terraform {
  required_version = ">= 0.13"

  backend "s3" {
    key = "trygvis-infra"
    region = "us-east-1"
    bucket = "terraform"
    endpoint = "https://minio.trygvis.io"

    skip_credentials_validation = true
    skip_metadata_api_check = true
    skip_region_validation = true
    force_path_style = true
  }

  required_providers {
    linode = {
      version = "~> 1.13"
      source = "linode/linode"
    }

    ansiblevault = {
      version     = "~> 2.2"
      source = "MeilleursAgents/ansiblevault"
    }

    minio = {
      source = "tidalf/minio"
      version = "1.1.1"
    }
  }
}

provider "ansiblevault" {
  root_folder = "../ansible"
}

#################################################
# Linode

data "ansiblevault_path" "linode_token" {
  path = "group_vars/all/linode-dns.yml"
  key  = "linode_token_v4"
}

provider "linode" {
  token = data.ansiblevault_path.linode_token.value
}

#################################################
# Minio

data "ansiblevault_path" "minio_access_key" {
  path = "minio/group_vars/all/vault.yml"
  key  = "MINIO_ROOT_USER"
}

data "ansiblevault_path" "minio_secret_key" {
  path = "minio/group_vars/all/vault.yml"
  key  = "MINIO_ROOT_PASSWORD"
}

provider "minio" {
  minio_server = "minio.trygvis.io:443"
  minio_ssl = "true"
  minio_access_key = data.ansiblevault_path.minio_access_key.value
  minio_secret_key = data.ansiblevault_path.minio_secret_key.value
}

#################################################
# Modules

module "dns" {
  source = "./dns"
}

module "pg-backup-knot" {
  source = "./modules/minio-pg-backup"
  id = "knot"
}

output "pg_backup_knot" {
  value = {
    sender: module.pg-backup-knot.sender,
    bucket: module.pg-backup-knot.bucket,
  }
}