Working terraform setup.

1 files changed, 60 insertions, 0 deletions

diff --git a/acme/main.tf b/acme/main.tf
new file mode 100644
index 0000000..c7b91b2
--- /dev/null
+++ b/acme/main.tf
@@ -0,0 +1,60 @@
+terraform {
+  required_providers {
+    scaleway = {
+      source = "scaleway/scaleway"
+      version = "1.17.2"
+    }
+
+    ansiblevault = {
+      source = "MeilleursAgents/ansiblevault"
+      version = "2.2.0"
+    }
+  }
+}
+
+variable "ansible_vault_pass" {
+  type = string
+}
+
+provider "ansiblevault" {
+  # vault_path  = ".vault-password"
+  vault_pass = var.ansible_vault_pass
+  root_folder = "."
+}
+
+data "ansiblevault_path" "scaleway_access_key" {
+  path = "vault/scaleway.yml"
+  key = "scaleway_access_key"
+}
+data "ansiblevault_path" "scaleway_secret_key" {
+  path = "vault/scaleway.yml"
+  key = "scaleway_secret_key"
+}
+data "ansiblevault_path" "scaleway_organization" {
+  path = "vault/scaleway.yml"
+  key = "scaleway_organization"
+}
+
+provider "scaleway" {
+  region = "fr-par"
+  zone = "fr-par-1"
+  access_key = data.ansiblevault_path.scaleway_access_key.value
+  secret_key = data.ansiblevault_path.scaleway_secret_key.value
+  organization_id = data.ansiblevault_path.scaleway_organization.value
+}
+
+# This can also be generated from input objects, but it might be reused between different modules so some control
+# over if/when it is generated is required.
+resource "google_dns_managed_zone" "acme" {
+  name = "acme"
+  dns_name = "machine.acme.com."
+}
+
+module "acme-apps" {
+  source = "../acme-apps/terraform"
+  providers = {
+      scaleway = scaleway
+  }
+
+  acme_zone = google_dns_managed_zone.acme.name
+}