Add invoiceshelf billing software #8

Manually merged
ryan merged 7 commits from drgrove/distrust-stack:crater-app into main 2024-05-30 05:08:59 +00:00
4 changed files with 39 additions and 19 deletions
Showing only changes of commit c3d9a55497 - Show all commits

View File

@ -10,21 +10,18 @@ resource "random_id" "suffix" {
byte_length = 8
}
data "digitalocean_region" "provided" {
slug = var.region
}
resource "digitalocean_custom_image" "talos" {
name = "talos"
url = "https://github.com/siderolabs/talos/releases/download/v1.4.3/digital-ocean-amd64.raw.gz"
# this gets reset by DigitalOcean otherwise
distribution = "Unknown OS"
regions = [data.digitalocean_region.provided.slug]
regions = [var.region]
}
resource "digitalocean_vpc" "main" {
name = "talos"
region = data.digitalocean_region.provided.slug
region = var.region
# Note: This is VERY CAREFULLY chosen to avoid conflict with k8s and cilium
ip_range = "192.168.0.0/16"
}
@ -45,7 +42,7 @@ module "digitalocean_talos_cluster" {
size = "s-2vcpu-4gb",
}]
vpc_id = digitalocean_vpc.main.id
digitalocean_region = data.digitalocean_region.provided.slug
digitalocean_region = var.region
}
module "digitalocean_database_cluster" {
@ -66,7 +63,7 @@ module "digitalocean_database_cluster" {
}]
vpc_id = digitalocean_vpc.main.id
digitalocean_region = data.digitalocean_region.provided.slug
digitalocean_region = var.region
}
# Crater App requires MySQL currently, when it adds PG support we should migrate
@ -76,8 +73,9 @@ module "digitalocean_mysql_database_cluster" {
cluster_name = "distrust-mysql"
db_engine = "mysql"
dbcli_name = "mariadb"
db_version = "8"
size = "db-s-1vcpu-2gb"
size = "db-s-1vcpu-1gb"
node_count = 1
databases = [{
@ -86,7 +84,7 @@ module "digitalocean_mysql_database_cluster" {
}]
vpc_id = digitalocean_vpc.main.id
digitalocean_region = data.digitalocean_region.provided.slug
digitalocean_region = var.region
}
locals {
@ -100,10 +98,11 @@ locals {
])
}
# `jq .database_users.value.forgejo | sops --encrypt`
output "database_users" {
value = {
for db_user in module.digitalocean_database_cluster.database_users:
for db_user in concat(module.digitalocean_database_cluster.database_users, module.digitalocean_mysql_database_cluster.database_users):
db_user.name => {
apiVersion = "v1",
kind = "Secret",
@ -131,6 +130,11 @@ output "database" {
sensitive = true
}
output "mysql_database" {
value = module.digitalocean_mysql_database_cluster.database_cluster
sensitive = true
}
output "vpc_id" {
value = digitalocean_vpc.main.id
}

View File

@ -2,7 +2,7 @@ terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "2.28.1"
version = "2.36.0"
}
}
backend "s3" {

View File

@ -39,23 +39,34 @@ resource "digitalocean_database_user" "default_users" {
name = each.key
provisioner "local-exec" {
command = "GRANT ALL ON DATABASE ${each.key} TO ${each.key};"
interpreter = [
"psql",
"-v", "ON_ERROR_STOP=1",
command = var.dbcli_name == "psql" ? "GRANT ALL ON DATABASE ${each.key} TO ${each.key};" : "GRANT ALL PRIVILEGES ON ${each.key} TO '${each.key}'@'%';"
interpreter = var.dbcli_name == "psql" ? [
"${var.dbcli_name}",
"${local.base_connection_string}/${each.key}",
"-c"
] : [
"${var.dbcli_name}",
"-u",
"${digitalocean_database_cluster.main.user}",
"-p",
"-h",
"${digitalocean_database_cluster.main.host}",
"-P",
"25060",
"-D",
"${each.key}",
"-e"
]
}
provisioner "local-exec" {
command = "GRANT ALL ON SCHEMA public TO ${each.key}"
interpreter = [
"psql",
command = var.dbcli_name == "psql" ? "GRANT ALL ON SCHEMA public TO ${each.key}" : "true"
interpreter = var.dbcli_name == "psql" ? [
"${var.dbcli_name}",
"-v", "ON_ERROR_STOP=1",
"${local.base_connection_string}/${each.key}",
"-c"
]
] : ["true"]
}
# Note: provisioners depend on databases existing

View File

@ -33,3 +33,8 @@ variable "vpc_id" {
type = string
nullable = true
}
variable "dbcli_name" {
type = string
default = "psql"
}