Adding Cloudflare resources.

.gitignore

@@ -37,4 +37,6 @@ override.tf.json
 terraform.rc
 
 # Envs
-*.env*
+*.env*
+
+**/.cf-terraforming

cloudflare/.cf-terraforming.yaml

@@ -0,0 +1,2 @@
+email: "charish.patel@trez.wtf"
+key: "3dfcfd53a7af10f027ade7467a087017867e7"

cloudflare/.terraform.lock.hcl

@@ -2,24 +2,18 @@
 # Manual edits may be lost in future updates.
 
 provider "registry.opentofu.org/cloudflare/cloudflare" {
-  version     = "4.52.0"
-  constraints = "~> 4.0"
+  version     = "5.7.1"
+  constraints = "~> 5.0"
   hashes = [
-    "h1:NTaOQfYINA0YTG/V1/9+SYtgX1it63+cBugj4WK4FWc=",
-    "zh:19be1a91c982b902c42aba47766860dfa5dc151eed1e95fd39ca642229381ef0",
-    "zh:1de451c4d1ecf7efbe67b6dace3426ba810711afdd644b0f1b870364c8ae91f8",
-    "zh:352b4a2120173298622e669258744554339d959ac3a95607b117a48ee4a83238",
-    "zh:3c6f1346d9154afbd2d558fabb4b0150fc8d559aa961254144fe1bc17fe6032f",
-    "zh:4c4c92d53fb535b1e0eff26f222bbd627b97d3b4c891ec9c321268676d06152f",
-    "zh:53276f68006c9ceb7cdb10a6ccf91a5c1eadd1407a28edb5741e84e88d7e29e8",
-    "zh:7925a97773948171a63d4f65bb81ee92fd6d07a447e36012977313293a5435c9",
-    "zh:7dfb0a4496cfe032437386d0a2cd9229a1956e9c30bd920923c141b0f0440060",
-    "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
-    "zh:8d4aa79f0a414bb4163d771063c70cd991c8fac6c766e685bac2ee12903c5bd6",
-    "zh:a67540c13565616a7e7e51ee9366e88b0dc60046e1d75c72680e150bd02725bb",
-    "zh:a936383a4767f5393f38f622e92bf2d0c03fe04b69c284951f27345766c7b31b",
-    "zh:d4887d73c466ff036eecf50ad6404ba38fd82ea4855296b1846d244b0f13c380",
-    "zh:e9093c8bd5b6cd99c81666e315197791781b8f93afa14fc2e0f732d1bb2a44b7",
-    "zh:efd3b3f1ec59a37f635aa1d4efcf178734c2fcf8ddb0d56ea690bec342da8672",
+    "h1:24uCJp1H3ZK8CCwszYyR3qtOn5Z5Hn1eCcv2gkH7+4g=",
+    "zh:0bbd2eaa8210b2214dc426a2471b38cee53db9750b4916b34b0926fc9cbe4d7b",
+    "zh:0de3675e2ace7478ab0d354b2b6db4be2ae5a9a5e68b725cdd10e956131ec687",
+    "zh:4787a255919911aac5e1f8d47ed19fa45e5b90439ecf1fffbb17ff8bfb28de79",
+    "zh:4eb1e4300b3cdee3a323457ebcc8df29a735ea6bbabe3cf9cbd3dc3fb5a9172b",
+    "zh:580bbd5a727c9e3f31ae47c872df860c9a08ea998e0ff3dfe37dbac536146166",
+    "zh:6a359212678ffcf88551e2d8d0f8e52418031cf1f8077bb8ddf500171ee90f2b",
+    "zh:bec6890cb11511577c5f8ec8954e26ac51c44a114cb3e0349fea40f87930c029",
+    "zh:dbe3585510283c8e53a2b24cc7a69fab0ee9d71addae0db1be0374bc32fc6355",
+    "zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
   ]
 }

cloudflare/cf-terraforming.yaml

@@ -0,0 +1,4 @@
+email: ""
+key: ""
+# or
+token: ""

