Cleaning up terraform/

author: Trygve Laugstøl <trygvis@inamo.no> 2022-12-04 19:53:32 +0100
committer: Trygve Laugstøl <trygvis@inamo.no> 2022-12-04 19:53:32 +0100
commit: 6207a285d717fc48ea73e0956ab10729eebb3329 (patch)
tree: adf0aba472bb5146ee2e26f375a7a8feb6674d9e
parent: bb672e7cbf2ca71f33e4b2a647ad42c15a2965fe (diff)
download: infra-6207a285d717fc48ea73e0956ab10729eebb3329.tar.gz
infra-6207a285d717fc48ea73e0956ab10729eebb3329.tar.bz2
infra-6207a285d717fc48ea73e0956ab10729eebb3329.tar.xz
infra-6207a285d717fc48ea73e0956ab10729eebb3329.zip
14 files changed, 25 insertions, 328 deletions
diff --git a/.gitignore b/.gitignore
index 8372094..6681aa4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@ secrets/
 .terraform
 .vault
 bin/.mc
+bin/.tmp
 
 terraform-*/*state*
 terraform/*state*
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
index d03222a..1ef5e9b 100644
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@@ -44,6 +44,17 @@ provider "registry.terraform.io/linode/linode" {
   constraints = "~> 1.13"
   hashes = [
     "h1:weOXi7yntDmI5pjXbHWq3DBeInQmdKxGp1iJ0bjiAPw=",
+    "zh:0c4dacdf474e8dd1ca70221fdaf5fdaf5ca21499525d9007decb97e8dd5d5da3",
+    "zh:2ca34b10add3079759d34e818c600aab39232628edd406d399aed23d832d12d2",
+    "zh:41d07bf91b215c83ee291f6d120c8919f93f0d615a255371e7a2f1a0a6ff424d",
+    "zh:456fc93f74d7702e6b7d419b8430be5c916e0902d6d60b70bf7dd2fd2fb8babd",
+    "zh:4fdafb17a7233a982c0ae870594f7f2128b04a6f84f1de7991e02850debcade1",
+    "zh:68baac854c0230cce7a258a3ca1e8f43a751d2b144c50f063e8429a4ab1e0058",
+    "zh:818ffa763bc438008734b14dbff42b15c4158c785fc7b055cbe429187023ef34",
+    "zh:9e32aaf06564301585d3333b4ad7b954480cb660c19b462095aae92a30e5576b",
+    "zh:aacce1a6ae837a9fe8b7eb33128c2d1f049ff89d940fc42e5d8094c247dbabdc",
+    "zh:b20f9de54ac1a1e36a18b0e9c6bfd14d318cd8b26638e0367cba908a98d92444",
+    "zh:d08e2b81a5a0a1237cb6bda4f9652ae0f66b33ebbdb2b640c31027be524c9cea",
   ]
 }
 
diff --git a/terraform/Makefile b/terraform/Makefile
deleted file mode 100644
index bd6278c..0000000
--- a/terraform/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
-terraform_version=0.13.5
-terraform_url=https://releases.hashicorp.com/terraform/$(terraform_version)/terraform_$(terraform_version)_linux_amd64.zip
-terraform_unzip=.terraform/unzip/$(terraform_version)/
-terraform_zip=.terraform/zip/terraform_$(terraform_version)_linux_amd64.zip
-terraform_bin=.terraform/bin/terraform
-
-all: $(terraform_bin) setup
-
-$(terraform_bin): $(terraform_zip)
-	rm -rf $(dir $(terraform_unzip))
-	mkdir -p $(terraform_unzip)
-	mkdir -p $(dir $(terraform_bin))
-	unzip $(terraform_zip) -d $(terraform_unzip)
-	ln -sf $(PWD)/$(terraform_unzip)/terraform $(terraform_bin)
-	touch $(PWD)/$(terraform_unzip)/terraform
-
-$(terraform_zip):
-	mkdir -p $(dir $@)
-	curl -L -o "$@" $(terraform_url)
diff --git a/terraform/arius-kvm/main.tf b/terraform/arius-kvm/main.tf
deleted file mode 100644
index afe402f..0000000
--- a/terraform/arius-kvm/main.tf
+++ /dev/null
@@ -1,21 +0,0 @@
-terraform {
-  required_providers {
-    libvirt = {
-      source  = "dmacvicar/libvirt"
-      version = "0.6.10"
-    }
-  }
-}
-
-provider "libvirt" {
-  # https://github.com/dmacvicar/terraform-provider-libvirt/issues/864
-  #    uri = "qemu+ssh://arius.vpn.trygvis.io/system"
-
-  # rm libvirt-arius.sock; ssh -nNT -L "$(pwd)/libvirt-arius.sock:/var/run/libvirt/libvirt-sock" arius.vpn.trygvis.io
-  uri = "qemu+unix:///session?socket=${path.root}/libvirt-arius.sock"
-}
-
-resource "libvirt_volume" "debian-10" {
-  name   = "debian-10-openstack-amd64.qcow2"
-  source = "https://cloud.debian.org/cdimage/openstack/current-10/debian-10-openstack-amd64.qcow2"
-}
diff --git a/terraform/arius-kvm/test1.tf b/terraform/arius-kvm/test1.tf
deleted file mode 100644
index d2d6702..0000000
--- a/terraform/arius-kvm/test1.tf
+++ /dev/null
@@ -1,100 +0,0 @@
-resource "libvirt_network" "terraform" {
-  name      = "terraform"
-  mode      = "nat"
-  addresses = ["10.17.3.0/24"]
-}
-
-resource "libvirt_domain" "test1" {
-  name = "test1"
-
-  #  memory = "1024"
-  #  vcpu   = 1
-
-  cloudinit = libvirt_cloudinit_disk.commoninit.id
-
-  network_interface {
-    network_name = "default"
-  }
-
-  network_interface {
-    hostname = "wat"
-    network_id = libvirt_network.terraform.id
-    addresses  = ["10.17.3.10"]
-  }
-
-  console {
-    type        = "pty"
-    target_port = "0"
-    target_type = "serial"
-  }
-
-  console {
-    type        = "pty"
-    target_type = "virtio"
-    target_port = "1"
-  }
-
-  disk {
-    volume_id = libvirt_volume.test1-root.id
-    scsi      = "true"
-  }
-
-  graphics {
-    type        = "spice"
-    listen_type = "address"
-    autoport    = true
-  }
-
-#  xml {
-#    xslt = <<-EOF
-#      <?xml version="1.0" ?>
-#      <xsl:stylesheet version="1.0"
-#                      xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-#        <xsl:output omit-xml-declaration="yes" indent="yes"/>
-#        <xsl:template match="node()|@*">
-#           <xsl:copy>
-#             <xsl:apply-templates select="node()|@*"/>
-#           </xsl:copy>
-#        </xsl:template>
-#
-#        <xsl:template match="/domain/devices/interface[@type='network']/model/@type">
-#          <xsl:attribute name="target">
-#            <xsl:value-of select="'lan0'"/>
-#          </xsl:attribute>
-#        </xsl:template>
-#
-#      </xsl:stylesheet>
-#    EOF
-#  }
-}
-
-resource "libvirt_volume" "test1-root" {
-  name           = "test1-root.qcow2"
-  base_volume_id = libvirt_volume.debian-10.id
-}
-
-resource "libvirt_cloudinit_disk" "commoninit" {
-  name           = "commoninit.iso"
-  user_data      = data.template_file.user_data.rendered
-  network_config = data.template_file.network_config.rendered
-  #  pool           = libvirt_pool.ubuntu.name
-}
-
-data "template_file" "user_data" {
-  template = <<-EOF
-    #cloud-config
-    # vim: syntax=yaml
-    # ---> https://cloudinit.readthedocs.io/en/latest/topics/examples.html
-    ssh_authorized_keys:
-      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3UZyrbXX7WMHqcZCRspkoSIfB6egrbOxXPf1zyZkAw trygvis@arius-v4
-    EOF
-}
-
-data "template_file" "network_config" {
-  template = <<-EOF
-    version: 2
-    ethernets:
-      ens3:
-        dhcp4: true
-    EOF
-}
diff --git a/terraform/dns/main.tf b/terraform/dns/main.tf
index e476f03..5ebe7d7 100644
--- a/terraform/dns/main.tf
+++ b/terraform/dns/main.tf
@@ -1,7 +1,19 @@
 terraform {
+  required_version = "~> 1.3.6"
+
+  backend "s3" {
+    bucket                      = "terraform-a6726272-73ff-11ed-8bdd-c79eb8376e05"
+    key                         = "dns/terraform.tfstate"
+    region                      = "eu-central-1"
