vaultsovereign/vm-cloudflare
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity
Files
f0b8d962de8f3d8a98b33d43419fa3bcb53eee58
vm-cloudflare/terraform/zones.tf
Vault Sovereign 37a867c485 Initial commit: Cloudflare infrastructure with WAF Intelligence 
- Complete Cloudflare Terraform configuration (DNS, WAF, tunnels, access)
- WAF Intelligence MCP server with threat analysis and ML classification
- GitOps automation with PR workflows and drift detection
- Observatory monitoring stack with Prometheus/Grafana
- IDE operator rules for governed development
- Security playbooks and compliance frameworks
- Autonomous remediation and state reconciliation
2025-12-16 18:31:53 +00:00

49 lines
1.0 KiB
HCL
Raw Blame History

# Zone resources for each domain
resource "cloudflare_zone" "domains" {
for_each = var.domains
account_id = local.account_id
zone = each.key
plan = each.value.plan
jump_start = each.value.jump_start
}
# Enable DNSSEC on all zones
resource "cloudflare_zone_dnssec" "domains" {
for_each = cloudflare_zone.domains
zone_id = each.value.id
}
# Zone settings - TLS, security, etc.
resource "cloudflare_zone_settings_override" "domains" {
for_each = cloudflare_zone.domains
zone_id = each.value.id
settings {
# TLS Settings
ssl = "strict"
min_tls_version = "1.2"
tls_1_3 = "on"
automatic_https_rewrites = "on"
always_use_https = "on"
# Security
security_level = "medium"
browser_check = "on"
# Performance
minify {
css = "on"
js = "on"
html = "on"
}
brotli = "on"
# Caching
browser_cache_ttl = 14400
# Privacy
email_obfuscation = "on"
server_side_exclude = "on"
}
}
Reference in New Issue View Git Blame Copy Permalink