mirror of
https://github.com/nmasur/dotfiles
synced 2024-12-24 02:34:52 +00:00
Compare commits
No commits in common. "858557410011239c434a6533ce699084d2b31142" and "67ab65fa167afd63b6f222cc0903cf5504057cef" have entirely different histories.
8585574100
...
67ab65fa16
20
.github/workflows/arrow.yml
vendored
20
.github/workflows/arrow.yml
vendored
@ -5,16 +5,17 @@ env:
|
|||||||
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
|
DEPLOY_IDENTITY_BASE64: ${{ secrets.DEPLOY_IDENTITY_BASE64 }}
|
||||||
ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }}
|
ARROW_IDENTITY_BASE64: ${{ secrets.ARROW_IDENTITY_BASE64 }}
|
||||||
CLOUDFLARE_R2_ENDPOINT: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
|
CLOUDFLARE_R2_ENDPOINT: "${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
|
||||||
AWS_ACCESS_KEY_ID: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY }}
|
TF_VAR_cloudflare_account_id: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }}
|
||||||
AWS_SECRET_ACCESS_KEY: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY }}
|
TF_VAR_cloudflare_r2_access_key: ${{ secrets.CLOUDFLARE_R2_ACCESS_KEY }}
|
||||||
AWS_ENDPOINT_URL_S3: "https://${{ secrets.CLOUDFLARE_ACCOUNT_ID }}.r2.cloudflarestorage.com"
|
TF_VAR_cloudflare_r2_secret_key: ${{ secrets.CLOUDFLARE_R2_SECRET_KEY }}
|
||||||
TF_VAR_vultr_api_key: ${{ secrets.VULTR_API_KEY }}
|
TF_VAR_vultr_api_key: ${{ secrets.VULTR_API_KEY }}
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
inputs:
|
inputs:
|
||||||
rebuild:
|
rebuild:
|
||||||
type: boolean
|
type: bool
|
||||||
|
required: true
|
||||||
default: false
|
default: false
|
||||||
action:
|
action:
|
||||||
type: choice
|
type: choice
|
||||||
@ -75,14 +76,21 @@ jobs:
|
|||||||
# Checks whether Terraform is formatted properly. If this fails, you
|
# Checks whether Terraform is formatted properly. If this fails, you
|
||||||
# should install the pre-commit hook.
|
# should install the pre-commit hook.
|
||||||
- name: Check Formatting
|
- name: Check Formatting
|
||||||
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
|
|
||||||
run: |
|
run: |
|
||||||
terraform fmt -no-color -check -diff -recursive
|
terraform fmt -no-color -check -diff -recursive
|
||||||
|
|
||||||
# Connects to remote state backend and download providers.
|
# Connects to remote state backend and download providers.
|
||||||
- name: Terraform Init
|
- name: Terraform Init
|
||||||
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
|
working-directory: ${{ env.TERRAFORM_DIRECTORY }}
|
||||||
run: terraform init
|
run: |
|
||||||
|
terraform init \
|
||||||
|
-backend-config="endpoint=${{ env.CLOUDFLARE_R2_ENDPOINT }}" \
|
||||||
|
-backend-config="workspace_key_prefix=${{ github.repository }}/arrow" \
|
||||||
|
-backend-config="key=state.tfstate" \
|
||||||
|
-backend-config="skip_credentials_validation=true" \
|
||||||
|
-backend-config="skip_region_validation=true" \
|
||||||
|
-backend-config="region=anything" \
|
||||||
|
-backend-config="bucket=noahmasur-terraform"
|
||||||
|
|
||||||
# Deploys infrastructure or changes to infrastructure.
|
# Deploys infrastructure or changes to infrastructure.
|
||||||
- name: Terraform Apply
|
- name: Terraform Apply
|
||||||
|
@ -1,30 +1,13 @@
|
|||||||
terraform {
|
terraform {
|
||||||
backend "s3" {
|
backend "s3" {}
|
||||||
bucket = "noahmasur-terraform"
|
|
||||||
key = "arrow.tfstate"
|
|
||||||
region = "auto"
|
|
||||||
skip_credentials_validation = true
|
|
||||||
skip_metadata_api_check = true
|
|
||||||
skip_region_validation = true
|
|
||||||
skip_requesting_account_id = true
|
|
||||||
skip_s3_checksum = true
|
|
||||||
use_path_style = true
|
|
||||||
/*
|
|
||||||
ENVIRONMENT VARIABLES
|
|
||||||
---------------------
|
|
||||||
AWS_ACCESS_KEY_ID - R2 token
|
|
||||||
AWS_SECRET_ACCESS_KEY - R2 secret
|
|
||||||
AWS_ENDPOINT_URL_S3 - R2 location: https://ACCOUNT_ID.r2.cloudflarestorage.com
|
|
||||||
*/
|
|
||||||
}
|
|
||||||
required_version = ">= 1.0.0"
|
required_version = ">= 1.0.0"
|
||||||
required_providers {
|
required_providers {
|
||||||
aws = {
|
aws = {
|
||||||
source = "hashicorp/aws"
|
source = "hashicorp/aws"
|
||||||
version = "5.42.0"
|
version = "5.42.0"
|
||||||
}
|
}
|
||||||
