From b13c0abc159075d7c3b4fa6db944608f2edb526e Mon Sep 17 00:00:00 2001 From: Alexander Hosking Date: Tue, 16 Aug 2022 01:41:51 -0400 Subject: [PATCH 1/6] Whitespace updates --- ahoskingit/terraform/cloudflare_access.tf | 35 +++++++++++++---------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/ahoskingit/terraform/cloudflare_access.tf b/ahoskingit/terraform/cloudflare_access.tf index cf8146b..caae85f 100644 --- a/ahoskingit/terraform/cloudflare_access.tf +++ b/ahoskingit/terraform/cloudflare_access.tf @@ -1,6 +1,6 @@ resource "cloudflare_access_group" "family" { account_id = var.CLOUDFLARE_ACCOUNT_ID - name = "family group" + name = "family group" include { email_domain = ["@ahosking.com"] @@ -13,7 +13,7 @@ resource "cloudflare_access_application" "influx" { domain = "influx.ahoskingit.com" type = "self_hosted" session_duration = "168h" - logo_url = "https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2Fc%2Fc6%2FInfluxdb_logo.svg%2F1920px-Influxdb_logo.svg" + logo_url = "https://external-content.duckduckgo.com/iu/?u=https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2Fc%2Fc6%2FInfluxdb_logo.svg%2F1920px-Influxdb_logo.svg" allowed_idps = [ "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry "ba68cb89-c20b-49ab-8aea-26b3af318196", #TODO: Remove Manual Entry @@ -33,10 +33,13 @@ resource "cloudflare_access_application" "money" { resource "cloudflare_access_policy" "money" { application_id = cloudflare_access_application.money.id - zone_id = cloudflare_zone.ahosking_com.id - name = "family" - precedence = "1" - decision = "allow" + zone_id = cloudflare_zone.ahosking_com.id + name = "family" + precedence = "1" + decision = "allow" + + http_only_cookie_attribute = true + include { email_domain = ["@ahosking.com"] } @@ -67,23 +70,25 @@ resource "cloudflare_access_application" "tv" { ] } -resource "cloudflare_access_application" "period" { +resource "cloudflare_access_application" "cycles" { account_id = var.CLOUDFLARE_ACCOUNT_ID - name = "period" - domain = "period.ahosking.com" + name = "cycles" + domain = "cycles.ahosking.com" type = "self_hosted" session_duration = "336h" allowed_idps = [ "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry ] + + http_only_cookie_attribute = true } -resource "cloudflare_access_policy" "period" { - application_id = cloudflare_access_application.period.id - zone_id = cloudflare_zone.ahosking_com.id - name = "family" - precedence = "1" - decision = "allow" +resource "cloudflare_access_policy" "cycles" { + application_id = cloudflare_access_application.cycles.id + zone_id = cloudflare_zone.ahosking_com.id + name = "family" + precedence = "1" + decision = "allow" include { email_domain = ["@ahosking.com"] } From c9a5a3d2e33edb5fc42ddcbf787648afaa0bd168 Mon Sep 17 00:00:00 2001 From: Alexander Hosking Date: Tue, 16 Aug 2022 01:42:23 -0400 Subject: [PATCH 2/6] Add ahosking cnames Add cycles, minecraft and homeassistant --- ahoskingit/terraform/.terraform.lock.hcl | 2 ++ ahoskingit/terraform/variables.tf | 3 ++- orchestration.clouds.code-workspace | 3 ++- 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/ahoskingit/terraform/.terraform.lock.hcl b/ahoskingit/terraform/.terraform.lock.hcl index e9d7b24..bb6956d 100644 --- a/ahoskingit/terraform/.terraform.lock.hcl +++ b/ahoskingit/terraform/.terraform.lock.hcl @@ -6,6 +6,7 @@ provider "registry.terraform.io/cloudflare/cloudflare" { constraints = "~> 3.0" hashes = [ "h1:oTTfUShNNcDCOxlXP2XiNleQYHmWswesQFCuicwQztw=", + "h1:pb7gfJMtamHcmsNTAdB4V6iYWuXFLx3CErxqx2f+DXs=", "zh:0dd08c3336b3198e30158b61605674eefbc0b8e331ad8f25322ce1889fd2d8a7", "zh:196d80c7ae594f1b6140de02ecb101ec1afd7e45877be849ace73866f3fcb689", "zh:37bc087b5e858a92faf03c994cfbc4c906b0afecb7df2ff25961b394f3013cc0", @@ -28,6 +29,7 @@ provider "registry.terraform.io/hashicorp/aws" { constraints = "~> 3.0" hashes = [ "h1:++H0a4igODgreQL3SJuRz71JZkC69rl41R8xLYM894o=", + "h1:OuaWibxL7IoGHmX6xuhO2XvYJcr+DJNr9pnVjaUiMrw=", "zh:11c2ee541ca1da923356c9225575ba294523d7b6af82d6171c912470ef0f90cd", "zh:19fe975993664252b4a2ff1079546f2b186b01d1a025a94a4f15c37e023806c5", "zh:442e7fc145b2debebe9279b283d07f5f736dc1776c2e5b1702728a6eb03789d0", diff --git a/ahoskingit/terraform/variables.tf b/ahoskingit/terraform/variables.tf index 