From cb94396e5c8a0aa37e91bc8df286bd6e0dc8d196 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jakub=20Soko=C5=82owski?= Date: Wed, 17 Feb 2021 18:25:06 +0100 Subject: [PATCH] add Terraform boilerplate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jakub SokoĊ‚owski --- main.tf | 14 ++++++++++++++ providers.tf | 11 +++++++++++ secrets.tf | 32 ++++++++++++++++++++++++++++++++ variables.tf | 11 +++++++++++ versions.tf | 17 +++++++++++++++++ 5 files changed, 85 insertions(+) create mode 100644 main.tf create mode 100644 providers.tf create mode 100644 secrets.tf create mode 100644 variables.tf create mode 100644 versions.tf diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..04fcc6b --- /dev/null +++ b/main.tf @@ -0,0 +1,14 @@ +/* DATA -----------------------------------------*/ + +terraform { + backend "consul" { + address = "https://consul.statusim.net:8400" + lock = true /* Lock to avoid syncing issues */ + gzip = true /* KV store has a limit of 512KB */ + /* WARNING This needs to be changed for every repo. */ + path = "terraform/avalanche/" + ca_file = "ansible/files/consul-ca.crt" + cert_file = "ansible/files/consul-client.crt" + key_file = "ansible/files/consul-client.key" + } +} diff --git a/providers.tf b/providers.tf new file mode 100644 index 0000000..eb9f09f --- /dev/null +++ b/providers.tf @@ -0,0 +1,11 @@ +provider "digitalocean" { + token = data.pass_password.digitalocean_token.password + spaces_access_id = data.pass_password.digitalocean_spaces_id.password + spaces_secret_key = data.pass_password.digitalocean_spaces_key.password +} + +provider "cloudflare" { + email = data.pass_password.cloudflare_email.password + api_key = data.pass_password.cloudflare_token.password + account_id = data.pass_password.cloudflare_account.password +} diff --git a/secrets.tf b/secrets.tf new file mode 100644 index 0000000..2c9ca68 --- /dev/null +++ b/secrets.tf @@ -0,0 +1,32 @@ +# Uses PASSWORD_STORE_DIR environment variable +provider "pass" { refresh_store = false } + +/* Token for interacting with Cloudflare API. */ +data "pass_password" "cloudflare_token" { + path = "cloud/Cloudflare/token" +} + +/* Email address of Cloudflare account. */ +data "pass_password" "cloudflare_email" { + path = "cloud/Cloudflare/email" +} + +/* ID of CloudFlare Account. */ +data "pass_password" "cloudflare_account" { + path = "cloud/Cloudflare/account" +} + +/* Token for interacting with DigitalOcean API. */ +data "pass_password" "digitalocean_token" { + path = "cloud/DigitalOcean/token" +} + +/* Access key for Digital Ocean Spaces API. */ +data "pass_password" "digitalocean_spaces_id" { + path = "cloud/DigitalOcean/spaces-id" +} + +/* Secret key for Digital Ocean Spaces API. */ +data "pass_password" "digitalocean_spaces_key" { + path = "cloud/DigitalOcean/spaces-key" +} diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..805198b --- /dev/null +++ b/variables.tf @@ -0,0 +1,11 @@ +/* GENERAL --------------------------------------*/ + +variable "public_domain" { + description = "Domain under which the public sites go." + default = "status.im" +} + +variable "domain" { + description = "DNS Domain to update" + default = "statusim.net" +} diff --git a/versions.tf b/versions.tf new file mode 100644 index 0000000..7a8dea6 --- /dev/null +++ b/versions.tf @@ -0,0 +1,17 @@ +terraform { + required_version = "~> 0.14.4" + required_providers { + cloudflare = { + source = "cloudflare/cloudflare" + version = " = 2.10.1" + } + digitalocean = { + source = "digitalocean/digitalocean" + version = " = 2.5.1" + } + pass = { + source = "camptocamp/pass" + version = " = 1.4.0" + } + } +}