infrastructure/terranix/s3.nix

{ lib, ... }:
let
  inherit (lib) tf;
in
{
  # FIXME: add a NixOS module to abstract bucket creation, etc.
  config = {
    terraform.required_providers.garage = {
      version = "~> 1.0.3";
      source = "registry.opentofu.org/RaitoBezarius/garage";
    };

    resource = {
      secret_resource.admin-s3-token.lifecycle.prevent_destroy = true;
      garage_bucket.monorepo-terraform-state = { };
      garage_bucket_global_alias = {
        monorepo-terraform-state = {
          bucket_id = tf.ref "resource.garage_bucket.monorepo-terraform-state.id";
          alias = "monorepo-terraform-state";
        };
      };
      garage_key = { };
      garage_bucket_key = { };
    };

    provider.garage = {
      host = "s3-admin.dgnum.eu";
      scheme = "https";
      token = tf.ref "resource.secret_resource.admin-s3-token.value";
    };
  };
}
feat(infra): add S3 declarative buckets A very simple basic support for it, which requires a S3 admin token. Signed-off-by: Ryan Lahfa <ryan@dgnum.eu> 2024-10-10 12:31:44 +02:00			`{ lib, ... }:`
			`let`
			`inherit (lib) tf;`
			`in`
			`{`
			`# FIXME: add a NixOS module to abstract bucket creation, etc.`
			`config = {`
			`terraform.required_providers.garage = {`
			`version = "~> 1.0.3";`
			`source = "registry.opentofu.org/RaitoBezarius/garage";`
			`};`

			`resource = {`
			`secret_resource.admin-s3-token.lifecycle.prevent_destroy = true;`
			`garage_bucket.monorepo-terraform-state = { };`
			`garage_bucket_global_alias = {`
			`monorepo-terraform-state = {`
			`bucket_id = tf.ref "resource.garage_bucket.monorepo-terraform-state.id";`
			`alias = "monorepo-terraform-state";`
			`};`
			`};`
			`garage_key = { };`
			`garage_bucket_key = { };`
			`};`

			`provider.garage = {`
			`host = "s3-admin.dgnum.eu";`
			`scheme = "https";`
			`token = tf.ref "resource.secret_resource.admin-s3-token.value";`
			`};`
			`};`
			`}`