diff --git a/modules/infrastructure/main.tf b/modules/infrastructure/main.tf
index bb7ed2d..6602c3c 100644
--- a/modules/infrastructure/main.tf
+++ b/modules/infrastructure/main.tf
@@ -29,9 +29,7 @@ terraform {
locals {
- services_auth = {for key, val in var.services : key => val if val.auth}
- services_database = {for key, val in var.services : key => val if val.database}
- services_s3 = {for key, val in var.services : key => (val.s3_buckets != null) ? val.s3_buckets : [key] if val.s3}
+ services_s3 = {for key, val in var.services : key => (val.s3_buckets != null) ? val.s3_buckets : [key] if (val.s3 == "external")}
buckets_s3 = merge([for key, val in local.services_s3 : {for bucket in val : bucket => key}]...)
hetzner_hosts = {for key, val in var.hosts : key => val if val.provider == "hetzner"}
diff --git a/modules/infrastructure/variables.tf b/modules/infrastructure/variables.tf
index 6ec6c8c..d0b063c 100644
--- a/modules/infrastructure/variables.tf
+++ b/modules/infrastructure/variables.tf
@@ -35,7 +35,7 @@ variable "services" {
auth = bool
auth_cert = optional(string)
auth_redirects = optional(list(string))
- s3 = bool
+ s3 = optional(string)
s3_buckets = optional(list(string))
database = bool
}))
diff --git a/services.auto.tfvars b/services.auto.tfvars
index 409ce14..ccc7526 100644
--- a/services.auto.tfvars
+++ b/services.auto.tfvars
@@ -32,7 +32,6 @@ services = {
]
auth = false
database = true
- s3 = false
},
"authentik" = {
@@ -47,7 +46,6 @@ services = {
certificates = ["auth.serguzim.me"]
auth = false
database = true
- s3 = false
mail = "auth"
},
@@ -55,7 +53,6 @@ services = {
host = "*"
auth = false
database = false
- s3 = false
},
"briefing" = {
@@ -69,7 +66,6 @@ services = {
}
auth = false
database = false
- s3 = false
}
"caddy" = {
@@ -96,7 +92,6 @@ services = {
]
auth = false
database = false
- s3 = false
},
"deploy" = {
@@ -111,7 +106,6 @@ services = {
}
auth = false
database = false
- s3 = false
}
"dokku" = {
@@ -154,14 +148,12 @@ services = {
]
auth = false
database = false
- s3 = false
},
"extra_services" = {
host = "node001"
auth = false
database = false
- s3 = false
},
#"factorio" = {
@@ -198,7 +190,6 @@ services = {
# ]
# auth = false
# database = false
- # s3 = false
#}
"forgejo" = {
@@ -229,7 +220,7 @@ services = {
auth = true
auth_redirects = ["https://git.serguzim.me/user/oauth2/auth.serguzim.me/callback"]
database = true
- s3 = true
+ s3 = "external"
mail = "git"
},
@@ -237,14 +228,12 @@ services = {
host = "node001"
auth = false
database = false
- s3 = false
},
"healthcheck" = {
host = "node001"
auth = false
database = false
- s3 = false
},
"gatus" = {
@@ -261,7 +250,6 @@ services = {
}]
auth = false
database = false
- s3 = false
mail = "status"
},
@@ -284,7 +272,6 @@ services = {
}
auth = false
database = false
- s3 = false
mail = "inventory"
},
@@ -309,7 +296,6 @@ services = {
auth = true
auth_redirects = ["https://gallery.serguzim.me/auth/login"]
database = false
- s3 = false
},
"influxdb" = {
@@ -334,7 +320,6 @@ services = {
}
auth = false
database = false
- s3 = false
},
"jellyfin" = {
@@ -362,14 +347,12 @@ services = {
}
auth = false
database = false
- s3 = false
},
"lego" = {
host = "*"
auth = false
database = false
- s3 = false
},
mailcowdockerized = {
@@ -429,7 +412,6 @@ services = {
]
auth = false
database = false
- s3 = false
},
"lgtm_stack" = {
@@ -460,7 +442,7 @@ services = {
auth = true
auth_redirects = ["https://monitoring.serguzim.me/login/generic_oauth"]
database = true
- s3 = true
+ s3 = "external"
s3_buckets = ["mimir_blocks", "mimir_alertmanager", "mimir_ruler"]
mail = "monitoring"
}
@@ -493,7 +475,6 @@ services = {
}]
auth = false
database = false
- s3 = false
},
"minio" = {
@@ -519,14 +500,12 @@ services = {
auth = true
auth_redirects = ["https://console.s3.serguzim.me/oauth_callback"]
database = false
- s3 = false
},
"node_exporter" = {
host = "*"
auth = false
database = false
- s3 = false
},
"ntfy" = {
@@ -551,7 +530,6 @@ services = {
}
auth = false
database = false
- s3 = false
},
"postgresql" = {
@@ -574,7 +552,6 @@ services = {
certificates = ["db.serguzim.me"]
auth = false
database = false
- s3 = false
},
"reitanlage_oranienburg" = {
@@ -598,7 +575,6 @@ services = {
}
auth = false
database = false
- s3 = false
},
"shlink" = {
@@ -628,7 +604,6 @@ services = {
}
auth = false
database = true
- s3 = false
},
"synapse" = {
@@ -665,7 +640,6 @@ services = {
auth = true
auth_redirects = ["https://matrix.serguzim.me/_synapse/client/oidc/callback"]
database = true
- s3 = false
mail = "matrix"
},
@@ -684,7 +658,6 @@ services = {
}
auth = false
database = true
- s3 = false
},
"teamspeak_fallback" = {
@@ -723,7 +696,6 @@ services = {
]
auth = false
database = false
- s3 = false
}
"tinytinyrss" = {
@@ -737,7 +709,6 @@ services = {
}
auth = false
database = true
- s3 = false
},
"umami" = {
@@ -751,7 +722,6 @@ services = {
}
auth = false
database = true
- s3 = false
},
"vikunja" = {
@@ -773,7 +743,6 @@ services = {
auth = true
auth_redirects = ["https://todo.serguzim.me/auth/openid/authserguzimme"]
database = true
- s3 = false
mail = "todo"
},
@@ -781,7 +750,6 @@ services = {
host = "*"
auth = false
database = false
- s3 = false
mail = "watchtower"
},
@@ -796,7 +764,6 @@ services = {
}
auth = false
database = false
- s3 = false
},
"wiki_js" = {
@@ -810,7 +777,6 @@ services = {
auth = true
auth_redirects = ["https://wiki.serguzim.me/login/f792bc7d-1a25-4437-944e-55eaf0111102/callback"]
database = true
- s3 = false
mail = "wiki"
},
@@ -836,6 +802,5 @@ services = {
}
auth = false
database = true
- s3 = false
}
}
diff --git a/variables.tf b/variables.tf
index 271854e..8702cc4 100644
--- a/variables.tf
+++ b/variables.tf
@@ -156,7 +156,7 @@ variable "services" {
auth = bool
auth_cert = optional(string)
auth_redirects = optional(list(string))
- s3 = bool
+ s3 = optional(string)
s3_buckets = optional(list(string))
database = bool
mail = optional(string)