+    skip_region_validation      = true
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    endpoint                    = "eu-central-1.linodeobjects.com"
+  }
+
   required_providers {
     linode = {
-      version = "~> 1.13"
+      version = "1.29.4"
       source = "linode/linode"
     }
   }
diff --git a/terraform/main.tf b/terraform/main.tf
deleted file mode 100644
index 5319a6c..0000000
--- a/terraform/main.tf
+++ /dev/null
@@ -1,79 +0,0 @@
-terraform {
-  required_version = ">= 0.13"
-
-  backend "s3" {
-    key      = "trygvis-infra"
-    region   = "us-east-1"
-    bucket   = "terraform"
-    endpoint = "https://minio.trygvis.io"
-
-    skip_credentials_validation = true
-    skip_metadata_api_check     = true
-    skip_region_validation      = true
-    force_path_style            = true
-  }
-
-  required_providers {
-    linode = {
-      version = "~> 1.13"
-      source  = "linode/linode"
-    }
-
-    ansiblevault = {
-      version = "~> 2.2"
-      source  = "MeilleursAgents/ansiblevault"
-    }
-
-    minio = {
-      source  = "tidalf/minio"
-      version = "1.1.1"
-    }
-  }
-}
-
-provider "ansiblevault" {
-  root_folder = "../ansible"
-}
-
-#################################################
-# Minio
-
-data "ansiblevault_path" "minio_access_key" {
-  path = "minio/group_vars/all/vault.yml"
-  key  = "MINIO_ROOT_USER"
-}
-
-data "ansiblevault_path" "minio_secret_key" {
-  path = "minio/group_vars/all/vault.yml"
-  key  = "MINIO_ROOT_PASSWORD"
-}
-
-provider "minio" {
-  minio_server     = "minio.trygvis.io:443"
-  minio_ssl        = "true"
-  minio_access_key = data.ansiblevault_path.minio_access_key.value
-  minio_secret_key = data.ansiblevault_path.minio_secret_key.value
-}
-
-#################################################
-# Modules
-
-module "dns" {
-  source = "./dns"
-}
-
-module "pg-backup-knot" {
-  source = "./modules/minio-pg-backup"
-  id     = "knot"
-}
-
-output "pg_backup_knot" {
-  value = {
-    sender : module.pg-backup-knot.sender,
-    bucket : module.pg-backup-knot.bucket,
-  }
-}
-
-module "arius-kvm" {
-  source = "./arius-kvm"
-}
diff --git a/terraform/minio/.settings.sh b/terraform/minio/.settings.sh
deleted file mode 100644
index 1e4fba4..0000000
--- a/terraform/minio/.settings.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-alias terraform="$(pwd)/.terraform/bin/terraform"
diff --git a/terraform/minio/.terraform.lock.hcl b/terraform/minio/.terraform.lock.hcl
deleted file mode 100755
index 324bd44..0000000
--- a/terraform/minio/.terraform.lock.hcl
+++ /dev/null
@@ -1,21 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/tidalf/minio" {
-  version     = "1.1.1"
-  constraints = "1.1.1"
-  hashes = [
-    "h1:tP7RCiSUSutKCO7VLoupvInov9wXTSWtLCRrM5amggE=",
-    "zh:09b2f987e3991d489bba39310400e2241457e638201d23c9730195fe782cf449",
-    "zh:1b64279f5695c5b598c1eb48db9a9954bfcf41ccd84062c7603ca3360d8a0f3f",
-    "zh:1df8894f48051c6a672df21187dcdb9ee4b61b05c7aeaea19ee13f4ab6975003",
-    "zh:376b15cda30f7ff2c014e77728bff5d5a6be7150eaa6deb0a4d1b14c4b9bf5d8",
-    "zh:55ff772c833f9b2895fbb951a52515bd171a9ed150ef3acf7d47a8d616753285",
-    "zh:a3348818aaead45f9783c098b97018801ca8d98a22525dde566354eb0e325c5a",
-    "zh:b395547203e05d199a54a8a917845d7bec81a02df586ed267fedfc5b5fa43e74",
-    "zh:bf1b69c2de4310caf4865729e8d97683b7d277dafd037149cf81c870516eb94a",
