feat: general refactor

Makefile

@@ -10,7 +10,6 @@ PG_PORT=5432
 PG_PASSWD=$(shell pass "$(PG_HOST)/$(PG_USER)")
 PG_CONN_STR=postgres://$(PG_USER):$(PG_PASSWD)@$(PG_HOST):$(PG_PORT)/$(PG_DB)
 
-NAMECHEAP_API_KEY=$(shell pass namecheap.com/api_key)
 LINODE_TOKEN=$(shell pass linode.com/token)
 VULTR_API_KEY=$(shell pass vultr.com/api_key)
 
@@ -20,7 +19,6 @@ HTTPS_PROXY=caladan:8888
 export HTTP_PROXY
 export HTTPS_PROXY
 
-export NAMECHEAP_API_KEY
 export LINODE_TOKEN
 export VULTR_API_KEY
 

flake.nix

@@ -17,6 +17,7 @@
             pkgs.just
             pkgs.postgresql
             pkgs.tfk8s
+            pkgs.minio-client
           ];
           buildInputs = [ ];
         };

justfile

@@ -1,11 +1,17 @@
 export TF_VAR_hetzner_token := `pass hetzner.com/tokens/suricata`
 export TF_VAR_pg_passwd := `pass pg.monotremata.xyz/terraform`
 
+export LINODE_TOKEN := `pass linode.com/token`
+export VULTR_API_KEY := `pass vultr.com/api_key`
+export HETZNER_DNS_API_TOKEN := `pass hetzner.com/tokens/terraform`
+
 minio_access_key := `pass minio.monotremata.xyz/terraform/access_key`
 minio_secret_key := `pass minio.monotremata.xyz/terraform/secret_key`
 
 init:
-    terraform init -backend-config="access_key={{minio_access_key}}" -backend-config="secret_key={{minio_secret_key}}"
+    terraform init \
+        -backend-config="access_key={{minio_access_key}}" \
+        -backend-config="secret_key={{minio_secret_key}}"
 
 plan *ARGS:
     terraform plan {{ARGS}}

lan/main.tf

@@ -1,29 +0,0 @@
-terraform {
-  backend "s3" {
-    endpoint                    = "https://minio.monotremata.xyz"
-    bucket                      = "terraform"
-    key                         = "terraform.state"
-    region                      = "main"
-    force_path_style            = true
-    skip_credentials_validation = true
-    skip_metadata_api_check     = true
-    skip_region_validation      = true
-  }
-}
-
-module "cert-manager" {
-  source          = "../modules/cert-manager"
-  hetzner_token   = var.hetzner_token
-  email           = var.email
-  zone_name       = var.zone_name
-  dns_common_name = var.dns_common_name
-  dns_names       = var.dns_names
-}
-
-module "postgresql" {
-  source   = "../modules/postgresql"
-  host     = "pg.monotremata.xyz"
-  password = var.pg_passwd
-  username = "terraform"
-  db_owner = "rilla"
-}

main.tf

@@ -0,0 +1,72 @@
+terraform {
+  backend "s3" {
+    endpoint                    = "https://minio.monotremata.xyz"
+    bucket                      = "terraform"
+    key                         = "terraform.state"
+    region                      = "main"
+    force_path_style            = true
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    skip_region_validation      = true
+  }
+}
+
+module "cert-manager" {
+  source          = "./modules/cert-manager"
+  hetzner_token   = var.hetzner_token
+  email           = var.email
+  zone_name       = var.zone_name
+  dns_common_name = var.dns_common_name
+  dns_names       = var.dns_names
+}
+
+module "postgresql" {
+  source   = "./modules/postgresql"
+  host     = "pg.monotremata.xyz"
+  password = var.pg_passwd
+  username = "terraform"
+  db_owner = "rilla"
+}
+
+module "dns" {
+  source = "./modules/dns"
+
+  # this variable is currently not used because I don't have an IP to whitelist
+  # for namecheap's API
+  nameservers = [
+    "hydrogen.ns.hetzner.com",
+    "oxygen.ns.hetzner.com",
+    "helium.ns.hetzner.de"
+  ]
+
+  domain = "monotremata.xyz"
+
+  caladan = {
+    ipv4 = "139.162.137.29"
+    ipv6 = "2a01:7e01::f03c:92ff:fea2:5d7c"
+    domains = toset([
+      "git",
+      "gts",
+      "kb",
+      "keyoxide",
+      "matrix",
+      "pleroma",
+      "pg.caladan",
+      "xmpp",
+      "proxy.xmpp",
+      "upload.xmpp",
+      "groups.xmpp",
+    ])
+  }
+
+  fugu = {
+    ipv4 = "217.69.5.52"
+    ipv6 = "2001:19f0:6801:1d34:5400:03ff:fe18:7588"
+  }
+
+  dkim_pub_key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3dRTQXNdRNKjM/hnTIQ9d6h4qr7hDkoo3D8ySrV4tEcOC9cCD5fWiUzc560GuWPW5nm/VCDt6gHTGbkwsU/ULO+mjKJtvhZtEJnO4WqVG9Hr2whypODkGM9FSwh0yaWV96OJd51upsNRD/S5fKDMRcl09aBYe2rsn/877re/M0wIDAQAB"
+}
+
+module "vps" {
+  source = "./modules/vps"
+}

modules/dns/main.tf

@@ -4,10 +4,6 @@ terraform {
       source  = "linode/linode"
       version = ">= 1.29.0"
     }
-    namecheap = {
-      source  = "namecheap/namecheap"
-      version = ">= 2.0.0"
-    }
     hetznerdns = {
       source  = "timohirt/hetznerdns"
       version = ">=2.2.0"

modules/dns/namecheap.tf

@@ -1,12 +0,0 @@
-provider "namecheap" {
-  user_name   = "gthar"
-  api_user    = "gthar"
-  client_ip   = var.caladan.ipv4 // caladan's public IP
-  use_sandbox = false
-}
-
-resource "namecheap_domain_records" "namecheap-monotremata-xyz" {
-  domain      = var.domain
-  mode        = "OVERWRITE"
-  nameservers = var.nameservers
-}

remote/justfile

@@ -1,28 +0,0 @@
-pg_user := "terraform"
-# pg_host := "pg.monotremata.xyz"
-pg_host := "pg.monotremata.xyz"
-pg_db := "terraform_backend"
-pg_port := "5432"
-
-passwd := `pass pg.monotremata.xyz/terraform`
-# todo: I'll use this once string interpolation gets implenented in Just https://github.com/casey/just/issues/11
-# conn_str := f"postgres://{{pg_user}}:{{passwd}}@{{pg_host}}:{{pg_port}}/{{pg_db}}"
-
-export NAMECHEAP_API_KEY := `pass namecheap.com/api_key`
-export LINODE_TOKEN := `pass linode.com/token`
-export VULTR_API_KEY := `pass vultr.com/api_key`
-export HTTP_PROXY := "caladan:8888"
-export HTTPS_PROXY := "caladan:8888"
-export HETZNER_DNS_API_TOKEN := `pass hetzner.com/tokens/terraform`
-
-init:
-    terraform init -backend-config="conn_str=postgres://{{pg_user}}:{{passwd}}@{{pg_host}}:{{pg_port}}/{{pg_db}}"
-
-plan *ARGS:
-    terraform plan {{ARGS}}
-
-apply *ARGS:
-    terraform apply {{ARGS}}
-
-terraform *ARGS:
-    terraform {{ARGS}}

remote/main.tf

@@ -1,80 +0,0 @@
-terraform {
-  backend "pg" {}
-  required_providers {
-    namecheap = {
-      source  = "namecheap/namecheap"
-      version = ">= 2.0.0"
-    }
-    linode = {
-      source  = "linode/linode"
-      version = ">= 1.29.0"
-    }
-    vultr = {
-      source  = "vultr/vultr"
-      version = "2.11.4"
-    }
-    hetznerdns = {
-      source  = "timohirt/hetznerdns"
-      version = ">=2.2.0"
-    }
-  }
-}
-
-provider "namecheap" {
-  user_name   = "gthar"
-  api_user    = "gthar"
-  client_ip   = "139.162.137.29" // caladan's public IP
-  use_sandbox = false
-}
-
-provider "vultr" {
-}
-
-module "dns" {
-  source = "../modules/dns"
-
-  #nameservers = [
-  #  "ns1.linode.com",
-  #  "ns2.linode.com",
-  #  "ns3.linode.com",
-  #  "ns4.linode.com",
-  #  "ns5.linode.com"
-  #]
-
-  nameservers = [
-    "hydrogen.ns.hetzner.com",
-    "oxygen.ns.hetzner.com",
-    "helium.ns.hetzner.de"
-  ]
-
-  domain = "monotremata.xyz"
-
-  caladan = {
-    ipv4 = "139.162.137.29"
-    ipv6 = "2a01:7e01::f03c:92ff:fea2:5d7c"
-    domains = toset([
-      "git",
-      "gts",
-      "kb",
-      "keyoxide",
-      "matrix",
-      "pleroma",
-      "pg.caladan",
-      "xmpp",
-      "proxy.xmpp",
-      "upload.xmpp",
-      "groups.xmpp",
-    ])
-  }
-
-  fugu = {
-    ipv4 = "217.69.5.52"
-    ipv6 = "2001:19f0:6801:1d34:5400:03ff:fe18:7588"
-  }
-
-  dkim_pub_key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3dRTQXNdRNKjM/hnTIQ9d6h4qr7hDkoo3D8ySrV4tEcOC9cCD5fWiUzc560GuWPW5nm/VCDt6gHTGbkwsU/ULO+mjKJtvhZtEJnO4WqVG9Hr2whypODkGM9FSwh0yaWV96OJd51upsNRD/S5fKDMRcl09aBYe2rsn/877re/M0wIDAQAB"
-}
-
-module "vps" {
-  source = "../modules/vps"
-}