Ryan Lahfa
4d68bfda2a
This requires the support for monorepo-terraform-state.s3.dgnum.eu being available. `.credentials/` is age-encrypted using only my key for now until we figure out the right mechanism. Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
21 lines
672 B
Nix
21 lines
672 B
Nix
{
|
|
# We use terraform.backend.s3 directly instead of the type-checked Terranix
|
|
# backend.s3 options. The latter does not support setting arbitrary s3
|
|
# endpoints.
|
|
#
|
|
# Note: currently requires the user to provide AWS_ACCESS_KEY_ID as well as
|
|
# AWS_SECRET_ACCESS_KEY in their environment variables.
|
|
|
|
terraform.backend.s3 = {
|
|
endpoints.s3 = "s3.dgnum.eu";
|
|
region = "garage";
|
|
bucket = "monorepo-terraform-state";
|
|
key = "state";
|
|
|
|
# It's just a dumb Garage server, don't try to be smart.
|
|
skip_credentials_validation = true;
|
|
skip_region_validation = true;
|
|
skip_requesting_account_id = true;
|
|
skip_metadata_api_check = true;
|
|
};
|
|
}
|