mirror of
https://github.com/Mic92/nixos-wiki-infra.git
synced 2024-11-22 00:04:01 +01:00
commit
bbba094363
@ -2,8 +2,5 @@
|
||||
export GITLAB_USER=<your-gitlab-username>
|
||||
export GITLAB_TOKEN=<your-gitlab-token>
|
||||
|
||||
# https://app.netlify.com/user/applications#personal-access-tokens
|
||||
export NETLIFY_TOKEN=<your-netlify-token>
|
||||
|
||||
# https://console.hetzner.cloud/projects/2356507/security/tokens
|
||||
export HCLOUD_TOKEN=<your-hetzner-token>
|
||||
|
25
flake.nix
25
flake.nix
@ -45,17 +45,20 @@
|
||||
};
|
||||
packages.default =
|
||||
pkgs.mkShell {
|
||||
packages = [
|
||||
pkgs.bashInteractive
|
||||
pkgs.sops
|
||||
(pkgs.opentofu.withPlugins (p: [
|
||||
p.netlify
|
||||
p.hcloud
|
||||
p.null
|
||||
p.external
|
||||
p.local
|
||||
]))
|
||||
];
|
||||
packages =
|
||||
let
|
||||
halalify = drv: drv.overrideAttrs (_old: { meta = _old.meta // { license = lib.licenses.free; }; });
|
||||
in
|
||||
[
|
||||
pkgs.bashInteractive
|
||||
pkgs.sops
|
||||
(halalify (pkgs.terraform.withPlugins (p: [
|
||||
p.hcloud
|
||||
p.null
|
||||
p.external
|
||||
p.local
|
||||
])))
|
||||
];
|
||||
};
|
||||
|
||||
checks =
|
||||
|
@ -55,8 +55,8 @@ in
|
||||
}; # Github login
|
||||
extensions.ConfirmEdit = null; # Combat SPAM with a simple Captcha
|
||||
extensions.StopForumSpam = pkgs.fetchzip {
|
||||
url = "https://extdist.wmflabs.org/dist/extensions/StopForumSpam-REL1_41-0abdc44.tar.gz";
|
||||
hash = "sha256-FLaL8ztlJtUPh76/3WCFPKuH2+gjz1paaWWZ8pu66hA=";
|
||||
url = "https://extdist.wmflabs.org/dist/extensions/StopForumSpam-REL1_41-73c94fb.tar.gz";
|
||||
hash = "sha256-UVRKDqgg4abj5gnbx8fytkkOeEwC+o68SEYlG4WFrcU=";
|
||||
};
|
||||
|
||||
extraConfig = ''
|
||||
|
@ -1 +0,0 @@
|
||||
../staging.nixos-wiki.thalheim.io/apply.sh
|
7
targets/admins/apply.sh
Executable file
7
targets/admins/apply.sh
Executable file
@ -0,0 +1,7 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
rm -f .terraform.lock.hcl
|
||||
terraform init -backend-config="password=$GITLAB_TOKEN" -backend-config="username=$GITLAB_USER"
|
||||
terraform apply
|
||||
|
@ -10,7 +10,7 @@ terraform {
|
||||
}
|
||||
|
||||
module "wiki" {
|
||||
source = "../../modules/admins"
|
||||
source = "../../terraform/admins"
|
||||
ssh_keys = {
|
||||
mic92 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE joerg@turingmachine"
|
||||
julien = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"
|
||||
|
@ -1 +1 @@
|
||||
{"ipv6_address":"2a01:4f9:c012:afb9::1","ssh_keys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE joerg@turingmachine"]}
|
||||
{"ipv6_address":"2a01:4f9:c012:4fe3::1","ssh_keys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbBp2dH2X3dcU1zh+xW3ZsdYROKpJd3n13ssOP092qE joerg@turingmachine","ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDMBW7rTtfZL9wtrpCVgariKdpN60/VeAzXkh9w3MwbO julien@enigma"]}
|
@ -1,8 +1,8 @@
|
||||
terraform {
|
||||
backend "http" {
|
||||
address = "https://gitlab.com/api/v4/projects/45776186/terraform/state/nixos-wiki2.thalheim.io"
