bf552f7a9b
Adman (the hoster) have not provided an ETA for native v6 on bugry yet, so we establish a public v6 connection through nevsky for now. In traffic flows going West->East the overhead is minimal (a few ms), though I guess it might be worse if you're in the middle (Yekaterinburg or something). The prefix was chosen by the bugry public v4 address encoded in hex, and appended to the nevsky prefix. Change-Id: I133622c17bd02eade0a6febc6bdf97f403fed14c Reviewed-on: https://cl.tvl.fyi/c/depot/+/12974 Autosubmit: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org>
112 lines
2.1 KiB
HCL
112 lines
2.1 KiB
HCL
# Configure TVL resources hosted with GleSYS.
|
|
#
|
|
# Most importantly:
|
|
# - all of our DNS
|
|
# - object storage (e.g. backups)
|
|
|
|
terraform {
|
|
required_providers {
|
|
glesys = {
|
|
source = "depot/glesys"
|
|
}
|
|
}
|
|
|
|
backend "s3" {
|
|
endpoints = {
|
|
s3 = "https://objects.dc-sto1.glesys.net"
|
|
}
|
|
bucket = "tvl-state"
|
|
key = "terraform/tvl-glesys"
|
|
region = "glesys"
|
|
|
|
skip_credentials_validation = true
|
|
skip_region_validation = true
|
|
skip_metadata_api_check = true
|
|
skip_requesting_account_id = true
|
|
skip_s3_checksum = true
|
|
}
|
|
}
|
|
|
|
provider "glesys" {
|
|
userid = "cl26117" # generated by GleSYS
|
|
}
|
|
|
|
resource "glesys_objectstorage_instance" "tvl-backups" {
|
|
description = "tvl-backups"
|
|
datacenter = "dc-sto1"
|
|
}
|
|
|
|
resource "glesys_objectstorage_instance" "tvl-state" {
|
|
description = "tvl-state"
|
|
datacenter = "dc-sto1"
|
|
}
|
|
|
|
resource "glesys_objectstorage_credential" "terraform-state" {
|
|
instanceid = glesys_objectstorage_instance.tvl-state.id
|
|
description = "key for terraform state"
|
|
}
|
|
|
|
resource "glesys_objectstorage_credential" "litestream" {
|
|
instanceid = glesys_objectstorage_instance.tvl-state.id
|
|
description = "key for litestream"
|
|
}
|
|
|
|
variable "whitby_ipv4" {
|
|
type = string
|
|
default = "49.12.129.211"
|
|
}
|
|
|
|
variable "whitby_ipv6" {
|
|
type = string
|
|
default = "2a01:4f8:242:5b21:0:feed:edef:beef"
|
|
}
|
|
|
|
variable "nevsky_ipv4" {
|
|
type = string
|
|
default = "188.225.81.75"
|
|
}
|
|
|
|
variable "nevsky_ipv6" {
|
|
type = string
|
|
default = "2a03:6f00:2:514b:0:feed:edef:beef"
|
|
}
|
|
|
|
variable "bugry_ipv4" {
|
|
type = string
|
|
default = "91.199.149.239"
|
|
}
|
|
|
|
variable "bugry_ipv6" {
|
|
type = string
|
|
default = "2a03:6f00:2:514b:5bc7:95ef:0:2"
|
|
}
|
|
|
|
variable "sanduny_ipv4" {
|
|
type = string
|
|
default = "85.119.82.231"
|
|
}
|
|
|
|
variable "sanduny_ipv6" {
|
|
type = string
|
|
default = "2001:ba8:1f1:f109::feed:edef:beef"
|
|
}
|
|
|
|
locals {
|
|
# Hostnames of all public services on whitby
|
|
whitby_services = [
|
|
"at",
|
|
"atward",
|
|
"auth",
|
|
"b",
|
|
"cache",
|
|
"cl",
|
|
"code",
|
|
"cs",
|
|
"deploys",
|
|
"images",
|
|
"signup",
|
|
"static",
|
|
"status",
|
|
"todo",
|
|
]
|
|
}
|