terraform: initial setup
This commit is contained in:
parent
383ebc09c4
commit
e1453c3f98
17
main.tf
17
main.tf
|
@ -8,24 +8,9 @@ terraform {
|
|||
/* KV store has a limit of 512KB */
|
||||
gzip = true
|
||||
/* WARNING This needs to be changed for every repo. */
|
||||
path = "terraform/codex/"
|
||||
path = "terraform/shards/"
|
||||
ca_file = "ansible/files/consul-ca.crt"
|
||||
cert_file = "ansible/files/consul-client.crt"
|
||||
key_file = "ansible/files/consul-client.key"
|
||||
}
|
||||
}
|
||||
|
||||
/* CF Zones ------------------------------------*/
|
||||
|
||||
/* CloudFlare Zone IDs required for records */
|
||||
data "cloudflare_zones" "active" {
|
||||
filter { status = "active" }
|
||||
}
|
||||
|
||||
/* For easier access to zone ID by domain name */
|
||||
locals {
|
||||
zones = {
|
||||
for zone in data.cloudflare_zones.active.zones :
|
||||
zone.name => zone.id
|
||||
}
|
||||
}
|
||||
|
|
18
providers.tf
18
providers.tf
|
@ -4,5 +4,23 @@ provider "cloudflare" {
|
|||
account_id = data.pass_password.cloudflare_account.password
|
||||
}
|
||||
|
||||
provider "digitalocean" {
|
||||
token = data.pass_password.digitalocean_token.password
|
||||
spaces_access_id = data.pass_password.digitalocean_spaces_id.password
|
||||
spaces_secret_key = data.pass_password.digitalocean_spaces_key.password
|
||||
}
|
||||
|
||||
provider "google" {
|
||||
credentials = data.pass_password.google_cloud_cred_json.full
|
||||
project = "russia-servers"
|
||||
region = "us-central1"
|
||||
}
|
||||
|
||||
provider "alicloud" {
|
||||
access_key = data.pass_password.alicloud_access_key.password
|
||||
secret_key = data.pass_password.alicloud_secret_key.password
|
||||
region = "cn-hongkong"
|
||||
}
|
||||
|
||||
# Uses PASSWORD_STORE_DIR environment variable
|
||||
provider "pass" {}
|
||||
|
|
30
secrets.tf
30
secrets.tf
|
@ -12,3 +12,33 @@ data "pass_password" "cloudflare_email" {
|
|||
data "pass_password" "cloudflare_account" {
|
||||
path = "cloud/Cloudflare/account"
|
||||
}
|
||||
|
||||
/* Token for interacting with DigitalOcean API. */
|
||||
data "pass_password" "digitalocean_token" {
|
||||
path = "cloud/DigitalOcean/token"
|
||||
}
|
||||
|
||||
/* Access key for Digital Ocean Spaces API. */
|
||||
data "pass_password" "digitalocean_spaces_id" {
|
||||
path = "cloud/DigitalOcean/spaces-id"
|
||||
}
|
||||
|
||||
/* Secret key for Digital Ocean Spaces API. */
|
||||
data "pass_password" "digitalocean_spaces_key" {
|
||||
path = "cloud/DigitalOcean/spaces-key"
|
||||
}
|
||||
|
||||
/* Alibaba Cloud API access key. */
|
||||
data "pass_password" "alicloud_access_key" {
|
||||
path = "cloud/Alibaba/access-key"
|
||||
}
|
||||
|
||||
/* Alibaba Cloud API secret key. */
|
||||
data "pass_password" "alicloud_secret_key" {
|
||||
path = "cloud/Alibaba/secret-key"
|
||||
}
|
||||
|
||||
/* Google Cloud API auth JSON */
|
||||
data "pass_password" "google_cloud_cred_json" {
|
||||
path = "cloud/GoogleCloud/json"
|
||||
}
|
||||
|
|
11
versions.tf
11
versions.tf
|
@ -1,5 +1,5 @@
|
|||
terraform {
|
||||
required_version = "~> 1.2.0"
|
||||
required_version = "> 1.4.0"
|
||||
required_providers {
|
||||
cloudflare = {
|
||||
source = "cloudflare/cloudflare"
|
||||
|
@ -9,5 +9,14 @@ terraform {
|
|||
source = "camptocamp/pass"
|
||||
version = " = 2.0.0"
|
||||
}
|
||||
digitalocean = {
|
||||
source = "digitalocean/digitalocean"
|
||||
}
|
||||
alicloud = {
|
||||
source = "aliyun/alicloud"
|
||||
}
|
||||
google = {
|
||||
source = "hashicorp/google"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue