move infra config
This commit is contained in:
parent
72dd3418a0
commit
da268122df
|
|
@ -1,66 +0,0 @@
|
||||||
# This file is maintained automatically by "terraform init".
|
|
||||||
# Manual edits may be lost in future updates.
|
|
||||||
|
|
||||||
provider "registry.terraform.io/cloudflare/cloudflare" {
|
|
||||||
version = "4.23.0"
|
|
||||||
constraints = "~> 4.0"
|
|
||||||
hashes = [
|
|
||||||
"h1:mwME7g0VS3glSXFJi1xAmhnluStIJ/yxmORP2grrkb0=",
|
|
||||||
"zh:034aae9f29e51b008eb5ff62bcfea4078d92d74fd8eb6e0f1833395002bf483d",
|
|
||||||
"zh:0e4f72b52647791e34894c231c7d17b55c701fb4ff9d8aeb8355031378b20910",
|
|
||||||
"zh:248ecf3820a65870a8a811a90488a77a8fcc49ee6e3099734328912250c4145a",
|
|
||||||
"zh:750114d16fefb3ce6cfc81fc4d86ab3746062dccd3fc5556a6dff39d600d55f3",
|
|
||||||
"zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
|
|
||||||
"zh:8fe4b545d8c90eb55b75ede1bc5a6bb1483a00466364cd08b1096abddc52e34b",
|
|
||||||
"zh:ba203d96d07a313dd77933ff29d09110c1dc5100a44aa540c2c73ea280215c85",
|
|
||||||
"zh:be22358de9729068edc462985c2c99c4d49eec87c6662e75e7216962b0b47a12",
|
|
||||||
"zh:c55add4c66855191020b5ed61fe8561403eac9d3f55f343876f1f0a5e2ccf1bc",
|
|
||||||
"zh:c57034c34a10317715264b9455a74b53b2604a3cb206f2c5089ae61b5e8e18fa",
|
|
||||||
"zh:c95b026d652cb2f90b526cdc79dc22faa0789a049e55b5f2a41412ac45bca2ec",
|
|
||||||
"zh:ca49437e5462c060b64d0ebf7a7d1370f55139afdb6a23f032694d363b44243b",
|
|
||||||
"zh:d52788bd6ca087fa72ae9d22c09693c3f5ce5502a00e2c195bea5f420735006c",
|
|
||||||
"zh:e43da4d400951310020969bd5952483c05de824d67fdcdddc76ec9d97de0d18e",
|
|
||||||
"zh:ff150dddcbb0d623ff1948d1359fa956519f0672f832faedb121fc809e9c4c22",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "registry.terraform.io/hashicorp/aws" {
|
|
||||||
version = "4.55.0"
|
|
||||||
hashes = [
|
|
||||||
"h1:VHfmrKCb4oTW/+rWGKKqipoMOPd4tPxlGwMp0/Flx/s=",
|
|
||||||
"zh:0866f25575bad3b9c313cd778c94fc65e79d335af2d20a3480f79d7731d93b7b",
|
|
||||||
"zh:2c05c16155cbc054622cf83e4b6614fef35935b00b238e4c21ee225e6c896770",
|
|
||||||
"zh:2efba66649fb12af0492c6cce4e2361fe9139df648734264f61a9a1ef754df53",
|
|
||||||
"zh:3c60bb53e3b65d7f86699fae0797a55a9aa41b8ba377aaff4daf23d1661393a9",
|
|
||||||
"zh:41f6dcd90b54b623d523df8fb4a30779cfe22e9ab59516bc05b29291a7af0946",
|
|
||||||
"zh:4b8330b154e9e2d035dd5488abcac25efec1fa6055d3a70894a8c0384f0579d6",
|
|
||||||
"zh:595f263706cf1fb6b8447e2ec343638de4360841a15e6bff6ccbb0ff86c7ce74",
|
|
||||||
"zh:5dfc5b858a43cf45fde5542eb673f6104c14cdc3d73843d1b87a9e44545cbad4",
|
|
||||||
"zh:7bbe05cf30521f0110603bb84995a4025ce7810626010276600e4b402143df27",
|
|
||||||
"zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
|
|
||||||
"zh:a490e68c63504d3301d6dcb700c95778d93bb2baa6632a46c5a1d62862a7067c",
|
|
||||||
"zh:c4f9f6659148528375c8a822163925c9aae490ccce2e6301cefbbab009531971",
|
|
||||||
"zh:ef66070f957408f1c924ddfd5dbd0d34bce16efd9e36ccecbf699de72beb131f",
|
|
||||||
"zh:f7ba5e3e62a2b51b24e326797a89fdd86bafaea7d1912738d514c9903c14d7f2",
|
|
||||||
"zh:ffc20b7d9f7bd331fb6451d0fc92c68196383d7115e69380de6566cc268cb9b9",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "registry.terraform.io/hashicorp/kubernetes" {
