infrastructure/main.tf

terraform {
  required_providers {
    authentik = {
      source = "goauthentik/authentik"
      version = "~> 2024.8.0"
    }
    hcloud = {
      source = "hetznercloud/hcloud"
      version = "~> 1.45.0"
    }
    ovh = {
      source = "ovh/ovh"
      version = "~> 0.48.0"
    }
    postgresql = {
      source = "cyrilgdn/postgresql"
      version = "~> 1.23.0"
    }
    scaleway = {
      source = "scaleway/scaleway"
      version = "~> 2.43.0"
    }
    tailscale = {
      source = "tailscale/tailscale"
      version = "~> 0.16.0"
    }
  }
  
  backend "s3" {
    bucket         = var.backend_bucket
    access_key     = var.backend_access_key
    secret_key     = var.backend_secret_key
    key            = "terraform.tfstate"
    region         = var.backend_region
    encrypt        = true
    endpoints      = {
      s3           = var.backend_endpoint
    }

    # Disable AWS-specific features
    skip_credentials_validation = true
    skip_region_validation      = true
    skip_requesting_account_id  = true
    skip_s3_checksum            = true
  }
}

provider "authentik" {
  url   = "${var.authentik_url}"
  token = "${var.authentik_token}"
}

provider "hcloud" {
  token = "${var.hcloud_token}"
}

provider "ovh" {
  endpoint = "ovh-eu"
  application_key = "${var.ovh_application_key}"
  application_secret = "${var.ovh_application_secret}"
  consumer_key = "${var.ovh_consumer_key}"
}

provider "postgresql" {
  host            = "${var.postgresql_host}"
  port            = "${var.postgresql_port}"
  database        = "postgres"
  username        = "${var.postgresql_username}"
  password        = "${var.postgresql_password}"
  sslmode         = "verify-full"
  connect_timeout = 15
}

provider "scaleway" {
  organization_id = "${var.scaleway_organization_id}"
  project_id = "${var.scaleway_project_id}"
  access_key = "${var.scaleway_access_key}"
  secret_key = "${var.scaleway_secret_key}"
  region = "nl-ams"
  zone = "nl-ams-1"
}

provider "tailscale" {
  api_key = "${var.tailscale_api_key}"
  tailnet = "${var.tailscale_tailnet}"
}

locals {
  services_auth = {for key, val in var.services : key => val if val.auth}
  services_database = {for key, val in var.services : key => val if val.database}
  services_s3 = {for key, val in var.services : key => val if val.s3}
}
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`terraform {`
			`required_providers {`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`authentik = {`
			`source = "goauthentik/authentik"`
			`version = "~> 2024.8.0"`
			`}`
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`hcloud = {`
			`source = "hetznercloud/hcloud"`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`version = "~> 1.45.0"`
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`}`
			`ovh = {`
			`source = "ovh/ovh"`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`version = "~> 0.48.0"`
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`}`
Add postgresql provider 2024-09-27 23:59:53 +00:00			`postgresql = {`
			`source = "cyrilgdn/postgresql"`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`version = "~> 1.23.0"`
Add postgresql provider 2024-09-27 23:59:53 +00:00			`}`
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`scaleway = {`
			`source = "scaleway/scaleway"`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`version = "~> 2.43.0"`
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`}`
			`tailscale = {`
			`source = "tailscale/tailscale"`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`version = "~> 0.16.0"`
Migrate opentofu part 2024-09-25 11:23:52 +00:00			`}`
			`}`

			`backend "s3" {`
			`bucket = var.backend_bucket`
			`access_key = var.backend_access_key`
			`secret_key = var.backend_secret_key`
			`key = "terraform.tfstate"`
			`region = var.backend_region`
			`encrypt = true`
			`endpoints = {`
			`s3 = var.backend_endpoint`
			`}`

			`# Disable AWS-specific features`
			`skip_credentials_validation = true`
			`skip_region_validation = true`
			`skip_requesting_account_id = true`
			`skip_s3_checksum = true`
			`}`
			`}`

Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`provider "authentik" {`
			`url = "${var.authentik_url}"`
			`token = "${var.authentik_token}"`
			`}`

Migrate opentofu part 2024-09-25 11:23:52 +00:00			`provider "hcloud" {`
			`token = "${var.hcloud_token}"`
			`}`

			`provider "ovh" {`
			`endpoint = "ovh-eu"`
			`application_key = "${var.ovh_application_key}"`
			`application_secret = "${var.ovh_application_secret}"`
			`consumer_key = "${var.ovh_consumer_key}"`
			`}`

Add postgresql provider 2024-09-27 23:59:53 +00:00			`provider "postgresql" {`
			`host = "${var.postgresql_host}"`
			`port = "${var.postgresql_port}"`
			`database = "postgres"`
			`username = "${var.postgresql_username}"`
			`password = "${var.postgresql_password}"`
			`sslmode = "verify-full"`
			`connect_timeout = 15`
			`}`

Migrate opentofu part 2024-09-25 11:23:52 +00:00			`provider "scaleway" {`
			`organization_id = "${var.scaleway_organization_id}"`
			`project_id = "${var.scaleway_project_id}"`
			`access_key = "${var.scaleway_access_key}"`
			`secret_key = "${var.scaleway_secret_key}"`
			`region = "nl-ams"`
			`zone = "nl-ams-1"`
			`}`

			`provider "tailscale" {`
			`api_key = "${var.tailscale_api_key}"`
			`tailnet = "${var.tailscale_tailnet}"`
			`}`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00
			`locals {`
Refactor output 2024-09-28 16:24:07 +00:00			`services_auth = {for key, val in var.services : key => val if val.auth}`
			`services_database = {for key, val in var.services : key => val if val.database}`
			`services_s3 = {for key, val in var.services : key => val if val.s3}`
Add authentik to opentofu 2024-09-28 12:14:09 +00:00			`}`