From 9eee1183b0f023ba0e37d0de98d56998453623b4 Mon Sep 17 00:00:00 2001
From: Jeremie Fraeys <jfaeys@gmail.com>
Date: Sat, 21 Feb 2026 18:31:30 -0500
Subject: [PATCH] Update Terraform infrastructure configuration

- Update main.tf with current infrastructure definitions
- Adjust resource configurations for production requirements
---
 terraform/main.tf | 76 ++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 58 insertions(+), 18 deletions(-)

diff --git a/terraform/main.tf b/terraform/main.tf
index 34cf7e6..63ef69e 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -184,7 +184,47 @@ resource "cloudflare_record" "services_ssh_aaaa" {
   proxied = false
 }
 
-resource "cloudflare_record" "grafana_a" {
+resource "cloudflare_record" "auth_services_a" {
+  count   = var.enable_cloudflare_dns ? 1 : 0
+  zone_id = var.cloudflare_zone_id
+  name    = "auth"
+  type    = "A"
+  content = sort(tolist(linode_instance.services.ipv4))[0]
+  ttl     = 1
+  proxied = true
+}
+
+resource "cloudflare_record" "auth_services_aaaa" {
+  count   = var.enable_cloudflare_dns ? 1 : 0
+  zone_id = var.cloudflare_zone_id
+  name    = "auth"
+  type    = "AAAA"
+  content = split("/", linode_instance.services.ipv6)[0]
+  ttl     = 1
+  proxied = true
+}
+
+resource "cloudflare_record" "git_services_a" {
+  count   = var.enable_cloudflare_dns ? 1 : 0
+  zone_id = var.cloudflare_zone_id
+  name    = "git"
+  type    = "A"
+  content = sort(tolist(linode_instance.services.ipv4))[0]
+  ttl     = var.cloudflare_ttl
+  proxied = false
+}
+
+resource "cloudflare_record" "git_services_aaaa" {
+  count   = var.enable_cloudflare_dns ? 1 : 0
+  zone_id = var.cloudflare_zone_id
+  name    = "git"
+  type    = "AAAA"
+  content = split("/", linode_instance.services.ipv6)[0]
+  ttl     = var.cloudflare_ttl
+  proxied = false
+}
+
+resource "cloudflare_record" "grafana_services_a" {
   count   = var.enable_cloudflare_dns ? 1 : 0
   zone_id = var.cloudflare_zone_id
   name    = "grafana"
@@ -194,7 +234,7 @@ resource "cloudflare_record" "grafana_a" {
   proxied = true
 }
 
-resource "cloudflare_record" "grafana_aaaa" {
+resource "cloudflare_record" "grafana_services_aaaa" {
   count   = var.enable_cloudflare_dns ? 1 : 0
   zone_id = var.cloudflare_zone_id
   name    = "grafana"
@@ -204,44 +244,44 @@ resource "cloudflare_record" "grafana_aaaa" {
   proxied = true
 }
 
-resource "cloudflare_record" "auth_a" {
+resource "cloudflare_record" "prometheus_services_a" {
   count   = var.enable_cloudflare_dns ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = "auth"
+  name    = "prometheus"
   type    = "A"
   content = sort(tolist(linode_instance.services.ipv4))[0]
   ttl     = 1
-  proxied = false
+  proxied = true
 }
 
-resource "cloudflare_record" "auth_aaaa" {
+resource "cloudflare_record" "prometheus_services_aaaa" {
   count   = var.enable_cloudflare_dns ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = "auth"
+  name    = "prometheus"
   type    = "AAAA"
   content = split("/", linode_instance.services.ipv6)[0]
   ttl     = 1
-  proxied = false
+  proxied = true
 }
 
-resource "cloudflare_record" "git_a" {
+resource "cloudflare_record" "app_services_a" {
   count   = var.enable_cloudflare_dns ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = "git"
+  name    = "app"
   type    = "A"
   content = sort(tolist(linode_instance.services.ipv4))[0]
   ttl     = 1
-  proxied = false
+  proxied = true
 }
 
-resource "cloudflare_record" "git_aaaa" {
+resource "cloudflare_record" "app_services_aaaa" {
   count   = var.enable_cloudflare_dns ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = "git"
+  name    = "app"
   type    = "AAAA"
   content = split("/", linode_instance.services.ipv6)[0]
   ttl     = 1
-  proxied = false
+  proxied = true
 }
 
 resource "cloudflare_record" "mail_a" {
@@ -267,21 +307,21 @@ resource "cloudflare_record" "mail_aaaa" {
 resource "cloudflare_record" "services_wildcard_a" {
   count   = (var.enable_cloudflare_dns && var.enable_services_wildcard) ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = "*.services"
+  name    = "*"
   type    = "A"
   content = sort(tolist(linode_instance.services.ipv4))[0]
   ttl     = 1
-  proxied = false
+  proxied = true
 }
 
 resource "cloudflare_record" "services_wildcard_aaaa" {
   count   = (var.enable_cloudflare_dns && var.enable_services_wildcard) ? 1 : 0
   zone_id = var.cloudflare_zone_id
-  name    = "*.services"
+  name    = "*"
   type    = "AAAA"
   content = split("/", linode_instance.services.ipv6)[0]
   ttl     = 1
-  proxied = false
+  proxied = true
 }
 
 resource "cloudflare_record" "blizzard_cname" {