mirror of
https://github.com/kittywitch/nixfiles.git
synced 2026-02-09 04:19:19 -08:00
style: nix fmt
This commit is contained in:
parent
7913481b66
commit
6e0cc170eb
GPG key ID:
465E64DECEA8CF0F
112 changed files with 1977 additions and 1739 deletions
|
|
@ -1,13 +1,13 @@
|
|||
locals {
|
||||
account_id = "0467b993b65d8fd4a53fe24ed2fbb2a1"
|
||||
zones = {
|
||||
dork = "dork.dev"
|
||||
inskip = "inskip.me"
|
||||
dork = "dork.dev"
|
||||
inskip = "inskip.me"
|
||||
kittywitch = "kittywit.ch"
|
||||
}
|
||||
zone_ids = {
|
||||
dork = cloudflare_zone.dork_zone.id
|
||||
inskip = cloudflare_zone.inskip_zone.id
|
||||
dork = cloudflare_zone.dork_zone.id
|
||||
inskip = cloudflare_zone.inskip_zone.id
|
||||
kittywitch = cloudflare_zone.kittywitch_zone.id
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
variable "cloudflare_api_key" {
|
||||
sensitive = true
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
provider "cloudflare" {
|
||||
email = "kat@inskip.me"
|
||||
api_key = var.cloudflare_api_key
|
||||
email = "kat@inskip.me"
|
||||
api_key = var.cloudflare_api_key
|
||||
}
|
||||
|
|
@ -1,22 +1,22 @@
|
|||
resource "cloudflare_pages_project" "dorkdev" {
|
||||
account_id = local.account_id
|
||||
name = "dorkdev"
|
||||
account_id = local.account_id
|
||||
name = "dorkdev"
|
||||
production_branch = "main"
|
||||
|
||||
source {
|
||||
type = "github"
|
||||
config {
|
||||
owner = "kittywitch"
|
||||
repo_name = "dork.dev"
|
||||
production_branch = "main"
|
||||
deployments_enabled = true
|
||||
pr_comments_enabled = false
|
||||
production_deployment_enabled = true
|
||||
owner = "kittywitch"
|
||||
repo_name = "dork.dev"
|
||||
production_branch = "main"
|
||||
deployments_enabled = true
|
||||
pr_comments_enabled = false
|
||||
production_deployment_enabled = true
|
||||
|
||||
}
|
||||
}
|
||||
build_config {
|
||||
build_command = "zola build"
|
||||
build_command = "zola build"
|
||||
destination_dir = "public"
|
||||
#root_dir = "/"
|
||||
}
|
||||
|
|
@ -26,7 +26,7 @@ resource "cloudflare_pages_project" "dorkdev" {
|
|||
production {
|
||||
environment_variables = {
|
||||
UNSTABLE_PRE_BUILD = "asdf plugin add zola https://github.com/salasrod/asdf-zola && asdf install zola 0.20.0 && asdf global zola 0.20.0"
|
||||
ZOLA_VERSION = "0.20.0"
|
||||
ZOLA_VERSION = "0.20.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -39,9 +39,9 @@ resource "cloudflare_pages_project" "dorkdev" {
|
|||
}
|
||||
|
||||
resource "cloudflare_pages_domain" "dorkdev_root" {
|
||||
account_id = local.account_id
|
||||
project_name = "dorkdev"
|
||||
domain = local.zones.dork
|
||||
account_id = local.account_id
|
||||
project_name = "dorkdev"
|
||||
domain = local.zones.dork
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
40
tf/gmail.tf
40
tf/gmail.tf
|
|
@ -1,29 +1,29 @@
|
|||
locals {
|
||||
dkims = {
|
||||
inskip = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxag/EmXQ89XQmLrBDPpPtZ7EtEJT0hgvWf/+AFiOfBOm902tq9NbTTvRJ2dLeBLPaV+hNvq2Alc7UfkKUDlLTWQjeuiC6aOnRKQQg3LZ2W25U3AlIj0jd2IPiUhg9JGV4c66XiqQ5ylTBniShfUUyeAXxbPhYFBCkBg62LZcO/tFpFsdKWtZzLjgac5vTJID+M4F8duHpkA/ZCNNUEmtt7RNQB/LLI1Gr5yR4GdQl9z7NmwtOTo9pghbZuvljr8phYjdDrwZeFTMKQnvR1l2Eh/dZ8I0C4nP5Bk4QEfmLq666P1HzOxwT6iCU6Tc+P/pkWbrx0HJh39E1aKGyLJMQIDAQAB"
|
||||
