aboutsummaryrefslogtreecommitdiff
path: root/terraform
diff options
context:
space:
mode:
Diffstat (limited to 'terraform')
-rw-r--r--terraform/Makefile24
-rw-r--r--terraform/dns/main.tf23
-rw-r--r--terraform/dns/trygvis.tf7
-rw-r--r--terraform/dns/versions.tf11
-rw-r--r--terraform/main.tf75
-rw-r--r--terraform/minio/.settings.sh3
-rwxr-xr-xterraform/minio/.terraform.lock.hcl21
-rw-r--r--terraform/minio/main.tf15
-rw-r--r--terraform/minio/user.tf24
9 files changed, 151 insertions, 52 deletions
diff --git a/terraform/Makefile b/terraform/Makefile
index c26c670..bd6278c 100644
--- a/terraform/Makefile
+++ b/terraform/Makefile
@@ -4,11 +4,7 @@ terraform_unzip=.terraform/unzip/$(terraform_version)/
terraform_zip=.terraform/zip/terraform_$(terraform_version)_linux_amd64.zip
terraform_bin=.terraform/bin/terraform
-ansiblevault_version=2.0.1
-ansiblevault_url=https://github.com/MeilleursAgents/terraform-provider-ansiblevault/releases/download/v$(ansiblevault_version)/terraform-provider-ansiblevault_linux_amd64_v$(ansiblevault_version)
-ansiblevault_path=terraform.d/plugins/linux_amd64/terraform-provider-ansiblevault_v$(ansiblevault_version)_x4
-
-all: $(terraform_bin) $(ansiblevault_path) setup
+all: $(terraform_bin) setup
$(terraform_bin): $(terraform_zip)
rm -rf $(dir $(terraform_unzip))
@@ -21,21 +17,3 @@ $(terraform_bin): $(terraform_zip)
$(terraform_zip):
mkdir -p $(dir $@)
curl -L -o "$@" $(terraform_url)
-
-$(ansiblevault_path): terraform.d
- mkdir -p $(dir $@)
- curl -L -o "$@" $(ansiblevault_url)
- chmod +x $(@)
-
-terraform.d:
- mkdir $@
-
-MAIN=$(patsubst %/main.tf,%,$(wildcard */main.tf))
-setup: $(patsubst %,%/terraform.d,$(MAIN))
-.PHONY: setup
-
-%/terraform.d: terraform.d
- ln -s ../terraform.d $@
-
-.terraform/plugins/linux_amd64:
- mkdir -p $@
diff --git a/terraform/dns/main.tf b/terraform/dns/main.tf
index d80fb70..e476f03 100644
--- a/terraform/dns/main.tf
+++ b/terraform/dns/main.tf
@@ -1,21 +1,8 @@
terraform {
- backend "local" {
- path = "../state/dns"
+ required_providers {
+ linode = {
+ version = "~> 1.13"
+ source = "linode/linode"
+ }
}
}
-
-provider "linode" {
- version = "~> 1.13"
-
- token = data.ansiblevault_path.linode_token.value
-}
-
-provider "ansiblevault" {
- version = "~> 2.2"
- root_folder = "../../ansible"
-}
-
-data "ansiblevault_path" "linode_token" {
- path = "group_vars/all/linode-dns.yml"
- key = "linode_token_v4"
-}
diff --git a/terraform/dns/trygvis.tf b/terraform/dns/trygvis.tf
index 659d56a..531661f 100644
--- a/terraform/dns/trygvis.tf
+++ b/terraform/dns/trygvis.tf
@@ -117,3 +117,10 @@ resource "linode_domain_record" "unifi" {
record_type = "CNAME"
target = "vs.trygvis.io"
}
+
+resource "linode_domain_record" "minio" {
+ domain_id = linode_domain.root.id
+ name = "minio"
+ record_type = "CNAME"
+ target = "vs.trygvis.io"
+}
diff --git a/terraform/dns/versions.tf b/terraform/dns/versions.tf
deleted file mode 100644
index f98850f..0000000
--- a/terraform/dns/versions.tf
+++ /dev/null
@@ -1,11 +0,0 @@
-terraform {
- required_providers {
- linode = {
- source = "linode/linode"
- }
- ansiblevault = {
- source = "MeilleursAgents/ansiblevault"
- }
- }
- required_version = ">= 0.13"
-}
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..853a87d
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,75 @@
+terraform {
+ required_version = ">= 0.13"
+
+ backend "local" {
+ path = "../state/dns"
+ }
+
+ required_providers {
+ linode = {
+ version = "~> 1.13"
+ source = "linode/linode"
+ }
+
+ ansiblevault = {
+ version = "~> 2.2"
+ source = "MeilleursAgents/ansiblevault"
+ }
+
+ minio = {
+ source = "tidalf/minio"
+ version = "1.1.1"
+ }
+ }
+}
+
+provider "ansiblevault" {
+ root_folder = "../ansible"
+}
+
+#################################################
+# Linode
+
+data "ansiblevault_path" "linode_token" {
+ path = "group_vars/all/linode-dns.yml"
+ key = "linode_token_v4"
+}
+
+provider "linode" {
+ token = data.ansiblevault_path.linode_token.value
+}
+
+#################################################
+# Minio
+
+data "ansiblevault_path" "minio_access_key" {
+ path = "minio/group_vars/all/vault.yml"
+ key = "MINIO_ROOT_USER"
+}
+
+data "ansiblevault_path" "minio_secret_key" {
+ path = "minio/group_vars/all/vault.yml"
+ key = "MINIO_ROOT_PASSWORD"
+}
+
+provider "minio" {
+ minio_server = "minio.trygvis.io:443"
+ minio_ssl = "true"
+ minio_access_key = data.ansiblevault_path.minio_access_key.value
+ minio_secret_key = data.ansiblevault_path.minio_secret_key.value
+}
+
+#################################################
+# Modules
+
+module "dns" {
+ source = "./dns"
+}
+
+module "minio" {
+ source = "./minio"
+}
+
+output "secret" {
+ value = module.minio.secret
+}
diff --git a/terraform/minio/.settings.sh b/terraform/minio/.settings.sh
new file mode 100644
index 0000000..1e4fba4
--- /dev/null
+++ b/terraform/minio/.settings.sh
@@ -0,0 +1,3 @@
+#!/bin/bash
+
+alias terraform="$(pwd)/.terraform/bin/terraform"
diff --git a/terraform/minio/.terraform.lock.hcl b/terraform/minio/.terraform.lock.hcl
new file mode 100755
index 0000000..324bd44
--- /dev/null
+++ b/terraform/minio/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/tidalf/minio" {
+ version = "1.1.1"
+ constraints = "1.1.1"
+ hashes = [
+ "h1:tP7RCiSUSutKCO7VLoupvInov9wXTSWtLCRrM5amggE=",
+ "zh:09b2f987e3991d489bba39310400e2241457e638201d23c9730195fe782cf449",
+ "zh:1b64279f5695c5b598c1eb48db9a9954bfcf41ccd84062c7603ca3360d8a0f3f",
+ "zh:1df8894f48051c6a672df21187dcdb9ee4b61b05c7aeaea19ee13f4ab6975003",
+ "zh:376b15cda30f7ff2c014e77728bff5d5a6be7150eaa6deb0a4d1b14c4b9bf5d8",
+ "zh:55ff772c833f9b2895fbb951a52515bd171a9ed150ef3acf7d47a8d616753285",
+ "zh:a3348818aaead45f9783c098b97018801ca8d98a22525dde566354eb0e325c5a",
+ "zh:b395547203e05d199a54a8a917845d7bec81a02df586ed267fedfc5b5fa43e74",
+ "zh:bf1b69c2de4310caf4865729e8d97683b7d277dafd037149cf81c870516eb94a",
+ "zh:cb9c40dc351d62c5032cd555787b64b3abd4f47af519ac20b92110c4f1cee45a",
+ "zh:e76ab684b061569a82b8cf5fdef4dc40f7cb9446be2253fc91792f3d78fcdd48",
+ "zh:f15fc7466ee8f35ad87da34229d64cd449a9d181699e6bb72411f46fb29f941a",
+ ]
+}
diff --git a/terraform/minio/main.tf b/terraform/minio/main.tf
new file mode 100644
index 0000000..245b5ad
--- /dev/null
+++ b/terraform/minio/main.tf
@@ -0,0 +1,15 @@
+terraform {
+# required_providers {
+# minio = {
+# source = "aminueza/minio"
+# version = ">= 1.0.0"
+# }
+# }
+
+ required_providers {
+ minio = {
+ source = "tidalf/minio"
+ version = "1.1.1"
+ }
+ }
+}
diff --git a/terraform/minio/user.tf b/terraform/minio/user.tf
new file mode 100644
index 0000000..b0148a7
--- /dev/null
+++ b/terraform/minio/user.tf
@@ -0,0 +1,24 @@
+resource "minio_iam_user" "knot-postgresql-sender" {
+ name = "knot-postgresql-sender"
+# update_secret = true
+}
+
+output "secret" {
+ value = minio_iam_user.knot-postgresql-sender.secret
+}
+
+resource "minio_s3_bucket" "knot-postgresql" {
+ bucket = "knot-postgresql"
+ acl = "public"
+}
+
+# resource "minio_iam_group_membership" "developer" {
+# name = "tf-testing-group-membership"
+#
+# users = [
+# minio_iam_user.user_one.name,
+# minio_iam_user.user_two.name,
+# ]
+#
+# group = minio_iam_group.developer.name
+# }