From 178f908191079d8c68225736c433370258035147 Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Mon, 19 Dec 2022 13:12:32 +0100 Subject: terraform/concourse --- terraform/concourse/.terraform.lock.hcl | 87 +++++++++++++++++++++++++++++++++ terraform/concourse/concourse.tf | 51 +++++++++++++++++++ terraform/concourse/main.tf | 44 +++++++++++++++++ 3 files changed, 182 insertions(+) create mode 100644 terraform/concourse/.terraform.lock.hcl create mode 100644 terraform/concourse/concourse.tf create mode 100644 terraform/concourse/main.tf (limited to 'terraform') diff --git a/terraform/concourse/.terraform.lock.hcl b/terraform/concourse/.terraform.lock.hcl new file mode 100644 index 0000000..2095e00 --- /dev/null +++ b/terraform/concourse/.terraform.lock.hcl @@ -0,0 +1,87 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/cyrilgdn/postgresql" { + version = "1.18.0" + constraints = "1.18.0" + hashes = [ + "h1:Nf26liFILUZXPh1P2B8T3qtq2Tc7objtm0sBSt0lhh0=", + "zh:251b609167ce25e974607c0c7dd3f90cfc45980c9068364f896e26c31416d96c", + "zh:317980d14a6a171f118bb522ffd02046e508d98100073f97671aeb2adae30d79", + "zh:3622c6414e91f8ccceed94ddf12062a22c14de4fac73c6142b009ae791ca7cd4", + "zh:36be2b338c230b0ab0c7b4c55049dba9bd8d705973c2cceaf3e293d41f520db5", + "zh:4332e83b91f60c43679ff9660c8ef4ebe251e05926a4d20dc64db1bfbabc8670", + "zh:444835840c917aff17f49f9f7b4ae542d5bd9f2ec306b581d1931b00380213bd", + "zh:5174bd85ea94ed4a6cef6c02bc27498f47ac21841fcab7487ab19d8513c97e54", + "zh:61c6eb6b2bf18cdc0734c101854e25990ba24a16580c6bbc599a0b00f72be397", + "zh:b40bbc61a4e522b22ebd57f01a518370a97cd6945e4bdd2955e5f887c88ee3f6", + "zh:d7aeb158c884f6590d6033cd44d5e9438f648bcb5ca3bd54573847c287845b00", + "zh:da3bee1282f6b48572d15f7a693113931afb306b98e29c09c9a054bdc3d6df44", + "zh:ec864a068eeab48899d99405f5606379478df8e48c005844d63a5360c23d5e15", + "zh:fda709d1cabde236b79c98c9abb80f2c1591fdea751afadc546073056be6e6ba", + "zh:ff08607ab25d1c5b55c3794b67a4ee2c9ac5023962c196ce587df34f0e201ca6", + ] +} + +provider "registry.terraform.io/kreuzwerker/docker" { + version = "2.23.1" + constraints = "2.23.1" + hashes = [ + "h1:0B1y4P21+k4/3KkVkDRjkmaQ2HYWnCD8EUMBCaoaudA=", + "zh:075f591d3ef708cbdb94f31685c332b15622dd0d6a4eff7c36a49c43fe138523", + "zh:1952a1d90541ba27e72441d876d7b8c8bdbbaf14cc80685db9940112f2075eb5", + "zh:1d050255ac61132e24d7b653bed14b152ad99f4a6ad3bd346694baded4f3eee8", + "zh:2fc77142ea2bcabc7dba00bd6e13a88f18987b56e030f1527ed9d3b8f8228179", + "zh:3acaa72c112a3fdbeb1463a39049d9ac543db38f1be0ac58b00ef3625e3fdd3a", + "zh:46f462e35cd7cc33df9c256a3b47101dd64435c49127f0b9c0731315c19f3a88", + "zh:4c647a12a68b6b3ebef2a0d3a36aad2abdab8662ab3fa1ed4965ef7440c529eb", + "zh:6440a7989917d538478875e80c682a973