-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathcf_zone.tf
38 lines (35 loc) · 1.28 KB
/
cf_zone.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
data "cloudflare_zone" "domain_1" {
name = var.cf_domain_1
}
# Par defaut j'ai activé toutes les sécurités possibles avec un compte gratuit
# Doc https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/zone_settings_override
resource "cloudflare_zone_settings_override" "domain_1" {
zone_id = data.cloudflare_zone.domain_1.id
settings {
always_online = "on"
always_use_https = "on"
min_tls_version = "1.2"
tls_1_3 = "on"
#http2 = "on" #value is read-only
http3 = "on"
ip_geolocation = "on"
brotli = "on"
challenge_ttl = 1800
security_level = "high"
ssl = "strict"
opportunistic_encryption = "on"
automatic_https_rewrites = "on"
rocket_loader = "on"
pseudo_ipv4 = "add_header"
#mirage = "on" #value is read-only
#waf = "on" #free account cannot edit
minify {
css = "on"
js = "on"
html = "on"
}
security_header {
enabled = true
}
}
}