updated readme
parent
0f786b7b0e
commit
92df43b27b
47
README.md
47
README.md
|
@ -1,12 +1,51 @@
|
||||||
# terraform
|
# terraform
|
||||||
|
|
||||||
The terraform code for my small personal infrastructure
|
The terraform code for my small personal infrastructure.
|
||||||
|
|
||||||
|
## Resources
|
||||||
|
|
||||||
|
Currently, this will provision:
|
||||||
|
* DNS entries on Namecheap
|
||||||
|
* Alpine VPS on Linode
|
||||||
|
* OpenBSD VPS on Vultr
|
||||||
|
|
||||||
|
## Bootstrapping
|
||||||
|
|
||||||
|
This repo alone wouldn't be able to bootstrap all of its resources by itself.
|
||||||
|
If I had to start again from scratch I'd need to bootstrap some things
|
||||||
|
manually.
|
||||||
|
|
||||||
|
For instance, I use `caladan` as an http(s) proxy when applying the plans,
|
||||||
|
because `caladan` has a static IP that I can whitelist one Namecheap's and
|
||||||
|
Vultr's APIs.
|
||||||
|
My home internet does not have a static IP.
|
||||||
|
So I can't really apply the infrastructure in this repo before `caladan` is
|
||||||
|
already provisioned and configured.
|
||||||
|
|
||||||
|
So, this repo is mostly as documentation for myself and most of the time I
|
||||||
|
create resources manually and import them later to terraform.
|
||||||
|
|
||||||
|
## Wrapper scripts
|
||||||
|
|
||||||
|
I run Terrafrom through two wrapper scripts: `init.sh` and `run_terraform`.
|
||||||
|
|
||||||
|
`init.sh` is used just to run `terraform init`. It fetches the PostgreSQL
|
||||||
|
phssword (from `pass`) and it passes the connection string manually to the
|
||||||
|
partially-configured pg backend.
|
||||||
|
|
||||||
|
`run_terraform` is used to run other terraform commands. It sets up the
|
||||||
|
`HTTP_PROXY` and `HTTPS_PROXY` variables to use `caladan` as a proxy. It also
|
||||||
|
fetches the secrets (from `pass`) and exports the variables for api keys and
|
||||||
|
tokens needed by the different providers.
|
||||||
|
|
||||||
## Backend
|
## Backend
|
||||||
|
|
||||||
I use the pg backend on a PostgreSQL hosted on my NAS. Create the user (named
|
I use the pg backend on a PostgreSQL hosted on my NAS.
|
||||||
`terraform`) and database (`terraform_backend`) for it. The user's password is
|
|
||||||
managed with `pass`.
|
### Initializing the backend (only the first time)
|
||||||
|
|
||||||
|
Create the user (named `terraform`) and database (`terraform_backend`). The
|
||||||
|
user's password is managed with `pass`.
|
||||||
|
|
||||||
```sh
|
```sh
|
||||||
pass generate pg.monotremata.xyz/terraform
|
pass generate pg.monotremata.xyz/terraform
|
||||||
|
|
Loading…
Reference in New Issue