b7addf2b7931b4dfd0b15490b05e714", + "zh:84c587d6a935fb1b25044e920101b2bee76caa892259076d9eceb241b94271f4", + "zh:8960ae0fde31e4c0db97bb60424de79acf6863d49853e8e1426c6bae7fc7d5b6", + "zh:9e053699151cbff9e12df11f10d272b24d19eba52760f16ecbc9ba8f36ef086b", + "zh:b5261fd530cc531d69a54427a5563834e54f146f93876e9d19d4e8f0681f724e", + "zh:edbbf0931b4c82b8cd52cc99f717d5b745ed29fd563f96d9c526c66547ce2af2", + "zh:f6238eee53124aae4896a57e92c6ad7ce35adb946662e864abf3c8cc154e3498", + ] +} + +provider "registry.terraform.io/linode/linode" { + version = "1.29.4" + constraints = "1.29.4" + hashes = [ + "h1:M6/1OYoR8fb/4cMCILgQMGyHypEf3plTzxyivTu3jxo=", + "zh:06ccda35d968429a1184aaf981c8104394fa1d719de86b718c56d93c27c1fcd6", + "zh:1fb2497917094e77bde90fe6ee781e20cee739142b891391480c1b3376d81dbb", + "zh:27960e9c07e995aad07a9c5ebfd7fe0304fffd4cb159fd215e82932b798c6d55", + "zh:4ed29807c423c77aab1338972aa1ec3cc16c6b14f4c25c86f4427e8a86bfc467", + "zh:7a39103dc0dc8538f5258d3b64db1e6c91335640763bd05da0478e99748a4949", + "zh:95b3e418e6fcb4b826be9b289a834f1b9893977bd330ac418e0285e56a4644c1", + "zh:ac69c992a5cbaaa6ed9bb65206309ab2c71b5eb17740b7a5295532f9840c67fd", + "zh:ae943e8975075cd9664f00a028838566fdf879c772e518b7adcc82e757916a67", + "zh:b3a85a52489bc3777b5e8c4428b8ea42ae8e0f2398077699c1eb99acea931a34", + "zh:c1a2e945f5691ed97b9cf01351dd3a99c2f9871f172bd71ba0c8a810c75740cd", + "zh:ce86a03d73ee3d2ed58c6fe853cd2a9d0974710d94a0aeb4c195a9d1e78a3481", + "zh:d34afbbf848d8b541a068d64fa04ace13c3bd37ad19fd8b0796662f553ca9652", + "zh:e13b4847098d295cd8216eeec55d940cfc4544672fdc89e0048dd067e69b63f8", + "zh:fc62e9f8fc5d37d28aba2077db10355839cae6d7770eaf8711f97877bac046ab", + ] +} + +provider "registry.terraform.io/meilleursagents/ansiblevault" { + version = "2.2.0" + constraints = "2.2.0" + hashes = [ + "h1:BdAWPYZ+cwkGuc9Hy0zZfyvbRL9f3naXpcUaOnoZee8=", + "zh:06faf88f2a6f2e9aabadb0d50565f4804636039042d37984463f0ca647f52189", + "zh:15053cceec8b24d9b62598e9e6860607603c2ecc7871705720a0753ef297d79f", + "zh:525f261f35d58151b4c51301cc1ae98a592c9b3400449361a91f2d84c467e2ac", + "zh:8bfe3b2c2b975792987d0642e8525efbf436ae08b1cebb1fa266b8954cb1915e", + "zh:93a943b494b0f70ef644334bf7646bf203ca087873385ab8ff89d406b9448771", + "zh:c651248189d297321a48feb775907de0ba2b9a100cb35f7364357b0af0e55931", + "zh:ccbee95f3c264c663fcddac8c8c921ec9f4fde95f15196838a73a9bf215a4020", + "zh:d3226f7b3a3013fceeef3392f54708b976daa0f43767bc24ff8c420c8a48a1a9", + "zh:f236d34596a51f64163eb5d13c3bcea4e10023f7e65f777b7267c463c427aad2", + "zh:f79f848b9c4b67879c2c25f2ef5b654eaafcfd7568f442eea2566bb580519c4f", + "zh:fbe2363c1c6a32df6443e650b53b5004a4d6f9431d23935ed98c500bed1552bd", + ] +} diff --git a/terraform/concourse/concourse.tf b/terraform/concourse/concourse.tf new file mode 100644 index 0000000..c191196 --- /dev/null +++ b/terraform/concourse/concourse.tf @@ -0,0 +1,51 @@ +resource "docker_image" "concourse" { + name = "concourse/concourse:7.8.3" +} + +resource "docker_container" "concourse" { + image = docker_image.concourse.image_id + name = "concourse" + privileged = true + must_run = false + + command = ["quickstart"] + + networks_advanced { + name = data.docker_network.traefik.name + } + + ports { + internal = 8080 + external = 8080 + ip = "192.168.10.147" + } + + env = [ + "CONCOURSE_POSTGRES_HOST=knot.vpn.trygvis.io", + "CONCOURSE_POSTGRES_USER=concourse", + "CONCOURSE_POSTGRES_PASSWORD=concourse", + "CONCOURSE_POSTGRES_DATABASE=concourse", + "CONCOURSE_POSTGRES_PORT=5432", + "CONCOURSE_POSTGRES_SSLMODE=require", + "CONCOURSE_EXTERNAL_URL=https://concourse.trygvis.io", + "CONCOURSE_WORKER_BAGGAGECLAIM_DRIVER=overlay", + "CONCOURSE_CLIENT_SECRET=Y29uY291cnNlLXdlYgo=", + "CONCOURSE_TSA_CLIENT_SECRET=Y29uY291cnNlLXdvcmtlcgo=", + "CONCOURSE_X_FRAME_OPTIONS=allow", + "CONCOURSE_CONTENT_SECURITY_POLICY=*", + "CONCOURSE_CLUSTER_NAME=tutorial", + "CONCOURSE_WORKER_CONTAINERD_DNS_SERVER=8.8.8.8", + "CONCOURSE_WORKER_RUNTIME=containerd", + "CONCOURSE_ENABLE_ACROSS_STEP=true", + + "CONCOURSE_ADD_LOCAL_USER=trygvis:trygvis", + "CONCOURSE_MAIN_TEAM_LOCAL_USER=trygvis", + +# "CONCOURSE_MAIN_TEAM_GITHUB_ORG=org-name", +# "CONCOURSE_MAIN_TEAM_GITHUB_TEAM=bitraf:Drift", +# "CONCOURSE_MAIN_TEAM_GITHUB_USER=some-user", + +# "CONCOURSE_GITHUB_CLIENT_ID=${data.ansiblevault_path.github_client_id.value}", +# "CONCOURSE_GITHUB_CLIENT_SECRET=${data.ansiblevault_path.github_client_secret.value}", + ] +} diff --git a/terraform/concourse/main.tf b/terraform/concourse/main.tf new file mode 100644 index 0000000..fc4b088 --- /dev/null +++ b/terraform/concourse/main.tf @@ -0,0 +1,44 @@ +terraform { + required_version = "~> 1.3.5" + + backend "s3" { + bucket = "terraform-a6726272-73ff-11ed-8bdd-c79eb8376e05" + key = "concourse/terraform.tfstate" + region = "eu-central-1" + skip_region_validation = true + skip_credentials_validation = true + skip_metadata_api_check = true + endpoint = "eu-central-1.linodeobjects.com" + } + + required_providers { + ansiblevault = { + source = "MeilleursAgents/ansiblevault" + version = "2.2.0" + } + docker = { + source = "kreuzwerker/docker" + version = "2.23.1" + } + linode = { + source = "linode/linode" + version = "1.29.4" + } + postgresql = { + source = "cyrilgdn/postgresql" + version = "1.18.0" + } + } +} + +provider "docker" { + host = "ssh://conflatorio.vpn.trygvis.io" +} + +provider "ansiblevault" { + root_folder = ".." +} + +data "docker_network" "traefik" { + name = "traefik" +} -- cgit v1.2.3