History

Vincent Ambo 19d7ccf87f feat(ops/glesys): Set up Yandex 360 verification record on tvl.su Relates to b/158 Change-Id: I6738505bcf0088d35bb7c8f9215dcf0b4e27f9ca Reviewed-on: https://cl.tvl.fyi/c/depot/+/5109 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: tazjin <tazjin@tvl.su>		2022-01-29 14:51:47 +00:00
..
.gitignore	feat(ops/glesys): Add gitignore for Terraform files	2021-12-24 18:54:44 +00:00
default.nix	feat(ops/glesys): Provide tf-glesys wrapper	2021-12-24 19:21:48 +00:00
dns-nixery-dev.tf	feat(ops/glesys): Import DNS records for tvl.fyi	2021-12-27 16:42:53 +00:00
dns-tvl-fyi.tf	feat(ops/glesys): Import DNS records for tvl.fyi	2021-12-27 16:42:53 +00:00
dns-tvl-su.tf	feat(ops/glesys): Set up Yandex 360 verification record on tvl.su	2022-01-29 14:51:47 +00:00
main.tf	feat(ops/glesys): Import DNS records for tvl.fyi	2021-12-27 16:42:53 +00:00
README.md	feat(ops/secrets): Import secrets for tf-glesys	2021-12-27 15:53:57 +00:00

README.md

Terraform for GleSYS

This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.

Secrets are needed for applying this. The encrypted file //ops/secrets/tf-glesys.age contains export calls which should be sourced, for example via direnv, by users with the appropriate credentials.

An example direnv configuration used by tazjin is this:

# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age