aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.gitignore1
-rw-r--r--terraform/.terraform.lock.hcl11
-rw-r--r--terraform/Makefile19
-rw-r--r--terraform/arius-kvm/main.tf21
-rw-r--r--terraform/arius-kvm/test1.tf100
-rw-r--r--terraform/dns/main.tf14
-rw-r--r--terraform/main.tf79
-rw-r--r--terraform/minio/.settings.sh3
-rwxr-xr-xterraform/minio/.terraform.lock.hcl21
-rw-r--r--terraform/minio/README.md3
-rw-r--r--terraform/minio/main.tf15
-rw-r--r--terraform/minio/user.tf0
-rw-r--r--terraform/modules/minio-pg-backup/main.tf63
-rw-r--r--terraform/modules/minio-pg-backup/vars.tf3
14 files changed, 25 insertions, 328 deletions
diff --git a/.gitignore b/.gitignore
index 8372094..6681aa4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@ secrets/
.terraform
.vault
bin/.mc
+bin/.tmp
terraform-*/*state*
terraform/*state*
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
index d03222a..1ef5e9b 100644
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@@ -44,6 +44,17 @@ provider "registry.terraform.io/linode/linode" {
constraints = "~> 1.13"
hashes = [
"h1:weOXi7yntDmI5pjXbHWq3DBeInQmdKxGp1iJ0bjiAPw=",
+ "zh:0c4dacdf474e8dd1ca70221fdaf5fdaf5ca21499525d9007decb97e8dd5d5da3",
+ "zh:2ca34b10add3079759d34e818c600aab39232628edd406d399aed23d832d12d2",
+ "zh:41d07bf91b215c83ee291f6d120c8919f93f0d615a255371e7a2f1a0a6ff424d",
+ "zh:456fc93f74d7702e6b7d419b8430be5c916e0902d6d60b70bf7dd2fd2fb8babd",
+ "zh:4fdafb17a7233a982c0ae870594f7f2128b04a6f84f1de7991e02850debcade1",
+ "zh:68baac854c0230cce7a258a3ca1e8f43a751d2b144c50f063e8429a4ab1e0058",
+ "zh:818ffa763bc438008734b14dbff42b15c4158c785fc7b055cbe429187023ef34",
+ "zh:9e32aaf06564301585d3333b4ad7b954480cb660c19b462095aae92a30e5576b",
+ "zh:aacce1a6ae837a9fe8b7eb33128c2d1f049ff89d940fc42e5d8094c247dbabdc",
+ "zh:b20f9de54ac1a1e36a18b0e9c6bfd14d318cd8b26638e0367cba908a98d92444",
+ "zh:d08e2b81a5a0a1237cb6bda4f9652ae0f66b33ebbdb2b640c31027be524c9cea",
]
}
diff --git a/terraform/Makefile b/terraform/Makefile
deleted file mode 100644
index bd6278c..0000000
--- a/terraform/Makefile
+++ /dev/null
@@ -1,19 +0,0 @@
-terraform_version=0.13.5
-terraform_url=https://releases.hashicorp.com/terraform/$(terraform_version)/terraform_$(terraform_version)_linux_amd64.zip
-terraform_unzip=.terraform/unzip/$(terraform_version)/
-terraform_zip=.terraform/zip/terraform_$(terraform_version)_linux_amd64.zip
-terraform_bin=.terraform/bin/terraform
-
-all: $(terraform_bin) setup
-
-$(terraform_bin): $(terraform_zip)
- rm -rf $(dir $(terraform_unzip))
- mkdir -p $(terraform_unzip)
- mkdir -p $(dir $(terraform_bin))
- unzip $(terraform_zip) -d $(terraform_unzip)
- ln -sf $(PWD)/$(terraform_unzip)/terraform $(terraform_bin)
- touch $(PWD)/$(terraform_unzip)/terraform
-
-$(terraform_zip):
- mkdir -p $(dir $@)
- curl -L -o "$@" $(terraform_url)
diff --git a/terraform/arius-kvm/main.tf b/terraform/arius-kvm/main.tf
deleted file mode 100644
index afe402f..0000000
--- a/terraform/arius-kvm/main.tf
+++ /dev/null
@@ -1,21 +0,0 @@
-terraform {
- required_providers {
- libvirt = {