-    "zh:cb9c40dc351d62c5032cd555787b64b3abd4f47af519ac20b92110c4f1cee45a",
-    "zh:e76ab684b061569a82b8cf5fdef4dc40f7cb9446be2253fc91792f3d78fcdd48",
-    "zh:f15fc7466ee8f35ad87da34229d64cd449a9d181699e6bb72411f46fb29f941a",
-  ]
-}
diff --git a/terraform/minio/README.md b/terraform/minio/README.md
deleted file mode 100644
index 18a7202..0000000
--- a/terraform/minio/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Using `mc` directly instead of Terraform
-
-    export MC_HOST_<alias>=https://<Access Key>:<Secret Key>@<YOUR-S3-ENDPOINT>
diff --git a/terraform/minio/main.tf b/terraform/minio/main.tf
deleted file mode 100644
index 245b5ad..0000000
--- a/terraform/minio/main.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-terraform {
-#  required_providers {
-#    minio = {
-#      source = "aminueza/minio"
-#      version = ">= 1.0.0"
-#    }
-#  }
-
-  required_providers {
-    minio = {
-      source = "tidalf/minio"
-      version = "1.1.1"
-    }
-  }
-}
diff --git a/terraform/minio/user.tf b/terraform/minio/user.tf
deleted file mode 100644
index e69de29..0000000
--- a/terraform/minio/user.tf
+++ /dev/null
diff --git a/terraform/modules/minio-pg-backup/main.tf b/terraform/modules/minio-pg-backup/main.tf
deleted file mode 100644
index f9e774a..0000000
--- a/terraform/modules/minio-pg-backup/main.tf
+++ /dev/null
@@ -1,63 +0,0 @@
-terraform {
-  required_providers {
-    minio = {
-      source = "tidalf/minio"
-      version = "1.1.1"
-    }
-  }
-}
-
-resource "minio_iam_user" "sender" {
-  name = "pg-backup-${var.id}-sender"
-#  update_secret = true
-}
-
-resource "minio_s3_bucket" "bucket" {
-  bucket = "pg-backup-${var.id}"
-  acl    = "public"
-}
-
-resource "minio_iam_policy" "sender" {
-  name = minio_iam_user.sender.id
-  policy= <<EOF
-{
-  "Version":"2012-10-17",
-  "Statement": [
-    {
-      "Effect": "Allow",
-      "Action": [
-        "s3:ListBucket"
-      ],
-      "Resource": "arn:aws:s3:::${minio_s3_bucket.bucket.bucket}"
-    },
-    {
-      "Effect": "Allow",
-      "Action": [
-        "s3:ListBucket",
-        "s3:GetObject",
-        "s3:PutObject"
-      ],
-      "Resource": "arn:aws:s3:::${minio_s3_bucket.bucket.bucket}/*"
-    }
-  ]
-}
-EOF
-}
-
-resource "minio_iam_user_policy_attachment" "sender" {
-  user_name  = minio_iam_user.sender.id
-  policy_name = minio_iam_policy.sender.id
-}
-
-output "sender" {
-  value = {
-    access_key: minio_iam_user.sender.name,
-    secret_key: minio_iam_user.sender.secret,
-  }
-}
-
-output "bucket" {
-  value = {
-    name: minio_s3_bucket.bucket.id,
-  }
-}
diff --git a/terraform/modules/minio-pg-backup/vars.tf b/terraform/modules/minio-pg-backup/vars.tf
deleted file mode 100644
index f1f47fe..0000000
--- a/terraform/modules/minio-pg-backup/vars.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-variable "id" {
-  type = string
-}
author	Trygve Laugstøl <trygvis@inamo.no>	2022-12-04 19:53:32 +0100
committer	Trygve Laugstøl <trygvis@inamo.no>	2022-12-04 19:53:32 +0100
commit	6207a285d717fc48ea73e0956ab10729eebb3329 (patch)
tree	adf0aba472bb5146ee2e26f375a7a8feb6674d9e
parent	bb672e7cbf2ca71f33e4b2a647ad42c15a2965fe (diff)
download	infra-6207a285d717fc48ea73e0956ab10729eebb3329.tar.gz infra-6207a285d717fc48ea73e0956ab10729eebb3329.tar.bz2 infra-6207a285d717fc48ea73e0956ab10729eebb3329.tar.xz infra-6207a285d717fc48ea73e0956ab10729eebb3329.zip