dork = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziwoHJbM1rmeUiIXOgg0cujTL5BFW9PQOksUhKza1XpDP2rpzTlQr21NFYMJMc08xiE3AbvScMTX0jX3gc7+XoIYLD1VigRRvkyTubVfRmatqj+Pk41Fle1jWXHv5vNIYjjcsUTrpnrXYKoYrz34TtsmYHnu0G9MgmmcQGmbRU+WY+1R/ukhavlgXasfEW6r4tjLgVxQnser1Zjr80AUcu23od/+o+m6C9rDGMMnv6NIc2DOT7Ei6o60458f2Iwcpg38te22dy46A8AeGynbpB9+jF33Se0m22eKk5qZN5mfju/wxWMsl7ifCY/eqLZXRxJaEd5bMI8px5KvZp1TWwIDAQAB"
|
||||
kittywitch = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdmyA2+/si8UV3bodFZhtv5y68QnYr/kk9wnDHnk3JfJKusbrctXfETVu/9GXQ/U8tRquesF7aXKYHM/K3O6H58gAgIFm8JVnr9EUFh5PWBTKJxHgDo/6pprhpdAJg8k4f4p5yvqE0nUI6TC0UpN+ZmQMimgxvGGwQ6mpl7qmc7JxmTOiJbO1yz6eokU27S0NHfpdiE3TGG93i2r/LwAnHuhT/4weGO+vcXwKRTFGFFjvMo0XgjL2JnP01nk6dpDFwkkt5I26J4DkuNMkLefgDiGOoxDmG5EgPu0YwAm7Vk2/kX0W6rLe16lHGDkB0/atQ/IB9uch31GQrLP9etmdwIDAQAB"
|
||||
}
|
||||
dkims = {
|
||||
inskip = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxag/EmXQ89XQmLrBDPpPtZ7EtEJT0hgvWf/+AFiOfBOm902tq9NbTTvRJ2dLeBLPaV+hNvq2Alc7UfkKUDlLTWQjeuiC6aOnRKQQg3LZ2W25U3AlIj0jd2IPiUhg9JGV4c66XiqQ5ylTBniShfUUyeAXxbPhYFBCkBg62LZcO/tFpFsdKWtZzLjgac5vTJID+M4F8duHpkA/ZCNNUEmtt7RNQB/LLI1Gr5yR4GdQl9z7NmwtOTo9pghbZuvljr8phYjdDrwZeFTMKQnvR1l2Eh/dZ8I0C4nP5Bk4QEfmLq666P1HzOxwT6iCU6Tc+P/pkWbrx0HJh39E1aKGyLJMQIDAQAB"
|
||||
dork = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAziwoHJbM1rmeUiIXOgg0cujTL5BFW9PQOksUhKza1XpDP2rpzTlQr21NFYMJMc08xiE3AbvScMTX0jX3gc7+XoIYLD1VigRRvkyTubVfRmatqj+Pk41Fle1jWXHv5vNIYjjcsUTrpnrXYKoYrz34TtsmYHnu0G9MgmmcQGmbRU+WY+1R/ukhavlgXasfEW6r4tjLgVxQnser1Zjr80AUcu23od/+o+m6C9rDGMMnv6NIc2DOT7Ei6o60458f2Iwcpg38te22dy46A8AeGynbpB9+jF33Se0m22eKk5qZN5mfju/wxWMsl7ifCY/eqLZXRxJaEd5bMI8px5KvZp1TWwIDAQAB"
|
||||
kittywitch = "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdmyA2+/si8UV3bodFZhtv5y68QnYr/kk9wnDHnk3JfJKusbrctXfETVu/9GXQ/U8tRquesF7aXKYHM/K3O6H58gAgIFm8JVnr9EUFh5PWBTKJxHgDo/6pprhpdAJg8k4f4p5yvqE0nUI6TC0UpN+ZmQMimgxvGGwQ6mpl7qmc7JxmTOiJbO1yz6eokU27S0NHfpdiE3TGG93i2r/LwAnHuhT/4weGO+vcXwKRTFGFFjvMo0XgjL2JnP01nk6dpDFwkkt5I26J4DkuNMkLefgDiGOoxDmG5EgPu0YwAm7Vk2/kX0W6rLe16lHGDkB0/atQ/IB9uch31GQrLP9etmdwIDAQAB"
|
||||
}
|
||||
}
|
||||
|
||||
module "inskip-gmail" {
|
||||
source = "./gmail_dns"
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
zone_id = local.zone_ids.inskip
|
||||
zone_name = local.zones.inskip
|
||||
dkim = local.dkims.inskip
|
||||
source = "./gmail_dns"
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
zone_id = local.zone_ids.inskip
|
||||
zone_name = local.zones.inskip
|
||||
dkim = local.dkims.inskip
|
||||
}
|
||||
module "dork-gmail" {
|
||||
source = "./gmail_dns"
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
zone_id = local.zone_ids.dork
|
||||
zone_name = local.zones.dork
|
||||
dkim = local.dkims.dork
|
||||
source = "./gmail_dns"
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
zone_id = local.zone_ids.dork
|
||||
zone_name = local.zones.dork
|
||||
dkim = local.dkims.dork
|
||||
}
|
||||
module "kittywitch-gmail" {
|
||||
source = "./gmail_dns"
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
zone_id = local.zone_ids.kittywitch
|
||||
zone_name = local.zones.kittywitch
|
||||
dkim = local.dkims.kittywitch
|
||||
source = "./gmail_dns"
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
zone_id = local.zone_ids.kittywitch