cloudflare/cloudflare_argo_tiered_caching.tf

@@ -0,0 +1,5 @@
+resource "cloudflare_argo_tiered_caching" "terraform_managed_resource_tiered_caching_0" {
+  value   = "on"
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+

cloudflare/cloudflare_email_routing_dns.tf

@@ -0,0 +1,25 @@
+resource "cloudflare_email_routing_dns" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_0" {
+  name    = "trez.wtf"
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+
+resource "cloudflare_email_routing_dns" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_1" {
+  name    = "trez.wtf"
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+
+resource "cloudflare_email_routing_dns" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_2" {
+  name    = "trez.wtf"
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+
+resource "cloudflare_email_routing_dns" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_3" {
+  name    = "cf2024-1._domainkey.trez.wtf"
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+
+resource "cloudflare_email_routing_dns" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_4" {
+  name    = "trez.wtf"
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+

cloudflare/cloudflare_email_routing_settings.tf

@@ -0,0 +1,4 @@
+resource "cloudflare_email_routing_settings" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_0" {
+  zone_id = "17dbb71212204583b777783d25eb6738"
+}
+

cloudflare/cloudflare_page_rule.tf

@@ -1,10 +0,0 @@
-resource "cloudflare_page_rule" "terraform_managed_resource_6a06432fcb2856a66f0b90a70f81a9ea" {
-  priority = 1
-  status   = "active"
-  target   = "logs.trez.wtf/"
-  zone_id  = var.cloudflare_zone_id
-  actions {
-    rocket_loader = "off"
-  }
-}
-

cloudflare/cloudflare_tiered_cache.tf

@@ -1,5 +1,5 @@
-resource "cloudflare_tiered_cache" "terraform_managed_resource_17dbb71212204583b777783d25eb6738" {
-  cache_type = "smart"
-  zone_id    = var.cloudflare_zone_id
+resource "cloudflare_tiered_cache" "terraform_managed_resource_tiered_cache_smart_topology_enable_0" {
+  value   = "on"
+  zone_id = "17dbb71212204583b777783d25eb6738"
 }
 

cloudflare/cloudflare_zone.tf

@@ -1,8 +1,10 @@
-resource "cloudflare_zone" "terraform_managed_resource_17dbb71212204583b777783d25eb6738" {
-  account_id = var.cloudflare_account_id
-  paused     = false
-  plan       = "free"
-  type       = "full"
-  zone       = "trez.wtf"
+resource "cloudflare_zone" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_0" {
+  name   = "trez.wtf"
+  paused = false
+  type   = "full"
+  account = {
+    id   = "f5a5c0098ccae27fb0486ffbc2ee6087"
+    name = "Charish.patel@trez.wtf's Account"
+  }
 }
 

cloudflare/cloudflare_zone_dnssec.tf

@@ -0,0 +1,6 @@
+resource "cloudflare_zone_dnssec" "terraform_managed_resource_17dbb71212204583b777783d25eb6738_0" {
+  dnssec_multi_signer = true
+  status              = "active"
+  zone_id             = "17dbb71212204583b777783d25eb6738"
+}
+

