infrastructure/main.tf

terraform {
  backend "s3" {
    bucket         = var.backend_bucket
    access_key     = var.backend_access_key
    secret_key     = var.backend_secret_key
    key            = "terraform.tfstate"
    region         = var.backend_region
    encrypt        = true
    endpoints      = {
      s3           = var.backend_endpoint
    }

    # Disable AWS-specific features
    skip_credentials_validation = true
    skip_region_validation      = true
    skip_requesting_account_id  = true
    skip_s3_checksum            = true
  }
}

module "services" {
  source = "./modules/services"

  authentik_url = "${var.authentik_url}"
  authentik_token = "${var.authentik_token}"

  postgresql_host = "${var.postgresql_host}"
  postgresql_port = "${var.postgresql_port}"
  postgresql_username = "${var.postgresql_username}"
  postgresql_password = "${var.postgresql_password}"

  services = var.services
}

module "infrastructure" {
  source = "./modules/infrastructure"

  hcloud_token = "${var.hcloud_token}"

  ovh_application_key = "${var.ovh_application_key}"
  ovh_application_secret = "${var.ovh_application_secret}"
  ovh_consumer_key = "${var.ovh_consumer_key}"

  scaleway_access_key = "${var.scaleway_access_key}"
  scaleway_secret_key = "${var.scaleway_secret_key}"
  scaleway_project_id = "${var.scaleway_project_id}"
  scaleway_organization_id = "${var.scaleway_organization_id}"

  tailscale_api_key = "${var.tailscale_api_key}"
  tailscale_tailnet = "${var.tailscale_tailnet}"

  default_ssh_key = "${var.default_ssh_key}"

  hosts = var.hosts
  services = var.services
}