History

Vincent Ambo d8cdd629f4 feat(ops/glesys): Import DNS records for tvl.su These records were previously configured manually in the GleSYS web UI during our DNS outage (b/155). Note that I could not find a way to `terraform import` these records and have instead recreated the set and then cleaned up in the UI. Change-Id: If7de9a7e6dad20953ba8b610589a62dce400e87b Reviewed-on: https://cl.tvl.fyi/c/depot/+/4716 Tested-by: BuildkiteCI Autosubmit: tazjin <mail@tazj.in> Reviewed-by: grfn <grfn@gws.fyi>		2021-12-27 16:45:54 +00:00
..
.gitignore	feat(ops/glesys): Add gitignore for Terraform files	2021-12-24 18:54:44 +00:00
default.nix	feat(ops/glesys): Provide tf-glesys wrapper	2021-12-24 19:21:48 +00:00
dns-nixery-dev.tf	feat(ops/glesys): Import DNS records for tvl.fyi	2021-12-27 16:42:53 +00:00
dns-tvl-fyi.tf	feat(ops/glesys): Import DNS records for tvl.fyi	2021-12-27 16:42:53 +00:00
dns-tvl-su.tf	feat(ops/glesys): Import DNS records for tvl.su	2021-12-27 16:45:54 +00:00
main.tf	feat(ops/glesys): Import DNS records for tvl.fyi	2021-12-27 16:42:53 +00:00
README.md	feat(ops/secrets): Import secrets for tf-glesys	2021-12-27 15:53:57 +00:00

README.md

Terraform for GleSYS

This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.

Secrets are needed for applying this. The encrypted file //ops/secrets/tf-glesys.age contains export calls which should be sourced, for example via direnv, by users with the appropriate credentials.

An example direnv configuration used by tazjin is this:

# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age