tvl-depot/ops/glesys
Vincent Ambo 8de0d6ad48 chore(ops/glesys): point nixery.dev to nixery-01.tvl.fyi
Change-Id: I0bfa713511f1565bd2fa9b3c1989fda16e8dfa4a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9428
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
2023-09-22 17:52:23 +00:00
..
.gitignore feat(ops/glesys): Add gitignore for Terraform files 2021-12-24 18:54:44 +00:00
default.nix refactor(ops/glesys): Use tools.checks.validateTerraform 2022-06-07 09:32:13 +00:00
dns-nixery-dev.tf chore(ops/glesys): point nixery.dev to nixery-01.tvl.fyi 2023-09-22 17:52:23 +00:00
dns-tvix-dev.tf feat(ops/glesys): add CNAME for docs.tvix.dev 2023-03-14 21:59:40 +00:00
dns-tvl-fyi.tf feat(ops/glesys): add DNS record for nixery-01 host 2023-09-22 17:52:23 +00:00
dns-tvl-su.tf feat(ops/glesys): set up DNS record for inbox.tvl.su 2022-12-25 10:27:29 +00:00
main.tf feat(ops/glesys): delegate signup.tvl.fyi to whitby in DNS 2023-09-05 14:44:35 +00:00
README.md feat(ops/secrets): Import secrets for tf-glesys 2021-12-27 15:53:57 +00:00

Terraform for GleSYS

This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.

Secrets are needed for applying this. The encrypted file //ops/secrets/tf-glesys.age contains export calls which should be sourced, for example via direnv, by users with the appropriate credentials.

An example direnv configuration used by tazjin is this:

# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age