orchestration.clouds/ahoskingit/terraform/cloudflare_access.tf

resource "cloudflare_access_group" "family" {
  account_id = var.CLOUDFLARE_ACCOUNT_ID
  name       = "family group"

  include {
    email_domain = ["@ahosking.com"]
  }
}

resource "cloudflare_access_application" "influx" {
  account_id       = var.CLOUDFLARE_ACCOUNT_ID
  name             = "influx"
  domain           = "influx.ahoskingit.com"
  type             = "self_hosted"
  session_duration = "168h"
  logo_url         = "https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2Fc%2Fc6%2FInfluxdb_logo.svg%2F1920px-Influxdb_logo.svg"
  allowed_idps = [
    "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry
    "ba68cb89-c20b-49ab-8aea-26b3af318196", #TODO: Remove Manual Entry
  ]
}

resource "cloudflare_access_application" "money" {
  account_id       = var.CLOUDFLARE_ACCOUNT_ID
  name             = "money"
  domain           = "money.ahosking.com"
  type             = "self_hosted"
  session_duration = "336h"
  allowed_idps = [
    "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry
  ]
  http_only_cookie_attribute = true
}

resource "cloudflare_access_policy" "money" {
  application_id = cloudflare_access_application.money.id
  zone_id        = cloudflare_zone.ahosking_com.id
  name           = "family"
  precedence     = "2"
  decision       = "allow"

  include {
    email_domain = ["@ahosking.com"]
  }
  require {
    email_domain = ["@ahosking.com"]
  }
}

resource "cloudflare_access_application" "movies" {
  account_id       = var.CLOUDFLARE_ACCOUNT_ID
  name             = "movies"
  domain           = "movies.ahosking.com"
  type             = "self_hosted"
  session_duration = "336h"
  allowed_idps = [
    "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry
  ]
}

resource "cloudflare_access_application" "tv" {
  account_id       = var.CLOUDFLARE_ACCOUNT_ID
  name             = "tv"
  domain           = "tv.ahosking.com"
  type             = "self_hosted"
  session_duration = "336h"
  allowed_idps = [
    "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry
  ]
}

resource "cloudflare_access_application" "cycles" {
  account_id       = var.CLOUDFLARE_ACCOUNT_ID
  name             = "cycles"
  domain           = "cycles.ahosking.com"
  type             = "self_hosted"
  session_duration = "336h"
  allowed_idps = [
    "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry
  ]

  http_only_cookie_attribute = true
}

resource "cloudflare_access_policy" "cycles" {
  application_id = cloudflare_access_application.cycles.id
  zone_id        = cloudflare_zone.ahosking_com.id
  name           = "family"
  precedence     = "1"
  decision       = "allow"
  include {
    email_domain = ["@ahosking.com"]
  }
  require {
    email_domain = ["@ahosking.com"]
  }
}
Update to Email Domain 2022-03-27 03:08:11 +00:00			`resource "cloudflare_access_group" "family" {`
			`account_id = var.CLOUDFLARE_ACCOUNT_ID`
Whitespace updates 2022-08-16 05:41:51 +00:00			`name = "family group"`
Update to Email Domain 2022-03-27 03:08:11 +00:00
			`include {`
			`email_domain = ["@ahosking.com"]`
			`}`
			`}`

Adds CF Access and updates DNS 2022-03-27 02:36:15 +00:00			`resource "cloudflare_access_application" "influx" {`
			`account_id = var.CLOUDFLARE_ACCOUNT_ID`
			`name = "influx"`
			`domain = "influx.ahoskingit.com"`
			`type = "self_hosted"`
			`session_duration = "168h"`
Whitespace updates 2022-08-16 05:41:51 +00:00			`logo_url = "https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2Fc%2Fc6%2FInfluxdb_logo.svg%2F1920px-Influxdb_logo.svg"`
Adds CF Access and updates DNS 2022-03-27 02:36:15 +00:00			`allowed_idps = [`
			`"f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry`
			`"ba68cb89-c20b-49ab-8aea-26b3af318196", #TODO: Remove Manual Entry`
			`]`
			`}`

