From 3c8a2e02dd785a725dfa72f9b8d4babba29be665 Mon Sep 17 00:00:00 2001
From: zimbatm <zimbatm@zimbatm.com>
Date: Wed, 25 Jan 2023 09:50:16 +0100
Subject: [PATCH 1/3] terraform: remove deprecated cloudflare account_id
 argument

---
 terraform/cloudflare.tf | 1 +
 terraform/main.tf       | 4 +---
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/terraform/cloudflare.tf b/terraform/cloudflare.tf
index f503f0a..02770c9 100644
--- a/terraform/cloudflare.tf
+++ b/terraform/cloudflare.tf
@@ -13,6 +13,7 @@ data "cloudflare_account_roles" "account_roles" {
 
 resource "cloudflare_account_member" "member" {
   for_each      = local.cf_admins
+  account_id    = local.cf_account_id
   email_address = each.value
   role_ids = [
     local.cf_roles_by_name["Administrator"].id
diff --git a/terraform/main.tf b/terraform/main.tf
index f594a61..6bdbfc7 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -17,9 +17,7 @@ terraform {
   }
 }
 
-provider "cloudflare" {
-  account_id = "e4a2db52c495db230973c839a0699ae1"
-}
+provider "cloudflare" {}
 
 provider "hydra" {
   host     = "https://hydra.nix-community.org"

From 641702a577810468f7e7bb573195800ec7dcf1b8 Mon Sep 17 00:00:00 2001
From: zimbatm <zimbatm@zimbatm.com>
Date: Wed, 25 Jan 2023 09:54:29 +0100
Subject: [PATCH 2/3] terraform: clean nix-community.org code

* Move locals to the top of the file
* Use same prefix for all the locals
---
 terraform/cloudflare_nix-community_org.tf | 58 +++++++++++------------
 1 file changed, 28 insertions(+), 30 deletions(-)

diff --git a/terraform/cloudflare_nix-community_org.tf b/terraform/cloudflare_nix-community_org.tf
index a6e86ff..bc9e0c7 100644
--- a/terraform/cloudflare_nix-community_org.tf
+++ b/terraform/cloudflare_nix-community_org.tf
@@ -1,72 +1,77 @@
 locals {
-  nix_community_org_zone_id = "8965c5ff4e19a3ca46b5df6965f2bc36"
+  nix_community_zone_id = "8965c5ff4e19a3ca46b5df6965f2bc36"
+
+  # For each github page, create a CNAME alias to nix-community.github.io
+  nix_community_github_pages = [
+    "nur"
+  ]
 }
 
 resource "cloudflare_record" "nix-community-org-build01-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build01"
   value   = "94.130.143.84"
   type    = "A"
 }
 
 resource "cloudflare_record" "nix-community-org-build01-AAAA" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build01"
   value   = "2a01:4f8:13b:2ceb::1"
   type    = "AAAA"
 }
 
 resource "cloudflare_record" "nix-community-org-build02-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build02"
   value   = "95.217.109.189"
   type    = "A"
 }
 
 resource "cloudflare_record" "nix-community-org-build02-AAAA" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build02"
   value   = "2a01:4f9:4a:2b02::1"
   type    = "AAAA"
 }
 
 resource "cloudflare_record" "nix-community-org-build03-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build03"
   value   = "135.181.218.169"
   type    = "A"
 }
 
 resource "cloudflare_record" "nix-community-org-build03-AAAA" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build03"
   value   = "2a01:4f9:3a:3b16::1"
   type    = "AAAA"
 }
 
 resource "cloudflare_record" "nix-community-org-build04-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build04"
   value   = "141.148.235.248"
   type    = "A"
 }
 
 resource "cloudflare_record" "nix-community-org-build04-AAAA" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "build04"
   value   = "2603:c022:c001:b500:66b1:bcc4:3fde:5265"
   type    = "AAAA"
 }
 
 resource "cloudflare_record" "nix-community-org-darwin01-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "darwin01"
   value   = "167.235.14.165"
   type    = "A"
 }
 
 resource "cloudflare_record" "nix-community-org-darwin01-AAAA" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "darwin01"
   value   = "2a01:4f8:262:1d98::1"
   type    = "AAAA"
@@ -74,35 +79,35 @@ resource "cloudflare_record" "nix-community-org-darwin01-AAAA" {
 
 # Used by nix-community/nixpkgs-docker
 resource "cloudflare_record" "nix-community-org-docker-CNAME" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "docker"
   value   = "zimbatm.docker.scarf.sh"
   type    = "CNAME"
 }
 
 resource "cloudflare_record" "nix-community-org-hydra-CNAME" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "hydra"
   value   = "build03.nix-community.org"
   type    = "CNAME"
 }
 
 resource "cloudflare_record" "nix-community-org-nur-update-CNAME" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "nur-update"
   value   = "build03.nix-community.org"
   type    = "CNAME"
 }
 
 resource "cloudflare_record" "nix-community-org-search-CNAME" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "search"
   value   = "build03.nix-community.org"
   type    = "CNAME"
 }
 
 resource "cloudflare_record" "nix-community-org-apex-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "@"
   value   = "nix-community.github.io"
   type    = "CNAME"
@@ -111,21 +116,21 @@ resource "cloudflare_record" "nix-community-org-apex-A" {
 
 # Any email coming from that domain are SPAM
 resource "cloudflare_record" "nix-community-org-apex-TXT" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "@"
   value   = "v=spf1 -all"
   type    = "TXT"
 }
 
 resource "cloudflare_record" "nix-community-org-github-challenge-TXT" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "_github-challenge-nix-community-org"
   value   = "2eee7c1945"
   type    = "TXT"
 }
 
 resource "cloudflare_record" "nix-community-org-github-pages-challenge-TXT" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "_github-pages-challenge-nix-community.nix-community.org."
   value   = "6d236784300b9b1e80fdc496b7bfce"
   type    = "TXT"
@@ -133,29 +138,22 @@ resource "cloudflare_record" "nix-community-org-github-pages-challenge-TXT" {
 
 # ehmry's mumble server at vps-free
 resource "cloudflare_record" "mumble-A" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "mumble"
   value   = "37.205.14.171"
   type    = "A"
 }
 resource "cloudflare_record" "mumble-AAAA" {
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = "mumble"
   value   = "2a03:3b40:fe:ab::1"
   type    = "AAAA"
 }
 
-# For each github page, create a CNAME alias to nix-community.github.io
-locals {
-  github_pages = [
-    "nur"
-  ]
-}
-
 resource "cloudflare_record" "nix-community-org-github-pages" {
-  for_each = { for page in local.github_pages : page => page }
+  for_each = { for page in local.nix_community_github_pages : page => page }
 
-  zone_id = local.nix_community_org_zone_id
+  zone_id = local.nix_community_zone_id
   name    = each.value
   value   = "nix-community.github.io"
   type    = "CNAME"

From c667deea19f4dca996f7a284a5e5c818935c0a3f Mon Sep 17 00:00:00 2001
From: zimbatm <zimbatm@zimbatm.com>
Date: Wed, 25 Jan 2023 09:58:13 +0100
Subject: [PATCH 3/3] terraform: remove main

A good main.tf acts as an entrypoint to a module and is typically used
when the module is smaller. For larger module it's best to split things
up and try to map the resources with the filename to make them easier to
find.
---
 terraform/terraform_backend.tf                | 6 ++++++
 terraform/{main.tf => terraform_providers.tf} | 5 -----
 2 files changed, 6 insertions(+), 5 deletions(-)
 create mode 100644 terraform/terraform_backend.tf
 rename terraform/{main.tf => terraform_providers.tf} (76%)

diff --git a/terraform/terraform_backend.tf b/terraform/terraform_backend.tf
new file mode 100644
index 0000000..4f676cf
--- /dev/null
+++ b/terraform/terraform_backend.tf
@@ -0,0 +1,6 @@
+terraform {
+  backend "remote" {
+    organization = "nix-community"
+    workspaces { name = "nix-community" }
+  }
+}
diff --git a/terraform/main.tf b/terraform/terraform_providers.tf
similarity index 76%
rename from terraform/main.tf
rename to terraform/terraform_providers.tf
index 6bdbfc7..5e6464d 100644
--- a/terraform/main.tf
+++ b/terraform/terraform_providers.tf
@@ -1,9 +1,4 @@
 terraform {
-  backend "remote" {
-    organization = "nix-community"
-    workspaces { name = "nix-community" }
-  }
-
   required_providers {
     cloudflare = {
       source = "cloudflare/cloudflare"