Add invoiceshelf billing software #8
34
Makefile
34
Makefile
|
@ -7,7 +7,7 @@ ENVIRONMENT := production
|
||||||
REGION := sfo3
|
REGION := sfo3
|
||||||
ROOT_DIR := $(shell pwd)
|
ROOT_DIR := $(shell pwd)
|
||||||
# TODO: automatically determine
|
# TODO: automatically determine
|
||||||
TERRAFORM := $(ROOT_DIR)/out/terraform.linux-x86_64
|
TERRAFORM := $(ROOT_DIR)/out/tofu.linux-x86_64
|
||||||
SOPS := $(ROOT_DIR)/out/sops.linux-x86_64
|
SOPS := $(ROOT_DIR)/out/sops.linux-x86_64
|
||||||
KEYS := \
|
KEYS := \
|
||||||
6B61ECD76088748C70590D55E90A401336C8AAA9 \
|
6B61ECD76088748C70590D55E90A401336C8AAA9 \
|
||||||
|
@ -15,13 +15,13 @@ KEYS := \
|
||||||
3D7C8D39E8C4DF771583D3F0A8A091FD346001CA \
|
3D7C8D39E8C4DF771583D3F0A8A091FD346001CA \
|
||||||
F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D
|
F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D
|
||||||
|
|
||||||
|
EXTRA_ARGS :=
|
||||||
|
|
||||||
.DEFAULT_GOAL :=
|
.DEFAULT_GOAL :=
|
||||||
.PHONY: default
|
.PHONY: default
|
||||||
default: \
|
default: \
|
||||||
toolchain \
|
toolchain \
|
||||||
tools \
|
tools \
|
||||||
$(patsubst %,$(KEY_DIR)/%.asc,$(KEYS)) \
|
|
||||||
$(CACHE_DIR)/website/.well-known/openpgpkey \
|
|
||||||
apply
|
apply
|
||||||
|
|
||||||
.PHONY:
|
.PHONY:
|
||||||
|
@ -76,6 +76,13 @@ infra/backend/.terraform: \
|
||||||
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
||||||
env -C infra/backend $(TERRAFORM) init -upgrade \
|
env -C infra/backend $(TERRAFORM) init -upgrade \
|
||||||
'
|
'
|
||||||
|
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
||||||
|
env -C infra/backend $(TERRAFORM) refresh \
|
||||||
|
-var environment=$(ENVIRONMENT) \
|
||||||
|
-var namespace=$(ENVIRONMENT) \
|
||||||
|
-var region=$(REGION) \
|
||||||
|
-state $(ENVIRONMENT).tfstate \
|
||||||
|
'
|
||||||
|
|
||||||
infra/main/.terraform: | \
|
infra/main/.terraform: | \
|
||||||
$(TERRAFORM) \
|
$(TERRAFORM) \
|
||||||
|
@ -85,6 +92,13 @@ infra/main/.terraform: | \
|
||||||
env -C infra/main $(TERRAFORM) init -upgrade \
|
env -C infra/main $(TERRAFORM) init -upgrade \
|
||||||
-backend-config="../../config/$(ENVIRONMENT).tfbackend" \
|
-backend-config="../../config/$(ENVIRONMENT).tfbackend" \
|
||||||
'
|
'
|
||||||
|
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
||||||
|
env -C infra/main $(TERRAFORM) refresh \
|
||||||
|
-var environment=$(ENVIRONMENT) \
|
||||||
|
-var namespace=$(ENVIRONMENT) \
|
||||||
|
-var region=$(REGION) \
|
||||||
|
-state $(ENVIRONMENT).tfstate \
|
||||||
|
'
|
||||||
|
|
||||||
infra/backend/$(ENVIRONMENT).tfstate: \
|
infra/backend/$(ENVIRONMENT).tfstate: \
|
||||||
$(TERRAFORM) \
|
$(TERRAFORM) \
|
||||||
|
@ -96,7 +110,7 @@ infra/backend/$(ENVIRONMENT).tfstate: \
|
||||||
-var environment=$(ENVIRONMENT) \
|
-var environment=$(ENVIRONMENT) \
|
||||||
-var namespace=$(ENVIRONMENT) \
|
-var namespace=$(ENVIRONMENT) \
|
||||||
-var region=$(REGION) \
|
-var region=$(REGION) \
|
||||||
-state ../../$@ \
|
-state $@ \
|
||||||
'
|
'
|
||||||
|
|
||||||
config/$(ENVIRONMENT).tfbackend: | \
|
config/$(ENVIRONMENT).tfbackend: | \
|
||||||
|
@ -107,9 +121,17 @@ config/$(ENVIRONMENT).tfbackend: | \