|
||||
zone_name = local.zones.kittywitch
|
||||
dkim = local.dkims.kittywitch
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
cloudflare = {
|
||||
source = "cloudflare/cloudflare"
|
||||
version = "4.4.0"
|
||||
}
|
||||
required_providers {
|
||||
cloudflare = {
|
||||
source = "cloudflare/cloudflare"
|
||||
version = "4.4.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "cloudflare" {
|
||||
email = "kat@inskip.me"
|
||||
api_key = var.cloudflare_api_key
|
||||
email = "kat@inskip.me"
|
||||
api_key = var.cloudflare_api_key
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
resource "cloudflare_record" "gmail_mx_1_aspmx" {
|
||||
name = var.zone_name
|
||||
name = var.zone_name
|
||||
priority = 1
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
|
|
@ -9,7 +9,7 @@ resource "cloudflare_record" "gmail_mx_1_aspmx" {
|
|||
}
|
||||
|
||||
resource "cloudflare_record" "gmail_mx_5_alt1" {
|
||||
name = var.zone_name
|
||||
name = var.zone_name
|
||||
priority = 5
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
|
|
@ -19,7 +19,7 @@ resource "cloudflare_record" "gmail_mx_5_alt1" {
|
|||
}
|
||||
|
||||
resource "cloudflare_record" "gmail_mx_5_alt2" {
|
||||
name = var.zone_name
|
||||
name = var.zone_name
|
||||
priority = 5
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
|
|
@ -29,7 +29,7 @@ resource "cloudflare_record" "gmail_mx_5_alt2" {
|
|||
}
|
||||
|
||||
resource "cloudflare_record" "gmail_mx_10_alt3" {
|
||||
name = var.zone_name
|
||||
name = var.zone_name
|
||||
priority = 10
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
|
|
@ -38,7 +38,7 @@ resource "cloudflare_record" "gmail_mx_10_alt3" {
|
|||
zone_id = var.zone_id
|
||||
}
|
||||
resource "cloudflare_record" "gmail_mx_10_alt4" {
|
||||
name = var.zone_name
|
||||
name = var.zone_name
|
||||
priority = 10
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
|
|
@ -53,7 +53,7 @@ resource "cloudflare_record" "gmail_dkim" {
|
|||
ttl = 3600
|
||||
type = "TXT"
|
||||
value = var.dkim
|
||||
zone_id = var.zone_id
|
||||
zone_id = var.zone_id
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "gmail_spf" {
|
||||
|
|
@ -62,5 +62,5 @@ resource "cloudflare_record" "gmail_spf" {
|
|||
ttl = 3600
|
||||
type = "TXT"
|
||||
value = "v=spf1 include:_spf.google.com -all"
|
||||
zone_id = var.zone_id
|
||||
zone_id = var.zone_id
|
||||
}
|
||||
|
|
@ -1,14 +1,14 @@
|
|||
variable "cloudflare_api_key" {
|
||||
sensitive = true
|
||||
sensitive = true
|
||||
}
|
||||
variable "zone_id" {
|
||||
type = string
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "dkim" {
|
||||
type = string
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "zone_name" {
|
||||
type = string
|
||||
type = string
|
||||
}
|
||||
|
|
@ -1,23 +1,23 @@
|
|||
resource "cloudflare_pages_project" "inskip_root" {
|
||||
account_id = local.account_id
|
||||
name = "inskip-root"
|
||||
account_id = local.account_id
|
||||
name = "inskip-root"
|
||||
production_branch = "main"
|
||||
|
||||
source {
|
||||
type = "github"
|
||||
config {
|
||||
owner = "kittywitch"
|
||||
repo_name = "inskip.me"
|
||||
production_branch = "main"
|
||||
deployments_enabled = true
|
||||
pr_comments_enabled = false
|
||||
production_deployment_enabled = true
|
||||
owner = "kittywitch"
|
||||
repo_name = "inskip.me"
|
||||
production_branch = "main"
|
||||
deployments_enabled = true
|
||||
pr_comments_enabled = false
|
||||
production_deployment_enabled = true
|
||||
}
|
||||
}
|
||||
build_config {
|
||||
build_command = "hugo"
|
||||
build_command = "hugo"
|
||||
destination_dir = "public"
|
||||
root_dir = "/"
|
||||
root_dir = "/"
|
||||
}
|
||||
lifecycle {
|
||||
ignore_changes = [
|
||||
|
|
@ -28,9 +28,9 @@ resource "cloudflare_pages_project" "inskip_root" {
|
|||
}
|
||||
|
||||
resource "cloudflare_pages_domain" "inskip_root" {
|
||||
account_id = local.account_id
|
||||
project_name = "inskip-root"
|
||||
domain = local.zones.inskip
|
||||
account_id = local.account_id
|
||||
project_name = "inskip-root"
|
||||
domain = local.zones.inskip
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "inskip_root_pages" {
|
||||
|
|
|
|||
|
|
@ -1,17 +1,17 @@
|
|||
resource "cloudflare_pages_project" "kittywitch" {
|
||||
account_id = local.account_id
|
||||
name = "kittywitch"
|
||||
account_id = local.account_id
|
||||
name = "kittywitch"
|
||||
production_branch = "main"
|
||||
|
||||
source {
|
||||
type = "github"
|
||||
config {
|
||||
owner = "kittywitch"
|
||||
repo_name = "kittywit.ch"
|
||||
production_branch = "main"
|
||||
deployments_enabled = true
|
||||
pr_comments_enabled = false
|
||||
production_deployment_enabled = true
|
||||
owner = "kittywitch"
|
||||
repo_name = "kittywit.ch"
|
||||
production_branch = "main"
|
||||
deployments_enabled = true
|
||||
pr_comments_enabled = false
|
||||
production_deployment_enabled = true
|
||||
|
||||
}
|
||||
}
|
||||
|
|
@ -24,9 +24,9 @@ resource "cloudflare_pages_project" "kittywitch" {
|
|||
}
|
||||
|
||||
resource "cloudflare_pages_domain" "kittywitch_root" {
|
||||
account_id = local.account_id
|
||||
project_name = "kittywitch"
|
||||
domain = local.zones.kittywitch
|
||||
account_id = local.account_id
|
||||
project_name = "kittywitch"
|
||||
domain = local.zones.kittywitch
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "kittywitch_root_pages" {
|
||||
|
|
|
|||
|
|
@ -1,13 +1,13 @@
|
|||
module "oci_common_private_network" {
|
||||
source = "./oci_common_private_network"
|
||||
|
||||
cidr_blocks = [
|
||||
cidr_blocks = [
|
||||
"10.25.0.0/16"
|
||||
]
|
||||
|
||||
display_name = "CoreNetwork"
|
||||
dns_label = "core"
|
||||
tenancy_ocid = module.oci_compartment_bootstrap.child_compartment_id
|
||||
display_name = "CoreNetwork"
|
||||
dns_label = "core"
|
||||
tenancy_ocid = module.oci_compartment_bootstrap.child_compartment_id
|
||||
|
||||
providers = {
|
||||
oci = oci.oci_compartment
|
||||
|
|
|
|||
|
|
@ -4,12 +4,12 @@ resource "oci_core_default_security_list" "this" {
|
|||
dynamic "ingress_security_rules" {
|
||||
for_each = [
|
||||
{ from = 60000
|
||||
to = 61000 }
|
||||
to = 61000 }
|
||||
]
|
||||
iterator = port
|
||||
content {
|
||||
protocol = local.protocol_number.udp
|
||||
source = "0.0.0.0/0"
|
||||
source = "0.0.0.0/0"
|
||||
|
||||
description = "Mosh traffic from any origin"
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,7 @@
|
|||
resource "oci_core_internet_gateway" "this" {
|
||||
display_name = "internet"
|
||||
display_name = "internet"
|
||||
compartment_id = var.tenancy_ocid
|
||||
vcn_id = local.vcn.id
|
||||
