diff options
author | Trygve Laugstøl <trygvis@inamo.no> | 2021-01-09 12:33:17 +0100 |
---|---|---|
committer | Trygve Laugstøl <trygvis@inamo.no> | 2021-01-09 12:33:17 +0100 |
commit | 16795884f3e915ed6d8b086fd5b6b93fc4858a27 (patch) | |
tree | 2043154f60fd396e5ee9f572df0dc9112f46feff /terraform | |
parent | 4dd314376968d99abe67e1c49ad8032d3a2b96c2 (diff) | |
parent | 5b1279c3dd28a2c0252624c36e937c59db15270d (diff) | |
download | infra-16795884f3e915ed6d8b086fd5b6b93fc4858a27.tar.gz infra-16795884f3e915ed6d8b086fd5b6b93fc4858a27.tar.bz2 infra-16795884f3e915ed6d8b086fd5b6b93fc4858a27.tar.xz infra-16795884f3e915ed6d8b086fd5b6b93fc4858a27.zip |
Merge branch 'master' of trygvis.io:git/infra
Diffstat (limited to 'terraform')
-rw-r--r-- | terraform/Makefile | 24 | ||||
-rw-r--r-- | terraform/dns/main.tf | 23 | ||||
-rw-r--r-- | terraform/dns/trygvis.tf | 7 | ||||
-rw-r--r-- | terraform/dns/versions.tf | 11 | ||||
-rw-r--r-- | terraform/main.tf | 75 | ||||
-rw-r--r-- | terraform/minio/.settings.sh | 3 | ||||
-rwxr-xr-x | terraform/minio/.terraform.lock.hcl | 21 | ||||
-rw-r--r-- | terraform/minio/main.tf | 15 | ||||
-rw-r--r-- | terraform/minio/user.tf | 24 |
9 files changed, 151 insertions, 52 deletions
diff --git a/terraform/Makefile b/terraform/Makefile index c26c670..bd6278c 100644 --- a/terraform/Makefile +++ b/terraform/Makefile @@ -4,11 +4,7 @@ terraform_unzip=.terraform/unzip/$(terraform_version)/ terraform_zip=.terraform/zip/terraform_$(terraform_version)_linux_amd64.zip terraform_bin=.terraform/bin/terraform -ansiblevault_version=2.0.1 -ansiblevault_url=https://github.com/MeilleursAgents/terraform-provider-ansiblevault/releases/download/v$(ansiblevault_version)/terraform-provider-ansiblevault_linux_amd64_v$(ansiblevault_version) -ansiblevault_path=terraform.d/plugins/linux_amd64/terraform-provider-ansiblevault_v$(ansiblevault_version)_x4 - -all: $(terraform_bin) $(ansiblevault_path) setup +all: $(terraform_bin) setup $(terraform_bin): $(terraform_zip) rm -rf $(dir $(terraform_unzip)) @@ -21,21 +17,3 @@ $(terraform_bin): $(terraform_zip) $(terraform_zip): mkdir -p $(dir $@) curl -L -o "$@" $(terraform_url) - -$(ansiblevault_path): terraform.d - mkdir -p $(dir $@) - curl -L -o "$@" $(ansiblevault_url) - chmod +x $(@) - -terraform.d: - mkdir $@ - -MAIN=$(patsubst %/main.tf,%,$(wildcard */main.tf)) -setup: $(patsubst %,%/terraform.d,$(MAIN)) -.PHONY: setup - -%/terraform.d: terraform.d - ln -s ../terraform.d $@ - -.terraform/plugins/linux_amd64: - mkdir -p $@ diff --git a/terraform/dns/main.tf b/terraform/dns/main.tf index d80fb70..e476f03 100644 --- a/terraform/dns/main.tf +++ b/terraform/dns/main.tf @@ -1,21 +1,8 @@ terraform { - backend "local" { - path = "../state/dns" + required_providers { + linode = { + version = "~> 1.13" + source = "linode/linode" + } } } - -provider "linode" { - version = "~> 1.13" - - token = data.ansiblevault_path.linode_token.value -} - -provider "ansiblevault" { - version = "~> 2.2" - root_folder = "../../ansible" -} - -data "ansiblevault_path" "linode_token" { - path = "group_vars/all/linode-dns.yml" - key = "linode_token_v4" -} diff --git a/terraform/dns/trygvis.tf b/terraform/dns/trygvis.tf index 659d56a..531661f 100644 --- a/terraform/dns/trygvis.tf +++ b/terraform/dns/trygvis.tf @@ -117,3 +117,10 @@ resource "linode_domain_record" "unifi" { record_type = "CNAME" target = "vs.trygvis.io" } + +resource "linode_domain_record" "minio" { + domain_id = linode_domain.root.id + name = "minio" + record_type = "CNAME" + target = "vs.trygvis.io" +} diff --git a/terraform/dns/versions.tf b/terraform/dns/versions.tf deleted file mode 100644 index f98850f..0000000 --- a/terraform/dns/versions.tf +++ /dev/null @@ -1,11 +0,0 @@ -terraform { - required_providers { - linode = { - source = "linode/linode" - } - ansiblevault = { - source = "MeilleursAgents/ansiblevault" - } - } - required_version = ">= 0.13" -} diff --git a/terraform/main.tf b/terraform/main.tf new file mode 100644 index 