From 92df43b27b1b287b4cb52fd0c93b087c165fa876 Mon Sep 17 00:00:00 2001 From: Ricard Illa Date: Thu, 25 Aug 2022 09:50:11 +0200 Subject: [PATCH] updated readme --- README.md | 47 +++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 43 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 233eabc..e0d88e1 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,51 @@ # terraform -The terraform code for my small personal infrastructure +The terraform code for my small personal infrastructure. + +## Resources + +Currently, this will provision: +* DNS entries on Namecheap +* Alpine VPS on Linode +* OpenBSD VPS on Vultr + +## Bootstrapping + +This repo alone wouldn't be able to bootstrap all of its resources by itself. +If I had to start again from scratch I'd need to bootstrap some things +manually. + +For instance, I use `caladan` as an http(s) proxy when applying the plans, +because `caladan` has a static IP that I can whitelist one Namecheap's and +Vultr's APIs. +My home internet does not have a static IP. +So I can't really apply the infrastructure in this repo before `caladan` is +already provisioned and configured. + +So, this repo is mostly as documentation for myself and most of the time I +create resources manually and import them later to terraform. + +## Wrapper scripts + +I run Terrafrom through two wrapper scripts: `init.sh` and `run_terraform`. + +`init.sh` is used just to run `terraform init`. It fetches the PostgreSQL +phssword (from `pass`) and it passes the connection string manually to the +partially-configured pg backend. + +`run_terraform` is used to run other terraform commands. It sets up the +`HTTP_PROXY` and `HTTPS_PROXY` variables to use `caladan` as a proxy. It also +fetches the secrets (from `pass`) and exports the variables for api keys and +tokens needed by the different providers. ## Backend -I use the pg backend on a PostgreSQL hosted on my NAS. Create the user (named -`terraform`) and database (`terraform_backend`) for it. The user's password is -managed with `pass`. +I use the pg backend on a PostgreSQL hosted on my NAS. + +### Initializing the backend (only the first time) + +Create the user (named `terraform`) and database (`terraform_backend`). The +user's password is managed with `pass`. ```sh pass generate pg.monotremata.xyz/terraform