snix/ops/glesys/main.tf

# Configure TVL resources hosted with GleSYS.
#
# Most importantly:
#  - all of our DNS
#  - object storage (e.g. backups)

terraform {
  required_providers {
    glesys = {
      source = "depot/glesys"
    }
  }

  backend "s3" {
    endpoint = "https://objects.dc-sto1.glesys.net"
    bucket   = "tvl-state"
    key      = "terraform/tvl-glesys"
    region   = "glesys"

    skip_credentials_validation = true
    skip_region_validation      = true
    skip_metadata_api_check     = true
  }
}

provider "glesys" {
  userid = "cl26117" # generated by GleSYS
}

resource "glesys_objectstorage_instance" "tvl-backups" {
  description = "tvl-backups"
  datacenter  = "dc-sto1"
}

resource "glesys_objectstorage_instance" "tvl-state" {
  description = "tvl-state"
  datacenter  = "dc-sto1"
}

resource "glesys_objectstorage_credential" "terraform-state" {
  instanceid  = glesys_objectstorage_instance.tvl-state.id
  description = "key for terraform state"
}

resource "glesys_objectstorage_credential" "litestream" {
  instanceid  = glesys_objectstorage_instance.tvl-state.id
  description = "key for litestream"
}

variable "whitby_ipv4" {
  type    = string
  default = "49.12.129.211"
}

variable "whitby_ipv6" {
  type    = string
  default = "2a01:4f8:242:5b21:0:feed:edef:beef"
}

variable "sanduny_ipv4" {
  type    = string
  default = "85.119.82.231"
}

variable "sanduny_ipv6" {
  type    = string
  default = "2001:ba8:1f1:f109::feed:edef:beef"
}

locals {
  # Hostnames of all public services on whitby
  whitby_services = [
    "at",
    "atward",
    "auth",
    "b",
    "cache",
    "cl",
    "code",
    "cs",
    "deploys",
    "images",
    "static",
    "status",
    "todo",
  ]
}