vcn_id = local.vcn.id
|
||||
}
|
||||
|
||||
locals {
|
||||
|
|
|
|||
|
|
@ -2,12 +2,12 @@ terraform {
|
|||
required_providers {
|
||||
# Vendor: Hashicorp
|
||||
tls = {
|
||||
source = "hashicorp/tls"
|
||||
source = "hashicorp/tls"
|
||||
version = "4.0.5"
|
||||
}
|
||||
# Vendor: Oracle
|
||||
oci = {
|
||||
source = "oracle/oci"
|
||||
source = "oracle/oci"
|
||||
version = "5.45.0"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -17,9 +17,9 @@ variable "dns_label" {
|
|||
resource "oci_core_vcn" "this" {
|
||||
compartment_id = var.tenancy_ocid
|
||||
|
||||
cidr_blocks = var.cidr_blocks
|
||||
cidr_blocks = var.cidr_blocks
|
||||
display_name = var.display_name
|
||||
dns_label = var.dns_label
|
||||
dns_label = var.dns_label
|
||||
|
||||
is_ipv6enabled = true
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,20 +27,20 @@ variable "oci_compartment_bootstrap_user_email" {
|
|||
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformgettingstarted.htm
|
||||
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformproviderconfiguration.htm
|
||||
provider "oci" {
|
||||
alias = "oci_root"
|
||||
private_key = var.oci_compartment_bootstrap_private_key
|
||||
region = var.oci_compartment_bootstrap_region
|
||||
tenancy_ocid = var.oci_compartment_bootstrap_tenancy_ocid
|
||||
user_ocid = var.oci_compartment_bootstrap_user_ocid
|
||||
fingerprint = var.oci_compartment_bootstrap_fingerprint
|
||||
alias = "oci_root"
|
||||
private_key = var.oci_compartment_bootstrap_private_key
|
||||
region = var.oci_compartment_bootstrap_region
|
||||
tenancy_ocid = var.oci_compartment_bootstrap_tenancy_ocid
|
||||
user_ocid = var.oci_compartment_bootstrap_user_ocid
|
||||
fingerprint = var.oci_compartment_bootstrap_fingerprint
|
||||
}
|
||||
|
||||
# OCI Compartment Bootstrap
|
||||
module "oci_compartment_bootstrap" {
|
||||
source = "./oci_compartment_bootstrap"
|
||||
|
||||
tenancy_ocid = var.oci_compartment_bootstrap_tenancy_ocid
|
||||
user_email = var.oci_compartment_bootstrap_user_email
|
||||
tenancy_ocid = var.oci_compartment_bootstrap_tenancy_ocid
|
||||
user_email = var.oci_compartment_bootstrap_user_email
|
||||
|
||||
providers = {
|
||||
oci = oci.oci_root
|
||||
|
|
@ -48,42 +48,42 @@ module "oci_compartment_bootstrap" {
|
|||
}
|
||||
|
||||
output "oci_compartment_bootstrap_child_user_id" {
|
||||
value = module.oci_compartment_bootstrap.child_user_id
|
||||
value = module.oci_compartment_bootstrap.child_user_id
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "oci_compartment_bootstrap_child_compartment_id" {
|
||||
value = module.oci_compartment_bootstrap.child_compartment_id
|
||||
value = module.oci_compartment_bootstrap.child_compartment_id
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "oci_compartment_bootstrap_child_compartment_key_id" {
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_id
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_id
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "oci_compartment_bootstrap_child_compartment_key_fingerprint" {
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_fingerprint
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_fingerprint
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "oci_compartment_bootstrap_child_compartment_key_value" {
