✨ Add initial Terraform configuration for Azure and Proxmox resources

2026-03-01 14:16:44 +02:00
parent 44d658745e
commit b11172504d
17 changed files with 869 additions and 0 deletions
--- a/modules/dns/main.tf
+++ b/modules/dns/main.tf
@@ -0,0 +1,76 @@
+terraform {
+  required_providers {
+    cloudflare = {
+      source = "cloudflare/cloudflare"
+    }
+  }
+}
+
+resource "cloudflare_dns_record" "proxy_ipv4" {
+  zone_id = var.domain_zone_id
+  name    = "${var.domain_name}"
+  content = var.pangolin-proxy-v4
+  comment = "Azure VPS"
+  type    = "A"
+  proxied = false
+  ttl     = 1
+}
+
+resource "cloudflare_dns_record" "proxy_ipv6" {
+  zone_id = var.domain_zone_id
+  name    = "${var.domain_name}"
+  content = var.pangolin-proxy-v6
+  comment = "Azure VPS"
+  type    = "AAAA"
+  proxied = false
+  ttl     = 1
+}
+
+
+resource "cloudflare_dns_record" "subdomains_ipv4" {
+  zone_id = var.domain_zone_id
+  name    = "*.${var.domain_name}"
+  content = var.pangolin-proxy-v4
+  comment = "Azure VPS"
+  type    = "A"
+  proxied = false
+  ttl     = 1
+}
+
+resource "cloudflare_dns_record" "subdomains_ipv6" {
+  zone_id = var.domain_zone_id
+  name    = "*.${var.domain_name}"
+  content = var.pangolin-proxy-v6
+  comment = "Azure VPS"
+  type    = "AAAA"
+  proxied = false
+  ttl     = 1
+}
+
+# ── CDN-proxied subdomains ───────────────────────────────────
+# Specific records with proxied=true override the wildcard for
+# these subdomains, enabling Cloudflare edge caching.
+
+resource "cloudflare_dns_record" "cdn_ipv4" {
+  for_each = toset(var.cdn_subdomains)
+
+  zone_id = var.domain_zone_id
+  name    = "${each.value}.${var.domain_name}"
+  content = var.pangolin-proxy-v4
+  comment = "CDN-proxied via Cloudflare"
+  type    = "A"
+  proxied = true
+  ttl     = 1
+}
+
+resource "cloudflare_dns_record" "cdn_ipv6" {
+  for_each = toset(var.cdn_subdomains)
+
+  zone_id = var.domain_zone_id
+  name    = "${each.value}.${var.domain_name}"
+  content = var.pangolin-proxy-v6
+  comment = "CDN-proxied via Cloudflare"
+  type    = "AAAA"
+  proxied = true
+  ttl     = 1
+}
--- a/modules/dns/variables.tf
+++ b/modules/dns/variables.tf
@@ -0,0 +1,21 @@
+variable "domain_zone_id" {
+  type = string
+}
+
+variable "domain_name" {
+  type = string
+}
+
+variable "pangolin-proxy-v4" {
+  type = string
+}
+
+variable "pangolin-proxy-v6" {
+  type = string
+}
+
+variable "cdn_subdomains" {
+  description = "Subdomains to serve through Cloudflare proxy (CDN). These get proxied A/AAAA records that override the wildcard."
+  type        = list(string)
+  default     = []
+}