|
||||||
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
||||||
env -C infra/backend \
|
env -C infra/backend \
|
||||||
$(TERRAFORM) \
|
$(TERRAFORM) \
|
||||||
output -state ../../$< \
|
output -state $(ENVIRONMENT).tfstate \
|
||||||
> $@ \
|
> $@ \
|
||||||
'
|
'
|
||||||
|
$(SOPS) exec-env secrets/$(ENVIRONMENT).enc.env '\
|
||||||
|
env -C infra/backend \
|
||||||
|
$(TERRAFORM) refresh \
|
||||||
|
-var environment=$(ENVIRONMENT) \
|
||||||
|
-var namespace=$(ENVIRONMENT) \
|
||||||
|
-var region=$(REGION) \
|
||||||
|
-state $(ENVIRONMENT).tfstate \
|
||||||
|
'
|
||||||
|
|
||||||
.PHONY:
|
.PHONY:
|
||||||
apply: \
|
apply: \
|
||||||
|
@ -126,7 +148,7 @@ apply: \
|
||||||
-var environment=$(ENVIRONMENT) \
|
-var environment=$(ENVIRONMENT) \
|
||||||
-var namespace=$(ENVIRONMENT) \
|
-var namespace=$(ENVIRONMENT) \
|
||||||
-var region=$(REGION) \
|
-var region=$(REGION) \
|
||||||
'
|
$(EXTRA_ARGS) '
|
||||||
$(call maybe_encrypt_secret,infra/main/talos/talosconfig,secrets/$(ENVIRONMENT).talosconfig)
|
$(call maybe_encrypt_secret,infra/main/talos/talosconfig,secrets/$(ENVIRONMENT).talosconfig)
|
||||||
$(call maybe_encrypt_secret,infra/main/talos/kubeconfig,secrets/$(ENVIRONMENT).kubeconfig)
|
$(call maybe_encrypt_secret,infra/main/talos/kubeconfig,secrets/$(ENVIRONMENT).kubeconfig)
|
||||||
$(call maybe_encrypt_secret,infra/main/talos/controlplane.yaml,secrets/$(ENVIRONMENT).controlplane.yaml)
|
$(call maybe_encrypt_secret,infra/main/talos/controlplane.yaml,secrets/$(ENVIRONMENT).controlplane.yaml)
|
||||||
|
|
|
@ -22,7 +22,7 @@ SOPS_REF=b6d3c9700d88e0c9348f3ec7cd2f10ce4a4b3ee1
|
||||||
BUSYBOX_URL=https://busybox.net/downloads/busybox-1.36.1.tar.bz2
|
BUSYBOX_URL=https://busybox.net/downloads/busybox-1.36.1.tar.bz2
|
||||||
BUSYBOX_HASH=b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314
|
BUSYBOX_HASH=b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314
|
||||||
TOFU_REPO=https://github.com/opentofu/opentofu
|
TOFU_REPO=https://github.com/opentofu/opentofu
|
||||||
TOFU_REF=f9d8b3ca2c0926f66757241baf81af523be73726
|
TOFU_REF=5d05dba18b6e276a6262a4722fe90c13350c5428
|
||||||
KSOPS_REPO=https://github.com/viaduct-ai/kustomize-sops
|
KSOPS_REPO=https://github.com/viaduct-ai/kustomize-sops
|
||||||
KSOPS_REF=ac33c40e1b78d9847a8d0f58473e99419be5b170
|
KSOPS_REF=ac33c40e1b78d9847a8d0f58473e99419be5b170
|
||||||
KUSTOMIZE_REPO=https://github.com/kubernetes-sigs/kustomize
|
KUSTOMIZE_REPO=https://github.com/kubernetes-sigs/kustomize
|
||||||
|
|
|
@ -8,6 +8,7 @@ terraform {
|
||||||
backend "s3" {
|
backend "s3" {
|
||||||
skip_requesting_account_id = true
|
skip_requesting_account_id = true
|
||||||
skip_credentials_validation = true
|
skip_credentials_validation = true
|
||||||
|
skip_region_validation = true
|
||||||
skip_get_ec2_platforms = true
|
skip_get_ec2_platforms = true
|
||||||
skip_metadata_api_check = true
|
skip_metadata_api_check = true
|
||||||
}
|
}
|
||||||
|
|
|
@ -1 +1 @@
|
||||||
Subproject commit 23fc267a9dfdda30ba4287f8234879961722bafb
|
Subproject commit a2315fdbc8cd0e4a654d1aa4623a53d5292b3574
|
Loading…
Reference in New Issue