update dns record after static ip is added

chmoder · chmoder · commit cf54dd738aed · 2024-08-16T23:02:43.000-05:00
diff --git a/certmanager.tf b/certmanager.tf
@@ -43,7 +43,7 @@ module "cert_manager" {
       },
       selector = {
         dnsZones = [
-          var.ingress_hosts.ftp_svc
+          var.ingress_hosts.ftp_svc.domain
         ]
       }
     },
@@ -57,9 +57,8 @@ module "cert_manager" {
   ]
 
   certificates = {
-    #  "${replace(var.ingress_hosts.ftp_svc, ".", "_")}" = {
-    "${var.ingress_hosts.ftp_svc}" = {
-      dns_names = [var.ingress_hosts.ftp_svc]
+    "${var.ingress_hosts.ftp_svc.domain}" = {
+      dns_names = [var.ingress_hosts.ftp_svc.domain]
     }
   }
 
diff --git a/ingress.tf b/ingress.tf
@@ -17,8 +17,8 @@ resource "kubernetes_ingress_v1" "example" {
   spec {
     ingress_class_name = "gce"
     tls {
-      # hosts       = [var.ingress_hosts.ftp_svc]
-      hosts       = values(var.ingress_hosts)
+      hosts       = [var.ingress_hosts.ftp_svc.domain]
+      # hosts       = values(var.ingress_hosts)
       secret_name = var.cluster_issuer_private_key_secret_name
     }
 
@@ -32,7 +32,7 @@ resource "kubernetes_ingress_v1" "example" {
     }
 
     rule {
-      host = var.ingress_hosts.ftp_svc
+      host = var.ingress_hosts.ftp_svc.domain
       http {
         path {
           path = "/*"
diff --git a/main.tf b/main.tf
@@ -19,6 +19,10 @@ terraform {
       source  = "hashicorp/google"
       version = "5.41.0"
     }
+    cloudflare = {
+      source = "cloudflare/cloudflare"
+      version = "4.39.0"
+    }
     kubernetes = {
       source  = "hashicorp/kubernetes"
       version = "2.32.0"
@@ -33,7 +37,7 @@ terraform {
     }
     newrelic = {
       source  = "newrelic/newrelic"
-      version = "3.42.1"
+      version = "3.42.3"
     }
   }
 }
@@ -66,7 +70,11 @@ provider "helm" {
   }
 }
 
-# TODO: implement newrelic
+provider "cloudflare" {
+  email = var.cloudflare_email
+  api_key = var.cloudflare_api_key
+}
+
 # provider "newrelic" {
 #   account_id = var.nr_account_id
 #   api_key    = ""
diff --git a/networks.tf b/networks.tf
@@ -91,4 +91,14 @@ resource "kubectl_manifest" "app_frontend_config" {
   })
 
   depends_on = [google_container_node_pool.primary_nodes]
+}
+
+resource "cloudflare_record" "example" {
+  name    = "${var.ingress_hosts.ftp_svc.domain}-dns-a-record"
+
+  zone_id = var.ingress_hosts.ftp_svc.zone_id
+  content = google_compute_global_address.ingress.address
+  type    = "A"
+  ttl     = 60
+  allow_overwrite = true
 }
diff --git a/variables.tf b/variables.tf
@@ -39,7 +39,7 @@ variable "cloudflare_api_key" {
 }
 
 variable "ingress_hosts" {
-  type        = map(string)
+  type        = map(map(string))
   description = "hostnames (domains) that will be used in certs and/or routing"
 }
 
@@ -64,8 +64,12 @@ variable "firewall_allow_https" {
   default = "https-enabled"
 }
 
-# TODO: implement
-# variable "nr_account_id" {
-#   type = number
-#   description = "new relic account ID"
-# }
+variable "nr_account_id" {
+  type = number
+  description = "new relic account ID"
+}
+
+variable "nr_api_key" {
+  type = string
+  description = "new relic api key"
+}

Original file line number	Diff line number	Diff line change
`@@ -43,7 +43,7 @@ module "cert_manager" {`
`43`	`43`	`},`
`44`	`44`	`selector = {`
`45`	`45`	`dnsZones = [`
`46`		`- var.ingress_hosts.ftp_svc`
	`46`	`+ var.ingress_hosts.ftp_svc.domain`
`47`	`47`	`]`
`48`	`48`	`}`
`49`	`49`	`},`
`@@ -57,9 +57,8 @@ module "cert_manager" {`
`57`	`57`	`]`
`58`	`58`
`59`	`59`	`certificates = {`
`60`		`- # "${replace(var.ingress_hosts.ftp_svc, ".", "_")}" = {`
`61`		`- "${var.ingress_hosts.ftp_svc}" = {`
`62`		`- dns_names = [var.ingress_hosts.ftp_svc]`
	`60`	`+ "${var.ingress_hosts.ftp_svc.domain}" = {`
	`61`	`+ dns_names = [var.ingress_hosts.ftp_svc.domain]`
`63`	`62`	`}`
`64`	`63`	`}`
`65`	`64`
Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,10 @@ terraform {`
`19`	`19`	`source = "hashicorp/google"`
`20`	`20`	`version = "5.41.0"`
`21`	`21`	`}`
	`22`	`+ cloudflare = {`
	`23`	`+ source = "cloudflare/cloudflare"`
	`24`	`+ version = "4.39.0"`
	`25`	`+ }`
`22`	`26`	`kubernetes = {`
`23`	`27`	`source = "hashicorp/kubernetes"`
`24`	`28`	`version = "2.32.0"`
`@@ -33,7 +37,7 @@ terraform {`
`33`	`37`	`}`
`34`	`38`	`newrelic = {`
`35`	`39`	`source = "newrelic/newrelic"`
`36`		`- version = "3.42.1"`
	`40`	`+ version = "3.42.3"`
`37`	`41`	`}`
`38`	`42`	`}`
`39`	`43`	`}`
`@@ -66,7 +70,11 @@ provider "helm" {`
`66`	`70`	`}`
`67`	`71`	`}`
`68`	`72`
`69`		`-# TODO: implement newrelic`
	`73`	`+provider "cloudflare" {`
	`74`	`+ email = var.cloudflare_email`
	`75`	`+ api_key = var.cloudflare_api_key`
	`76`	`+}`
	`77`	`+`
`70`	`78`	`# provider "newrelic" {`
`71`	`79`	`# account_id = var.nr_account_id`
`72`	`80`	`# api_key = ""`