Go to file
2024-02-12 11:31:41 -05:00
bin Add ability to pass additional args to tf-init.sh 2022-05-12 15:00:32 -04:00
mgmt Move DNS records to gitea terraform 2024-02-12 11:31:41 -05:00
prod Move DNS records to gitea terraform 2024-02-12 11:31:41 -05:00
terraform-modules/packer_droplet Add new ssh public key and upgrade DO plugin version 2022-05-12 15:00:57 -04:00
.dir-locals.el Add dir-locals 2021-10-03 12:31:53 -04:00
.envrc Switch from Make to Rake 2024-02-11 23:24:45 -05:00
.gitignore Switch from Make to Rake 2024-02-11 23:24:45 -05:00
.ruby-version Switch from Make to Rake 2024-02-11 23:24:45 -05:00
Gemfile Switch from Make to Rake 2024-02-11 23:24:45 -05:00
Gemfile.lock Switch from Make to Rake 2024-02-11 23:24:45 -05:00
README.md Move tf-init.sh to bin directory 2020-12-04 14:15:35 -05:00

My personal infrastructure-as-code

This repository contains the configuration files and scripts to support the infrastructure I use for personal projects.

Terraform environment variables and config

Terraform state is stored in a DigitalOcean Spaces bucket. In order to access the bucket, the Terraform backend configuration needs the access_key and secret_key variables set. These variables are the DigitalOcean Spaces access key and secret key, respectively, which are generated from the DigitalOcean Spaces UI. I'm passing them to Terraform via the -backend-config terraform init option and pulling their values from my password manager. This operation is encapsulated in the bin/tf-init.sh script.

The Terraform scripts also require some environment variables set:

export TF_VAR_do_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
export TF_VAR_spaces_access_id=xxxxxxxxxxxxxxxxxxxx
export TF_VAR_spaces_secret_key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The do_token is the DigitalOcean API token, generated from the DigitalOcean API console UI, and the spaces_access_id and spaces_secret_key are the same Spaces configuration values as above. I'm setting these variables via direnv with a .envrc file at the repository root.