vultr = {
|
vultr = {
|
||||||
source = "vultr/vultr"
|
source = "vultr/vultr"
|
||||||
version = "2.19.0"
|
version = "2.19.0"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -34,23 +17,41 @@ terraform {
|
|||||||
# image_file = one(fileset(path.root, "result/iso/nixos.iso"))
|
# image_file = one(fileset(path.root, "result/iso/nixos.iso"))
|
||||||
# }
|
# }
|
||||||
|
|
||||||
# variable "cloudflare_r2_endpoint" {
|
variable "cloudflare_account_id" {
|
||||||
# type = string
|
type = string
|
||||||
# description = "Domain for the Cloudflare R2 endpoint"
|
description = "ID of the Cloudflare account"
|
||||||
# }
|
}
|
||||||
|
|
||||||
|
variable "cloudflare_r2_access_key" {
|
||||||
|
type = string
|
||||||
|
description = "Non-sensitive access key ID for Cloudflare R2"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "cloudflare_r2_secret_key" {
|
||||||
|
type = string
|
||||||
|
description = "Sensitive access key secret for Cloudflare R2"
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
variable "vultr_api_key" {
|
variable "vultr_api_key" {
|
||||||
type = string
|
type = string
|
||||||
description = "API key for Vultr management"
|
description = "API key for Vultr management"
|
||||||
sensitive = true
|
sensitive = true
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "aws" {
|
provider "aws" {
|
||||||
region = "auto"
|
region = "us-east-1"
|
||||||
|
|
||||||
|
access_key = var.cloudflare_r2_access_key
|
||||||
|
secret_key = var.cloudflare_r2_secret_key
|
||||||
|
|
||||||
skip_credentials_validation = true
|
skip_credentials_validation = true
|
||||||
skip_metadata_api_check = true
|
|
||||||
skip_region_validation = true
|
skip_region_validation = true
|
||||||
skip_requesting_account_id = true
|
skip_requesting_account_id = true
|
||||||
|
|
||||||
|
endpoints {
|
||||||
|
s3 = "https://${var.cloudflare_account_id}.r2.cloudflarestorage.com"
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
provider "vultr" {
|
provider "vultr" {
|
||||||
@ -70,23 +71,23 @@ provider "vultr" {
|
|||||||
# }
|
# }
|
||||||
|
|
||||||
resource "vultr_iso_private" "image" {
|
resource "vultr_iso_private" "image" {
|
||||||
# url = "https://${var.cloudflare_account_id}.r2.cloudflarestorage.com/${data.aws_s3_bucket.images.id}/${aws_s3_object.image.key}"
|
# url = "https://${var.cloudflare_account_id}.r2.cloudflarestorage.com/${data.aws_s3_bucket.images.id}/${aws_s3_object.image.key}"
|
||||||
url = "https://arrow.images.masu.rs/arrow.iso"
|
url = "https://arrow.images.masu.rs/arrow.iso"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "vultr_instance" "arrow" {
|
resource "vultr_instance" "arrow" {
|
||||||
plan = "vc2-1c-2gb"
|
plan = "vc2-1c-2gb"
|
||||||
region = "ewr"
|
region = "ewr"
|
||||||
iso_id = vultr_iso_private.image.id
|
iso_id = vultr_iso_private.image.id
|
||||||
label = "arrow"
|
label = "arrow"
|
||||||
tags = ["arrow"]
|
tags = ["arrow"]
|
||||||
enable_ipv6 = false
|
enable_ipv6 = false
|
||||||
disable_public_ipv4 = false
|
disable_public_ipv4 = false
|
||||||
backups = "disabled"
|
backups = "disabled"
|
||||||
ddos_protection = false
|
ddos_protection = false
|
||||||
activation_email = false
|
activation_email = false
|
||||||
}
|
}
|
||||||
|
|
||||||
output "host_ip" {
|
output "host_ip" {
|
||||||
value = vultr_instance.arrow.main_ip
|
value = vultr_instance.arrow.main_ip
|
||||||
}
|
}
|
||||||
|
@ -103,7 +103,6 @@ inputs.nixpkgs.lib.nixosSystem {
|
|||||||
mullvad.enable = false;
|
mullvad.enable = false;
|
||||||
nixlang.enable = true;
|
nixlang.enable = true;
|
||||||
rust.enable = true;
|
rust.enable = true;
|
||||||
terraform.enable = true;
|
|
||||||
yt-dlp.enable = true;
|
yt-dlp.enable = true;
|
||||||
gaming = {
|
gaming = {
|
||||||
dwarf-fortress.enable = true;
|
dwarf-fortress.enable = true;
|
||||||
|
@ -31,7 +31,7 @@ in {
|
|||||||
|
|
||||||
src = prev.caddy.src;
|
src = prev.caddy.src;
|
||||||
|
|
||||||
vendorHash = "sha256-zeuvCk7kZa/W/roC12faCQDav4RB8RT1dR2Suh2yjD8=";
|
vendorHash = "sha256-woDPiGGSjophbmCyd30+JwWku0HQjBvNqGalkHuOiOA=";
|
||||||
|
|
||||||
overrideModAttrs = (_: {
|
overrideModAttrs = (_: {
|
||||||
preBuild = ''
|
preBuild = ''
|
||||||
|
Loading…
Reference in New Issue
Block a user