diff --git a/.gitignore b/.gitignore index 72368f2..c6eea25 100644 --- a/.gitignore +++ b/.gitignore @@ -37,4 +37,6 @@ terraform.rc .DS_Store # Misc -token \ No newline at end of file +token + +cache/ diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..a94b033 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,3 @@ +[submodule "src/toolchain"] + path = src/toolchain + url = git@codeberg.org:distrust/toolchain diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..7a865c5 --- /dev/null +++ b/Makefile @@ -0,0 +1,43 @@ +BACKEND_TF := $(wildcard infra/backend/*.tf) +ENVIRONMENT := production + +include $(PWD)/src/toolchain/Makefile + +.PHONY: +clean: + rm -rf $(CACHE_DIR) + +.PHONY: +credentials: \ + $(CACHE_DIR)/secrets/credentials.tfvars + +infra/backend/.terraform: $(BACKEND_TF) + env -C infra/backend terraform init + +infra/backend/terraform.tfstate: infra/backend/.terraform + env -C infra/backend terraform apply -state $@ -var-file $< + +config/$(ENVIRONMENT).tfbackend: infra/backend/$(ENVIRONMENT).tfstate + env -C infra/backend terraform output -state $< > $@ + +.PHONY: +plan: $(CACHE_DIR)/secrets/credentials.tfvars config/$(ENVIRONMENT).tfbackend + env -C infra/main terraform plan -var-file $< + +$(CACHE_DIR)/secrets: + mkdir -p $@ + +cache/secrets/%.tfvars: secrets/%.tfvars.gpg $(CACHE_DIR)/secrets + gpg --decrypt $< > $@ + +$(FETCH_DIR)/terraform: + $(call git_clone,$@,$(TERRAFORM_REPO),$(TERRAFORM_REF)) + +$(OUT_DIR)/terraform: $(FETCH_DIR)/terraform + $(call toolchain,$(USER)," \ + cd $(FETCH_DIR)/terraform && \ + export SSL_CERT_DIR=/etc/ssl/certs && \ + export GOPROXY=direct && \ + go build -v -trimpath -ldflags='-w' -o $@ \ + ") + diff --git a/backend/main.tf b/backend/main.tf deleted file mode 100644 index f72ae3e..0000000 --- a/backend/main.tf +++ /dev/null @@ -1,240 +0,0 @@ -# Main domain resource -resource "digitalocean_domain" "default" { - name = "distrust.co" -} - -# # Let's Encrypt -# ## Private key -# resource "tls_private_key" "private_key" { -# algorithm = "RSA" -# } - -# ## ACME registration -# resource "acme_registration" "reg" { -# account_key_pem = tls_private_key.private_key.private_key_pem -# email_address = "team@distrust.co" -# } - -# ## ACME certificate -# resource "acme_certificate" "certificate" { -# account_key_pem = acme_registration.reg.account_key_pem -# common_name = "www.distrust.co" -# subject_alternative_names = [] - -# dns_challenge { -# provider = "digitalociean" -# } -# } - -# # Spaces Bucket -# ## Create a new Spaces Bucket -# resource "digitalocean_spaces_bucket" "distrust_co" { -# name = "distrust-co-bucket" -# region = "nyc3" -# # acl = "public-read" -# } - -# # Add a CDN endpoint to the Spaces Bucket -# resource "digitalocean_cdn" "distrust_co" { -# origin = digitalocean_spaces_bucket.distrust_co.bucket_domain_name -# # certificate_name = digitalocean_certificate.cert.name -# # custom_domain = "static.distrust.co" -# depends_on = [ -# digitalocean_spaces_bucket.distrust_co -# ] -# } - -# ## Handle record for CDN redirect -# resource "digitalocean_record" "cdn" { -# domain = digitalocean_domain.default.name -# type = "CNAME" -# name = digitalocean_cdn.distrust_co.origin -# value = "${digitalocean_domain.default.name}." -# depends_on = [ -# digitalocean_cdn.distrust_co -# ] -# } - -# ## Create a DigitalOcean managed Let's Encrypt Certificate -# resource "digitalocean_certificate" "cert" { -# name = "cdn-cert" -# type = "lets_encrypt" -# domains = ["static.distrust.co"] -# } - -# # Output the endpoint for the CDN resource -# output "fqdn" { -# value = digitalocean_cdn.distrust_co.endpoint -# } -# # -# output "cdn_origin" { -# value = digitalocean_cdn.distrust_co.origin -# } - -# # Handle record for distrust.co -# resource "digitalocean_record" "distrust_co-cdn" { -# domain = digitalocean_domain.default.name -# type = "A" -# name = "@" -# value = "143.198.235.76" -# depends_on = [ -# digitalocean_cdn.distrust_co -# ] -# } - -# NameCheap Records -resource "digitalocean_record" "main" { - domain = digitalocean_domain.default.id - type = "A" - name = "@" - value = "143.198.235.76" -} - -resource "digitalocean_record" "billing" { - domain = digitalocean_domain.default.id - type = "A" - name = "billing" - value = "45.16.98.153" -} - -resource "digitalocean_record" "chat" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "chat" - value = "distrust.element.io." -} - -resource "digitalocean_record" "www" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "www" - value = "${digitalocean_domain.default.id}." -} - -# Mail records -## MX main -resource "digitalocean_record" "mx1-main" { - domain = digitalocean_domain.default.id - type = "MX" - name = "@" - priority = 10 - value = "aspmx1.migadu.com." -} - -resource "digitalocean_record" "mx2-main" { - domain = digitalocean_domain.default.id - type = "MX" - name = "@" - priority = 20 - value = "aspmx2.migadu.com." -} - -## MX subdomain wildcard -resource "digitalocean_record" "mx1-wildcard" { - domain = digitalocean_domain.default.id - type = "MX" - name = "*" - priority = 10 - value = "aspmx1.migadu.com." -} - -resource "digitalocean_record" "mx2-wildcard" { - domain = digitalocean_domain.default.id - type = "MX" - name = "*" - priority = 20 - value = "aspmx2.migadu.com." -} - -resource "digitalocean_record" "mail-verification" { - domain = digitalocean_domain.default.id - type = "TXT" - name = "@" - value = "hosted-email-verify=kezkgvsn" -} - -## DKIM+ARC -resource "digitalocean_record" "mail-dkim-primary" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "key1._domainkey" - value = "key1.distrust.co._domainkey.migadu.com." -} - -resource "digitalocean_record" "mail-dkim-secondary" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "key2._domainkey" - value = "key2.distrust.co._domainkey.migadu.com." -} - -resource "digitalocean_record" "mail-dkim-tertiary" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "key3._domainkey" - value = "key3.distrust.co._domainkey.migadu.com." -} - -## SPF -resource "digitalocean_record" "mail-spf" { - domain = digitalocean_domain.default.id - type = "TXT" - name = "@" - value = "v=spf1 include:spf.migadu.com -all" -} - -## DMARC -resource "digitalocean_record" "mail-dmarc" { - domain = digitalocean_domain.default.id - type = "TXT" - name = "_dmarc" - value = "v=DMARC1; p=quarantine;" -} - -## Autodiscovery -resource "digitalocean_record" "mail-discovery" { - domain = digitalocean_domain.default.id - type = "CNAME" - name = "autoconfig" - value = "autoconfig.migadu.com." -} - -resource "digitalocean_record" "mail-src-autodiscover" { - domain = digitalocean_domain.default.id - type = "SRV" - name = "_autodiscover._tcp" - port = 443 - priority = 0 - weight = 1 - value = "smtp.migadu.com" -} - -resource "digitalocean_record" "mail-srv-submissions" { - domain = digitalocean_domain.default.id - type = "SRV" - name = "_submissions._tcp" - port = 465 - priority = 0 - weight = 1 - value = "smtp.migadu.com" -} - -resource "digitalocean_record" "mail-srv-imaps" { - domain = digitalocean_domain.default.id - type = "SRV" - name = "_imaps._tcp" - port = 993 - priority = 0 - weight = 1 - value = "imap.migadu.com" -} - -resource "digitalocean_record" "mail-srv-pop3s" { - domain = digitalocean_domain.default.id - type = "SRV" - name = "_pop3s._tcp" - port = 995 - priority = 0 - weight = 1 - value = "pop.migadu.com" -} diff --git a/config/global.env b/config/global.env new file mode 100644 index 0000000..cecb4b5 --- /dev/null +++ b/config/global.env @@ -0,0 +1,3 @@ +DEBIAN_HASH=f9e970d357981f7f5055f89365af980534ce742fc11480c51f929da83aa15980 +TERRAFORM_REF=db6079cfe269803701be9e1a89aeaf9a93714e86 +TERRAFORM_REPO=https://github.com/hashicorp/terraform diff --git a/config/toolchain/package-hashes-x86_64.txt b/config/toolchain/package-hashes-x86_64.txt new file mode 100644 index 0000000..6c7c6ee --- /dev/null +++ b/config/toolchain/package-hashes-x86_64.txt @@ -0,0 +1,183 @@ +00e7658cba666774af390ddae37f7adb243a3caf47a797ab1e0605d522f306f5 ncurses-bin_6.4-2_amd64.deb +030db54f4d76cdfe2bf0e8eb5f9efea0233ab3c7aa942d672c7b63b52dbaf935 