Terraform config template for Cloudflare DNS, with Terraform Cloud integration via GitHub Actions.
https://blog.clayshekleton.com/Cloudflare-DNS-TF-Cloud-GitHub-Actions/
- A Cloudflare hosted DNS zone (free plan is fine)
- Terraform Cloud Organization account (free plan is fine)
- In your Terraform Cloud organization, create new Workspace, of type API-driven workflow
- Fork this repo (suggest a private repo). This uses the Cloudflare Terraform provider
- Edit cloud.tf, add values for your TF Cloud Organization and Workspace name
- Edit zone-records.auto.tfvars, add values for your Cloudflare zone id, domain suffix, and values for DNS records.
- In Terraform Cloud, create a new Token for GitHub Actions to use
- Add a new Actions Secret to your GitHub repo, named TF_API_TOKEN, for the token created in prior step
- In Cloudflare, create an API token, using "Edit zone DNS" token template, to enable updating the zone in scope
- Add a new Actions Secret to your GitHub repo, named CLOUDFLARE_API_TOKEN for the token created in prior step
- If all is setup correctly, updates to your repo's main branch should start an Action initiated run in Terraform Cloud, and update the Cloudflare DNS zone
- https://learn.hashicorp.com/tutorials/terraform/github-actions
- https://learn.hashicorp.com/collections/terraform/cloud-get-started
- https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs
- https://blog.cloudflare.com/getting-started-with-terraform-and-cloudflare-part-1/
- https://brendanthompson.com/posts/2021/09/triggering-terraform-cloud-runs-from-github