24 lines
1.5 KiB
Markdown
24 lines
1.5 KiB
Markdown
|
# My personal infrastructure-as-code
|
||
|
|
|
||
|
|
This repository contains the configuration files and scripts to support the infrastructure I use for personal projects.
|
||
|
|
|
||
|
|
## Terraform environment variables and config
|
||
|
|
Terraform state is stored in a DigitalOcean Spaces bucket. In order to access the bucket, the Terraform backend configuration needs the `access_key` and `secret_key` variables set. These variables are the DigitalOcean Spaces access key and secret key, respectively, which are generated from the DigitalOcean Spaces UI. I'm passing them to Terraform via the `-backend-config` `terraform init` option. I create a file `backend-config.tf` in the root directory containing the necessary variables:
|
||
|
|
|
||
|
|
```terraform
|
||
|
|
access_key = "xxxxxxxxxxxxxxxxxxxx"
|
||
|
|
secret_key = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
|
||
|
|
```
|
||
|
|
|
||
|
|
Then run `terraform init -backend-config=backend-config.tf` when I need to run any Terraform commands. This operation is encapsulated in the `tf-init.sh` script.
|
||
|
|
|
||
|
|
The Terraform scripts also require some environment variables set:
|
||
|
|
|
||
|
|
```bash
|
||
|
|
export TF_VAR_do_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
||
|
|
export TF_VAR_spaces_access_id=xxxxxxxxxxxxxxxxxxxx
|
||
|
|
export TF_VAR_spaces_secret_key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
|
||
|
|
```
|
||
|
|
|
||
|
|
The `do_token` is the DigitalOcean API token, generated from the DigitalOcean API console UI, and the `spaces_access_id` and `spaces_secret_key` are the same Spaces configuration values as above. I'm setting these variables via [`direnv`](https://direnv.net/) with a `.envrc` file at the repository root.
|