aboutsummaryrefslogtreecommitdiff
path: root/terraform/conflatorio-docker
diff options
context:
space:
mode:
Diffstat (limited to 'terraform/conflatorio-docker')
-rw-r--r--terraform/conflatorio-docker/.terraform.lock.hcl19
-rw-r--r--terraform/conflatorio-docker/main.tf16
-rw-r--r--terraform/conflatorio-docker/traefik.tf20
3 files changed, 29 insertions, 26 deletions
diff --git a/terraform/conflatorio-docker/.terraform.lock.hcl b/terraform/conflatorio-docker/.terraform.lock.hcl
index 3ac9963..6b5beb1 100644
--- a/terraform/conflatorio-docker/.terraform.lock.hcl
+++ b/terraform/conflatorio-docker/.terraform.lock.hcl
@@ -42,6 +42,25 @@ provider "registry.terraform.io/kreuzwerker/docker" {
]
}
+provider "registry.terraform.io/lokkersp/sops" {
+ version = "0.6.10"
+ constraints = "0.6.10"
+ hashes = [
+ "h1:atU8NIBxpNTWY+qBubvEOfjOn4K1aCDoq1iUFocgIHQ=",
+ "zh:0f053a26392a581b1f1ce6316cb7ed8ec4cc75e7f5f1cf7cfd45050b6b3c87ea",
+ "zh:207bb96c4471fce9aeb1b3c217d772692c3d865d294cf4d2501dad41de36a15e",
+ "zh:28506e8f1f3b9eaa95d99043440328044ee6340143535e5751538328a529d001",
+ "zh:3cae3bcea9e35fdc5b3f2af1b4580cd625c996448ad0c676c772260e46b25289",
+ "zh:3e44daaf82986c2b0028aeb17b867f3c68ed5dd8ac8625ba0406cf2a5fd3d92e",
+ "zh:457fb8ca2e677af24f9a4bdd8b613b1d7b604ad7133541657e5757c19268da71",
+ "zh:473d727c228f021a3df8cc8dcc6231ad7f90ed63f9e47c36b597d591e76228da",
+ "zh:48c4c1df39fd76ec8bd5fe9ac70cdc0927ac8be95582dbe46458b3442ce0fcd9",
+ "zh:728b19cb5c07e5e9d8b78fd94cc57d4c13582ecd24b7eb7c4cc2bf73b12fe4d1",
+ "zh:c51ed9af591779bb0910b82addeebb10f53428b994f8db653dd1dedcec60916c",
+ "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+ ]
+}
+
provider "registry.terraform.io/meilleursagents/ansiblevault" {
version = "2.2.0"
constraints = "2.2.0"
diff --git a/terraform/conflatorio-docker/main.tf b/terraform/conflatorio-docker/main.tf
index 21081ac..cfc3cf0 100644
--- a/terraform/conflatorio-docker/main.tf
+++ b/terraform/conflatorio-docker/main.tf
@@ -16,9 +16,9 @@ terraform {
source = "kreuzwerker/docker"
version = "2.23.1"
}
- ansiblevault = {
- source = "MeilleursAgents/ansiblevault"
- version = "2.2.0"
+ sops = {
+ source = "lokkersp/sops"
+ version = "0.6.10"
}
}
}
@@ -27,11 +27,7 @@ provider "docker" {
host = "ssh://conflatorio.vpn.trygvis.io"
}
-provider "ansiblevault" {
- root_folder = "../.."
-}
-
-data "ansiblevault_path" "linode_token" {
- path = "terraform-vault.yml"
- key = "linode_token"
+data "sops_file_entry" "linode_token" {
+ source_file = "../../sops.yml"
+ data_key = "linode_token"
}
diff --git a/terraform/conflatorio-docker/traefik.tf b/terraform/conflatorio-docker/traefik.tf
index 42442be..83adac3 100644
--- a/terraform/conflatorio-docker/traefik.tf
+++ b/terraform/conflatorio-docker/traefik.tf
@@ -58,13 +58,13 @@ resource "docker_container" "traefik" {
# - "/var/run/docker.sock:/var/run/docker.sock:ro"
env = [
- "LINODE_TOKEN=${data.ansiblevault_path.linode_token.value}"
+ "LINODE_TOKEN=${data.sops_file_entry.linode_token.data}"
]
mounts {
- source = "/etc/docker-service/traefik/letsencrypt"
- target = "/letsencrypt"
- type = "bind"
+ source = "/etc/docker-service/traefik/letsencrypt"
+ target = "/letsencrypt"
+ type = "bind"
}
mounts {
@@ -92,15 +92,3 @@ resource "null_resource" "letsencrypt" {
command = "ssh conflatorio.vpn.trygvis.io sudo mkdir -p ${local.path}"
}
}
-
-# provisioner "file" {
-# source = "conf/myapp.conf"
-# destination = "/etc/myapp.conf"
-#
-# connection {
-# type = "ssh"
-# user = "root"
-# password = "${var.root_password}"
-# host = "${var.host}"
-# }
-# }