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_value
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_value
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
output "oci_compartment_bootstrap_child_compartment_key_state" {
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_state
|
||||
value = module.oci_compartment_bootstrap.child_compartment_key_state
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformgettingstarted.htm
|
||||
# https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/terraformproviderconfiguration.htm
|
||||
provider "oci" {
|
||||
alias = "oci_compartment"
|
||||
private_key = module.oci_compartment_bootstrap.child_compartment_private_key
|
||||
region = var.oci_compartment_bootstrap_region
|
||||
tenancy_ocid = module.oci_compartment_bootstrap.child_compartment_id
|
||||
user_ocid = module.oci_compartment_bootstrap.child_user_id
|
||||
fingerprint = module.oci_compartment_bootstrap.child_compartment_key_fingerprint
|
||||
alias = "oci_compartment"
|
||||
private_key = module.oci_compartment_bootstrap.child_compartment_private_key
|
||||
region = var.oci_compartment_bootstrap_region
|
||||
tenancy_ocid = module.oci_compartment_bootstrap.child_compartment_id
|
||||
user_ocid = module.oci_compartment_bootstrap.child_user_id
|
||||
fingerprint = module.oci_compartment_bootstrap.child_compartment_key_fingerprint
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
resource "oci_identity_api_key" "this" {
|
||||
key_value = local.child_compartment_public_key
|
||||
user_id = local.child_compartment_user
|
||||
user_id = local.child_compartment_user
|
||||
}
|
||||
|
||||
locals {
|
||||
|
|
|
|||
|
|
@ -5,8 +5,8 @@ variable "tenancy_ocid" {
|
|||
resource "oci_identity_compartment" "this" {
|
||||
# Compartment ID is Tenancy ID for this case
|
||||
compartment_id = var.tenancy_ocid
|
||||
description = "Compartment for Terraform usage"
|
||||
name = "kittywitch-tf"
|
||||
description = "Compartment for Terraform usage"
|
||||
name = "kittywitch-tf"
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
resource "oci_identity_group" "this" {
|
||||
compartment_id = var.tenancy_ocid
|
||||
|
||||
name = "terraform"
|
||||
name = "terraform"
|
||||
description = "terraform"
|
||||
}
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
resource "oci_identity_user_group_membership" "this" {
|
||||
user_id = oci_identity_user.this.id
|
||||
user_id = oci_identity_user.this.id
|
||||
group_id = oci_identity_group.this.id
|
||||
}
|
||||
|
|
@ -10,7 +10,7 @@ ANY { request.operation = 'CreateNetworkSecurityGroup', request.operation = 'Del
|
|||
resource "oci_identity_policy" "terraform-admin" {
|
||||
compartment_id = var.tenancy_ocid
|
||||
|
||||
name = "terraform-admin"
|
||||
name = "terraform-admin"
|
||||
description = "terraform-admin"
|
||||
|
||||
statements = [
|
||||
|
|
|
|||
|
|
@ -2,12 +2,12 @@ terraform {
|
|||
required_providers {
|
||||
# Vendor: Hashicorp
|
||||
tls = {
|
||||
source = "hashicorp/tls"
|
||||
source = "hashicorp/tls"
|
||||
version = "4.0.5"
|
||||
}
|
||||
# Vendor: Oracle
|
||||
oci = {
|
||||
source = "oracle/oci"
|
||||
source = "oracle/oci"
|
||||
version = "5.45.0"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,12 +2,12 @@ resource "tls_private_key" "this" {
