Fresh RSS

Configuration for my self-hosted Fresh RSS instance in Oracle Cloud.

Built on the image created in freshrss-oci.

Requirements

Name	Version
terraform	~> 1.5
cloudflare	~> 4.0
cloudinit	~> 2.0
dns	~> 3.0
hcp	~> 0.68
null	~> 3.0
oci	~> 5.0
tailscale	~> 0.13
tls	~> 4.0

Providers

Name	Version
cloudflare	~> 4.0
cloudinit	~> 2.0
dns	~> 3.0
hcp	~> 0.68
null	~> 3.0
oci	~> 5.0
tailscale	~> 0.13
terraform	n/a
tls	~> 4.0

Modules

No modules.

Resources

Name	Type
cloudflare_origin_ca_certificate.freshrss	resource
cloudflare_record.services	resource
cloudflare_ruleset.zone_level_waf	resource
null_resource.regenerate_key	resource
oci_core_instance.freshrss	resource
oci_core_network_security_group.freshrss_instance	resource
oci_core_network_security_group.freshrss_lb	resource
oci_core_network_security_group_security_rule.freshrss_instance_egress	resource
oci_core_network_security_group_security_rule.freshrss_instance_ingress	resource
oci_core_network_security_group_security_rule.lb_egress	resource
oci_core_network_security_group_security_rule.lb_ingress	resource
oci_identity_dynamic_group.freshrss	resource
oci_identity_policy.access_backup_bucket	resource
oci_identity_policy.backup_bucket_can_use_key	resource
oci_identity_policy.delete_old_backups	resource
oci_kms_key.backups	resource
oci_load_balancer.freshrss	resource
oci_load_balancer_backend.services	resource
oci_load_balancer_backend_set.services	resource
oci_load_balancer_certificate.freshrss	resource
oci_load_balancer_listener.services	resource
oci_load_balancer_load_balancer_routing_policy.by_host	resource
oci_objectstorage_bucket.backups	resource
oci_objectstorage_object_lifecycle_policy.delete_old_backups	resource
tailscale_tailnet_key.freshrss	resource
tls_cert_request.freshrss	resource
cloudflare_ip_ranges.current	data source
cloudflare_origin_ca_root_certificate.ecc	data source
cloudflare_zone.selected	data source
cloudinit_config.bootstrap	data source
dns_a_record_set.trusted_ips_record	data source
hcp_packer_artifact.freshrss_latest	data source
hcp_vault_secrets_app.freshrss	data source
oci_identity_compartment.terraform	data source
oci_objectstorage_namespace.terraform	data source
terraform_remote_state.oci_core	data source

Inputs

Name	Description	Type	Default	Required
availability_domain	Availability domain where instance will be launched.	string	n/a	yes
domain_name	The CloudFlare managed domain name to work under	string	n/a	yes
instance_ocpus	The number of Oracle CPU's to allocate to the instance	number	1	no
instance_ram	The total amount of RAM (in gigabytes) to allocate to the instance	number	6	no
instance_shape	Instance type to use, default is the always free domain ARM option.	string	"VM.Standard.A1.Flex"	no
lb_bandwidth	Bandwidth in Mbps. Default is the always free option.	number	10	no
oci_fingerprint	The fingerprint of the key used to authenticate with OCI	string	n/a	yes
oci_private_key	The private key to authenticate with OCI	string	n/a	yes
oci_region	The region in which to create resources	string	n/a	yes
oci_tenancy_id	The tenancy id where to resources are to be created	string	n/a	yes
oci_user_id	The ID of user that terraform will use to create the resources	string	n/a	yes
services	The configuration of the different services running on the freshrss instance	map(object({ port = number // The port the service is running on subdomain = string // The subdomain to expose the service on update_nginx_config = optional(bool, false) // If true will replace the servername in the nginx config directory waf_block = optional(bool, false) // If true will prevent access from anything other than trusted IP's }))	n/a	yes
tf_cloud_organisation	The name of the TF cloud organisation	string	n/a	yes
trusted_ips_dns	A domain with A records for IP's that should be permitted to access WAF protected services over the internet	string	n/a	yes

Outputs

No outputs.