add Terraform boilerplate

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2021-02-17 18:25:06 +01:00 · 2021-02-17 18:25:06 +01:00 · cb94396e5c
parent 5f0586c39d
commit cb94396e5c
5 changed files with 85 additions and 0 deletions
--- a/main.tf
+++ b/main.tf
@ -0,0 +1,14 @@
+/* DATA -----------------------------------------*/
+
+terraform {
+  backend "consul" {
+    address = "https://consul.statusim.net:8400"
+    lock = true /* Lock to avoid syncing issues */
+    gzip = true /* KV store has a limit of 512KB */
+    /* WARNING This needs to be changed for every repo. */
+    path      = "terraform/avalanche/"
+    ca_file   = "ansible/files/consul-ca.crt"
+    cert_file = "ansible/files/consul-client.crt"
+    key_file  = "ansible/files/consul-client.key"
+  }
+}
--- a/providers.tf
+++ b/providers.tf
@ -0,0 +1,11 @@
+provider "digitalocean" {
+  token             = data.pass_password.digitalocean_token.password
+  spaces_access_id  = data.pass_password.digitalocean_spaces_id.password
+  spaces_secret_key = data.pass_password.digitalocean_spaces_key.password
+}
+
+provider "cloudflare" {
+  email      = data.pass_password.cloudflare_email.password
+  api_key    = data.pass_password.cloudflare_token.password
+  account_id = data.pass_password.cloudflare_account.password
+}
--- a/secrets.tf
+++ b/secrets.tf
@ -0,0 +1,32 @@
+# Uses PASSWORD_STORE_DIR environment variable
+provider "pass" { refresh_store = false }
+
+/* Token for interacting with Cloudflare API. */
+data "pass_password" "cloudflare_token" {
+  path = "cloud/Cloudflare/token"
+}
+
+/* Email address of Cloudflare account. */
+data "pass_password" "cloudflare_email" {
+  path = "cloud/Cloudflare/email"
+}
+
+/* ID of CloudFlare Account. */
+data "pass_password" "cloudflare_account" {
+  path = "cloud/Cloudflare/account"
+}
+
+/* Token for interacting with DigitalOcean API. */
+data "pass_password" "digitalocean_token" {
+  path = "cloud/DigitalOcean/token"
+}
+
+/* Access key for Digital Ocean Spaces API. */
+data "pass_password" "digitalocean_spaces_id" {
+  path = "cloud/DigitalOcean/spaces-id"
+}
+
+/* Secret key for Digital Ocean Spaces API. */
+data "pass_password" "digitalocean_spaces_key" {
+  path = "cloud/DigitalOcean/spaces-key"
+}
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,11 @@
+/* GENERAL --------------------------------------*/
+
+variable "public_domain" {
+  description = "Domain under which the public sites go."
+  default     = "status.im"
+}
+
+variable "domain" {
+  description = "DNS Domain to update"
+  default     = "statusim.net"
+}
--- a/versions.tf
+++ b/versions.tf
@ -0,0 +1,17 @@
+terraform {
+  required_version = "~> 0.14.4"
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = " = 2.10.1"
+    }
+    digitalocean = {
+      source  = "digitalocean/digitalocean"
+      version = " = 2.5.1"
+    }
+    pass = {
+      source  = "camptocamp/pass"
+      version = " = 1.4.0"
+    }
+  }
+}