Add invoiceshelf billing software #8
|
@ -10,21 +10,18 @@ resource "random_id" "suffix" {
|
|||
byte_length = 8
|
||||
}
|
||||
|
||||
data "digitalocean_region" "provided" {
|
||||
slug = var.region
|
||||
}
|
||||
|
||||
resource "digitalocean_custom_image" "talos" {
|
||||
name = "talos"
|
||||
url = "https://github.com/siderolabs/talos/releases/download/v1.4.3/digital-ocean-amd64.raw.gz"
|
||||
# this gets reset by DigitalOcean otherwise
|
||||
distribution = "Unknown OS"
|
||||
regions = [data.digitalocean_region.provided.slug]
|
||||
regions = [var.region]
|
||||
}
|
||||
|
||||
resource "digitalocean_vpc" "main" {
|
||||
name = "talos"
|
||||
region = data.digitalocean_region.provided.slug
|
||||
region = var.region
|
||||
# Note: This is VERY CAREFULLY chosen to avoid conflict with k8s and cilium
|
||||
ip_range = "192.168.0.0/16"
|
||||
}
|
||||
|
@ -45,7 +42,7 @@ module "digitalocean_talos_cluster" {
|
|||
size = "s-2vcpu-4gb",
|
||||
}]
|
||||
vpc_id = digitalocean_vpc.main.id
|
||||
digitalocean_region = data.digitalocean_region.provided.slug
|
||||
digitalocean_region = var.region
|
||||
}
|
||||
|
||||
module "digitalocean_database_cluster" {
|
||||
|
@ -66,7 +63,7 @@ module "digitalocean_database_cluster" {
|
|||
}]
|
||||
|
||||
vpc_id = digitalocean_vpc.main.id
|
||||
digitalocean_region = data.digitalocean_region.provided.slug
|
||||
digitalocean_region = var.region
|
||||
}
|
||||
|
||||
# Crater App requires MySQL currently, when it adds PG support we should migrate
|
||||
|
@ -76,8 +73,9 @@ module "digitalocean_mysql_database_cluster" {
|
|||
|
||||
cluster_name = "distrust-mysql"
|
||||
db_engine = "mysql"
|
||||
dbcli_name = "mariadb"
|
||||
db_version = "8"
|
||||
size = "db-s-1vcpu-2gb"
|
||||
size = "db-s-1vcpu-1gb"
|
||||
node_count = 1
|
||||
|
||||
databases = [{
|
||||
|
@ -86,7 +84,7 @@ module "digitalocean_mysql_database_cluster" {
|
|||
}]
|
||||
|
||||
vpc_id = digitalocean_vpc.main.id
|
||||
digitalocean_region = data.digitalocean_region.provided.slug
|
||||
digitalocean_region = var.region
|
||||
}
|
||||
|
||||
locals {
|
||||
|
@ -100,10 +98,11 @@ locals {
|
|||
])
|
||||
}
|
||||
|
||||
|
||||
# `jq .database_users.value.forgejo | sops --encrypt`
|
||||
output "database_users" {
|
||||
value = {
|
||||
for db_user in module.digitalocean_database_cluster.database_users:
|
||||
for db_user in concat(module.digitalocean_database_cluster.database_users, module.digitalocean_mysql_database_cluster.database_users):
|
||||
db_user.name => {
|
||||
apiVersion = "v1",
|
||||
kind = "Secret",
|
||||
|
@ -131,6 +130,11 @@ output "database" {
|
|||
sensitive = true
|
||||
}
|
||||
|
||||
output "mysql_database" {
|
||||
value = module.digitalocean_mysql_database_cluster.database_cluster
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "vpc_id" {
|
||||
value = digitalocean_vpc.main.id
|
||||
}
|
||||
|
|
|
@ -2,7 +2,7 @@ terraform {
|
|||
required_providers {
|
||||
digitalocean = {
|
||||
source = "digitalocean/digitalocean"
|
||||
version = "2.28.1"
|
||||
version = "2.36.0"
|
||||
}
|
||||
}
|
||||
backend "s3" {
|
||||
|
|
|
@ -39,23 +39,34 @@ resource "digitalocean_database_user" "default_users" {
|
|||
name = each.key
|
||||
|
||||
provisioner "local-exec" {
|
||||
command = "GRANT ALL ON DATABASE ${each.key} TO ${each.key};"
|
||||
interpreter = [
|
||||
"psql",
|
||||
"-v", "ON_ERROR_STOP=1",
|
||||
command = var.dbcli_name == "psql" ? "GRANT ALL ON DATABASE ${each.key} TO ${each.key};" : "GRANT ALL PRIVILEGES ON ${each.key} TO '${each.key}'@'%';"
|
||||
interpreter = var.dbcli_name == "psql" ? [
|
||||
"${var.dbcli_name}",
|
||||
"${local.base_connection_string}/${each.key}",
|
||||
"-c"
|
||||
] : [
|
||||
"${var.dbcli_name}",
|
||||
"-u",
|
||||
"${digitalocean_database_cluster.main.user}",
|
||||
"-p",
|
||||
"-h",
|
||||
"${digitalocean_database_cluster.main.host}",
|
||||
"-P",
|
||||
"25060",
|
||||
"-D",
|
||||
"${each.key}",
|
||||
"-e"
|
||||
]
|
||||
}
|
||||
|
||||
provisioner "local-exec" {
|
||||
command = "GRANT ALL ON SCHEMA public TO ${each.key}"
|
||||
interpreter = [
|
||||
"psql",
|
||||
command = var.dbcli_name == "psql" ? "GRANT ALL ON SCHEMA public TO ${each.key}" : "true"
|
||||
interpreter = var.dbcli_name == "psql" ? [
|
||||
"${var.dbcli_name}",
|
||||
"-v", "ON_ERROR_STOP=1",
|
||||
"${local.base_connection_string}/${each.key}",
|
||||
"-c"
|
||||
]
|
||||
] : ["true"]
|
||||
}
|
||||
|
||||
# Note: provisioners depend on databases existing
|
||||
|
|
|
@ -33,3 +33,8 @@ variable "vpc_id" {
|
|||
type = string
|
||||
nullable = true
|
||||
}
|
||||
|
||||
variable "dbcli_name" {
|
||||
type = string
|
||||
default = "psql"
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue