kopia lustrzana https://github.com/cloudflare/wildebeest
fix deploy
rodzic
1ae8b13d9c
commit
30d3814262
|
@ -56,6 +56,7 @@ jobs:
|
||||||
env:
|
env:
|
||||||
TF_VAR_cloudflare_account_id: ${{ secrets.CF_ACCOUNT_ID }}
|
TF_VAR_cloudflare_account_id: ${{ secrets.CF_ACCOUNT_ID }}
|
||||||
TF_VAR_cloudflare_api_token: ${{ secrets.CF_API_TOKEN }}
|
TF_VAR_cloudflare_api_token: ${{ secrets.CF_API_TOKEN }}
|
||||||
|
TF_VAR_cloudflare_zone_name: ${{ secrets.CF_ZONE_NAME }}
|
||||||
TF_VAR_gh_username: ${{ github.actor }}
|
TF_VAR_gh_username: ${{ github.actor }}
|
||||||
TF_VAR_d1_id: ${{ env.d1_id }}
|
TF_VAR_d1_id: ${{ env.d1_id }}
|
||||||
|
|
||||||
|
@ -65,6 +66,7 @@ jobs:
|
||||||
apiToken: ${{ secrets.CF_API_TOKEN }}
|
apiToken: ${{ secrets.CF_API_TOKEN }}
|
||||||
preCommands: |
|
preCommands: |
|
||||||
echo "*** pre commands ***"
|
echo "*** pre commands ***"
|
||||||
|
yarn
|
||||||
yarn build
|
yarn build
|
||||||
cp -rv ./frontend/dist/* .
|
cp -rv ./frontend/dist/* .
|
||||||
echo "******"
|
echo "******"
|
||||||
|
|
52
tf/main.tf
52
tf/main.tf
|
@ -2,6 +2,10 @@ variable "cloudflare_account_id" {
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "cloudflare_zone_name" {
|
||||||
|
type = string
|
||||||
|
}
|
||||||
|
|
||||||
variable "cloudflare_api_token" {
|
variable "cloudflare_api_token" {
|
||||||
type = string
|
type = string
|
||||||
}
|
}
|
||||||
|
@ -32,20 +36,27 @@ provider "cloudflare" {
|
||||||
api_token = var.cloudflare_api_token
|
api_token = var.cloudflare_api_token
|
||||||
}
|
}
|
||||||
|
|
||||||
|
data "cloudflare_zone" "zone" {
|
||||||
|
account_id = var.cloudflare_account_id
|
||||||
|
name = var.cloudflare_zone_name
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
resource "cloudflare_workers_kv_namespace" "wildebeest_cache" {
|
resource "cloudflare_workers_kv_namespace" "wildebeest_cache" {
|
||||||
account_id = var.cloudflare_account_id
|
account_id = var.cloudflare_account_id
|
||||||
title = "wildebeest-cache"
|
title = "wildebeest-${var.gh_username}-cache"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "random_password" "user_key" {
|
resource "random_password" "user_key" {
|
||||||
length = 256
|
length = 256
|
||||||
special = false
|
special = false
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "cloudflare_pages_project" "wildebeest_pages_project" {
|
resource "cloudflare_pages_project" "wildebeest_pages_project" {
|
||||||
account_id = var.cloudflare_account_id
|
account_id = var.cloudflare_account_id
|
||||||
name = "wildebeest-${var.gh_username}"
|
name = "wildebeest-${var.gh_username}"
|
||||||
production_branch = "main"
|
production_branch = "main"
|
||||||
|
|
||||||
deployment_configs {
|
deployment_configs {
|
||||||
production {
|
production {
|
||||||
environment_variables = {
|
environment_variables = {
|
||||||
|
@ -59,21 +70,48 @@ resource "cloudflare_pages_project" "wildebeest_pages_project" {
|
||||||
KV_CACHE = cloudflare_workers_kv_namespace.wildebeest_cache.id
|
KV_CACHE = cloudflare_workers_kv_namespace.wildebeest_cache.id
|
||||||
}
|
}
|
||||||
d1_databases = {
|
d1_databases = {
|
||||||
D1_BINDING = var.d1_id
|
DATABASE = var.d1_id
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_record" "record" {
|
||||||
|
zone_id = data.cloudflare_zone.zone.id
|
||||||
|
name = "@"
|
||||||
|
value = cloudflare_pages_project.wildebeest_pages_project.subdomain
|
||||||
|
type = "CNAME"
|
||||||
|
ttl = 1
|
||||||
|
proxied = true
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudflare_pages_domain" "domain" {
|
||||||
|
account_id = var.cloudflare_account_id
|
||||||
|
project_name = "wildebeest-${var.gh_username}"
|
||||||
|
domain = var.cloudflare_zone_name
|
||||||
|
}
|
||||||
|
|
||||||
resource "cloudflare_access_application" "wildebeest_access" {
|
resource "cloudflare_access_application" "wildebeest_access" {
|
||||||
account_id = var.cloudflare_account_id
|
account_id = var.cloudflare_account_id
|
||||||
name = "wildebeest-${var.gh_username}"
|
name = "wildebeest-${var.gh_username}"
|
||||||
domain = "${cloudflare_pages_project.wildebeest_pages_project.subdomain}/oauth/authorize"
|
domain = "${var.cloudflare_zone_name}/oauth/authorize"
|
||||||
type = "self_hosted"
|
type = "self_hosted"
|
||||||
session_duration = "168h"
|
session_duration = "168h"
|
||||||
auto_redirect_to_identity = false
|
auto_redirect_to_identity = false
|
||||||
}
|
}
|
||||||
|
|
||||||
output "access_aud" {
|
resource "cloudflare_access_policy" "policy" {
|
||||||
value = cloudflare_access_application.wildebeest_access.aud
|
application_id = cloudflare_access_application.wildebeest_access.id
|
||||||
|
zone_id = data.cloudflare_zone.zone.id
|
||||||
|
name = "policy"
|
||||||
|
precedence = "1"
|
||||||
|
decision = "allow"
|
||||||
|
|
||||||
|
include {
|
||||||
|
email = ["test@example.com"]
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* output "access_aud" { */
|
||||||
|
/* value = cloudflare_access_application.wildebeest_access.aud */
|
||||||
|
/* } */
|
||||||
|
|
Ładowanie…
Reference in New Issue