tvl-depot/ops/glesys
Vincent Ambo 19d7ccf87f feat(ops/glesys): Set up Yandex 360 verification record on tvl.su
Relates to b/158

Change-Id: I6738505bcf0088d35bb7c8f9215dcf0b4e27f9ca
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5109
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
2022-01-29 14:51:47 +00:00
..
.gitignore feat(ops/glesys): Add gitignore for Terraform files 2021-12-24 18:54:44 +00:00
default.nix feat(ops/glesys): Provide tf-glesys wrapper 2021-12-24 19:21:48 +00:00
dns-nixery-dev.tf feat(ops/glesys): Import DNS records for tvl.fyi 2021-12-27 16:42:53 +00:00
dns-tvl-fyi.tf feat(ops/glesys): Import DNS records for tvl.fyi 2021-12-27 16:42:53 +00:00
dns-tvl-su.tf feat(ops/glesys): Set up Yandex 360 verification record on tvl.su 2022-01-29 14:51:47 +00:00
main.tf feat(ops/glesys): Import DNS records for tvl.fyi 2021-12-27 16:42:53 +00:00
README.md feat(ops/secrets): Import secrets for tf-glesys 2021-12-27 15:53:57 +00:00

Terraform for GleSYS

This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.

Secrets are needed for applying this. The encrypted file //ops/secrets/tf-glesys.age contains export calls which should be sourced, for example via direnv, by users with the appropriate credentials.

An example direnv configuration used by tazjin is this:

# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age