libpcre2-8-0_10.42-1_amd64.deb +03326473eed54ffa27efae19aa5d6aeb402930968f869f318445513093691d55 libtirpc-dev_1.3.3+ds-1_amd64.deb +03539fd30c509e27101d13a56e52eda9062bdf1aefe337c07ab56def25a13eab libmd0_1.0.4-2_amd64.deb +097a2cb520881c29afa97c1bb0c381ce008aef362df2779677416a0981bcf165 g++-12_12.2.0-14_amd64.deb +0c1c0877f19d8706717b0475e62dfe591be72758c28428d014b3b9d5aa69bd0d libwebp7_1.2.4-0.1_amd64.deb +0ca5213c1ab67278cbfcec4cafccdb538c2e089718f4bddabe5a00145e5a21fb libdav1d6_1.0.0-2_amd64.deb +0e263c20d196456aba67d3828979e39911a3bc374385c75f3973fa3765e776cf golang-doc_2%3a1.19~1_all.deb +1379ab846489b322bb45602d34ca8e2791e1d342fd53d49143f6355430934efd libcc1-0_12.2.0-14_amd64.deb +15c5627e7f1ae650ea1103b864b77d874b5b1d2693802649b956efeed3ccb02f golang-src_2%3a1.19~1_all.deb +16ee38d374e064f534116dc442b086ef26f9831f1c0af7e5fb4fe4512e700649 libfontconfig1_2.14.1-4_amd64.deb +177cacdfe9508448d84bf25534a87a7fcc058d8e2dcd422672851ea13f2115df sed_4.9-1_amd64.deb +17d9a2f3c05004499d80e180d2440fd716f84c32b65f09d96c9a024af4d1d0e7 hostname_3.23+nmu1_amd64.deb +187aedef2ed763f425c1e523753b9719677633c7eede660401739e9c893482bd libgmp10_2%3a6.2.1+dfsg1-1.1_amd64.deb +1a03df5a57833d65b5bb08cfa19d50e76f29088dc9e64fb934af42d9023a0807 gcc-12-base_12.2.0-14_amd64.deb +1b70436539e7c7d0179d3240c9e59f0e85b1b18e9777168158ecd1a317aa23a6 libcom-err2_1.46.6-1_amd64.deb +1cc1bb3a84c73849f8847ddf477595cb97a84d539782d979214e232393ca00e9 golang-1.19-src_1.19.5-1_all.deb +1dbc499d2055cb128fa4ed678a7adbcced3d882b3509e26d5aa3742a4b9e5b2f libgomp1_12.2.0-14_amd64.deb +1e19c4bb1c5675f8db67f3127250fd860c7e2182b774e0111332a02cb4336512 libzstd1_1.5.2+dfsg2-3_amd64.deb +1f67421437b6eb18669d2868e3e02cb88668683d635198142f48aacc5b397118 fonts-dejavu-core_2.37-2_all.deb +2177ae060e8291db3ddcbe1aab03df3947b0294627414b1d0cd48901efade157 golang-go_2%3a1.19~1_amd64.deb +251330faddbf013f060fcdb41f4b0c037c8a6e89ba7c09b04bfcc4e3f0807b22 libp11-kit0_0.24.1-2_amd64.deb +252f96f3ce3a11361441cd114147bbcf1c48830bda33b4a88ad4f58eb2e27414 liblzma5_5.4.1-0.1_amd64.deb +26c451a660728cf7c15548a281e17eef2f36fab28499371e83fc2d3accb499d7 g++_4%3a12.2.0-3_amd64.deb +281c66e46b95f045a0282a6c7a03b33de0e9a08d016897a759aaf4a04adfddbe fontconfig-config_2.14.1-4_amd64.deb +2a46d5a5e9486da11ffeff5740931740d6deae4f92cd6098df060dc5dff1e1c7 libtirpc3_1.3.3+ds-1_amd64.deb +2c05c2e289c94bbb1cd73f7b4a7a6d78c804f370f66af6ca9233b97dafbfb2e2 libtiff6_4.5.0-4_amd64.deb +2c17eaa4dfdd0ca5cc05b9ef56f7a3fc30e6af6040a66cefe4bacab275e88c83 libkrb5support0_1.20.1-1_amd64.deb +2d7ea8a570d768224d7f2424abbe6f373d2154865a1fa7f56c80d43ecf492521 binutils-x86-64-linux-gnu_2.40-2_amd64.deb +2e732c7c1dae832537c75f78ae154ce67a73cd0394f31859ee3978d4f7630344 libpam-runtime_1.5.2-6_all.deb +30b4972cc88a4ff0fba9e08e6d476de13b109af9e4b826d130bdc72771d6e373 libasan8_12.2.0-14_amd64.deb +312b2bdeff4671f8e0d589c124554890e944dd083061e9ad6f129bc76a970765 pkg-config_1.8.1-1_amd64.deb +3264acea728df3c48a54f20e9291b965130e306b9d00adac76647049da7196df grep_3.8-5_amd64.deb +32ac0692694f8a34cc90c895f4fc739680fb2ef0e2d4870a68833682bf1c81a3 rpcsvc-proto_1.4.3-1_amd64.deb +33d88e49bf052ed8f0679bdfa386ddf4cca0a58865db113658dc039a46a64353 bsdutils_1%3a2.38.1-4_amd64.deb +33ea40061da2f1a861ec46212b2b6a34f0776a049b1a3f0abce2fb8cb994258f dash_0.5.12-2_amd64.deb +36b6fc603efaa2bfd22cff3a7773590dd6774a5d0d9b0c23b73306f3f58cbc20 libavif15_0.11.1-1_amd64.deb +37b7a2b4e78890b6a074777f27b96c84f58e81558ba08410c2b6c0ca4a4ad77b libmpfr6_4.2.0-1_amd64.deb +3c111e6aa6366977acb96537a582a7b22c0935d93f2bb2c942df64298a73c663 bash_5.2.15-2+b1_amd64.deb +3d4b39f94317b64a860db8a7a8b581b555124cd461fe07ec0d347edbdb9f6683 libdeflate0_1.14-1_amd64.deb +3e3ef129b4bf61513144236e15e1b4ec57fa5ae3dc8a72137abdbefb7a63af85 libtirpc-common_1.3.3+ds-1_all.deb +3fb7b6f326be3fae4a87a3d33b9269bd06c1e4346a24bd737f265067e3b7427f libctf0_2.40-2_amd64.deb +3fc9742f9f1a37bcb9931df6074b4d1483419ef832ad5349f47323e75fc27864 libjansson4_2.14-2_amd64.deb +429abbd86fef30596107b7327ff94856acf5b30477275b69a8c556417ebdeccd