|
|
||||||
version = "2.18.0"
|
|
||||||
hashes = [
|
|
||||||
"h1:42iWPnVHQYjopA83W35BxsWmhBnfycUZV3ThuAVmP4s=",
|
|
||||||
"zh:38f24011d5ee8479ed4758c66cad336509ec02b55c1188ce0ec4b826943aaf0a",
|
|
||||||
"zh:7d34901f2aff2f46748e81e3d4bbc1aeacc1cc78c2c7da34a84311633ccc8458",
|
|
||||||
"zh:854339357839a8944df9571eb10f2feaa28cdbe1b7198aba2e94574474f8b304",
|
|
||||||
"zh:872ea16f2634d29da9772bb5bdc2202f56e35371acccc31fab060bb9cfc13a8b",
|
|
||||||
"zh:8da9e4c95c160aa58de81a3da5a5a43ea09869e79aa7a27303a1d5a107a8b486",
|
|
||||||
"zh:9200d32e7c9a75365bcd5a48b29ec8c9bbd3329549bc8d04b14e739abcf843e0",
|
|
||||||
"zh:980f576019d1acb404647c9d7a71ee826e6e046f84c3796c6dc098899fc89033",
|
|
||||||
"zh:dcd84e89fdbb815dade604543c6ce2b5aa518debc413d627de08c7e6f3d3c075",
|
|
||||||
"zh:ddbbb7d16d3eff671c2251d6777fcb6fb92843e2b74441c2d4ad43a82a4291c6",
|
|
||||||
"zh:e50185efe88499bfbb22fc421315f658c9a7ccfee68e6b66cf0f8eb19b879028",
|
|
||||||
"zh:ed8e76ccb2b0266ee94ab90d76d311509b2cc90e5d9f5aa294dd92e1f676adf0",
|
|
||||||
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,94 +0,0 @@
|
||||||
terraform {
|
|
||||||
backend "kubernetes" {
|
|
||||||
secret_suffix = "state"
|
|
||||||
config_path = "~/.kube/config"
|
|
||||||
labels = {
|
|
||||||
"app.kubernetes.io/managed-by" : "terraform"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
required_providers {
|
|
||||||
cloudflare = {
|
|
||||||
source = "cloudflare/cloudflare"
|
|
||||||
version = "~> 4.0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "kubernetes" {
|
|
||||||
config_path = "~/.kube/config"
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "cloudflare" {}
|
|
||||||
|
|
||||||
module "aws_parameters_external_secrets" {
|
|
||||||
source = "./modules/aws_parameters_external_secrets"
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
module "cloudflare_records" {
|
|
||||||
source = "./modules/cloudflare_site"
|
|
||||||
|
|
||||||
dns_zone = "badjware.dev"
|
|
||||||
dns_records = [
|
|
||||||
{
|
|
||||||
name = "@"
|
|
||||||
type = "A"
|
|
||||||
value = "104.152.168.30"
|
|
||||||
|
|
||||||
proxied = false
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "@"
|
|
||||||
type = "MX"
|
|
||||||
value = "mail.badjware.dev"
|
|
||||||
priority = 0
|
|
||||||
|
|
||||||
proxied = false
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "mail"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "badjware.dev"
|
|
||||||
|
|
||||||
proxied = false
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "cloud"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "code"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "grafana"
|
|
||||||
type = "A"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "hass"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "chat"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "jellyfin"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
},
|
|
||||||
{
|
|
||||||
name = "satisfactory"
|
|
||||||
type = "CNAME"
|
|
||||||
value = "home.badjware.dev"
|
|
||||||
|
|
||||||
proxied = false
|
|
||||||
},
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,15 +0,0 @@
|
||||||
{
|
|
||||||
"Version": "2012-10-17",
|
|
||||||
"Statement": [
|
|
||||||
{
|
|
||||||
"Effect": "Allow",
|
|
||||||
"Action": [
|
|
||||||
"ssm:GetParameter",
|
|
||||||
"ssm:GetParameterWithContext",
|
|
||||||
"ssm:ListTagsForResourceWithContext",
|
|
||||||
"ssm:DescribeParametersWithContext"
|
|
||||||
],
|
|
||||||
"Resource": "*"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|
@ -1,33 +0,0 @@
|
||||||
resource "aws_iam_user" "default" {
|
|
||||||
name = "${var.name}-user"
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_iam_policy" "parameters_external_secrets_policy" {
|
|
||||||
name = "${var.name}-parameters-external-secrets-policy"
|
|
||||||
policy = file("${path.module}/iam-policies/parameters-external-secrets-policy.json")
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_iam_policy_attachment" "parameters_external_secrets_attachment" {
|
|
||||||
name = "${var.name}-parameters-external-secrets-attachment"
|
|
||||||
users = [aws_iam_user.default.name]
|
|
||||||
policy_arn = aws_iam_policy.parameters_external_secrets_policy.arn
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_iam_access_key" "default" {
|
|
||||||
user = aws_iam_user.default.name
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "kubernetes_secret" "default" {
|
|
||||||
metadata {
|
|
||||||
name = "${var.name}-access-key"
|
|
||||||
namespace = "kube-system"
|
|
||||||
labels = {
|
|
||||||
"app.kubernetes.io/managed-by": "terraform"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
data = {
|
|
||||||
access-key = aws_iam_access_key.default.id
|
|
||||||
secret-access-key = aws_iam_access_key.default.secret
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
@ -1,5 +0,0 @@
|
||||||
variable "name" {
|
|
||||||
type = string
|
|
||||||
description = "The name of the terraform deployment"
|
|
||||||
default = "aws-parameters-external-secrets"
|
|
||||||
}
|
|
||||||
|
|
@ -1,25 +0,0 @@
|
||||||
terraform {
|
|
||||||
required_providers {
|
|
||||||
cloudflare = {
|
|
||||||
source = "cloudflare/cloudflare"
|
|
||||||
version = "~> 4.0"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
data "cloudflare_zone" "zone" {
|
|
||||||
name = var.dns_zone
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "cloudflare_record" "records" {
|
|
||||||
count = length(var.dns_records)
|
|
||||||
|
|
||||||
zone_id = data.cloudflare_zone.zone.zone_id
|
|
||||||
name = var.dns_records[count.index].name
|
|
||||||
type = var.dns_records[count.index].type
|
|
||||||
value = var.dns_records[count.index].value
|
|
||||||
ttl = lookup(var.dns_records[count.index], "ttl", null)
|
|
||||||
priority = lookup(var.dns_records[count.index], "priority", null)
|
|
||||||
|
|
||||||
proxied = lookup(var.dns_records[count.index], "proxied", true)
|
|
||||||
}
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
variable "dns_zone" {
|
|
||||||
description = "The dns zone"
|
|
||||||
type = string
|
|
||||||
}
|
|
||||||
|
|
||||||
variable "dns_records" {
|
|
||||||
description = "A map containing the dns record configuration"
|
|
||||||
type = list(map(any))
|
|
||||||
}
|
|
||||||
Loading…
Reference in New Issue