snix/ops/hetzner-s3/README.md
Florian Klink a52ea3675c feat(*): initialize new Snix infrastructure
Co-Authored-By: edef <edef@edef.eu>
Co-Authored-by: Ryan Lahfa <raito@lix.systems>
Change-Id: Ica1cda177a236814de900f50a8a61d288f58f519
2025-03-17 17:15:07 +00:00

714 B

Hetzner S3 configuration

This contains Terraform configuration for setting up our Hetzner S3 buckets.

Through //tools/depot-deps a tf-hetzner-s3 binary is made available which contains a Terraform binary pre-configured with the correct providers. This is automatically on your $PATH through direnv.

However, secrets still need to be loaded to access the Terraform state and speak to the Hetzner API. These are available to certain users through //ops/secrets.

This can be done with separate direnv configuration, for example:

# //ops/buildkite/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-hetzner-s3.age)