diff --git a/.gitignore b/.gitignore index c6eea25..a153386 100644 --- a/.gitignore +++ b/.gitignore @@ -1,5 +1,6 @@ # Local .terraform directories **/.terraform/* +**/.terraform.lock.hcl # .tfstate files *.tfstate @@ -40,3 +41,4 @@ terraform.rc token cache/ +out/ diff --git a/Makefile b/Makefile index 126acf6..f7d98e3 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,10 @@ +include $(PWD)/src/toolchain/Makefile + BACKEND_TF := $(wildcard infra/backend/*.tf) ENVIRONMENT := production - -include $(PWD)/src/toolchain/Makefile +REGION := sfo3 +ROOT_DIR := $(shell pwd) +TERRAFORM := $(ROOT_DIR)/out/terraform .PHONY: clean: @@ -11,23 +14,38 @@ clean: credentials: \ $(CACHE_DIR)/secrets/credentials.tfvars -infra/backend/.terraform: $(BACKEND_TF) - env -C infra/backend terraform init +infra/backend/.terraform: \ + $(OUT_DIR)/terraform \ + $(BACKEND_TF) + env -C infra/backend $(TERRAFORM) init -infra/backend/terraform.tfstate: infra/backend/.terraform - env -C infra/backend terraform apply -state $@ -var-file $< +infra/backend/$(ENVIRONMENT).tfstate: \ + $(CACHE_DIR)/secrets/credentials.tfvars \ + $(OUT_DIR)/terraform \ + infra/backend/.terraform + env -C infra/backend $(TERRAFORM) apply \ + -var environment=$(ENVIRONMENT) \ + -var namespace=$(ENVIRONMENT) \ + -var region=$(REGION) \ + -state ../../$@ \ + -var-file ../../$< -config/$(ENVIRONMENT).tfbackend: infra/backend/$(ENVIRONMENT).tfstate - env -C infra/backend terraform output -state $< > $@ +config/$(ENVIRONMENT).tfbackend: \ + infra/backend/$(ENVIRONMENT).tfstate \ + $(OUT_DIR)/terraform + env -C infra/backend $(TERRAFORM) output -state ../../$< > $@ .PHONY: -plan: $(CACHE_DIR)/secrets/credentials.tfvars config/$(ENVIRONMENT).tfbackend - env -C infra/main terraform plan -var-file $< +plan: \ + $(CACHE_DIR)/secrets/credentials.tfvars \ + config/$(ENVIRONMENT).tfbackend \ + $(OUT_DIR)/terraform + env -C infra/main $(TERRAFORM) plan -var-file $< $(CACHE_DIR)/secrets: mkdir -p $@ -cache/secrets/%.tfvars: secrets/%.tfvars.gpg $(CACHE_DIR)/secrets +$(CACHE_DIR)/secrets/%.tfvars: secrets/%.tfvars.gpg $(CACHE_DIR)/secrets gpg --decrypt $< > $@ $(FETCH_DIR)/terraform: @@ -38,10 +56,10 @@ $(OUT_DIR)/terraform: $(FETCH_DIR)/terraform cd $(FETCH_DIR)/terraform && \ export SSL_CERT_DIR=/etc/ssl/certs && \ export CGO_ENABLED=0 && \ + export GOCACHE=$(CACHE_DIR) && \ go build \ -v \ -trimpath \ -ldflags='-w -extldflags=-static' \ -o /home/build/$@ \ ") - diff --git a/infra/backend/.terraform.lock.hcl b/infra/backend/.terraform.lock.hcl deleted file mode 100644 index ee9d643..0000000 --- a/infra/backend/.terraform.lock.hcl +++ /dev/null @@ -1,68 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/digitalocean/digitalocean" { - version = "2.25.2" - constraints = "2.25.2" - hashes = [ - "h1:OreINFf349wOcU2trD8gmP2/dFYT85ltyG0YIQ+d4GA=", - "zh:0accb40afb05425f20ff93426c69fa9585fd269f5a0caff9e03173ca3a0f66f0", - "zh:0e389b5ebfce42a9a1c78b576acffa6d4f1cfa421810537e6e096a254ff3fec8", - "zh:12441f028af172a823b452bb017721d7bf2f6f14e343ac90f361c7bb73ff0874", - "zh:18e04874d833d014617ee94971b8ef4638931a3ee7c572f86ee816b74911bcb5", - "zh:4e728375e24fdc37e791b3f234c991da342dbad8e1bd878531dd45ab6710c4fe", - "zh:4f76bea793d71ae85c72275bd1a5d28ce72afbb41e6cf51cc74d19a470b2c4dc", - "zh:588fd686e257b9d989427106e16b7d35a805cf6c1f532dca8fd61c09f19cc95a", - "zh:5b433b49869a45d96b95e921dd3cc713471dfa78157fe6f89f09d41c689256c2", - "zh:5de660180ab655b64e579564ec5f60f63d7c6633f47dfe4c8ac5a6718d19b5ea", - "zh:6395f4d9995f525469d88825f56c88f46b3466db26a3962a645c9a2e65e60dad", - "zh:7b04b9ca110f3876000616f9f3f046a974a20db93583786f26dccf10ed9372cf", - "zh:81b02a7247a0142075315cdbccd41138c01ed3327036c6b3b417859b06fdac0d", - "zh:99e4cf8818eed4e0516a939658ae89a8eefeb4dd9d49303b47b28dc844f983ac", - "zh:a85ddbfc6db67508a64c95edd333132efbc40ab7b4d6266023750dc7756f6bec", - "zh:b7e9ee035192e2f4d8db11d33e0dabd1969135901bae52d96001fce5f2a4dce8", - "zh:ec5d133c03319ec103c80d954be31dd673f44e9c93ec9ed951576e110549b59f", - ] -} - -provider "registry.terraform.io/namecheap/namecheap" { - version = "2.1.0" - constraints = ">= 2.0.0" - hashes = [ - "h1:hprk50lXtEO7BrFukatptEoK/B59/GLyuR4gJyBE2Nw=", - "zh:3731f5f14a0958cd27a589ef7daa9be786b6490f2309c429eb2e9862aa4ac5f7", - "zh:3cbceb12ec3521d9dfbd890eee731a40f4e1f42de30d28fc1d1e524091148caa", - "zh:44095af1b1d1ee6d4b930e21e3c5bf0f81d9df65fe04f6f1e55d46713c240b21", - "zh:693e169228fe0c5fb1989425b1ad42c1206f8187c9932b4daee5a5c5e851a28e", - "zh:6b04c3c2666db3050f49bc85151496fe33cf852db9ad8fc6f455d1daf0a2bba6", - "zh:85fd126a573cc468f8d5d1b90f4a94f5977ea40623b1c5cd7c799bb95ef233bd", - "zh:99014437ef4e96161b0029efa12f05fa1ab63ff9bc0a255b0a249e17b4f8587a", - "zh:a4d8288ef01d4002a5aa07d1e64e4504757f07d6ada24fbf7d3670ceb24d2871", - "zh:d27f7798cbe1957294bb08459b1fbabe68721cc9cc50afee80bda87ce674dab8", - "zh:d85483f90380829d05b8a2725ce50bf2ee766d6c1cbef223b388d19c5a92dce2", - "zh:ddfecfbefd32e40386b482a2610e4173a52591afea3861f041041439d51d34da", - "zh:f9a10edfe11dbc4947cbb2f0db8935050693d5fff3b6559096288c689c2dd847", - "zh:fae14a74781a94bcaac07b6d533dd9eb1e40c1d152eb6ee49b2a44cdf5740cfe", - ] -} - -provider "registry.terraform.io/vancluever/acme" { - version = "2.12.0" - constraints = "~> 2.0" - hashes = [ - "h1:/vWhC9ly4N+BehMDxETXSeCWe2w+1MZgM6Ai6cHxpYY=", - "zh:10f52acfdc36510ece0790af4c93f88bc8bb3270cd23fac1f740900dbceff317", - "zh:24e52840e1d7a369a522465b7ab3ab3b13236fb9731867cfaa1957c3a0d09254", - "zh:354f87de829707e625cb6da2318796b314897a6dd639ce367e397496a86af9fb", - "zh:3569b27c707fa4170c9c736116aa6ecbd25c3d3c94558e9001e2aed858ee6ac6", - "zh:429427787e450138db9100fec60966b26810d1447b9b675cea56259e0b3bf4c6", - "zh:533ae7a09e83b2ed5235ef607815468daadfa78c722e85d3f3c6f6a740dee40e", - "zh:772b346540392b43dd422b5e77e1008953f9df1538545d61cba35d12bc569fa1", - "zh:7a9e6f5b6470f16a640e5751f95375b654fa63bbf702d2c20ef616be0b2fe80f", - "zh:a186f1121c9a802cce71045245b861aa09b7a7dc0e93fd913b261f8d892ff2d5", - "zh:b1521cb89a7166e26dd2b9dedd1f45e43a037de50ea19e42856e740b64bdaba9", - "zh:c152efb60e50e8a298fc66a3446cb47d1b110c642681df8fe3ab4892711b530a", - "zh:c6491988233db2691f26e821c1b81aa30c017f194fa3a17b98447076cae30d41", - "zh:ea564dcf2cc65610103495f8b18baf0fe4a0664e06f4fc7006c0938ac15227c1", - ] -} diff --git a/infra/backend/main.tf b/infra/backend/main.tf index 20f086a..a384c9b 100644 --- a/infra/backend/main.tf +++ b/infra/backend/main.tf @@ -1,13 +1,3 @@ -terraform { - required_providers { - digitalocean = { - source = "digitalocean/digitalocean" - version = "~> 2.0" - } - } -} - -provider "digitalocean" {} variable "environment" {} variable "namespace" {} variable "region" {} diff --git a/infra/backend/provider.tf b/infra/backend/provider.tf index 0a0241e..3c437ea 100644 --- a/infra/backend/provider.tf +++ b/infra/backend/provider.tf @@ -8,10 +8,6 @@ terraform { source = "vancluever/acme" version = "~> 2.0" } - namecheap = { - source = "namecheap/namecheap" - version = ">= 2.0.0" - } } } @@ -25,15 +21,6 @@ provider "acme" { server_url = "https://acme-v02.api.letsencrypt.org/directory" } -provider "namecheap" { - user_name = var.namecheap_user - api_user = var.namecheap_api_user - api_key = var.namecheap_api_key -} - variable "do_token" {} variable "spaces_access_id" {} variable "spaces_secret" {} -variable "namecheap_user" {} -variable "namecheap_api_user" {} -variable "namecheap_api_key" {} \ No newline at end of file