From da268122df583b2b1fb11c38277f7fa98f0c1510 Mon Sep 17 00:00:00 2001 From: Massaki Archambault Date: Sun, 27 Apr 2025 17:16:29 -0400 Subject: [PATCH] move infra config --- terraform/.terraform.lock.hcl | 66 ------------- terraform/main.tf | 94 ------------------- .../parameters-external-secrets-policy.json | 15 --- .../aws_parameters_external_secrets/main.tf | 33 ------- .../variables.tf | 5 - terraform/modules/cloudflare_site/main.tf | 25 ----- .../modules/cloudflare_site/variables.tf | 9 -- 7 files changed, 247 deletions(-) delete mode 100644 terraform/.terraform.lock.hcl delete mode 100644 terraform/main.tf delete mode 100644 terraform/modules/aws_parameters_external_secrets/iam-policies/parameters-external-secrets-policy.json delete mode 100644 terraform/modules/aws_parameters_external_secrets/main.tf delete mode 100644 terraform/modules/aws_parameters_external_secrets/variables.tf delete mode 100644 terraform/modules/cloudflare_site/main.tf delete mode 100644 terraform/modules/cloudflare_site/variables.tf diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl deleted file mode 100644 index c98022f..0000000 --- a/terraform/.terraform.lock.hcl +++ /dev/null @@ -1,66 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/cloudflare/cloudflare" { - version = "4.23.0" - constraints = "~> 4.0" - hashes = [ - "h1:mwME7g0VS3glSXFJi1xAmhnluStIJ/yxmORP2grrkb0=", - "zh:034aae9f29e51b008eb5ff62bcfea4078d92d74fd8eb6e0f1833395002bf483d", - "zh:0e4f72b52647791e34894c231c7d17b55c701fb4ff9d8aeb8355031378b20910", - "zh:248ecf3820a65870a8a811a90488a77a8fcc49ee6e3099734328912250c4145a", - "zh:750114d16fefb3ce6cfc81fc4d86ab3746062dccd3fc5556a6dff39d600d55f3", - "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f", - "zh:8fe4b545d8c90eb55b75ede1bc5a6bb1483a00466364cd08b1096abddc52e34b", - "zh:ba203d96d07a313dd77933ff29d09110c1dc5100a44aa540c2c73ea280215c85", - "zh:be22358de9729068edc462985c2c99c4d49eec87c6662e75e7216962b0b47a12", - "zh:c55add4c66855191020b5ed61fe8561403eac9d3f55f343876f1f0a5e2ccf1bc", - "zh:c57034c34a10317715264b9455a74b53b2604a3cb206f2c5089ae61b5e8e18fa", - "zh:c95b026d652cb2f90b526cdc79dc22faa0789a049e55b5f2a41412ac45bca2ec", - "zh:ca49437e5462c060b64d0ebf7a7d1370f55139afdb6a23f032694d363b44243b", - "zh:d52788bd6ca087fa72ae9d22c09693c3f5ce5502a00e2c195bea5f420735006c", - "zh:e43da4d400951310020969bd5952483c05de824d67fdcdddc76ec9d97de0d18e", - "zh:ff150dddcbb0d623ff1948d1359fa956519f0672f832faedb121fc809e9c4c22", - ] -} - -provider "registry.terraform.io/hashicorp/aws" { - version = "4.55.0" - hashes = [ - "h1:VHfmrKCb4oTW/+rWGKKqipoMOPd4tPxlGwMp0/Flx/s=", - "zh:0866f25575bad3b9c313cd778c94fc65e79d335af2d20a3480f79d7731d93b7b", - "zh:2c05c16155cbc054622cf83e4b6614fef35935b00b238e4c21ee225e6c896770", - "zh:2efba66649fb12af0492c6cce4e2361fe9139df648734264f61a9a1ef754df53", - "zh:3c60bb53e3b65d7f86699fae0797a55a9aa41b8ba377aaff4daf23d1661393a9", - "zh:41f6dcd90b54b623d523df8fb4a30779cfe22e9ab59516bc05b29291a7af0946", - "zh:4b8330b154e9e2d035dd5488abcac25efec1fa6055d3a70894a8c0384f0579d6", - "zh:595f263706cf1fb6b8447e2ec343638de4360841a15e6bff6ccbb0ff86c7ce74", - "zh:5dfc5b858a43cf45fde5542eb673f6104c14cdc3d73843d1b87a9e44545cbad4", - "zh:7bbe05cf30521f0110603bb84995a4025ce7810626010276600e4b402143df27", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:a490e68c63504d3301d6dcb700c95778d93bb2baa6632a46c5a1d62862a7067c", - "zh:c4f9f6659148528375c8a822163925c9aae490ccce2e6301cefbbab009531971", - "zh:ef66070f957408f1c924ddfd5dbd0d34bce16efd9e36ccecbf699de72beb131f", - "zh:f7ba5e3e62a2b51b24e326797a89fdd86bafaea7d1912738d514c9903c14d7f2", - "zh:ffc20b7d9f7bd331fb6451d0fc92c68196383d7115e69380de6566cc268cb9b9", - ] -} - -provider "registry.terraform.io/hashicorp/kubernetes" { - version = "2.18.0" - hashes = [ - "h1:42iWPnVHQYjopA83W35BxsWmhBnfycUZV3ThuAVmP4s=", - "zh:38f24011d5ee8479ed4758c66cad336509ec02b55c1188ce0ec4b826943aaf0a", - "zh:7d34901f2aff2f46748e81e3d4bbc1aeacc1cc78c2c7da34a84311633ccc8458", - "zh:854339357839a8944df9571eb10f2feaa28cdbe1b7198aba2e94574474f8b304", - "zh:872ea16f2634d29da9772bb5bdc2202f56e35371acccc31fab060bb9cfc13a8b", - "zh:8da9e4c95c160aa58de81a3da5a5a43ea09869e79aa7a27303a1d5a107a8b486", - "zh:9200d32e7c9a75365bcd5a48b29ec8c9bbd3329549bc8d04b14e739abcf843e0", - "zh:980f576019d1acb404647c9d7a71ee826e6e046f84c3796c6dc098899fc89033", - "zh:dcd84e89fdbb815dade604543c6ce2b5aa518debc413d627de08c7e6f3d3c075", - "zh:ddbbb7d16d3eff671c2251d6777fcb6fb92843e2b74441c2d4ad43a82a4291c6", - "zh:e50185efe88499bfbb22fc421315f658c9a7ccfee68e6b66cf0f8eb19b879028", - "zh:ed8e76ccb2b0266ee94ab90d76d311509b2cc90e5d9f5aa294dd92e1f676adf0", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} diff --git a/terraform/main.tf b/terraform/main.tf deleted file mode 100644 index 0d1b859..0000000 --- a/terraform/main.tf +++ /dev/null @@ -1,94 +0,0 @@ -terraform { - backend "kubernetes" { - secret_suffix = "state" - config_path = "~/.kube/config" - labels = { - "app.kubernetes.io/managed-by" : "terraform" - } - } - required_providers { - cloudflare = { - source = "cloudflare/cloudflare" - version = "~> 4.0" - } - } -} - -provider "kubernetes" { - config_path = "~/.kube/config" -} - -provider "cloudflare" {} - -module "aws_parameters_external_secrets" { - source = "./modules/aws_parameters_external_secrets" -} - - -module "cloudflare_records" { - source = "./modules/cloudflare_site" - - dns_zone = "badjware.dev" - dns_records = [ - { - name = "@" - type = "A" - value = "104.152.168.30" - - proxied = false - }, - { - name = "@" - type = "MX" - value = "mail.badjware.dev" - priority = 0 - - proxied = false - }, - { - name = "mail" - type = "CNAME" - value = "badjware.dev" - - proxied = false - }, - { - name = "cloud" - type = "CNAME" - value = "home.badjware.dev" - }, - { - name = "code" - type = "CNAME" - value = "home.badjware.dev" - }, - { - name = "grafana" - type = "A" - type = "CNAME" - value = "home.badjware.dev" - }, - { - name = "hass" - type = "CNAME" - value = "home.badjware.dev" - }, - { - name = "chat" - type = "CNAME" - value = "home.badjware.dev" - }, - { - name = "jellyfin" - type = "CNAME" - value = "home.badjware.dev" - }, - { - name = "satisfactory" - type = "CNAME" - value = "home.badjware.dev" - - proxied = false - }, - ] -} diff --git a/terraform/modules/aws_parameters_external_secrets/iam-policies/parameters-external-secrets-policy.json b/terraform/modules/aws_parameters_external_secrets/iam-policies/parameters-external-secrets-policy.json deleted file mode 100644 index 85a6572..0000000 --- a/terraform/modules/aws_parameters_external_secrets/iam-policies/parameters-external-secrets-policy.