Local Vars overrides Add Cloudflare Access Application 2022-03-26 18:43:59 +00:00			`resource "cloudflare_access_application" "money" {`
Change to Account ID 2022-03-26 18:51:16 +00:00			`account_id = var.CLOUDFLARE_ACCOUNT_ID`
			`name = "money"`
			`domain = "money.ahosking.com"`
			`type = "self_hosted"`
Adds CF Access and updates DNS 2022-03-27 02:36:15 +00:00			`session_duration = "336h"`
			`allowed_idps = [`
			`"f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry`
			`]`
Correct http_cookie attribute 2022-08-16 05:45:02 +00:00			`http_only_cookie_attribute = true`
Local Vars overrides Add Cloudflare Access Application 2022-03-26 18:43:59 +00:00			`}`
Adds CF Access and updates DNS 2022-03-27 02:36:15 +00:00
Add CF access policy to Money 2022-03-27 02:59:02 +00:00			`resource "cloudflare_access_policy" "money" {`
			`application_id = cloudflare_access_application.money.id`
Whitespace updates 2022-08-16 05:41:51 +00:00			`zone_id = cloudflare_zone.ahosking_com.id`
			`name = "family"`
Add CNAMES and security precedence 2022-08-16 05:49:03 +00:00			`precedence = "2"`
Whitespace updates 2022-08-16 05:41:51 +00:00			`decision = "allow"`

Add CF access policy to Money 2022-03-27 02:59:02 +00:00			`include {`
Update to Email Domain 2022-03-27 03:08:11 +00:00			`email_domain = ["@ahosking.com"]`
Add CF access policy to Money 2022-03-27 02:59:02 +00:00			`}`
			`require {`
Update to Email Domain 2022-03-27 03:08:11 +00:00			`email_domain = ["@ahosking.com"]`
Add CF access policy to Money 2022-03-27 02:59:02 +00:00			`}`
			`}`

Adds CF Access and updates DNS 2022-03-27 02:36:15 +00:00			`resource "cloudflare_access_application" "movies" {`
			`account_id = var.CLOUDFLARE_ACCOUNT_ID`
			`name = "movies"`
			`domain = "movies.ahosking.com"`
			`type = "self_hosted"`
			`session_duration = "336h"`
			`allowed_idps = [`
			`"f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry`
			`]`
			`}`

			`resource "cloudflare_access_application" "tv" {`
			`account_id = var.CLOUDFLARE_ACCOUNT_ID`
			`name = "tv"`
			`domain = "tv.ahosking.com"`
			`type = "self_hosted"`
			`session_duration = "336h"`
			`allowed_idps = [`
			`"f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry`
			`]`
Add Period site 2022-04-23 18:13:02 +00:00			`}`

Whitespace updates 2022-08-16 05:41:51 +00:00			`resource "cloudflare_access_application" "cycles" {`
Add Period site 2022-04-23 18:13:02 +00:00			`account_id = var.CLOUDFLARE_ACCOUNT_ID`
Whitespace updates 2022-08-16 05:41:51 +00:00			`name = "cycles"`
			`domain = "cycles.ahosking.com"`
Add Period site 2022-04-23 18:13:02 +00:00			`type = "self_hosted"`
			`session_duration = "336h"`
			`allowed_idps = [`
			`"f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry`
			`]`
Whitespace updates 2022-08-16 05:41:51 +00:00
			`http_only_cookie_attribute = true`
Add Period site 2022-04-23 18:13:02 +00:00			`}`

Whitespace updates 2022-08-16 05:41:51 +00:00			`resource "cloudflare_access_policy" "cycles" {`
			`application_id = cloudflare_access_application.cycles.id`
			`zone_id = cloudflare_zone.ahosking_com.id`
			`name = "family"`
			`precedence = "1"`
			`decision = "allow"`
Add Period site 2022-04-23 18:13:02 +00:00			`include {`
			`email_domain = ["@ahosking.com"]`
			`}`
			`require {`
			`email_domain = ["@ahosking.com"]`
			`}`
			`}`