knot pdb

1 files changed, 40 insertions, 0 deletions

diff --git a/terraform/knot-pdb/pdb.tf b/terraform/knot-pdb/pdb.tf
new file mode 100644
index 0000000..2a63601
--- /dev/null
+++ b/terraform/knot-pdb/pdb.tf
@@ -0,0 +1,40 @@
+resource "random_uuid" "uuid" {
+}
+
+data "linode_object_storage_cluster" "cluster" {
+  id = "eu-central-1"
+}
+
+resource "linode_object_storage_bucket" "wal" {
+  label = "pdb-wal-${random_uuid.uuid.result}"
+
+  cluster = data.linode_object_storage_cluster.cluster.id
+}
+
+resource "linode_object_storage_key" "wal" {
+  label = "pdb-wal-${random_uuid.uuid.result} yeah"
+
+  bucket_access {
+    bucket_name = linode_object_storage_bucket.wal.label
+    cluster     = linode_object_storage_bucket.wal.cluster
+    permissions = "read_write"
+  }
+}
+
+resource "sops_file" "secret_data" {
+  encryption_type = "age"
+  filename        = "../../knot-pdb.sops.yml"
+  content         = yamlencode(local.env)
+}
+
+locals {
+  env = {
+    AWS_ACCESS_KEY_ID       = linode_object_storage_key.wal.access_key
+    AWS_SECRET_ACCESS_KEY   = linode_object_storage_key.wal.secret_key
+    WALG_S3_PREFIX          = "s3://${linode_object_storage_bucket.wal.label}"
+    AWS_S3_FORCE_PATH_STYLE = "true"
+    AWS_REGION              = data.linode_object_storage_cluster.cluster.id
+    AWS_ENDPOINT            = "https://${data.linode_object_storage_cluster.cluster.id}.linodeobjects.com"
+    PGHOST                  = ""
+  }
+}