mirror of
https://github.com/khuedoan/homelab.git
synced 2024-12-23 01:24:36 +07:00
31 lines
648 B
HCL
31 lines
648 B
HCL
resource "cloudflare_api_token" "cert_manager" {
|
|
name = "homelab_cert_manager"
|
|
|
|
policy {
|
|
permission_groups = [
|
|
data.cloudflare_api_token_permission_groups.all.permissions["Zone Read"],
|
|
data.cloudflare_api_token_permission_groups.all.permissions["DNS Write"]
|
|
]
|
|
resources = {
|
|
"com.cloudflare.api.account.zone.*" = "*"
|
|
}
|
|
}
|
|
|
|
condition {
|
|
request_ip {
|
|
in = local.public_ips
|
|
}
|
|
}
|
|
}
|
|
|
|
resource "kubernetes_secret" "cert_manager_token" {
|
|
metadata {
|
|
name = "cloudflare-api-token"
|
|
namespace = "cert-manager"
|
|
}
|
|
|
|
data = {
|
|
"api-token" = cloudflare_api_token.cert_manager.value
|
|
}
|
|
}
|