|
|||
# https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/identity_api_key#key_value
|
||||
# "The public key. Must be an RSA key in PEM format."
|
||||
algorithm = "RSA"
|
||||
rsa_bits = 4096
|
||||
rsa_bits = 4096
|
||||
}
|
||||
|
||||
locals {
|
||||
child_compartment_private_key = tls_private_key.this.private_key_pem
|
||||
child_compartment_public_key = tls_private_key.this.public_key_pem
|
||||
child_compartment_public_key = tls_private_key.this.public_key_pem
|
||||
}
|
||||
|
||||
output "child_compartment_private_key" {
|
||||
|
|
|
|||
|
|
@ -4,9 +4,9 @@ variable "user_email" {
|
|||
|
||||
resource "oci_identity_user" "this" {
|
||||
compartment_id = local.child_compartment_id
|
||||
description = "The user for Terraform to use"
|
||||
name = "terraform"
|
||||
email = var.user_email
|
||||
description = "The user for Terraform to use"
|
||||
name = "terraform"
|
||||
email = var.user_email
|
||||
}
|
||||
|
||||
locals {
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ module "oci_servers" {
|
|||
source = "./oci_servers"
|
||||
|
||||
micro_display_names = ["Mei", "Mai"]
|
||||
flex_display_name = "Daiyousei"
|
||||
flex_display_name = "Daiyousei"
|
||||
|
||||
tenancy_ocid = module.oci_compartment_bootstrap.child_compartment_id
|
||||
nsg_id = module.oci_common_private_network.nsg_id
|
||||
|
|
@ -37,17 +37,17 @@ output "mai_public_ipv4" {
|
|||
locals {
|
||||
server_ips = {
|
||||
daiyousei = module.oci_servers.flex_public_ipv4
|
||||
mei = module.oci_servers.micro_public_ipv4s[0]
|
||||
mai = module.oci_servers.micro_public_ipv4s[1]
|
||||
mei = module.oci_servers.micro_public_ipv4s[0]
|
||||
mai = module.oci_servers.micro_public_ipv4s[1]
|
||||
}
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "oci" {
|
||||
for_each = local.server_ips
|
||||
name = each.key
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
type = "A"
|
||||
value = each.value
|
||||
zone_id = local.zone_ids.inskip
|
||||
name = each.key
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
type = "A"
|
||||
value = each.value
|
||||
zone_id = local.zone_ids.inskip
|
||||
}
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ locals {
|
|||
|
||||
resource "oci_core_instance" "that" {
|
||||
availability_domain = data.oci_identity_availability_domains.this.availability_domains.0.name
|
||||
compartment_id = var.tenancy_ocid
|
||||
compartment_id = var.tenancy_ocid
|
||||
shape = local.shapes.flex
|
||||
|
||||
display_name = var.flex_display_name
|
||||
|
|
@ -49,8 +49,8 @@ resource "oci_core_instance" "that" {
|
|||
assign_public_ip = true
|
||||
display_name = var.flex_display_name
|
||||
hostname_label = local.flex_hostname
|
||||
nsg_ids = [var.nsg_id]
|
||||
subnet_id = var.subnet_id
|
||||
nsg_ids = [var.nsg_id]
|
||||
subnet_id = var.subnet_id
|
||||
}
|
||||
|
||||
shape_config {
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
locals {
|
||||
flex_public_ipv4 = oci_core_instance.that.public_ip
|
||||
flex_public_ipv4 = oci_core_instance.that.public_ip
|
||||
micro_public_ipv4s = oci_core_instance.this[*].public_ip
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -28,7 +28,7 @@ resource "oci_core_instance" "this" {
|
|||
count = 2
|
||||
|
||||
availability_domain = local.availability_domain_micro
|
||||
compartment_id = var.tenancy_ocid
|
||||
compartment_id = var.tenancy_ocid
|
||||
shape = local.shapes.micro
|
||||
|
||||
display_name = var.micro_display_names[count.index]
|
||||
|
|
@ -51,10 +51,10 @@ resource "oci_core_instance" "this" {
|
|||
|
||||
create_vnic_details {
|
||||
assign_public_ip = true
|
||||
display_name = var.micro_display_names[count.index]
|
||||
hostname_label = lower(var.micro_display_names[count.index])
|
||||
nsg_ids = [var.nsg_id]
