2024-09-25 11:23:52 +00:00
|
|
|
terraform {
|
2024-10-10 11:15:50 +00:00
|
|
|
required_providers {
|
2024-10-22 15:44:00 +00:00
|
|
|
aws = {
|
|
|
|
source = "hashicorp/aws"
|
|
|
|
version = "~> 5.0"
|
|
|
|
}
|
2024-10-10 11:15:50 +00:00
|
|
|
contabo = {
|
|
|
|
source = "contabo/contabo"
|
|
|
|
version = "~> 0.1.26"
|
|
|
|
}
|
|
|
|
hcloud = {
|
|
|
|
source = "hetznercloud/hcloud"
|
|
|
|
version = "~> 1.45.0"
|
|
|
|
}
|
|
|
|
healthchecksio = {
|
|
|
|
source = "kristofferahl/healthchecksio"
|
|
|
|
version = "~> 1.6.0"
|
|
|
|
}
|
|
|
|
ovh = {
|
|
|
|
source = "ovh/ovh"
|
|
|
|
version = "~> 0.48.0"
|
|
|
|
}
|
|
|
|
scaleway = {
|
|
|
|
source = "scaleway/scaleway"
|
|
|
|
version = "~> 2.43.0"
|
|
|
|
}
|
|
|
|
tailscale = {
|
|
|
|
source = "tailscale/tailscale"
|
|
|
|
version = "~> 0.16.0"
|
|
|
|
}
|
|
|
|
|
|
|
|
authentik = {
|
|
|
|
source = "goauthentik/authentik"
|
|
|
|
version = "~> 2024.8.0"
|
|
|
|
}
|
|
|
|
postgresql = {
|
|
|
|
source = "cyrilgdn/postgresql"
|
|
|
|
version = "~> 1.23.0"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-09-25 11:23:52 +00:00
|
|
|
backend "s3" {
|
|
|
|
bucket = var.backend_bucket
|
|
|
|
access_key = var.backend_access_key
|
|
|
|
secret_key = var.backend_secret_key
|
|
|
|
key = "terraform.tfstate"
|
|
|
|
region = var.backend_region
|
|
|
|
encrypt = true
|
|
|
|
endpoints = {
|
|
|
|
s3 = var.backend_endpoint
|
|
|
|
}
|
|
|
|
|
|
|
|
# Disable AWS-specific features
|
|
|
|
skip_credentials_validation = true
|
|
|
|
skip_region_validation = true
|
|
|
|
skip_requesting_account_id = true
|
|
|
|
skip_s3_checksum = true
|
|
|
|
}
|
2024-10-09 19:31:38 +00:00
|
|
|
|
|
|
|
encryption {
|
|
|
|
key_provider "pbkdf2" "encryption" {
|
|
|
|
passphrase = var.passphrase
|
|
|
|
}
|
|
|
|
|
|
|
|
method "aes_gcm" "encryption" {
|
|
|
|
keys = key_provider.pbkdf2.encryption
|
|
|
|
}
|
|
|
|
|
|
|
|
state {
|
|
|
|
method = method.aes_gcm.encryption
|
|
|
|
enforced = true
|
|
|
|
}
|
|
|
|
}
|
2024-09-25 11:23:52 +00:00
|
|
|
}
|
|
|
|
|
2024-10-22 15:44:00 +00:00
|
|
|
provider "aws" {
|
|
|
|
region = var.aws_region
|
|
|
|
access_key = var.aws_access_key
|
|
|
|
secret_key = var.aws_secret_key
|
|
|
|
}
|
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
provider "contabo" {
|
|
|
|
oauth2_client_id = var.contabo_client_id
|
|
|
|
oauth2_client_secret = var.contabo_client_secret
|
|
|
|
oauth2_user = var.contabo_user
|
|
|
|
oauth2_pass = var.contabo_pass
|
|
|
|
}
|
2024-09-28 12:14:09 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
provider "hcloud" {
|
|
|
|
token = var.hcloud_token
|
|
|
|
}
|
2024-09-25 11:23:52 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
provider "healthchecksio" {
|
|
|
|
api_key = var.healthchecksio_api_key
|
|
|
|
}
|
2024-09-25 11:23:52 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
provider "ovh" {
|
|
|
|
endpoint = "ovh-eu"
|
|
|
|
application_key = var.ovh_application_key
|
|
|
|
application_secret = var.ovh_application_secret
|
|
|
|
consumer_key = var.ovh_consumer_key
|
|
|
|
}
|
|
|
|
|
|
|
|
provider "scaleway" {
|
|
|
|
organization_id = var.scaleway_organization_id
|
|
|
|
project_id = var.scaleway_project_id
|
|
|
|
access_key = var.scaleway_access_key
|
|
|
|
secret_key = var.scaleway_secret_key
|
|
|
|
region = "nl-ams"
|
|
|
|
zone = "nl-ams-1"
|
|
|
|
}
|
|
|
|
|
|
|
|
provider "tailscale" {
|
|
|
|
api_key = var.tailscale_api_key
|
|
|
|
tailnet = var.tailscale_tailnet
|
2024-09-27 23:59:53 +00:00
|
|
|
}
|
|
|
|
|
2024-09-29 23:22:03 +00:00
|
|
|
module "infrastructure" {
|
|
|
|
source = "./modules/infrastructure"
|
2024-09-25 11:23:52 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
scaleway_project_id = var.scaleway_project_id
|
2024-09-30 18:00:24 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
default_ssh_key = var.default_ssh_key
|
|
|
|
|
|
|
|
hosts = var.hosts
|
|
|
|
services = var.services
|
2024-10-22 15:44:00 +00:00
|
|
|
email_domains = var.email_domains
|
2024-10-10 11:15:50 +00:00
|
|
|
}
|
2024-09-28 12:14:09 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
provider "authentik" {
|
|
|
|
url = var.authentik_url
|
|
|
|
token = var.authentik_token
|
|
|
|
}
|
2024-10-06 15:08:25 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
provider "postgresql" {
|
|
|
|
host = var.postgresql_host
|
|
|
|
port = var.postgresql_port
|
|
|
|
database = "postgres"
|
|
|
|
username = var.postgresql_username
|
|
|
|
password = var.postgresql_password
|
|
|
|
sslmode = "verify-full"
|
|
|
|
connect_timeout = 15
|
|
|
|
}
|
2024-09-28 12:14:09 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
module "services" {
|
|
|
|
source = "./modules/services"
|
2024-09-29 23:22:03 +00:00
|
|
|
|
2024-10-10 11:15:50 +00:00
|
|
|
authentik_url = var.authentik_url
|
2024-09-29 23:22:03 +00:00
|
|
|
|
|
|
|
services = var.services
|
|
|
|
}
|