cloudflare/cloudflare_zone_settings_ovr.tf

@@ -1,64 +0,0 @@
-resource "cloudflare_zone_settings_override" "terraform_managed_resource_17dbb71212204583b777783d25eb6738" {
-  zone_id = var.cloudflare_zone_id
-  settings {
-    always_online             = "on"
-    always_use_https          = "on"
-    automatic_https_rewrites  = "on"
-    brotli                    = "on"
-    browser_cache_ttl         = 14400
-    browser_check             = "on"
-    cache_level               = "aggressive"
-    challenge_ttl             = 1800
-    cname_flattening          = "flatten_at_root"
-    development_mode          = "off"
-    early_hints               = "on"
-    email_obfuscation         = "on"
-    filter_logs_to_cloudflare = "off"
-    hotlink_protection        = "on"
-    http2                     = "on"
-    http3                     = "on"
-    ip_geolocation            = "on"
-    ipv6                      = "on"
-    log_to_cloudflare         = "on"
-    max_upload                = 100
-    min_tls_version           = "1.0"
-    minify {
-      css  = "off"
-      html = "off"
-      js   = "off"
-    }
-    mirage                      = "off"
-    opportunistic_encryption    = "on"
-    opportunistic_onion         = "on"
-    orange_to_orange            = "off"
-    origin_error_page_pass_thru = "off"
-    polish                      = "off"
-    prefetch_preload            = "off"
-    privacy_pass                = "on"
-    proxy_read_timeout          = "100"
-    pseudo_ipv4                 = "off"
-    replace_insecure_js         = "on"
-    response_buffering          = "off"
-    rocket_loader               = "on"
-    security_header {
-      enabled            = false
-      include_subdomains = false
-      max_age            = 0
-      nosniff            = false
-      preload            = false
-    }
-    security_level              = "medium"
-    server_side_exclude         = "off"
-    sort_query_string_for_cache = "off"
-    ssl                         = "full"
-    tls_1_3                     = "on"
-    tls_client_auth             = "off"
-    true_client_ip_header       = "off"
-    visitor_ip                  = "on"
-    waf                         = "off"
-    webp                        = "off"
-    websockets                  = "on"
-    zero_rtt                    = "off"
-  }
-}
-

cloudflare/generate_cf_resources.sh

@@ -1,73 +1,181 @@
 #!/bin/bash
 
-# Script to generate Terraform resources using cf-terraforming for OpenTofu
+cf_generate () {
+  resources=(
+    cloudflare_account
+    cloudflare_account_member
+    cloudflare_account_subscription
+    cloudflare_address_map
+    cloudflare_api_shield_discovery_operation
+    cloudflare_api_shield_operation
+    cloudflare_api_shield_operation_schema_validation_settings
+    cloudflare_api_shield_schema
+    cloudflare_api_shield_schema_validation_settings
+    cloudflare_argo_smart_routing
+    cloudflare_argo_tiered_caching
+    cloudflare_authenticated_origin_pulls
+    cloudflare_authenticated_origin_pulls_certificate
+    cloudflare_bot_management
+    cloudflare_calls_sfu_app
+    cloudflare_calls_turn_app
+    cloudflare_certificate_pack
+    cloudflare_content_scanning_expression
+    cloudflare_custom_hostname
+    cloudflare_custom_hostname_fallback_origin
+    cloudflare_d1_database
+    cloudflare_dns_firewall
+    cloudflare_dns_record
+    cloudflare_dns_zone_transfers_acl
+    cloudflare_dns_zone_transfers_incoming
+    cloudflare_dns_zone_transfers_outgoing
+    cloudflare_dns_zone_transfers_peer
+    cloudflare_dns_zone_transfers_tsig
+    cloudflare_email_routing_address
+    cloudflare_email_routing_catch_all
+    cloudflare_email_routing_dns
+    cloudflare_email_routing_rule
+    cloudflare_email_routing_settings
+    cloudflare_email_security_block_sender
+    cloudflare_email_security_impersonation_registry
+    cloudflare_email_security_trusted_domains
+    cloudflare_filter
+    cloudflare_healthcheck
+    cloudflare_hostname_tls_setting
+    cloudflare_keyless_certificate
+    cloudflare_leaked_credential_check
+    cloudflare_leaked_credential_check_rule
+    cloudflare_list
+    cloudflare_list_item
+    cloudflare_load_balancer
+    cloudflare_load_balancer_monitor
+    cloudflare_load_balancer_pool
+    cloudflare_logpull_retention
+    cloudflare_logpush_job
+    cloudflare_magic_wan_static_route
+    cloudflare_managed_transforms
+    cloudflare_mtls_certificate
+    cloudflare_notification_policy
+    cloudflare_notification_policy_webhooks
+    cloudflare_observatory_scheduled_test
+    cloudflare_origin_ca_certificate
+    cloudflare_page_rule
+    cloudflare_page_shield_policy
+    cloudflare_pages_domain
+    cloudflare_pages_project
+    cloudflare_queue
+    cloudflare_queue_consumer
+    cloudflare_r2_bucket
+    cloudflare_r2_custom_domain
+    cloudflare_r2_managed_domain
+    cloudflare_rate_limit
+    cloudflare_regional_hostname
+    cloudflare_regional_tiered_cache
+    cloudflare_registrar_domain
+    cloudflare_ruleset
+    cloudflare_snippet_rules
+    cloudflare_snippets
+    cloudflare_spectrum_application
+    cloudflare_stream
+    cloudflare_stream_key
+    cloudflare_stream_live_input
+    cloudflare_stream_watermark
+    cloudflare_stream_webhook
+    cloudflare_tiered_cache
+    cloudflare_total_tls
+    cloudflare_turnstile_widget
+    cloudflare_url_normalization_settings
+    cloudflare_user
+    cloudflare_waiting_room
+    cloudflare_waiting_room_event
+    cloudflare_waiting_room_rules
+    cloudflare_waiting_room_settings
+    cloudflare_web3_hostname
+    cloudflare_web_analytics_rule
+    cloudflare_web_analytics_site
+    cloudflare_workers_cron_trigger
+    cloudflare_workers_custom_domain
+    cloudflare_workers_deployment
+    cloudflare_workers_for_platforms_dispatch_namespace
+    cloudflare_workers_kv_namespace
+    cloudflare_workers_script_subdomain
+    cloudflare_zero_trust_access_application
+    cloudflare_zero_trust_access_custom_page
+    cloudflare_zero_trust_access_group
+    cloudflare_zero_trust_access_identity_provider
+    cloudflare_zero_trust_access_infrastructure_target
+    cloudflare_zero_trust_access_key_configuration
+    cloudflare_zero_trust_access_mtls_certificate
+    cloudflare_zero_trust_access_mtls_hostname_settings
+    cloudflare_zero_trust_access_policy
+    cloudflare_zero_trust_access_service_token
+    cloudflare_zero_trust_access_short_lived_certificate
+    cloudflare_zero_trust_access_tag
+    cloudflare_zero_trust_device_custom_profile
+    cloudflare_zero_trust_device_default_profile
+    cloudflare_zero_trust_device_default_profile_certificates
+    cloudflare_zero_trust_device_default_profile_local_domain_fallback
+    cloudflare_zero_trust_device_managed_networks
+    cloudflare_zero_trust_device_posture_integration
+    cloudflare_zero_trust_device_posture_rule
+    cloudflare_zero_trust_dex_test
+    cloudflare_zero_trust_dlp_custom_profile
+    cloudflare_zero_trust_dlp_dataset
+    cloudflare_zero_trust_dlp_predefined_profile
+    cloudflare_zero_trust_dns_location
+    cloudflare_zero_trust_gateway_certificate
+    cloudflare_zero_trust_gateway_policy
+    cloudflare_zero_trust_gateway_proxy_endpoint
+    cloudflare_zero_trust_gateway_settings
+    cloudflare_zero_trust_list
+    cloudflare_zero_trust_organization
+    cloudflare_zero_trust_risk_behavior
+    cloudflare_zero_trust_risk_scoring_integration
+    cloudflare_zero_trust_tunnel_cloudflared
+    cloudflare_zero_trust_tunnel_cloudflared_config
+    cloudflare_zero_trust_tunnel_cloudflared_route
+    cloudflare_zero_trust_tunnel_cloudflared_virtual_network
+    cloudflare_zone
+    cloudflare_zone_cache_reserve
+    cloudflare_zone_cache_variants
+    cloudflare_zone_dnssec
+    cloudflare_zone_lockdown
+    cloudflare_zone_setting
+  )
 
