commit ab06eea093365322fc2e415bf008d3752c00c45f Author: GHOSCHT <31184695+GHOSCHT@users.noreply.github.com> Date: Wed Dec 18 19:52:54 2024 +0100 Init minio opentofu diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..6dc7723 --- /dev/null +++ b/.env.example @@ -0,0 +1,2 @@ +MINIO_USER=foo +MINIO_PASSWORD=bar diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..8912807 --- /dev/null +++ b/.gitignore @@ -0,0 +1,22 @@ +.env +.direnv/ + +.terraform/* + +*.tfstate +*.tfstate.* + +crash.log +crash.*.log + +*.tfvars +*.tfvars.json + +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +.terraform.tfstate.lock.info +.terraformrc +terraform.rc diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100644 index 0000000..316e447 --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,22 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/aminueza/minio" { + version = "3.2.1" + constraints = "3.2.1" + hashes = [ + "h1:KUaNvQb0tv8ZjmVbuagYPVSwVfBaUfsPmYPRuk3T/fA=", + "zh:397dbcbce5c1b80dbb1f946b706173cac3520d7af7dc82419c2cc7a518310754", + "zh:46654ad40858fee3c761e3edafba2c9750f3c95651451b80662cf1970926726e", + "zh:48e94f32e0efc9ff3bd7c75fd6e9e274c15da1cdb49f6420e5928dd29eb8183d", + "zh:49ec481963fe02260a6860e0049f0902528a6e0b5041fed548d543992c44fbc8", + "zh:4f9f7646f6bcb32cb5b7d7bbf2820c392789960a20a9ee8ca24b4d7488076db1", + "zh:7b23a4570aceb70b985a02fe495991f1164e2248fb14c868f29a968c56e22d49", + "zh:7f90b9894eb925a8c41caa36935c6627ca28b13162cfdcd0a101b0c993cabb37", + "zh:e810fe4f333e31a4ded99efe14a7456723deb31622809ce89eecc159be0dd781", + "zh:e8c72e21b4c165b4ce545fdc219e79d47d62e36c3a664b3b0917657525899551", + "zh:f2b44f569f4f406fbf400c0f44e7bb92285f069214152ac0ea72beea58c2921c", + "zh:f5cea25dfe849279c60c385cc31f197aacd7c43e4cdfd19248593dd23bec508e", + "zh:f9059596afd0a1c843c4d64bb3e44f44fc9616f5abbb96d8a3445991cb992e45", + ] +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..db7b727 --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1734424634, + "narHash": "sha256-cHar1vqHOOyC7f1+tVycPoWTfKIaqkoe1Q6TnKzuti4=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d3c42f187194c26d9f0309a8ecc469d6c878ce33", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..3b3fe1b --- /dev/null +++ b/flake.nix @@ -0,0 +1,28 @@ +{ + description = "My homepage/blog"; + + inputs.nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + + outputs = { nixpkgs, ... }: + let + supportedSystems = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" "aarch64-darwin" ]; + forEachSupportedSystem = f: + nixpkgs.lib.genAttrs supportedSystems (system: + f { + pkgs = import nixpkgs { + inherit system; + config.allowUnfree = true; + }; + }); + in + { + devShells = forEachSupportedSystem ({ pkgs }: { + default = pkgs.mkShell { + packages = with pkgs; [ + hugo + opentofu + ]; + }; + }); + }; +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..14bdd2f --- /dev/null +++ b/main.tf @@ -0,0 +1,29 @@ +terraform { + required_providers { + minio = { + source = "aminueza/minio" + version = "3.2.1" + } + } +} + +provider minio { + minio_server = "files.ghoscht.com" + minio_ssl = true + minio_user = local.envs["MINIO_USER"] + minio_password = local.envs["MINIO_PASSWORD"] +} + +resource "minio_s3_bucket" "assets" { + bucket = "homepage-assets" + acl = "public-read" +} + +resource "minio_s3_bucket" "source" { + bucket = "homepage-source" + acl = "public-read" +} + +output "minio_url" { + value = "${minio_s3_bucket.assets.bucket_domain_name}" +} diff --git a/values.tf b/values.tf new file mode 100644 index 0000000..12001c3 --- /dev/null +++ b/values.tf @@ -0,0 +1,3 @@ +locals { + envs = { for tuple in regexall("(.*)=(.*)", file(".env")) : tuple[0] => sensitive(tuple[1]) } +}