lukegb/depot
1
0
Fork 0
Code Issues 1 Pull requests Projects Packages Activity Actions

ops/vault/cfg: init terranix stuff

Browse source
This commit is contained in:
Luke Granger-Brown 2022-03-14 21:29:15 +00:00
parent b469b24c5a
commit 92998b5d36
7 changed files with 68 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
.hgignore
View file

@ -6,6 +6,8 @@ ops/secrets/
result result
result-* result-*
ops/vault/cfg/tf/
web/quotes/theme/static/ web/quotes/theme/static/
syntax: regexp syntax: regexp

1
default.nix
View file

@ -9,6 +9,7 @@ let
config = depot: { config = depot: {
inherit depot system; inherit depot system;
pkgs = depot.third_party.nixpkgs; pkgs = depot.third_party.nixpkgs;
depotRoot = toString ./.;
}; };
in fix (self: in fix (self:
let ch = (self.config // { inherit (self) lib; }); let ch = (self.config // { inherit (self) lib; });

1
ops/default.nix
View file

@ -8,6 +8,7 @@ args: {
secrets = import ./secrets args; secrets = import ./secrets args;
raritan = import ./raritan args; raritan = import ./raritan args;
factorio = import ./factorio args; factorio = import ./factorio args;
vault = import ./vault args;
home-manager-ext = import ./home-manager-ext.nix args; home-manager-ext = import ./home-manager-ext.nix args;
} }

15
ops/vault/cfg/config.nix Normal file
View file

@ -0,0 +1,15 @@
{ ... }:
{
terraform = {
backend.gcs = {
bucket = "lukegb-terraform-state";
prefix = "depot/vault";
};
required_providers.vault = {
source = "hashicorp/vault";
version = "3.3.1";
};
};
}

21
ops/vault/cfg/default.nix Normal file
View file

@ -0,0 +1,21 @@
{ pkgs, depotRoot, ... }@args:
let
terranix = import "${pkgs.terranix}/core/default.nix" {
inherit pkgs;
terranix_config = { imports = [ ./config.nix ]; };
strip_nulls = true;
extraArgs = args;
};
config = (pkgs.formats.json { }).generate "config.tf.json" terranix.config;
terraform = pkgs.writeShellScript "terraform" ''
cd ${depotRoot}/ops/vault/cfg/tf
rm ./config.tf.json
ln -s ${config} config.tf.json
exec ${pkgs.terraform}/bin/terraform "$@"
'';
in {
inherit config terraform;
}

21
ops/vault/cfg/tf/.terraform.lock.hcl Normal file
View file

@ -0,0 +1,21 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/vault" {
version = "3.3.1"
constraints = "3.3.1"
hashes = [
"h1:i7EC2IF0KParI+JPA5ZtXJrAn3bAntW5gEMLvOXwpW4=",
"zh:3e1866037f43c1083ff825dce2a9e3853c757bb0121c5ae528ee3cf3f99b4113",
"zh:49636cc5c4939134e098c4ec0163c41fae103f24d7e1e8fc0432f8ad93d596a0",
"zh:5258a7001719c4aeb84f4c4da7115b795da4794754938a3c4176a4b578fe93a1",
"zh:7461738691e2e8ea91aba73d4351cfbc30fcaedcf0e332c9d35ef215f93aa282",
"zh:815529478e33a6727273b08340a4c62c9aeb3da02abf8f091bb4f545c8451fce",
"zh:8e6fede9f5e25b507faf6cacd61b997035b8b62859245861149ddb2990ada8eb",
"zh:9acc2387084b9c411e264c4351633bc82f9c4e420f8e6bbad9f87b145351f929",
"zh:b9e4af3b06386ceed720f0163a1496088c154aa1430ae072c525ffefa4b37891",
"zh:c7d5dfb8f8536694db6740e2a4afd2d681b60b396ded469282524c62ce154861",
"zh:d0850be710c6fd682634a2f823beed0164231cc873b1dc09038aa477c926f57c",
"zh:e90c2cba9d89db5eab295b2f046f24a53f23002bcfe008633d398fb3fa16d941",
]
}

7
ops/vault/default.nix Normal file
View file

@ -0,0 +1,7 @@
# SPDX-FileCopyrightText: 2022 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0
args: {
cfg = import ./cfg args;
}