-resources=(
-  cloudflare_access_application
-  cloudflare_access_group
-  cloudflare_access_identity_provider
-  cloudflare_access_mutual_tls_certificate
-  cloudflare_access_policy
-  cloudflare_access_rule
-  cloudflare_access_service_token
-  cloudflare_account_member
-  cloudflare_api_shield
-  cloudflare_api_token
-  cloudflare_argo
-  cloudflare_authenticated_origin_pulls
-  cloudflare_authenticated_origin_pulls_certificate
-  cloudflare_bot_management
-  cloudflare_byo_ip_prefix
-  cloudflare_certificate_pack
-  cloudflare_custom_hostname
-  cloudflare_custom_hostname_fallback_origin
-  cloudflare_custom_pages
-  cloudflare_custom_ssl
-  cloudflare_filter
-  cloudflare_firewall_rule
-  cloudflare_healthcheck
-  cloudflare_ip_list
-  cloudflare_list
-  cloudflare_load_balancer
-  cloudflare_load_balancer_monitor
-  cloudflare_load_balancer_pool
-  cloudflare_logpull_retention
-  cloudflare_logpush_job
-  cloudflare_logpush_ownership_challenge
-  cloudflare_magic_firewall_ruleset
-  cloudflare_origin_ca_certificate
-  cloudflare_page_rule
-  cloudflare_rate_limit
-  cloudflare_record
-  cloudflare_ruleset
-  cloudflare_spectrum_application
-  cloudflare_tiered_cache
-  cloudflare_teams_list
-  cloudflare_teams_location
-  cloudflare_teams_proxy_endpoint
-  cloudflare_teams_rule
-  cloudflare_tunnel
-  cloudflare_turnstile_widget
-  cloudflare_url_normalization_settings
-  cloudflare_waf_group
-  cloudflare_waf_override
-  cloudflare_waf_package
-  cloudflare_waf_rule
-  cloudflare_waiting_room
-  cloudflare_worker_cron_trigger
-  cloudflare_worker_route
-  cloudflare_worker_script
-  cloudflare_workers_kv
-  cloudflare_workers_kv_namespace
-  cloudflare_zone
-  cloudflare_zone_dnssec
-  cloudflare_zone_lockdown
-  cloudflare_zone_settings_override
-)
+  for resource in "${resources[@]}"; do
+    echo "Generating ${resource}.tf..."
+    cf-terraforming generate --config .cf-terraforming.yaml --resource-type ${resource} > ${resource}.tf
+  done
 
-for resource in "${resources[@]}"; do
-  echo "Generating ${resource}.tf..."
-  cf-terraforming generate --provider-registry-hostname registry.opentofu.org --resource-type $resource > "${resource}.tf_v5"
-done
+  echo "🧹 Cleaning up empty files..."
+  find . -size  0 -name "*.tf" | xargs rm
+  echo "✅ All Terraform files generated!"
+}
 
-echo "✅ All Terraform files generated!"
+cf_import () {
+  for cfresource in $(find . -type f -name "cloudflare_*.tf"); do
+    echo "Importing ${cfresource}..."
+    cf-terraforming import --modern-import-block --config .cf-terraforming.yaml --resource-type ${cfresource}
+  done
+
+  echo "✅ All Cloudflare resources import."
+}
+
+# Prompt user for input
+echo "Choose an option:"
+echo "1) Generate Cloudflare Terraform resources"
+echo "2) Import Cloudflare Terraform resources"
+read -rp "Enter 1 or 2: " user_choice
+
+case "$user_choice" in
+  1)
+    cf_generate
+    ;;
+  2)
+    cf_import
+    ;;
+  *)
+    echo "Invalid option. Please enter 1 or 2."
+    exit 1
+    ;;
+esac

cloudflare/main.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     cloudflare = {
       source  = "cloudflare/cloudflare"
-      version = "~> 4"
+      version = "~> 5"
     }
   }
 

cloudflare/variables.tf

@@ -1,7 +1,7 @@
-variable "cloudflare_zone_id" {
-  description = "The Cloudflare UUID for the Zone to use."
-  type        = string
-}
+# variable "cloudflare_zone_id" {
+#   description = "The Cloudflare UUID for the Zone to use."
+#   type        = string
+# }
 
 variable "cloudflare_account_id" {
   description = "The Cloudflare UUID for the Account the Zone lives in."
@@ -18,7 +18,7 @@ variable "cloudflare_token" {
   type        = string
 }
 
-variable "zone" {
-  description = "The Cloudflare user's API token."
-  type        = string
-}
+# variable "zone" {
+#   description = "The Cloudflare user's API token."
+#   type        = string
+# }