terraform { backend "s3" { bucket = var.backend_bucket access_key = var.backend_access_key secret_key = var.backend_secret_key key = "terraform.tfstate" region = var.backend_region encrypt = true endpoints = { s3 = var.backend_endpoint } # Disable AWS-specific features skip_credentials_validation = true skip_region_validation = true skip_requesting_account_id = true skip_s3_checksum = true } encryption { key_provider "pbkdf2" "encryption" { passphrase = var.passphrase } method "aes_gcm" "encryption" { keys = key_provider.pbkdf2.encryption } state { method = method.aes_gcm.encryption enforced = true } } } module "services" { source = "./modules/services" authentik_url = var.authentik_url authentik_token = var.authentik_token postgresql_host = var.postgresql_host postgresql_port = var.postgresql_port postgresql_username = var.postgresql_username postgresql_password = var.postgresql_password services = var.services } module "infrastructure" { source = "./modules/infrastructure" contabo_client_id = var.contabo_client_id contabo_client_secret = var.contabo_client_secret contabo_user = var.contabo_user contabo_pass = var.contabo_pass hcloud_token = var.hcloud_token healthchecksio_api_key = var.healthchecksio_api_key ovh_application_key = var.ovh_application_key ovh_application_secret = var.ovh_application_secret ovh_consumer_key = var.ovh_consumer_key scaleway_access_key = var.scaleway_access_key scaleway_secret_key = var.scaleway_secret_key scaleway_project_id = var.scaleway_project_id scaleway_organization_id = var.scaleway_organization_id tailscale_api_key = var.tailscale_api_key tailscale_tailnet = var.tailscale_tailnet default_ssh_key = var.default_ssh_key hosts = var.hosts services = var.services }