libblkid1_2.38.1-4_amd64.deb +45922e6e289ffd92f0f92d2bb9159e84236ff202d552a461bf10e5335b3f0261 libnettle8_3.8.1-2_amd64.deb +488ab22589c1a199a608a8f69221f6c42f53160754ddeea01c144dc8373d446e libapt-pkg6.0_2.5.5_amd64.deb +4a1203d7f3f8c27b07f487fb7124924689d6f9a65fe131e3a47eece8fb17f6c2 libext2fs2_1.46.6-1_amd64.deb +4c8d29836db3554890346d8e3c39960cbbb29f45a1c206581182f57847b3d758 libfreetype6_2.12.1+dfsg-4_amd64.deb +4cf64c4e1168f3c7e858bb4a71f2c5bea9a36dd448cdcc2154a551ac146e293b libgav1-1_0.18.0-1+b1_amd64.deb +4e21728bbb1f170f35a5d60fe26adadb48c436f1b5fd977454e632668074169c libquadmath0_12.2.0-14_amd64.deb +4e3ce982b5fedc6c6119268435504a64f5ffcc6d93aaecaea902d816eba1215f pkgconf_1.8.1-1_amd64.deb +4e9c8c5dec0cc906d07df738a88234a4a729dd31060acc5e064b0894117a4984 dpkg_1.21.20_amd64.deb +4ebab2e2b7b0af1e837e67c89acf59dfb380afc896a1fe6ade25631f6b92ce35 libheif1_1.14.2-1_amd64.deb +509f5260dcf607120694d5e1d9a6ca3ae07107fd1a52b603f6da97291642be90 libsepol2_3.4-2_amd64.deb +54149da3f44b22d523b26b692033b84503d822cc5122fed606ea69cc83ca5aeb libbz2-1.0_1.0.8-5+b1_amd64.deb +546927e6dcb470b835f0ac6148f3e10f967458f2366a406539dc55f26d2216d8 perl-base_5.36.0-7_amd64.deb +54d59a753dce6aed86a147c149ed0722d01f7bbd30502d39c97b47000de24277 tzdata_2022g-5_all.deb +54f7a9e77c6b12bafa07ffb1d4c42933a416748119f169514c1ed1119d51f4b3 gcc-12_12.2.0-14_amd64.deb +563b4caec1aa5e876bd3355b36e7a38e1484baf5a293b48d1e8bd22db786e4d7 libbrotli1_1.0.9-2+b6_amd64.deb +569c512e46cd7e762bda244e209d7a266bc98d6fb623eeccc42ca8f36da476d4 e2fsprogs_1.46.6-1_amd64.deb +56beca470dcd9b6d7e6c3c9e9d702101e01e9467e62810a8c357bd7b9c26251d debian-archive-keyring_2021.1.1_all.deb +594245ca59121ecb09337ab29e25571e817e906bc6757214e01608e5cfc04a95 libde265-0_1.0.11-1_amd64.deb +5dd86bd0af4aa73f067dfd6b8339dd868f2dd84056aa79db29d1206d4fbc5e04 findutils_4.9.0-4_amd64.deb +6000ce7748ae79cb237c6c065e33a8f4976e518e95adba4bba0e591dc8698f75 util-linux_2.38.1-4_amd64.deb +61038f857e346e8500adf53a2a0a20859f4d3a3b51570cc876b153a2d51a3091 coreutils_9.1-1_amd64.deb +639e1ab6bd66ead40db8a22c332d7199679fa22db261cac34444eb8eb4c17dda libnuma1_2.0.16-1_amd64.deb +63f7e5df0c018816b458ed94b32aef5dc6dca06b2f80111752a4d3ae5d2d84c5 logsave_1.46.6-1_amd64.deb +64cde86cef1deaf828bd60297839b59710b5cd8dc50efd4f12643caaee9389d3 liblz4-1_1.9.4-1_amd64.deb +66f8aedfb961b19852a8f0f8c9f5f6484a267ef6cc19552d7481333a1b963701 libuuid1_2.38.1-4_amd64.deb +679db1c4579ec7c61079adeaae8528adeb2e4bf5465baa6c56233b995d714750 libxau6_1%3a1.0.9-1_amd64.deb +6b07c77b700a615642888a82ba92a7e7c429d04b9c8669c62b2263f15c4c4059 libjbig0_2.1-6.1_amd64.deb +6b32fa198ef48c19b28146b6f374625ae0a1d79dcc19bd65eb49f6a1594077bd passwd_1%3a4.13+dfsg1-1_amd64.deb +6bdf0d77398be356e3cfd643b0c8da174170ae55c7a75e60424a730fe9e45991 libc-dev-bin_2.36-8_amd64.deb +6c19a5d18c8350744581fbd25d5d29e2b7101053e25aafa4e1ffcc2b505b2f1c libxxhash0_0.8.1-1_amd64.deb +6d9f6c25c30efccce6d4bceaa48ea86c329a3432abb360a141f76ac223a4c34a libffi8_3.4.4-1_amd64.deb +6f8c90780705bb2434d02e2360881b581319307ccde43abcd1f781e05928db04 cpp-12_12.2.0-14_amd64.deb +6ffd3721915c49580fc9bcf1ef06deab4ad59e99c52c9f349d03954642b97655 libgcc-12-dev_12.2.0-14_amd64.deb +70d356876847a9a540b5bebd02b2141f9de292e7ce17a596cafdecb15c39ba21 libisl23_0.25-1_amd64.deb +70f79905c004691a74d2badbe3c69fce9e98833d7cd77bf3cb7f4fab5bd973a1 libkrb5-3_1.20.1-1_amd64.deb +710eeb1dd9f1479d9e3f480de04736b8e8cd27af76f40673f2ad1ff87d1e306b sysvinit-utils_3.06-2_amd64.deb +711918c9b6ad639f95a3b8b9fbcf7c29dfb847e56dc4ab6b79b7a5425a3c26cf manpages_6.02-1_all.deb +71cc440315198e4c567ba7e89f24fb8f4cf5ba7b699a35facd807b259373ddaa manpages-dev_6.02-1_all.deb +737a7185e0fee60ca9a52a1e5e9141cdde531768cc67f32d73f291ba9110cbc6 libsystemd0_252.5-2_amd64.deb +74ab14194a3762b2fc717917dcfda42929ab98e3c59295a063344dc551cd7cc8 debconf_1.5.82_all.deb +771f5c47ca69f24ca61e4be0c98c5912b182ce442f921697d17a472f3ded5c9c liblerc4_4.0.0+ds-2_amd64.deb +77bf08617463e8c5f8ecae1cbef1e9d0cee6d4c55662f59c4778d81d538250d7 login_1%3a4.13+dfsg1-1_amd64.deb +77f834d5b1e6a106751d02fdd1dd2ed366a4ba522c0bffa903dc57f86f62b521 golang_2%3a1.19~1_amd64.deb +7dc48500d1c1fb488a4de260c03fae82e08f8f6d3678946d3cb5b51c9942c965 libc-devtools_2.36-8_amd64.deb +7dc5127b8dd0da80e992ba594954c005ae4359d839a24eb65d0d8129b5235c84 libdb5.3_5.3.28+dfsg2-1_amd64.deb +80a75d96504f3bd56493cd1c3b43667faf58a35461c6674024292e89f5cf2428 libpam-modules-bin_1.5.2-6_amd64.deb +81bdea6f443590bcd65e9d0d9192937a9cbc33c45098c8a90e1c81e91416e305 libyuv0_0.0~git20230104.6e4b0ac-1_amd64.deb +81ccd29130f75a9e3adabc80e61921abff42f76761e1f792fa2d1bb69af7f52f libcrypt-dev_1%3a4.4.33-2_amd64.deb +835f806c21ae25e39053bd3057051640341b0cf08e1db9746fd82e370d82fa30 libsemanage-common_3.4-1_all.deb +83c3e20b53e1fbd84d764c3ba27d26a0376e361ae5d7fb37120196934dd87424 binutils_2.40-2_amd64.deb +843848225d79b305eb0b75e1b8eafae549b09197a1d0d2f46b3289d4ada73180 libselinux1_3.4-1+b5_amd64.deb +8807f976d21cf1e4dfd2c6b69f2b0e09e8bf70f329eb8f8150ec72bb5629d8a9 libdebconfclient0_0.267_amd64.deb +89944ee11d7370ce6ef46fc52f094c4a6512eff8943ec4c6ebefeae6360ceada libgpg-error0_1.46-1_amd64.deb +8bdfedc14c1035e3750e9f055ac9c1ecd9b5d05d9e6dc6466c4e9237eef407dd diffutils_1%3a3.8-4_amd64.deb +8be9df5795114bfe90e2be3d208ef47a5edd3fc7b3e20d387a597486d444e5e2 libacl1_2.3.1-3_amd64.deb +8e9e9741e6bce5cf7b6e4da628df923bcdcd70f1c24b3666ea61e0a75f5e499b libc-bin_2.36-8_amd64.deb +8ed1f763a985cc5886e706e498abaa9664511b85eacfecfdec5ccb83f56b2a8b golang-1.19-go_1.19.5-1_amd64.deb +8f9196f7ac4487dd62ba7099e86bdfc6f17bf2d6c23f9f07022efbda502efdc4 libk5crypto3_1.20.1-1_amd64.deb +8fb5a8f83e46ad04b4cf02651ceec56c0611a335cf0d30780d859a95d0400174 pkgconf-bin_1.8.1-1_amd64.deb +9079c6b46c37b7ccbd29347d25656a516c9fa4e2bd19b9db5ca0e996ef346667 golang-1.19-doc_1.19.5-1_all.deb +908ca1b35125f49125ae56945a72bc11ce0fcec85a8d980d10d83bb3a610f518 base-passwd_3.6.1_amd64.deb +9335d0762564401f6cb3f1ddd7f8d9de4a10c93975b77ddf82f048002f17798d libssl3_3.0.8-1_amd64.deb +95ec30140789a342add8f8371ed018924de51b539056522b66f207b25cba9cad libjpeg62-turbo_1%3a2.1.5-2_amd64.deb +993ea623ce5b42d67f653f2faaa7ef15e7c9d72bfcb93e22a1eaff7aa3532303 libpcre3_2%3a8.39-15_amd64.deb +9a0598bcabcd2034c7bc4691ecb2c2b902dce92b31b381c186f0fc8e2368319a libx11-6_2%3a1.8.3-3_amd64.deb +9b1b269020cec6aced3b39f096f7b67edd1f0d4ab24f412cb6506d0800e19cbf libstdc++6_12.2.0-14_amd64.deb +9b6146ad70996f13c79f94bff168f19f552c827af1e7a62e30abbaeb701843cf libc6_2.36-8_amd64.deb +9cd87d1b0c56f34f51bcbe8bdb55ebb45dd08ce6c0c6ff2dc77378bac3f64cc0 libx265-199_3.5-2+b1_amd64.deb +9e6305a100f5178cc321ee33b96933a6482d11fdc22b42c0e526d6151c0c6f0f libseccomp2_2.5.4-1+b3_amd64.deb +a0f0f3fbeb661d9bda139a54f4bd1c30aa66cd55a8fa0beb0e6bc7946e243ca1 libstdc++-12-dev_12.2.0-14_amd64.deb +a35f744972476c4b425e006d5c0752d917f3a6f48ce1268723a29e65a65b78a6 libatomic1_12.2.0-14_amd64.deb +a3c4092d84f19d13caf90f3c96eec53db8819f0e3a5247434944d71ed75fa53d libgprofng0_2.40-2_amd64.deb +a63db920f7aa1857a57beab185423deffb6111fa09437a99bbb4ef724fb7ba78 cpp_4%3a12.2.0-3_amd64.deb +a6b79588938ef738fe6f03582b3ca0ed4fbd4a152dbe9f960e51a0355479a117 libitm1_12.2.0-14_amd64.deb +aaf001e0d4c68f995f9efbc551d54f213122fef99b3eaf9e28286bda6c03da73 libabsl20220623_20220623.1-1_amd64.deb +ab314134f43a0891a48f69a9bc33d825da748fa5e0ba2bebb7a5c491b026f1a0 binutils-common_2.40-2_amd64.deb +aecdd0c39ecb885f410272118c562c2297752f83c64260f54006cc6ce6a9437c libpam-modules_1.5.2-6_amd64.deb +b09481e7690680966005330c3f907bba4b5eefc35e1faaea4783cc55655d1150 libfaketime_0.9.10-2.1_amd64.deb +b2673d1c8fbf75d0ec9f5859988fe2a56227f0342610d3acd573c6ed12d45438 libaudit1_1%3a3.0.7-1.1+b3_amd64.deb +b2af4cbcf7f407f2552f9f5ffbcb0edd32091fcf4a3909cbc3ad01e83e11c011 util-linux-extra_2.38.1-4_amd64.deb +b37e3bcbc6df527290726998bdc5514c3c6106b21428507f895a34df229bc842 libudev1_252.5-2_amd64.deb +b4b54769c77e4a71c8b33aee4d600ba28a9994a1c6f60d55d4ebe7fc44882e07 libcap-ng0_0.8.3-1+b3_amd64.deb +b5bb46fa5a6322b76474167c0872a7c9a43a3dbacda33fb95a567f2910629d55 gpgv_2.2.40-1_amd64.deb +b5ddac89136e11637819505dd5c581469b781df499de355bf42393f49ce9188d golang-1.19_1.19.5-1_all.deb +ba7f998270327e8069a3f6b9127472eb7629f39dc4f7aa812ea9018dc5a9052d ncurses-base_6.4-2_all.deb +bb31cc8b40f962a85b2cec970f7f79cc704a1ae4bad24257a822055404b2c60b libbsd0_0.11.7-2_amd64.deb +bb63b0fb2797e2a3a294dab8a02614930c557ec1f4ea96637c244b8b5f87e630 gcc_4%3a12.2.0-3_amd64.deb +bb81a188c119cd7fdebae723cbc95887b6c549b2fe4fb7e268a9c8846444da99 libnsl-dev_1.3.0-2_amd64.deb +bcbc83f391854ea9d50ce2a4101aacf330de3b8b71d81a798faadba14a157f78 mawk_1.3.4.20200120-3.1_amd64.deb +bd8e963c6edcf1c806df97cd73560794c347aa94b9aaaf3b88eea585bb2d2f3c tar_1.34+dfsg-1_amd64.deb +beed9907afb85315ba2f5fc60fa09f0f9be2a409157cc2d45379b2e788698b0a libmount1_2.38.1-4_amd64.deb +bffcac7e4f69e39d37d4a33e841d6371ac8b5aba6cd55546b385dc7ff6c702f5 libgcrypt20_1.10.1-3_amd64.deb +c0d83437fdb016cb289436f49f28a36be44b3e8f1f2498c7e3a095f709c0d6f8 libnsl2_1.3.0-2_amd64.deb +c1450e3afcb821645976b0c1dc06094195d7540ac2c811924ace472303290962 usr-is-merged_35_all.deb +c266adb3545b0b8ff6450dbd09f85f19361bf5bc9290ddf2e869f040cb9725b7 librav1e0_0.5.1-6_amd64.deb +c4945123d66d0503ba42e2fc0585abc76d0838978c6d277b9cc37a4da25d1a34 libattr1_1%3a2.5.1-4_amd64.deb +c6a494d3605341a2c909e280f81fa015a4c8df2de8624c88a712a7f98a63f057 liblsan0_12.2.0-14_amd64.deb +cd38cafd1c8d22edf6385cdc46d075a0cba9a0a57b22a2a09a45ac9441d185f3 adduser_3.131_all.deb +cd4f20458589b515a1e39bf641e254d9e474e0d631d6eee5485cc1250a7a9808 mount_2.38.1-4_amd64.deb +cfac89e6a7a54ff3c6a4f843310e25efeddaa771baeae470bd98bd588c373563 libkeyutils1_1.6.3-2_amd64.deb +d0a0f400312a151d89ac7e79f8257bfe02b2902c73258fd656c312109522fb6f apt_2.5.5_amd64.deb +d202861c602f3719350d4aede3e4c65ea88d6529b2e1e7115f805091f624e7fa krb5-locales_1.20.1-1_all.deb +d3564267cef9f0162ad21b73d34b6a4302ee3a84426188168d74be737b079647 libgd3_2.3.3-9_amd64.deb +d466bbfe011d764d793c1d9d777cad9c7cf65b938e11598f27408171ad95a951 libunistring2_1.0-2_amd64.deb +d50716d5824083d667427817d506b45d3f59dc77e1ca52de000f3f62d4918afa libidn2-0_2.3.3-1+b1_amd64.deb +d62e8967437998b351daaaf69e8886592574725d7e88d525625d29fd2b961339 libgssapi-krb5-2_1.20.1-1_amd64.deb +d7dd1d1411fedf27f5e27650a6eff20ef294077b568f4c8c5e51466dc7c08ce4 zlib1g_1%3a1.2.13.dfsg-1_amd64.deb +d7f79544790e44f9b0c8cb9034a18c58d37f8702a15f32539050718679e52f80 libmpc3_1.3.1-1_amd64.deb +d8e04be2cd7f8299668020b1c2a13ce07a1b79e73c901338a6fabd77ccabf004 libtsan2_12.2.0-14_amd64.deb +d98df4f21fc17d8436e230acb36acc8a53a74e3cbcfb13a96a9f823c32fda695 debianutils_5.7-0.4_amd64.deb +da01fb901123ae498c36387a32240e09e1f2866810146c5a574273f7eaf31093 libpkgconf3_1.8.1-1_amd64.deb +dc32727dca9a87ba317da7989572011669f568d10159b9d8675ed7aedd26d686 libpng16-16_1.6.39-2_amd64.deb +ddee1839cff497f5b94a6613f16ddc3b616e3c6225fda0c5a16ad08f02f64008 libgnutls30_3.7.8-5_amd64.deb +dec5375567844f56ae18a4b7263ea3ab5dcb6a502f4f5921043b4625a3c6bd70 libtinfo6_6.4-2_amd64.deb +dfd4b424dca7349cbb474cca239ee54363d85fdb13462a05ebd8e35d42bd6232 base-files_12.3_amd64.deb +e0f6e357f327e80f26438dcda9c9304c43e2f3343359c6a5075d0b10ddfdb05d libsvtav1enc1_1.4.1+dfsg-1_amd64.deb +e2e727eca9bf2d7f238425058b72faef9bf92291354b61dcb861c447784ba160 libss2_1.46.6-1_amd64.deb +e3559bd647f4d8ea0d1c6269ddaa1088b368a72fb19e01f2f8fec5179de75cd8 linux-libc-dev_6.1.8-1_amd64.deb +e46fbb519b4342c114b2fa19bcdb736e294eadc769fae75d6bc2e94a4db67f15 libubsan1_12.2.0-14_amd64.deb +e556c8abdd54e4d805f25f0126aa306b519b86f2fd5d013962b81e4794000a0d libxpm4_1%3a3.5.12-1.1_amd64.deb +e91b2d652f15487269da9e96d528cf496410223b88aef3b624fa6c4faab85855 libpam0g_1.5.2-6_amd64.deb +eabec1dde2834f72540d7b93fc5df2625f52611c06d93d61f5cdb12480e0e6a3 gzip_1.12-1_amd64.deb +eb96a9cc70c225b7b3bf4d21c8e94acbf20cf9af058ed758261aa0c211b587ee libc6-dev_2.36-8_amd64.deb +ecb8536f5fb34543b55bb9dc5f5b14c9dbb4150a7bddb3f2287b7cab6e9d25ef libxdmcp6_1%3a1.1.2-3_amd64.deb +ed43d96b4cae0ff0f2208456222151922ecd0bc1118f1e757ebe18206967a8ee libaom3_3.5.0-1_amd64.deb +ed8185c28b2cb519744a5a462dcd720d3b332c9b88a1d0002eac06dc8550cb94 libhogweed6_3.8.1-2_amd64.deb +eec4dc9d949d2c666b1da3fa762a340e8ba10c3a04d3eed32749a97695c15641 libtasn1-6_4.19.0-2_amd64.deb +ef1dfcf22de41ea90ebd3d505447ccccd999e96b85aa777a1d7d981dc3b347aa libctf-nobfd0_2.40-2_amd64.deb +ef408a096a98eb7810d5544421e8769710cd4e6a6285c841e76aea7fc8b85e2f libcap2_1%3a2.66-3_amd64.deb +f3d1d48c0599aea85b7f2077a01d285badc42998c1a1e7473935d5cf995c8141 libgcc-s1_12.2.0-14_amd64.deb +f5f60a5cdfd4e4eaa9438ade5078a57741a7a78d659fcb0c701204f523e8bd29 libcrypt1_1%3a4.4.33-2_amd64.deb +f75a64f3b267f5f74b701d3e4dae2a76a3153d8c90af62dc86041509872d174f libx11-data_2%3a1.8.3-3_all.deb +f9ce24cbf69957dc1851fc55adba0a60b5bc617d51587b6478f2be64786442f1 init-system-helpers_1.65.2_all.deb +fc39271fdb2bfc46531f8c156e9ea02dd40935e21eddccf0d8c29c58d97a1f93 libaudit-common_1%3a3.0.7-1.1_all.deb +fcf55b99e5f8a78f3c8ce9b6957f1024f394cf20c196b100d308a57e43547710 libbinutils_2.40-2_amd64.deb +fd36d0972866adde5a52269a309fcecd76a8e45e557dd0ecd33aa221cabc2a8c libsemanage2_3.4-1+b5_amd64.deb +fdc61332a3892168f3cc9cfa1fe9cf11a91dc3e0acacbc47cbc50ebaa234cc71 libxcb1_1.15-1_amd64.deb +fe36a7f35361fc40d0057ef447a7302fd41d51740d51c98fb3870bbed5b96e56 libexpat1_2.5.0-1_amd64.deb +feb6aaa0bd183246ca915b88825c68f3b5a6507bc70a8c2eb70d1e4cb9e83225 libsmartcols1_2.38.1-4_amd64.deb diff --git a/config/toolchain/packages-base.list b/config/toolchain/packages-base.list new file mode 100644 index 0000000..44e0636 --- /dev/null +++ b/config/toolchain/packages-base.list @@ -0,0 +1,5 @@ +libfaketime +golang +ca-certificates +update-ca-certificates +openssl diff --git a/config/toolchain/packages-x86_64.list b/config/toolchain/packages-x86_64.list new file mode 100644 index 0000000..35d0465 --- /dev/null +++ b/config/toolchain/packages-x86_64.list @@ -0,0 +1,183 @@ +adduser=3.131 +apt=2.5.5 +base-files=12.3 +base-passwd=3.6.1 +bash=5.2.15-2+b1 +binutils-common=2.40-2 +binutils-x86-64-linux-gnu=2.40-2 +binutils=2.40-2 +bsdutils=1:2.38.1-4 +coreutils=9.1-1 +cpp-12=12.2.0-14 +cpp=4:12.2.0-3 +dash=0.5.12-2 +debconf=1.5.82 +debian-archive-keyring=2021.1.1 +debianutils=5.7-0.4 +diffutils=1:3.8-4 +dpkg=1.21.20 +e2fsprogs=1.46.6-1 +findutils=4.9.0-4 +fontconfig-config=2.14.1-4 +fonts-dejavu-core=2.37-2 +g++-12=12.2.0-14 +g++=4:12.2.0-3 +gcc-12-base=12.2.0-14 +gcc-12=12.2.0-14 +gcc=4:12.2.0-3 +golang-1.19-doc=1.19.5-1 +golang-1.19-go=1.19.5-1 +golang-1.19-src=1.19.5-1 +golang-1.19=1.19.5-1 +golang-doc=2:1.19~1 +golang-go=2:1.19~1 +golang-src=2:1.19~1 +golang=2:1.19~1 +gpgv=2.2.40-1 +grep=3.8-5 +gzip=1.12-1 +hostname=3.23+nmu1 +init-system-helpers=1.65.2 +krb5-locales=1.20.1-1 +libabsl20220623=20220623.1-1 +libacl1=2.3.1-3 +libaom3=3.5.0-1 +libapt-pkg6.0=2.5.5 +libasan8=12.2.0-14 +libatomic1=12.2.0-14 +libattr1=1:2.5.1-4 +libaudit-common=1:3.0.7-1.1 +libaudit1=1:3.0.7-1.1+b3 +libavif15=0.11.1-1 +libbinutils=2.40-2 +libblkid1=2.38.1-4 +libbrotli1=1.0.9-2+b6 +libbsd0=0.11.7-2 +libbz2-1.0=1.0.8-5+b1 +libc-bin=2.36-8 +libc-dev-bin=2.36-8 +libc-devtools=2.36-8 +libc6-dev=2.36-8 +libc6=2.36-8 +libcap-ng0=0.8.3-1+b3 +libcap2=1:2.66-3 +libcc1-0=12.2.0-14 +libcom-err2=1.46.6-1 +libcrypt-dev=1:4.4.33-2 +libcrypt1=1:4.4.33-2 +libctf-nobfd0=2.40-2 +libctf0=2.40-2 +libdav1d6=1.0.0-2 +libdb5.3=5.3.28+dfsg2-1 +libde265-0=1.0.11-1 +libdebconfclient0=0.267 +libdeflate0=1.14-1 +libexpat1=2.5.0-1 +libext2fs2=1.46.6-1 +libfaketime=0.9.10-2.1 +libffi8=3.4.4-1 +libfontconfig1=2.14.1-4 +libfreetype6=2.12.1+dfsg-4 +libgav1-1=0.18.0-1+b1 +libgcc-12-dev=12.2.0-14 +libgcc-s1=12.2.0-14 +libgcrypt20=1.10.1-3 +libgd3=2.3.3-9 +libgmp10=2:6.2.1+dfsg1-1.1 +libgnutls30=3.7.8-5 +libgomp1=12.2.0-14 +libgpg-error0=1.46-1 +libgprofng0=2.40-2 +libgssapi-krb5-2=1.20.1-1 +libheif1=1.14.2-1 +libhogweed6=3.8.1-2 +libidn2-0=2.3.3-1+b1 +libisl23=0.25-1 +libitm1=12.2.0-14 +libjansson4=2.14-2 +libjbig0=2.1-6.1 +libjpeg62-turbo=1:2.1.5-2 +libk5crypto3=1.20.1-1 +libkeyutils1=1.6.3-2 +libkrb5-3=1.20.1-1 +libkrb5support0=1.20.1-1 +liblerc4=4.0.0+ds-2 +liblsan0=12.2.0-14 +liblz4-1=1.9.4-1 +liblzma5=5.4.1-0.1 +libmd0=1.0.4-2 +libmount1=2.38.1-4 +libmpc3=1.3.1-1 +libmpfr6=4.2.0-1 +libnettle8=3.8.1-2 +libnsl-dev=1.3.0-2 +libnsl2=1.3.0-2 +libnuma1=2.0.16-1 +libp11-kit0=0.24.1-2 +libpam-modules-bin=1.5.2-6 +libpam-modules=1.5.2-6 +libpam-runtime=1.5.2-6 +libpam0g=1.5.2-6 +libpcre2-8-0=10.42-1 +libpcre3=2:8.39-15 +libpkgconf3=1.8.1-1 +libpng16-16=1.6.39-2 +libquadmath0=12.2.0-14 +librav1e0=0.5.1-6 +libseccomp2=2.5.4-1+b3 +libselinux1=3.4-1+b5 +libsemanage-common=3.4-1 +libsemanage2=3.4-1+b5 +libsepol2=3.4-2 +libsmartcols1=2.38.1-4 +libss2=1.46.6-1 +libssl3=3.0.8-1 +libstdc++-12-dev=12.2.0-14 +libstdc++6=12.2.0-14 +libsvtav1enc1=1.4.1+dfsg-1 +libsystemd0=252.5-2 +libtasn1-6=4.19.0-2 +libtiff6=4.5.0-4 +libtinfo6=6.4-2 +libtirpc-common=1.3.3+ds-1 +libtirpc-dev=1.3.3+ds-1 +libtirpc3=1.3.3+ds-1 +libtsan2=12.2.0-14 +libubsan1=12.2.0-14 +libudev1=252.5-2 +libunistring2=1.0-2 +libuuid1=2.38.1-4 +libwebp7=1.2.4-0.1 +libx11-6=2:1.8.3-3 +libx11-data=2:1.8.3-3 +libx265-199=3.5-2+b1 +libxau6=1:1.0.9-1 +libxcb1=1.15-1 +libxdmcp6=1:1.1.2-3 +libxpm4=1:3.5.12-1.1 +libxxhash0=0.8.1-1 +libyuv0=0.0~git20230104.6e4b0ac-1 +libzstd1=1.5.2+dfsg2-3 +linux-libc-dev=6.1.8-1 +login=1:4.13+dfsg1-1 +logsave=1.46.6-1 +manpages-dev=6.02-1 +manpages=6.02-1 +mawk=1.3.4.20200120-3.1 +mount=2.38.1-4 +ncurses-base=6.4-2 +ncurses-bin=6.4-2 +passwd=1:4.13+dfsg1-1 +perl-base=5.36.0-7 +pkg-config=1.8.1-1 +pkgconf-bin=1.8.1-1 +pkgconf=1.8.1-1 +rpcsvc-proto=1.4.3-1 +sed=4.9-1 +sysvinit-utils=3.06-2 +tar=1.34+dfsg-1 +tzdata=2022g-5 +usr-is-merged=35 +util-linux-extra=2.38.1-4 +util-linux=2.38.1-4 +zlib1g=1:1.2.13.dfsg-1 diff --git a/config/toolchain/sources.list b/config/toolchain/sources.list new file mode 100644 index 0000000..b57e1c9 --- /dev/null +++ b/config/toolchain/sources.list @@ -0,0 +1,6 @@ +deb http://deb.debian.org/debian bookworm main +deb http://security.debian.org/debian-security bookworm-security main +deb http://deb.debian.org/debian bookworm-updates main +deb [trusted=yes] http://snapshot.debian.org/archive/debian/20230217T000000Z bookworm main +deb [trusted=yes] http://snapshot.debian.org/archive/debian-security/20230217T000000Z bookworm-security main +deb [trusted=yes] http://snapshot.debian.org/archive/debian/20230217T000000Z bookworm-updates main diff --git a/backend/.terraform.lock.hcl b/infra/backend/.terraform.lock.hcl similarity index 100% rename from backend/.terraform.lock.hcl rename to infra/backend/.terraform.lock.hcl diff --git a/infra/backend/main.tf b/infra/backend/main.tf new file mode 100644 index 0000000..20f086a --- /dev/null +++ b/infra/backend/main.tf @@ -0,0 +1,38 @@ +terraform { + required_providers { + digitalocean = { + source = "digitalocean/digitalocean" + version = "~> 2.0" + } + } +} + +provider "digitalocean" {} +variable "environment" {} +variable "namespace" {} +variable "region" {} + +resource "random_id" "deploy_id" { + byte_length = 8 +} + +resource "digitalocean_spaces_bucket" "state" { + name = "${var.namespace}-${var.environment}-${random_id.deploy_id.hex}" + region = var.region +} + +output "endpoint" { + value = "https://${var.region}.digitaloceanspaces.com" +} + +output "region" { + value = digitalocean_spaces_bucket.state.region +} + +output "bucket" { + value = digitalocean_spaces_bucket.state.name +} + +output "key" { + value = "terraform.tfstate" +} diff --git a/backend/provider.tf b/infra/backend/provider.tf similarity index 100% rename from backend/provider.tf rename to infra/backend/provider.tf diff --git a/main/main.tf b/infra/main/main.tf similarity index 100% rename from main/main.tf rename to infra/main/main.tf diff --git a/main/provider.tf b/infra/main/provider.tf similarity index 100% rename from main/provider.tf rename to infra/main/provider.tf diff --git a/credentials.tfvars.gpg b/secrets/credentials.tfvars.gpg similarity index 100% rename from credentials.tfvars.gpg rename to secrets/credentials.tfvars.gpg diff --git a/src/toolchain b/src/toolchain new file mode 160000 index 0000000..8b98574 --- /dev/null +++ b/src/toolchain @@ -0,0 +1 @@ +Subproject commit 8b98574565d17b9261e7696ee8e83a6c0740a29c