df8edcb5f7
Adds the secrets and some instructions for deploying the GleSYS Terraform infrastructure. Change-Id: I1a10f9cee7648d406b3d27ef45fc74b6923cbc30 Reviewed-on: https://cl.tvl.fyi/c/depot/+/4712 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
20 lines
707 B
Markdown
20 lines
707 B
Markdown
Terraform for GleSYS
|
|
======================
|
|
|
|
This contains the Terraform configuration for deploying TVL's
|
|
infrastructure at [GleSYS](https://glesys.com). This includes object
|
|
storage (e.g. for backups and Terraform state) and DNS.
|
|
|
|
Secrets are needed for applying this. The encrypted file
|
|
`//ops/secrets/tf-glesys.age` contains `export` calls which should be
|
|
sourced, for example via `direnv`, by users with the appropriate
|
|
credentials.
|
|
|
|
An example `direnv` configuration used by tazjin is this:
|
|
|
|
```
|
|
# //ops/secrets/.envrc
|
|
source_up
|
|
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
|
|
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age
|
|
```
|