|
||||
subnet_id = var.subnet_id
|
||||
display_name = var.micro_display_names[count.index]
|
||||
hostname_label = lower(var.micro_display_names[count.index])
|
||||
nsg_ids = [var.nsg_id]
|
||||
subnet_id = var.subnet_id
|
||||
}
|
||||
|
||||
source_details {
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ terraform {
|
|||
required_providers {
|
||||
# Vendor: Oracle
|
||||
oci = {
|
||||
source = "oracle/oci"
|
||||
source = "oracle/oci"
|
||||
version = "5.45.0"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
data "oci_core_vnic_attachments" "flex" {
|
||||
compartment_id = var.tenancy_ocid
|
||||
instance_id = local.flex.id
|
||||
instance_id = local.flex.id
|
||||
}
|
||||
|
||||
data "oci_core_vnic_attachments" "micros" {
|
||||
count = 2
|
||||
count = 2
|
||||
compartment_id = var.tenancy_ocid
|
||||
instance_id = local.micros[count.index].id
|
||||
instance_id = local.micros[count.index].id
|
||||
}
|
||||
|
|
@ -2,25 +2,25 @@ data "tailscale_devices" "tailnet" {
|
|||
}
|
||||
|
||||
locals {
|
||||
tailscale_devices = data.tailscale_devices.tailnet.devices
|
||||
tailscale_devices = data.tailscale_devices.tailnet.devices
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "tailscale_device_v4_record" {
|
||||
for_each = { for device_name, device in local.tailscale_devices : split(".", device.name)[0] => device.addresses[0] if device.user == "kat@gensokyo.zone" }
|
||||
name = "${each.key}.devices"
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
type = "A"
|
||||
value = each.value
|
||||
zone_id = local.zone_ids.inskip
|
||||
name = "${each.key}.devices"
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
type = "A"
|
||||
value = each.value
|
||||
zone_id = local.zone_ids.inskip
|
||||
}
|
||||
|
||||
resource "cloudflare_record" "tailscale_device_v6_record" {
|
||||
for_each = { for device_name, device in local.tailscale_devices : split(".", device.name)[0] => device.addresses[1] if device.user == "kat@gensokyo.zone" }
|
||||
name = "${each.key}.devices"
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
type = "AAAA"
|
||||
value = each.value
|
||||
zone_id = local.zone_ids.inskip
|
||||
name = "${each.key}.devices"
|
||||
proxied = false
|
||||
ttl = 3600
|
||||
type = "AAAA"
|
||||
value = each.value
|
||||
zone_id = local.zone_ids.inskip
|
||||
}
|
||||
|
|
@ -1,17 +1,17 @@
|
|||
variable "tailscale_oauth_client_id" {
|
||||
sensitive = true
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "tailscale_oauth_client_secret" {
|
||||
sensitive = true
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "tailnet" {
|
||||
sensitive = false
|
||||
sensitive = false
|
||||
}
|
||||
|
||||
provider "tailscale" {
|
||||
oauth_client_id = var.tailscale_oauth_client_id
|
||||
oauth_client_secret = var.tailscale_oauth_client_secret
|
||||
tailnet = var.tailnet
|
||||
oauth_client_id = var.tailscale_oauth_client_id
|
||||
oauth_client_secret = var.tailscale_oauth_client_secret
|
||||
tailnet = var.tailnet
|
||||
}
|
||||
|
|
@ -2,12 +2,12 @@ terraform {
|
|||
required_providers {
|
||||
# Vendor: Hashicorp
|
||||
tls = {
|
||||
source = "hashicorp/tls"
|
||||
source = "hashicorp/tls"
|
||||
version = "4.0.5"
|
||||
}
|
||||
# Vendor: Oracle
|
||||
oci = {
|
||||
source = "oracle/oci"
|
||||
source = "oracle/oci"
|
||||
version = "5.45.0"
|
||||
}
|
||||
/*hcloud = {
|
||||
|
|
@ -15,11 +15,11 @@ terraform {
|
|||
version = "1.38.2"
|
||||
}*/
|
||||
tailscale = {
|
||||
source = "tailscale/tailscale"
|
||||
source = "tailscale/tailscale"
|
||||
version = "0.13.7"
|
||||
}
|
||||
cloudflare = {
|
||||
source = "cloudflare/cloudflare"
|
||||
source = "cloudflare/cloudflare"
|
||||
version = "4.4.0"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue