From fdf38928edd187949c8f4fc5a60b9780500d3e2e Mon Sep 17 00:00:00 2001
From: Trygve Laugstøl <trygvis@inamo.no>
Date: Fri, 23 Dec 2022 14:25:38 +0100
Subject: concourse

---
 terraform/concourse/main.tf | 27 +++++++++++++++++++--------
 1 file changed, 19 insertions(+), 8 deletions(-)

(limited to 'terraform/concourse/main.tf')

diff --git a/terraform/concourse/main.tf b/terraform/concourse/main.tf
index 49bad5e..49702b9 100644
--- a/terraform/concourse/main.tf
+++ b/terraform/concourse/main.tf
@@ -12,10 +12,6 @@ terraform {
   }
 
   required_providers {
-    ansiblevault = {
-      source  = "MeilleursAgents/ansiblevault"
-      version = "2.2.0"
-    }
     docker = {
       source  = "kreuzwerker/docker"
       version = "2.23.1"
@@ -28,6 +24,10 @@ terraform {
       source  = "cyrilgdn/postgresql"
       version = "1.18.0"
     }
+    sops = {
+      source  = "lokkersp/sops"
+      version = "0.6.10"
+    }
   }
 }
 
@@ -35,14 +35,25 @@ provider "docker" {
   host = "ssh://conflatorio.vpn.trygvis.io"
 }
 
-provider "ansiblevault" {
-  root_folder = ".."
+provider "postgresql" {
+  host     = "knot.vpn.trygvis.io"
+  database = "postgres"
+  username = "terraform"
+  password = data.sops_file_entry.knot_pdb_terraform_password.data
+  sslmode  = "require"
 }
 
-data "docker_network" "traefik" {
-  name = "traefik"
+provider "sops" {
+  age = {
+    key = "age13wv3rp0varlg4nvt3tca48fq8u9q3mc6yfdekjeapcmc7kaq4dysrzcmv3"
+  }
 }
 
 locals {
   domain_name = "concourse.vpn.trygvis.io"
 }
+
+data "sops_file_entry" "knot_pdb_terraform_password" {
+  source_file = "../../sops.yml"
+  data_key    = "knot_pdb_terraform_password"
+}
-- 
cgit v1.2.3