bf552f7a9b
Adman (the hoster) have not provided an ETA for native v6 on bugry yet, so we establish a public v6 connection through nevsky for now. In traffic flows going West->East the overhead is minimal (a few ms), though I guess it might be worse if you're in the middle (Yekaterinburg or something). The prefix was chosen by the bugry public v4 address encoded in hex, and appended to the nevsky prefix. Change-Id: I133622c17bd02eade0a6febc6bdf97f403fed14c Reviewed-on: https://cl.tvl.fyi/c/depot/+/12974 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| default.nix | ||
| dns-nixery-dev.tf | ||
| dns-tvix-dev.tf | ||
| dns-tvl-fyi.tf | ||
| dns-tvl-su.tf | ||
| main.tf | ||
| README.md | ||
Terraform for GleSYS
This contains the Terraform configuration for deploying TVL's infrastructure at GleSYS. This includes object storage (e.g. for backups and Terraform state) and DNS.
Secrets are needed for applying this. The encrypted file
//ops/secrets/tf-glesys.age contains export calls which should be
sourced, for example via direnv, by users with the appropriate
credentials.
An example direnv configuration used by tazjin is this:
# //ops/secrets/.envrc
source_up
eval $(age --decrypt -i ~/.ssh/id_ed25519 $(git rev-parse --show-toplevel)/ops/secrets/tf-glesys.age)
watch_file $(git rev-parse --show-toplevel)/secrets/tf-glesys.age