tvl-depot/ops/glesys
Vincent Ambo fceb3fef73 test(ops/glesys): Validate Terraform configuration in CI
Change-Id: I8d251d3ee1de77feca865d0a677041c9c485d211
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5843
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
2022-06-06 11:05:12 +00:00
..
.gitignore feat(ops/glesys): Add gitignore for Terraform files 2021-12-24 18:54:44 +00:00
default.nix test(ops/glesys): Validate Terraform configuration in CI 2022-06-06 11:05:12 +00:00
dns-nixery-dev.tf feat(ops/glesys): Import DNS records for tvl.fyi 2021-12-27 16:42:53 +00:00
dns-tvl-fyi.tf feat(ops/glesys): Import DNS records for tvl.fyi 2021-12-27 16:42:53 +00:00
dns-tvl-su.tf feat(ops/glesys): add DNS record for AAAA sanduny.tvl.su. 2022-02-18 11:47:23 +00:00
main.tf feat(ops/glesys): add DNS record for AAAA sanduny.tvl.su. 2022-02-18 11:47:23 +00:00
README.md feat(ops/secrets): Import secrets for tf-glesys 2021-12-27 15:53:57 +00:00

Terraform for GleSYS

This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.

Secrets are needed for applying this. The encrypted file //ops/secrets/tf-glesys.age contains export calls which should be sourced, for example via direnv, by users with the appropriate credentials.

An example direnv configuration used by tazjin is this:

# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age