stack/infra/main/main.tf

variable "environment" {}
variable "namespace" {}
variable "region" {}
variable "out_dir" {
  type    = string
  default = "../../out"
}

resource "random_id" "suffix" {
  byte_length = 8
}

resource "digitalocean_custom_image" "talos" {
  name = "talos"
  url = "https://github.com/siderolabs/talos/releases/download/v1.4.3/digital-ocean-amd64.raw.gz"
  # this gets reset by DigitalOcean
  distribution = "Unknown OS"
  regions = [var.region]
}

module "digitalocean_talos_cluster-2" {
  source = "../../terraform_modules/digitalocean_talos_cluster"

  talos_cluster_name = "distrust"
  talos_image = digitalocean_custom_image.talos.image_id
  talos_config_directory = "talos"
  control_plane_pool = {
    count = 1,
    size = "s-4vcpu-8gb",
  }
  worker_pools = [{
    name = "primary",
    count = 1,
    size = "s-2vcpu-4gb",
  }]
  digitalocean_region = var.region
}

module "digitalocean_database_cluster" {
  source = "../../terraform_modules/digitalocean_database_cluster"

  cluster_name = "distrust"
  db_engine = "pg"
  db_version = "15"
  size = "db-s-1vcpu-2gb"
  node_count = 1

  databases = [{
    name = "keycloak",
    create_default_superuser = true,
  }, {
    name = "forgejo",
    create_default_superuser = true,
  }]

  vpc_id = module.digitalocean_talos_cluster-2.vpc_id
  digitalocean_region = var.region
}

# `jq .database_users.value.forgejo | sops --encrypt`
output "database_users" {
  value = {
    for db_user in module.digitalocean_database_cluster.database_users:
    db_user.name => {
      apiVersion = "v1",
      kind = "Secret",
      metadata = {
        name = "database-configuration",
      },
      stringData = {
        name = db_user.name,
        dbname = db_user.name,
        host = module.digitalocean_database_cluster.database_cluster.private_host,
        port = module.digitalocean_database_cluster.database_cluster.port,
        password = db_user.password,
      }
    }
  }
  sensitive = true
}

output "database" {
  value = module.digitalocean_database_cluster.database_cluster
  sensitive = true
}
auto upload website to DO bucket 2023-03-17 04:14:39 +00:00			`variable "environment" {}`
			`variable "namespace" {}`
			`variable "region" {}`
			`variable "out_dir" {`
			`type = string`
website deploy is a thing 2023-05-05 03:31:53 +00:00			`default = "../../out"`
Add first-working plan 2023-01-28 03:08:56 +00:00			`}`
auto upload website to DO bucket 2023-03-17 04:14:39 +00:00
			`resource "random_id" "suffix" {`
working terraform state sharing 2023-04-14 03:22:35 +00:00			`byte_length = 8`
Add first-working plan 2023-01-28 03:08:56 +00:00			`}`
terraform_modules/digitalocean_talos_cluster: initial commit 2023-05-09 11:32:53 +00:00
			`resource "digitalocean_custom_image" "talos" {`
			`name = "talos"`
infra/main: bump control plane size, bump talos image 2023-05-10 23:24:07 +00:00			`url = "https://github.com/siderolabs/talos/releases/download/v1.4.3/digital-ocean-amd64.raw.gz"`
terraform_modules/digitalocean_database_cluster: initial commit 2023-05-12 04:33:41 +00:00			`# this gets reset by DigitalOcean`
			`distribution = "Unknown OS"`
infra/main/main: pass var.region instead of hardcode 2023-05-12 03:21:25 +00:00			`regions = [var.region]`
terraform_modules/digitalocean_talos_cluster: initial commit 2023-05-09 11:32:53 +00:00			`}`

infra/main: bump control plane size, bump talos image 2023-05-10 23:24:07 +00:00			`module "digitalocean_talos_cluster-2" {`
terraform_modules/digitalocean_talos_cluster: initial commit 2023-05-09 11:32:53 +00:00			`source = "../../terraform_modules/digitalocean_talos_cluster"`

			`talos_cluster_name = "distrust"`
			`talos_image = digitalocean_custom_image.talos.image_id`
			`talos_config_directory = "talos"`
infra/main: bump control plane size, bump talos image 2023-05-10 23:24:07 +00:00			`control_plane_pool = {`
			`count = 1,`
			`size = "s-4vcpu-8gb",`
			`}`
terraform_modules/digitalocean_talos_cluster: initial commit 2023-05-09 11:32:53 +00:00			`worker_pools = [{`
			`name = "primary",`
			`count = 1,`
			`size = "s-2vcpu-4gb",`
			`}]`
terraform_modules/digitalocean_database_cluster: initial commit 2023-05-12 04:33:41 +00:00			`digitalocean_region = var.region`
			`}`

			`module "digitalocean_database_cluster" {`
			`source = "../../terraform_modules/digitalocean_database_cluster"`

			`cluster_name = "distrust"`
			`db_engine = "pg"`
			`db_version = "15"`
			`size = "db-s-1vcpu-2gb"`
			`node_count = 1`

			`databases = [{`
			`name = "keycloak",`
			`create_default_superuser = true,`
			`}, {`
			`name = "forgejo",`
			`create_default_superuser = true,`
			`}]`

			`vpc_id = module.digitalocean_talos_cluster-2.vpc_id`
			`digitalocean_region = var.region`
			`}`

infra/main: clean up database_users output 2023-05-12 04:45:49 +00:00			# `jq .database_users.value.forgejo \| sops --encrypt`
terraform_modules/digitalocean_database_cluster: initial commit 2023-05-12 04:33:41 +00:00			`output "database_users" {`
infra/main: clean up database_users output 2023-05-12 04:45:49 +00:00			`value = {`
			`for db_user in module.digitalocean_database_cluster.database_users:`
			`db_user.name => {`
			`apiVersion = "v1",`
			`kind = "Secret",`
			`metadata = {`
			`name = "database-configuration",`
			`},`
			`stringData = {`
			`name = db_user.name,`
			`dbname = db_user.name,`
			`host = module.digitalocean_database_cluster.database_cluster.private_host,`
			`port = module.digitalocean_database_cluster.database_cluster.port,`
			`password = db_user.password,`
			`}`
			`}`
			`}`
			`sensitive = true`
			`}`

			`output "database" {`
			`value = module.digitalocean_database_cluster.database_cluster`
terraform_modules/digitalocean_database_cluster: initial commit 2023-05-12 04:33:41 +00:00			`sensitive = true`
terraform_modules/digitalocean_talos_cluster: initial commit 2023-05-09 11:32:53 +00:00			`}`