|
||||
lock_address = "https://gitlab.com/api/v4/projects/45776186/terraform/state/nixos-wiki2.thalheim.io/lock"
|
||||
unlock_address = "https://gitlab.com/api/v4/projects/45776186/terraform/state/nixos-wiki2.thalheim.io/lock"
|
||||
address = "https://gitlab.com/api/v4/projects/54760013/terraform/state/nixos-wiki2.thalheim.io"
|
||||
lock_address = "https://gitlab.com/api/v4/projects/54760013/terraform/state/nixos-wiki2.thalheim.io/lock"
|
||||
unlock_address = "https://gitlab.com/api/v4/projects/54760013/terraform/state/nixos-wiki2.thalheim.io/lock"
|
||||
lock_method = "POST"
|
||||
unlock_method = "DELETE"
|
||||
retry_wait_min = "5"
|
||||
@ -11,7 +11,6 @@ terraform {
|
||||
|
||||
module "wiki" {
|
||||
source = "../../terraform/nixos-wiki"
|
||||
netlify_dns_zone = "nixos-wiki2.thalheim.io"
|
||||
domain = "nixos-wiki2.thalheim.io"
|
||||
nixos_flake_attr = "nixos-wiki2-thalheim-io"
|
||||
nixos_vars_file = "${path.module}/nixos-vars.json"
|
||||
@ -21,3 +20,11 @@ module "wiki" {
|
||||
Target = "nixos-wiki2.thalheim.io"
|
||||
}
|
||||
}
|
||||
|
||||
output "ipv4_address" {
|
||||
value = module.wiki.ipv4_address
|
||||
}
|
||||
|
||||
output "ipv6_address" {
|
||||
value = module.wiki.ipv6_address
|
||||
}
|
||||
|
@ -1,18 +0,0 @@
|
||||
resource "netlify_dns_zone" "nixos" {
|
||||
site_id = ""
|
||||
name = var.netlify_dns_zone
|
||||
}
|
||||
|
||||
resource "netlify_dns_record" "nixos_wiki_a" {
|
||||
zone_id = netlify_dns_zone.nixos.id
|
||||
hostname = var.domain
|
||||
type = "A"
|
||||
value = hcloud_server.nixos_wiki.ipv4_address
|
||||
}
|
||||
|
||||
resource "netlify_dns_record" "nixos_wiki_aaaa" {
|
||||
zone_id = netlify_dns_zone.nixos.id
|
||||
hostname = var.domain
|
||||
type = "AAAA"
|
||||
value = hcloud_server.nixos_wiki.ipv6_address
|
||||
}
|
@ -41,3 +41,11 @@ locals {
|
||||
ssh_keys = data.hcloud_ssh_keys.nixos_wiki.ssh_keys.*.public_key
|
||||
}
|
||||
}
|
||||
|
||||
output "ipv4_address" {
|
||||
value = hcloud_server.nixos_wiki.ipv4_address
|
||||
}
|
||||
|
||||
output "ipv6_address" {
|
||||
value = hcloud_server.nixos_wiki.ipv6_address
|
||||
}
|
||||
|
@ -1,6 +1,5 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
netlify = { source = "AegirHealth/netlify" }
|
||||
hcloud = { source = "hetznercloud/hcloud" }
|
||||
local = { source = "hashicorp/local" }
|
||||
}
|
||||
|
@ -1,6 +1,6 @@
|
||||
variable "server_type" {
|
||||
type = string
|
||||
default = "cx21"
|
||||
default = "cpx21"
|
||||
description = "Hetzner cloud server type"
|
||||
}
|
||||
|
||||
@ -10,11 +10,6 @@ variable "server_location" {
|
||||
description = "Hetzner cloud server location"
|
||||
}
|
||||
|
||||
variable "netlify_dns_zone" {
|
||||
type = string
|
||||
description = "Netlify DNS zone"
|
||||
}
|
||||
|
||||
variable "nixos_vars_file" {
|
||||
type = string
|
||||
description = "File to write NixOS configuration variables to"
|
||||
|
Loading…
Reference in New Issue
Block a user