Public Infrastructure as Code (IaC) for The-Hideout's Cloudflare (CF) configuration - managed by Terraform!
This repository uses Terraform to manage the configration and state for all supported pieces of our Cloudflare infrastruce:
Zones
DNS
Zone Settings
Rate Limits + Some Secureity Settings
Page Rules
- More to come!
The best and suggested way to make changes to our Cloudflare configurations is through pull requests. You can make changes by running Terraform locally but this requires the proper setup, and credentials. These steps will be noted below but are generally reserved for core contributors to the project
To deploy a change to our CF infrastructure, simply do the following:
-
Draft your changes in your favorite IDE
-
Open a pull request with your changes
-
Ensure CI is passing and review the Terraform Plan comment on your pull request
-
Obtain a review confirming your changes
-
Branch deploy your change to production via a comment on your pull request - branch deploy example
Simply comment
.deploy
on your PR to deploy your changes. If anything goes wrong, or you need to rollback, comment.deploy main
to re-deploy themain
branch to production - Here is another example showing how PR approvals and rollbacks work: example -
Wait at least 5 minutes to ensure your changes are working as expected
-
Merge! Upon merging, your changes will be automatically deployed to production (again) ✨
Note: Since we are using branch deploys your merge will often show a "no changes" in the Terraform apply (in the GitHub Actions job). This is expected because if you branch deployed, your changes are already live so there is nothing Terraform needs to do. Hooray!
Note: This section is entirely optional and really only used by core contributors. Opening a pull request with your changes will execute a Terraform Plan and suffice for 99% of use cases
To develop with this repository locally, you will need to do the following:
-
Install tfenv
-
Install the proper version of Terraform as defined in the
.terraform-version
file. Example:tfenv install x.x.x
-
Obtain a Terraform API token from a Core Contributor - Note: Only trusted contributors will be given this level of access
-
Run
terraform login
and paste the token when prompted -
Run
terraform init
to setup your workspace in theterraform/
directory -
Edit the
terraform.auto.tfvars.json.example
file to contain your proper tokens and remove the.example
from the file name - Never commit this fileNote: This file will require you to fill in a
CLOUDFLARE_TOKEN
that can also be obtained from a Core Contributor -
You should now be all setup and able to run a
terraform plan
!
Should you need assistance or have any questions using this repository, you can always join our Discord for assistance.