34bc527..9a9d3f3 100644 --- a/ahoskingit/terraform/variables.tf +++ b/ahoskingit/terraform/variables.tf @@ -37,5 +37,6 @@ variable "environment" {} variable "ahosking_com_cnames" { default = ["code", "radarr", "sonarr", "ombi", "git", - "monitors", "tv", "movies", "money", "period"] + "monitors", "tv", "movies", "money", "cycles", "minecraft", + "homeassistant"] } diff --git a/orchestration.clouds.code-workspace b/orchestration.clouds.code-workspace index 6922e77..ea8d8de 100644 --- a/orchestration.clouds.code-workspace +++ b/orchestration.clouds.code-workspace @@ -22,7 +22,8 @@ "activityBar.activeBackground": "#ef7853", "sash.hoverBorder": "#ef7853", "statusBarItem.remoteBackground": "#eb5424", - "statusBarItem.remoteForeground": "#e7e7e7" + "statusBarItem.remoteForeground": "#e7e7e7", + "commandCenter.border": "#e7e7e799" }, "peacock.color": "#eb5424" } From 4ba93437c9cf49180f0da8539929133b94a6af3f Mon Sep 17 00:00:00 2001 From: Alexander Hosking Date: Tue, 16 Aug 2022 01:45:02 -0400 Subject: [PATCH 3/6] Correct http_cookie attribute --- ahoskingit/terraform/cloudflare_access.tf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ahoskingit/terraform/cloudflare_access.tf b/ahoskingit/terraform/cloudflare_access.tf index caae85f..e59d65b 100644 --- a/ahoskingit/terraform/cloudflare_access.tf +++ b/ahoskingit/terraform/cloudflare_access.tf @@ -29,6 +29,7 @@ resource "cloudflare_access_application" "money" { allowed_idps = [ "f27ba272-b676-4ab0-b560-e4ea52b19f18", #TODO: Remove Manual Entry ] + http_only_cookie_attribute = true } resource "cloudflare_access_policy" "money" { @@ -38,8 +39,6 @@ resource "cloudflare_access_policy" "money" { precedence = "1" decision = "allow" - http_only_cookie_attribute = true - include { email_domain = ["@ahosking.com"] } From 18fe3be6f12bf03cefb1492ebfeed0c19d64dc01 Mon Sep 17 00:00:00 2001 From: Alexander Hosking Date: Tue, 16 Aug 2022 01:49:03 -0400 Subject: [PATCH 4/6] Add CNAMES and security precedence --- ahoskingit/terraform/cloudflare_access.tf | 2 +- ahoskingit/terraform/variables.tf | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/ahoskingit/terraform/cloudflare_access.tf b/ahoskingit/terraform/cloudflare_access.tf index e59d65b..8ec516a 100644 --- a/ahoskingit/terraform/cloudflare_access.tf +++ b/ahoskingit/terraform/cloudflare_access.tf @@ -36,7 +36,7 @@ resource "cloudflare_access_policy" "money" { application_id = cloudflare_access_application.money.id zone_id = cloudflare_zone.ahosking_com.id name = "family" - precedence = "1" + precedence = "2" decision = "allow" include { diff --git a/ahoskingit/terraform/variables.tf b/ahoskingit/terraform/variables.tf index 9a9d3f3..5d7d6cb 100644 --- a/ahoskingit/terraform/variables.tf +++ b/ahoskingit/terraform/variables.tf @@ -38,5 +38,5 @@ variable "environment" {} variable "ahosking_com_cnames" { default = ["code", "radarr", "sonarr", "ombi", "git", "monitors", "tv", "movies", "money", "cycles", "minecraft", - "homeassistant"] + "homeassistant", "status", "bills"] } From 9618d381743cebc0de240c4d37dd5cc907fc11d8 Mon Sep 17 00:00:00 2001 From: A H Date: Tue, 6 Sep 2022 05:29:44 +0000 Subject: [PATCH 5/6] Add Slack.ahosking.com --- ahoskingit/terraform/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ahoskingit/terraform/variables.tf b/ahoskingit/terraform/variables.tf index 5d7d6cb..34a0cea 100644 --- a/ahoskingit/terraform/variables.tf +++ b/ahoskingit/terraform/variables.tf @@ -38,5 +38,5 @@ variable "environment" {} variable "ahosking_com_cnames" { default = ["code", "radarr", "sonarr", "ombi", "git", "monitors", "tv", "movies", "money", "cycles", "minecraft", - "homeassistant", "status", "bills"] + "homeassistant", "slack", "status", "bills"] } From 10487827754e0efaeecf319f885a52d687522047 Mon Sep 17 00:00:00 2001 From: Alexander Hosking Date: Thu, 15 Dec 2022 02:09:26 -0500 Subject: [PATCH 6/6] New Home IP --- ahoskingit/terraform/homeip.auto.tfvars | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ahoskingit/terraform/homeip.auto.tfvars b/ahoskingit/terraform/homeip.auto.tfvars index d340398..1b19039 100644 --- a/ahoskingit/terraform/homeip.auto.tfvars +++ b/ahoskingit/terraform/homeip.auto.tfvars @@ -1 +1 @@ -home_ip = "174.91.157.243" +home_ip = "184.147.40.112"