0000000..853a87d --- /dev/null +++ b/terraform/main.tf @@ -0,0 +1,75 @@ +terraform { + required_version = ">= 0.13" + + backend "local" { + path = "../state/dns" + } + + required_providers { + linode = { + version = "~> 1.13" + source = "linode/linode" + } + + ansiblevault = { + version = "~> 2.2" + source = "MeilleursAgents/ansiblevault" + } + + minio = { + source = "tidalf/minio" + version = "1.1.1" + } + } +} + +provider "ansiblevault" { + root_folder = "../ansible" +} + +################################################# +# Linode + +data "ansiblevault_path" "linode_token" { + path = "group_vars/all/linode-dns.yml" + key = "linode_token_v4" +} + +provider "linode" { + token = data.ansiblevault_path.linode_token.value +} + +################################################# +# Minio + +data "ansiblevault_path" "minio_access_key" { + path = "minio/group_vars/all/vault.yml" + key = "MINIO_ROOT_USER" +} + +data "ansiblevault_path" "minio_secret_key" { + path = "minio/group_vars/all/vault.yml" + key = "MINIO_ROOT_PASSWORD" +} + +provider "minio" { + minio_server = "minio.trygvis.io:443" + minio_ssl = "true" + minio_access_key = data.ansiblevault_path.minio_access_key.value + minio_secret_key = data.ansiblevault_path.minio_secret_key.value +} + +################################################# +# Modules + +module "dns" { + source = "./dns" +} + +module "minio" { + source = "./minio" +} + +output "secret" { + value = module.minio.secret +} diff --git a/terraform/minio/.settings.sh b/terraform/minio/.settings.sh new file mode 100644 index 0000000..1e4fba4 --- /dev/null +++ b/terraform/minio/.settings.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +alias terraform="$(pwd)/.terraform/bin/terraform" diff --git a/terraform/minio/.terraform.lock.hcl b/terraform/minio/.terraform.lock.hcl new file mode 100755 index 0000000..324bd44 --- /dev/null +++ b/terraform/minio/.terraform.lock.hcl @@ -0,0 +1,21 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/tidalf/minio" { + version = "1.1.1" + constraints = "1.1.1" + hashes = [ + "h1:tP7RCiSUSutKCO7VLoupvInov9wXTSWtLCRrM5amggE=", + "zh:09b2f987e3991d489bba39310400e2241457e638201d23c9730195fe782cf449", + "zh:1b64279f5695c5b598c1eb48db9a9954bfcf41ccd84062c7603ca3360d8a0f3f", + "zh:1df8894f48051c6a672df21187dcdb9ee4b61b05c7aeaea19ee13f4ab6975003", + "zh:376b15cda30f7ff2c014e77728bff5d5a6be7150eaa6deb0a4d1b14c4b9bf5d8", + "zh:55ff772c833f9b2895fbb951a52515bd171a9ed150ef3acf7d47a8d616753285", + "zh:a3348818aaead45f9783c098b97018801ca8d98a22525dde566354eb0e325c5a", + "zh:b395547203e05d199a54a8a917845d7bec81a02df586ed267fedfc5b5fa43e74", + "zh:bf1b69c2de4310caf4865729e8d97683b7d277dafd037149cf81c870516eb94a", + "zh:cb9c40dc351d62c5032cd555787b64b3abd4f47af519ac20b92110c4f1cee45a", + "zh:e76ab684b061569a82b8cf5fdef4dc40f7cb9446be2253fc91792f3d78fcdd48", + "zh:f15fc7466ee8f35ad87da34229d64cd449a9d181699e6bb72411f46fb29f941a", + ] +} diff --git a/terraform/minio/main.tf b/terraform/minio/main.tf new file mode 100644 index 0000000..245b5ad --- /dev/null +++ b/terraform/minio/main.tf @@ -0,0 +1,15 @@ +terraform { +# required_providers { +# minio = { +# source = "aminueza/minio" +# version = ">= 1.0.0" +# } +# } + + required_providers { + minio = { + source = "tidalf/minio" + version = "1.1.1" + } + } +} diff --git a/terraform/minio/user.tf b/terraform/minio/user.tf new file mode 100644 index 0000000..b0148a7 --- /dev/null +++ b/terraform/minio/user.tf @@ -0,0 +1,24 @@ +resource "minio_iam_user" "knot-postgresql-sender" { + name = "knot-postgresql-sender" +# update_secret = true +} + +output "secret" { + value = minio_iam_user.knot-postgresql-sender.secret +} + +resource "minio_s3_bucket" "knot-postgresql" { + bucket = "knot-postgresql" + acl = "public" +} + +# resource "minio_iam_group_membership" "developer" { +# name = "tf-testing-group-membership" +# +# users = [ +# minio_iam_user.user_one.name, +# minio_iam_user.user_two.name, +# ] +# +# group = minio_iam_group.developer.name +# } |