noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2024-09-19 15:54:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

try mixing up secrets

Browse Source
This commit is contained in:
Noah Masur 2024-03-24 14:29:51 -04:00
parent 16e228b7b0
commit 7e0a0bbbd2
2 changed files with 6 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
.github/workflows/arrow.yml vendored
View File

@ -5,10 +5,10 @@ env:
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }} DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }} ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }}
CLOUDFLARE_R2_ENDPOINT: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com" CLOUDFLARE_R2_ENDPOINT: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
TF_VAR_cloudflare_account_id: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY }}
TF_VAR_cloudflare_r2_access_key: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY }} AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY }}
TF_VAR_cloudflare_r2_secret_key: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY }}
TF_VAR_vultr_api_key: ${{ secrets.VULTR_API_KEY }} TF_VAR_vultr_api_key: ${{ secrets.VULTR_API_KEY }}
TF_VAR_cloudflare_r2_endpoint: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
on: on:
workflow_dispatch: workflow_dispatch:
@ -57,9 +57,6 @@ jobs:
result/iso/nixos.iso \ result/iso/nixos.iso \
s3://noahmasur-arrow-images/arrow.iso \ s3://noahmasur-arrow-images/arrow.iso \
--endpoint-url "https://${{ env.CLOUDFLARE_R2_ENDPOINT }}" --endpoint-url "https://${{ env.CLOUDFLARE_R2_ENDPOINT }}"
env:
AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY }}
# # Copy the image to S3 # # Copy the image to S3
# - name: Upload Image to Cache # - name: Upload Image to Cache

20
hosts/arrow/main.tf
View File

@ -17,20 +17,9 @@ terraform {
# image_file = one(fileset(path.root, "result/iso/nixos.iso")) # image_file = one(fileset(path.root, "result/iso/nixos.iso"))
# } # }
variable "cloudflare_account_id" { variable "cloudflare_r2_endpoint" {
type = string type = string
description = "ID of the Cloudflare account" description = "Domain for the Cloudflare R2 endpoint"
}
variable "cloudflare_r2_access_key" {
type = string
description = "Non-sensitive access key ID for Cloudflare R2"
}
variable "cloudflare_r2_secret_key" {
type = string
description = "Sensitive access key secret for Cloudflare R2"
sensitive = true
} }
variable "vultr_api_key" { variable "vultr_api_key" {
@ -42,15 +31,12 @@ variable "vultr_api_key" {
provider "aws" { provider "aws" {
region = "us-east-1" region = "us-east-1"
access_key = var.cloudflare_r2_access_key
secret_key = var.cloudflare_r2_secret_key
skip_credentials_validation = true skip_credentials_validation = true
skip_region_validation = true skip_region_validation = true
skip_requesting_account_id = true skip_requesting_account_id = true
endpoints { endpoints {
s3 = "https://${var.cloudflare_account_id}.r2.cloudflarestorage.com" s3 = "https://${var.cloudflare_r2_endpoint}"
} }
} }