Compare commits
5 Commits
6f47c712d5
...
259d6a7790
Author | SHA1 | Date |
---|---|---|
Ricard Illa | 259d6a7790 | |
Ricard Illa | 8c3b66dfe2 | |
Ricard Illa | b9b39a45fa | |
Ricard Illa | 173fb843c7 | |
Ricard Illa | ce97725c4d |
|
@ -0,0 +1,4 @@
|
|||
.direnv
|
||||
.envrc
|
||||
.terraform
|
||||
.terraform.lock.hcl
|
18
README.md
18
README.md
|
@ -1,2 +1,20 @@
|
|||
# terraform
|
||||
|
||||
The terraform code for my small personal infrastructure
|
||||
|
||||
## Backend
|
||||
|
||||
I use the pg backend on a PostgreSQL hosted on my NAS. Create the user (named
|
||||
`terraform`) and database (`terraform_backend`) for it. The user's password is
|
||||
managed with `pass`.
|
||||
|
||||
```sh
|
||||
pass generate pg.monotremata.xyz/terraform
|
||||
psql -u pg.monotremata.xyz
|
||||
```
|
||||
|
||||
```sql
|
||||
CREATE DATABASE terraform_backend;
|
||||
CREATE USER terraform WITH ENCRYPTED PASSWORD '****';
|
||||
GRANT ALL PRIVILEGES ON DATABASE terraform_backend TO terraform;
|
||||
```
|
||||
|
|
|
@ -0,0 +1,43 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1659877975,
|
||||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1660639432,
|
||||
"narHash": "sha256-2WDiboOCfB0LhvnDVMXOAr8ZLDfm3WdO54CkoDPwN1A=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "6c6409e965a6c883677be7b9d87a95fab6c3472e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
|
@ -0,0 +1,15 @@
|
|||
{
|
||||
description = "shell for my terraform things";
|
||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
|
||||
inputs.flake-utils.url = "github:numtide/flake-utils";
|
||||
|
||||
outputs = { self, nixpkgs, flake-utils }:
|
||||
flake-utils.lib.eachDefaultSystem (system:
|
||||
let pkgs = nixpkgs.legacyPackages.${system};
|
||||
in {
|
||||
devShell = pkgs.mkShell {
|
||||
nativeBuildInputs = [ pkgs.bashInteractive pkgs.terraform ];
|
||||
buildInputs = [ ];
|
||||
};
|
||||
});
|
||||
}
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/sh
|
||||
|
||||
PG_USER=terraform
|
||||
PG_HOST=pg.monotremata.xyz
|
||||
PG_DB=terraform_backend
|
||||
PG_PORT=5432
|
||||
|
||||
passwd=$(pass "${PG_HOST}/${PG_USER}")
|
||||
conn_str="postgres://${PG_USER}:${passwd}@${PG_HOST}:${PG_PORT}/${PG_DB}"
|
||||
|
||||
terraform init -backend-config="conn_str=${conn_str}"
|
|
@ -0,0 +1,9 @@
|
|||
terraform {
|
||||
backend "pg" {}
|
||||
required_providers {
|
||||
namecheap = {
|
||||
source = "namecheap/namecheap"
|
||||
version = ">= 2.0.0"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,24 @@
|
|||
// https://registry.terraform.io/providers/namecheap/namecheap/latest/docs
|
||||
|
||||
variable "caladan-ip" {
|
||||
type = string
|
||||
default = "139.162.137.29"
|
||||
}
|
||||
|
||||
provider "namecheap" {
|
||||
user_name = "gthar"
|
||||
api_user = "gthar"
|
||||
client_ip = var.caladan-ip
|
||||
use_sandbox = false
|
||||
}
|
||||
|
||||
resource "namecheap_domain_records" "monotremata-xyz" {
|
||||
domain = "monotremata.xyz"
|
||||
mode = "MERGE" // maybe eventually move to OVERWRITE
|
||||
|
||||
record {
|
||||
hostname = "@"
|
||||
type = "A"
|
||||
address = var.caladan-ip
|
||||
}
|
||||
}
|
|
@ -0,0 +1,8 @@
|
|||
#!/bin/sh
|
||||
|
||||
export HTTP_PROXY=caladan:8888
|
||||
export HTTPS_PROXY=caladan:8888
|
||||
NAMECHEAP_API_KEY=$(pass namecheap.com/api_key)
|
||||
export NAMECHEAP_API_KEY
|
||||
|
||||
terraform "$@"
|
Loading…
Reference in New Issue