add Terraform boilerplate

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2022-05-11 14:29:16 +02:00 · 2022-05-11 14:29:16 +02:00 · d2fffa77b6
parent 650171adbe
commit d2fffa77b6
6 changed files with 81 additions and 0 deletions
--- a/main.tf
+++ b/main.tf
@ -0,0 +1,16 @@
+/* DATA -----------------------------------------*/
+
+terraform {
+  backend "consul" {
+    address = "https://consul.statusim.net:8400"
+    /* Lock to avoid syncing issues */
+    lock = true
+    /* KV store has a limit of 512KB */
+    gzip = true
+    /* WARNING This needs to be changed for every repo. */
+    path      = "terraform/codex/"
+    ca_file   = "ansible/files/consul-ca.crt"
+    cert_file = "ansible/files/consul-client.crt"
+    key_file  = "ansible/files/consul-client.key"
+  }
+}
--- a/providers.tf
+++ b/providers.tf
@ -0,0 +1,8 @@
+provider "cloudflare" {
+  email      = data.pass_password.cloudflare_email.password
+  api_key    = data.pass_password.cloudflare_token.password
+  account_id = data.pass_password.cloudflare_account.password
+}
+
+# Uses PASSWORD_STORE_DIR environment variable
+provider "pass" {}
--- a/secrets.tf
+++ b/secrets.tf
@ -0,0 +1,14 @@
+/* Token for interacting with Cloudflare API. */
+data "pass_password" "cloudflare_token" {
+  path = "cloud/Cloudflare/token"
+}
+
+/* Email address of Cloudflare account. */
+data "pass_password" "cloudflare_email" {
+  path = "cloud/Cloudflare/email"
+}
+
+/* ID of CloudFlare Account. */
+data "pass_password" "cloudflare_account" {
+  path = "cloud/Cloudflare/account"
+}
--- a/variables.tf
+++ b/variables.tf
@ -0,0 +1,5 @@
+variable "domain" {
+  description = "DNS Domain to update"
+  type        = string
+  default     = "statusim.net"
+}
--- a/versions.tf
+++ b/versions.tf
@ -0,0 +1,14 @@
+
+terraform {
+  required_version = "~> 1.1.0"
+  required_providers {
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = " = 2.21.0"
+    }
+    pass = {
+      source  = "camptocamp/pass"
+      version = " = 2.0.0"
+    }
+  }
+}
--- a/workspaces.tf
+++ b/workspaces.tf
@ -0,0 +1,24 @@
+/**
+ * This is a hacky way of binding specific variable
+ * values to different Terraform workspaces.
+ *
+ * Details:
+ * https://github.com/hashicorp/terraform/issues/15966
+ */
+
+locals {
+  env = {
+    defaults = {
+      /* Default settings for all fleets/workspaces. */
+    }
+
+    test = {
+      /* Settings specific to the test fleet/workspace. */
+    }
+  }
+}
+
+/* Makes fleet settings available under local.ws. */
+locals {
+  ws = merge(local.env["defaults"], local.env[terraform.workspace])
+}