- source = "dmacvicar/libvirt"
- version = "0.6.10"
- }
- }
-}
-
-provider "libvirt" {
- # https://github.com/dmacvicar/terraform-provider-libvirt/issues/864
- # uri = "qemu+ssh://arius.vpn.trygvis.io/system"
-
- # rm libvirt-arius.sock; ssh -nNT -L "$(pwd)/libvirt-arius.sock:/var/run/libvirt/libvirt-sock" arius.vpn.trygvis.io
- uri = "qemu+unix:///session?socket=${path.root}/libvirt-arius.sock"
-}
-
-resource "libvirt_volume" "debian-10" {
- name = "debian-10-openstack-amd64.qcow2"
- source = "https://cloud.debian.org/cdimage/openstack/current-10/debian-10-openstack-amd64.qcow2"
-}
diff --git a/terraform/arius-kvm/test1.tf b/terraform/arius-kvm/test1.tf
deleted file mode 100644
index d2d6702..0000000
--- a/terraform/arius-kvm/test1.tf
+++ /dev/null
@@ -1,100 +0,0 @@
-resource "libvirt_network" "terraform" {
- name = "terraform"
- mode = "nat"
- addresses = ["10.17.3.0/24"]
-}
-
-resource "libvirt_domain" "test1" {
- name = "test1"
-
- # memory = "1024"
- # vcpu = 1
-
- cloudinit = libvirt_cloudinit_disk.commoninit.id
-
- network_interface {
- network_name = "default"
- }
-
- network_interface {
- hostname = "wat"
- network_id = libvirt_network.terraform.id
- addresses = ["10.17.3.10"]
- }
-
- console {
- type = "pty"
- target_port = "0"
- target_type = "serial"
- }
-
- console {
- type = "pty"
- target_type = "virtio"
- target_port = "1"
- }
-
- disk {
- volume_id = libvirt_volume.test1-root.id
- scsi = "true"
- }
-
- graphics {
- type = "spice"
- listen_type = "address"
- autoport = true
- }
-
-# xml {
-# xslt = <<-EOF
-# <?xml version="1.0" ?>
-# <xsl:stylesheet version="1.0"
-# xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-# <xsl:output omit-xml-declaration="yes" indent="yes"/>
-# <xsl:template match="node()|@*">
-# <xsl:copy>
-# <xsl:apply-templates select="node()|@*"/>
-# </xsl:copy>
-# </xsl:template>
-#
-# <xsl:template match="/domain/devices/interface[@type='network']/model/@type">
-# <xsl:attribute name="target">
-# <xsl:value-of select="'lan0'"/>
-# </xsl:attribute>
-# </xsl:template>
-#
-# </xsl:stylesheet>
-# EOF
-# }
-}
-
-resource "libvirt_volume" "test1-root" {
- name = "test1-root.qcow2"
- base_volume_id = libvirt_volume.debian-10.id
-}
-
-resource "libvirt_cloudinit_disk" "commoninit" {
- name = "commoninit.iso"
- user_data = data.template_file.user_data.rendered
- network_config = data.template_file.network_config.rendered
- # pool = libvirt_pool.ubuntu.name
-}
-
-data "template_file" "user_data" {
- template = <<-EOF
- #cloud-config
- # vim: syntax=yaml
- # ---> https://cloudinit.readthedocs.io/en/latest/topics/examples.html
- ssh_authorized_keys:
- - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL3UZyrbXX7WMHqcZCRspkoSIfB6egrbOxXPf1zyZkAw trygvis@arius-v4
- EOF
-}
-
-data "template_file" "network_config" {
- template = <<-EOF
- version: 2
- ethernets:
- ens3:
- dhcp4: true
- EOF
-}
diff --git a/terraform/dns/main.tf b/terraform/dns/main.tf
index e476f03..5ebe7d7 100644
--- a/terraform/dns/main.tf
+++ b/terraform/dns/main.tf
@@ -1,7 +1,19 @@
terraform {
+ required_version = "~> 1.3.6"
+
+ backend "s3" {
+ bucket = "terraform-a6726272-73ff-11ed-8bdd-c79eb8376e05"
+ key = "dns/terraform.tfstate"
+ region = "eu-central-1"
+ skip_region_validation = true
+ skip_credentials_validation = true
+ skip_metadata_api_check = true
+ endpoint = "eu-central-1.linodeobjects.com"
+ }
+
required_providers {
linode = {
- version = "~> 1.13"
+ version = "1.29.4"
source = "linode/linode"
}
}
diff --git a/terraform/main.tf b/terraform/main.tf
deleted file mode 100644
index 5319a6c..0000000
--- a/terraform/main.tf
+++ /dev/null
@@ -1,79 +0,0 @@
-terraform {
- required_version = ">= 0.13"
-
- backend "s3" {
- key = "trygvis-infra"
- region = "us-east-1"
- bucket = "terraform"
- endpoint = "https://minio.trygvis.io"
-
- skip_credentials_validation = true
- skip_metadata_api_check = true
- skip_region_validation = true
- force_path_style = true
- }
-
- required_providers {
- linode = {
- version = "~> 1.13"
- source = "linode/linode"
- }
-
- ansiblevault = {
- version = "~> 2.2"
- source = "MeilleursAgents/ansiblevault"
- }
-
- minio = {
- source = "tidalf/minio"
- version = "1.1.1"
- }
- }
-}
-
-provider "ansiblevault" {
- root_folder = "../ansible"
-}
-
-#################################################
-# Minio
-
-data "ansiblevault_path" "minio_access_key" {
- path = "minio/group_vars/all/vault.yml"
- key = "MINIO_ROOT_USER"
-}
-
-data "ansiblevault_path" "minio_secret_key" {
- path = "minio/group_vars/all/vault.yml"
- key = "MINIO_ROOT_PASSWORD"
-}
-
-provider "minio" {
- minio_server = "minio.trygvis.io:443"
- minio_ssl = "true"
- minio_access_key = data.ansiblevault_path.minio_access_key.value
- minio_secret_key = data.ansiblevault_path.minio_secret_key.value
-}
-
-#################################################
-# Modules
-
-module "dns" {
- source = "./dns"
-}
-
-module "pg-backup-knot" {
- source = "./modules/minio-pg-backup"
- id = "knot"
-}
-
-output "pg_backup_knot" {
- value = {
- sender : module.pg-backup-knot.sender,
- bucket : module.pg-backup-knot.bucket,
- }
-}
-
-module "arius-kvm" {
- source = "./arius-kvm"
-}
diff --git a/terraform/minio/.settings.sh b/terraform/minio/.settings.sh
deleted file mode 100644
index 1e4fba4..0000000
--- a/terraform/minio/.settings.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/bash
-
-alias terraform="$(pwd)/.terraform/bin/terraform"
diff --git a/terraform/minio/.terraform.lock.hcl b/terraform/minio/.terraform.lock.hcl
deleted file mode 100755
index 324bd44..0000000
--- a/terraform/minio/.terraform.lock.hcl
+++ /dev/null
@@ -1,21 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/tidalf/minio" {
- version = "1.1.1"
- constraints = "1.1.1"
- hashes = [
- "h1:tP7RCiSUSutKCO7VLoupvInov9wXTSWtLCRrM5amggE=",
- "zh:09b2f987e3991d489bba39310400e2241457e638201d23c9730195fe782cf449",
- "zh:1b64279f5695c5b598c1eb48db9a9954bfcf41ccd84062c7603ca3360d8a0f3f",
- "zh:1df8894f48051c6a672df21187dcdb9ee4b61b05c7aeaea19ee13f4ab6975003",
- "zh:376b15cda30f7ff2c014e77728bff5d5a6be7150eaa6deb0a4d1b14c4b9bf5d8",
- "zh:55ff772c833f9b2895fbb951a52515bd171a9ed150ef3acf7d47a8d616753285",
- "zh:a3348818aaead45f9783c098b97018801ca8d98a22525dde566354eb0e325c5a",
- "zh:b395547203e05d199a54a8a917845d7bec81a02df586ed267fedfc5b5fa43e74",
- "zh:bf1b69c2de4310caf4865729e8d97683b7d277dafd037149cf81c870516eb94a",
- "zh:cb9c40dc351d62c5032cd555787b64b3abd4f47af519ac20b92110c4f1cee45a",
- "zh:e76ab684b061569a82b8cf5fdef4dc40f7cb9446be2253fc91792f3d78fcdd48",
- "zh:f15fc7466ee8f35ad87da34229d64cd449a9d181699e6bb72411f46fb29f941a",
- ]
-}
diff --git a/terraform/minio/README.md b/terraform/minio/README.md
deleted file mode 100644
index 18a7202..0000000
--- a/terraform/minio/README.md
+++ /dev/null
@@ -1,3 +0,0 @@
-# Using `mc` directly instead of Terraform
-
- export MC_HOST_<alias>=https://<Access Key>:<Secret Key>@<YOUR-S3-ENDPOINT>
diff --git a/terraform/minio/main.tf b/terraform/minio/main.tf
deleted file mode 100644
index 245b5ad..0000000
--- a/terraform/minio/main.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-terraform {
-# required_providers {
-# minio = {
-# source = "aminueza/minio"
-# version = ">= 1.0.0"
-# }
-# }
-
- required_providers {
- minio = {
- source = "tidalf/minio"
- version = "1.1.1"
- }
- }
-}
diff --git a/terraform/minio/user.tf b/terraform/minio/user.tf
deleted file mode 100644
index e69de29..0000000
--- a/terraform/minio/user.tf
+++ /dev/null
diff --git a/terraform/modules/minio-pg-backup/main.tf b/terraform/modules/minio-pg-backup/main.tf
deleted file mode 100644
index f9e774a..0000000
--- a/terraform/modules/minio-pg-backup/main.tf
+++ /dev/null
@@ -1,63 +0,0 @@
-terraform {
- required_providers {
- minio = {
- source = "tidalf/minio"
- version = "1.1.1"
- }
- }
-}
-
-resource "minio_iam_user" "sender" {
- name = "pg-backup-${var.id}-sender"
-# update_secret = true
-}
-
-resource "minio_s3_bucket" "bucket" {
- bucket = "pg-backup-${var.id}"
- acl = "public"
-}
-
-resource "minio_iam_policy" "sender" {
- name = minio_iam_user.sender.id
- policy= <<EOF
-{
- "Version":"2012-10-17",
- "Statement": [
- {
- "Effect": "Allow",
- "Action": [
- "s3:ListBucket"
- ],
- "Resource": "arn:aws:s3:::${minio_s3_bucket.bucket.bucket}"
- },
- {
- "Effect": "Allow",
- "Action": [
- "s3:ListBucket",
- "s3:GetObject",
- "s3:PutObject"
- ],
- "Resource": "arn:aws:s3:::${minio_s3_bucket.bucket.bucket}/*"
- }
- ]
-}
-EOF
-}
-
-resource "minio_iam_user_policy_attachment" "sender" {
- user_name = minio_iam_user.sender.id
- policy_name = minio_iam_policy.sender.id
-}
-
-output "sender" {
- value = {
- access_key: minio_iam_user.sender.name,
- secret_key: minio_iam_user.sender.secret,
- }
-}
-
-output "bucket" {
- value = {
- name: minio_s3_bucket.bucket.id,
- }
-}
diff --git a/terraform/modules/minio-pg-backup/vars.tf b/terraform/modules/minio-pg-backup/vars.tf
deleted file mode 100644
index f1f47fe..0000000
--- a/terraform/modules/minio-pg-backup/vars.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-variable "id" {
- type = string
-}
generated by cgit v1.2.3 (git 2.46.0) at 2024-12-22 22:27:28 +0000