,11 @@ +/** + * # DNS Module + * + * Manages Cloudflare DNS records for the root domain: + * - A / AAAA records for the apex and wildcard pointing at the Pangolin proxy. + * - CDN-proxied A / AAAA records for selected subdomains. + */ + terraform { required_providers { cloudflare = { diff --git a/modules/dns/variables.tf b/modules/dns/variables.tf index 671dd4c..056b19c 100644 --- a/modules/dns/variables.tf +++ b/modules/dns/variables.tf @@ -1,17 +1,21 @@ variable "domain_zone_id" { - type = string + description = "Cloudflare Zone ID for the target domain." + type = string } variable "domain_name" { - type = string + description = "Root domain name (e.g. 'example.com')." + type = string } variable "pangolin-proxy-v4" { - type = string + description = "IPv4 address of the Pangolin reverse-proxy." + type = string } variable "pangolin-proxy-v6" { - type = string + description = "IPv6 address of the Pangolin reverse-proxy." + type = string } variable "cdn_subdomains" { diff --git a/modules/foundry/main.tf b/modules/foundry/main.tf index a2fddd7..2708827 100644 --- a/modules/foundry/main.tf +++ b/modules/foundry/main.tf @@ -1,3 +1,10 @@ +/** + * # Foundry Module + * + * Creates a Proxmox LXC container running Foundry Virtual Tabletop. + * Supports configurable resources, networking, and static or DHCP addressing. + */ + terraform { required_providers { proxmox = { diff --git a/modules/pangolin/main.tf b/modules/pangolin/main.tf index 92ec82f..fc639ab 100644 --- a/modules/pangolin/main.tf +++ b/modules/pangolin/main.tf @@ -1,3 +1,10 @@ +/** + * # Pangolin Module + * + * Deploys an Azure Linux VM with dual-stack (IPv4 + IPv6) networking, + * intended as a reverse-proxy and WireGuard gateway for the homelab. + */ + terraform { required_providers { azurerm = { diff --git a/modules/pangolin/outputs.tf b/modules/pangolin/outputs.tf index a97372b..ee2b1d6 100644 --- a/modules/pangolin/outputs.tf +++ b/modules/pangolin/outputs.tf @@ -1,11 +1,14 @@ output "public_ipv4" { - value = azurerm_public_ip.pip_v4.ip_address + description = "The static public IPv4 address of the Pangolin proxy." + value = azurerm_public_ip.pip_v4.ip_address } output "public_ipv6" { - value = azurerm_public_ip.pip_v6.ip_address + description = "The static public IPv6 address of the Pangolin proxy." + value = azurerm_public_ip.pip_v6.ip_address } output "ssh_ipv4" { - value = "ssh ${var.admin_username}@${azurerm_public_ip.pip_v4.ip_address}" + description = "Ready-to-use SSH command for connecting to the VM over IPv4." + value = "ssh ${var.admin_username}@${azurerm_public_ip.pip_v4.ip_address}" } diff --git a/modules/pangolin/variables.tf b/modules/pangolin/variables.tf index a423d83..f3af39f 100644 --- a/modules/pangolin/variables.tf +++ b/modules/pangolin/variables.tf @@ -1,20 +1,24 @@ variable "location" { - type = string - default = "westeurope" + description = "Azure region for all resources in this module." + type = string + default = "westeurope" } variable "environment" { - type = string - default = "prod" + description = "Deployment environment label (e.g. 'prod', 'staging')." + type = string + default = "prod" } variable "instance" { - type = string - default = "homelab" + description = "Instance identifier appended to resource names." + type = string + default = "homelab" } variable "tags" { - type = map(string) + description = "Tags applied to all Azure resources in this module." + type = map(string) default = { project = "pangolin" env = "prod" @@ -22,47 +26,54 @@ variable "tags" { } variable "vm_name" { - type = string - default = "pangolin-proxy" + description = "Name of the Azure Linux VM." + type = string + default = "pangolin-proxy" } variable "vm_size" { - type = string - default = "Standard_A2_v2" + description = "Azure VM size/SKU." + type = string + default = "Standard_A2_v2" } variable "admin_username" { - type = string - default = "azureuser" + description = "Admin SSH username for the VM." + type = string + default = "azureuser" } variable "ssh_pubkey" { - type = string + description = "SSH public key content for the admin user." + type = string } variable "vnet_cidr_ipv4" { - type = string - default = "10.50.0.0/16" + description = "IPv4 address space for the virtual network." + type = string + default = "10.50.0.0/16" } variable "vnet_cidr_ipv6" { - type = string - default = "fd7d:bb99:1da4::/48" + description = "IPv6 address space for the virtual network." + type = string + default = "fd7d:bb99:1da4::/48" } variable "subnet_cidr_ipv4" { - type = string - default = "10.50.1.0/24" + description = "IPv4 CIDR for the VM subnet." + type = string + default = "10.50.1.0/24" } - variable "subnet_cidr_ipv6" { - type = string - default = "fd7d:bb99:1da4:195::/64" + description = "IPv6 CIDR for the VM subnet." + type = string + default = "fd7d:bb99:1da4:195::/64" } variable "allowed_ssh_cidrs_ipv4" { - type = list(string) description = "IPv4 CIDRs allowed to SSH (22/tcp). Empty list means allow from anywhere." - default = [] + type = list(string) + default = [] } diff --git a/modules/pip/main.tf b/modules/pip/main.tf index d46697e..2629847 100644 --- a/modules/pip/main.tf +++ b/modules/pip/main.tf @@ -1,3 +1,10 @@ +/** + * # Public IP Module + * + * Discovers the caller's public IPv4 address using an external echo-IP service. + * Used to dynamically allowlist the deployer's IP in firewall rules. + */ + terraform { required_providers { http = { }