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "Version": "2012-10-17", - "Statement": [ - { - "Effect": "Allow", - "Action": [ - "ssm:GetParameter", - "ssm:GetParameterWithContext", - "ssm:ListTagsForResourceWithContext", - "ssm:DescribeParametersWithContext" - ], - "Resource": "*" - } - ] - } \ No newline at end of file diff --git a/terraform/modules/aws_parameters_external_secrets/main.tf b/terraform/modules/aws_parameters_external_secrets/main.tf deleted file mode 100644 index 65f0885..0000000 --- a/terraform/modules/aws_parameters_external_secrets/main.tf +++ /dev/null @@ -1,33 +0,0 @@ -resource "aws_iam_user" "default" { - name = "${var.name}-user" -} - -resource "aws_iam_policy" "parameters_external_secrets_policy" { - name = "${var.name}-parameters-external-secrets-policy" - policy = file("${path.module}/iam-policies/parameters-external-secrets-policy.json") -} - -resource "aws_iam_policy_attachment" "parameters_external_secrets_attachment" { - name = "${var.name}-parameters-external-secrets-attachment" - users = [aws_iam_user.default.name] - policy_arn = aws_iam_policy.parameters_external_secrets_policy.arn -} - -resource "aws_iam_access_key" "default" { - user = aws_iam_user.default.name -} - -resource "kubernetes_secret" "default" { - metadata { - name = "${var.name}-access-key" - namespace = "kube-system" - labels = { - "app.kubernetes.io/managed-by": "terraform" - } - } - - data = { - access-key = aws_iam_access_key.default.id - secret-access-key = aws_iam_access_key.default.secret - } -} \ No newline at end of file diff --git a/terraform/modules/aws_parameters_external_secrets/variables.tf b/terraform/modules/aws_parameters_external_secrets/variables.tf deleted file mode 100644 index cd17f06..0000000 --- a/terraform/modules/aws_parameters_external_secrets/variables.tf +++ /dev/null @@ -1,5 +0,0 @@ -variable "name" { - type = string - description = "The name of the terraform deployment" - default = "aws-parameters-external-secrets" -} \ No newline at end of file diff --git a/terraform/modules/cloudflare_site/main.tf b/terraform/modules/cloudflare_site/main.tf deleted file mode 100644 index 3174144..0000000 --- a/terraform/modules/cloudflare_site/main.tf +++ /dev/null @@ -1,25 +0,0 @@ -terraform { - required_providers { - cloudflare = { - source = "cloudflare/cloudflare" - version = "~> 4.0" - } - } -} - -data "cloudflare_zone" "zone" { - name = var.dns_zone -} - -resource "cloudflare_record" "records" { - count = length(var.dns_records) - - zone_id = data.cloudflare_zone.zone.zone_id - name = var.dns_records[count.index].name - type = var.dns_records[count.index].type - value = var.dns_records[count.index].value - ttl = lookup(var.dns_records[count.index], "ttl", null) - priority = lookup(var.dns_records[count.index], "priority", null) - - proxied = lookup(var.dns_records[count.index], "proxied", true) -} diff --git a/terraform/modules/cloudflare_site/variables.tf b/terraform/modules/cloudflare_site/variables.tf deleted file mode 100644 index 5550e86..0000000 --- a/terraform/modules/cloudflare_site/variables.tf +++ /dev/null @@ -1,9 +0,0 @@ -variable "dns_zone" { - description = "The dns zone" - type = string -} - -variable "dns_records" { - description = "A map containing the dns record configuration" - type = list(map(any)) -}