Add terraform

.github/workflows/deploy.yml

@@ -0,0 +1,64 @@
+name: Deploy
+on:
+  push:
+    branches:
+      - main
+
+env:
+  INFRA_DIR: 'infra'
+  TF_VAR_CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+  TF_VAR_CLOUDFLARE_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+  TF_VAR_CLOUDFLARE_ZONE_ID: ${{ secrets.CLOUDFLARE_ZONE_ID }}
+  AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
+  AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+  AWS_ENDPOINT_URL_S3: ${{ secrets.AWS_ENDPOINT_URL_S3 }}
+
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        id: checkout
+        uses: actions/checkout@v4
+
+      - name: Install dependencies
+        id: install-dependencies
+        run: npm install
+        shell: bash
+
+      - name: Setup Terraform
+        id: setup-terraform
+        uses: hashicorp/setup-terraform@v3
+
+      - name: Terraform Init
+        id: terraform-init
+        run: terraform init
+        shell: bash
+        working-directory: ${{ env.INFRA_DIR }}
+
+      - name: Terraform Format
+        id: terraform-format
+        run: terraform fmt -check
+        shell: bash
+        working-directory: ${{ env.INFRA_DIR }}
+
+      - name: Terraform Plan
+        id: terraform-plan
+        run: terraform plan -input=false
+        shell: bash
+        working-directory: ${{ env.INFRA_DIR }}
+
+      - name: Build worker
+        id: build-worker
+        uses: cloudflare/wrangler-action@v3
+        with:
+          apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }}
+          accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
+          command: deploy --dry-run --minify --outdir dist
+
+      - name: Terraform Apply
+        id: terraform-apply
+        shell: bash
+        working-directory: ${{ env.INFRA_DIR }}
+        run: terraform apply -auto-approve -input=false

biome.json

@@ -0,0 +1,30 @@
+{
+	"$schema": "https://biomejs.dev/schemas/1.9.3/schema.json",
+	"vcs": {
+		"enabled": false,
+		"clientKind": "git",
+		"useIgnoreFile": false
+	},
+	"files": {
+		"ignoreUnknown": false,
+		"ignore": []
+	},
+	"formatter": {
+		"enabled": true,
+		"indentStyle": "tab"
+	},
+	"organizeImports": {
+		"enabled": true
+	},
+	"linter": {
+		"enabled": true,
+		"rules": {
+			"recommended": true
+		}
+	},
+	"javascript": {
+		"formatter": {
+			"quoteStyle": "double"
+		}
+	}
+}

infra/main.tf

@@ -0,0 +1,49 @@
+terraform {
+  backend "s3" {
+    bucket                      = "terraform-ddns-update"
+    key                         = ""
+    region                      = "auto"
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    skip_region_validation      = true
+    skip_requesting_account_id  = true
+    skip_s3_checksum            = true
+    use_path_style              = true
+  }
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = "~>4"
+    }
+  }
+}
+
+provider "cloudflare" {
+  api_token = var.CLOUDFLARE_API_TOKEN
+}
+
+resource "cloudflare_workers_script" "ddns-update-worker" {
+  account_id          = var.CLOUDFLARE_ACCOUNT_ID
+  content             = file("../dist/index.js")
+  name                = "ddns-update"
+  compatibility_date  = "2024-10-04"
+  compatibility_flags = ["nodejs_compat"]
+  module              = true
+
+  secret_text_binding {
+    name = "CLOUDFLARE_API_TOKEN"
+    text = var.CLOUDFLARE_API_TOKEN
+  }
+
+  secret_text_binding {
+    name = "CLOUDFLARE_ZONE_ID"
+    text = var.CLOUDFLARE_ZONE_ID
+  }
+}
+
+resource "cloudflare_workers_domain" "sonaura-worker-domain" {
+  account_id = var.CLOUDFLARE_ACCOUNT_ID
+  hostname   = "domain.barriere.me"
+  service    = cloudflare_workers_script.ddns-update-worker.name
+  zone_id    = var.CLOUDFLARE_ZONE_ID
+}

infra/variables.tf

@@ -0,0 +1,11 @@
+variable "CLOUDFLARE_API_TOKEN" {
+  type = string
+}
+
+variable "CLOUDFLARE_ZONE_ID" {
+  type = string
+}
+
+variable "CLOUDFLARE_ACCOUNT_ID" {
+  type = string
+}