beeta/terraform/main.tf

# =============================================================================
# Realms App Server Infrastructure
# Separate Terraform state from git infrastructure (jump host + Forgejo)
# =============================================================================

locals {
  common_tags = concat([
    var.project_name,
    var.environment,
    "terraform-managed",
    "app-server"
  ], var.tags)
}

# =============================================================================
# SSH Keys
# =============================================================================

# Get all SSH keys on account
data "digitalocean_ssh_keys" "all" {}

# Find the internal VPC key (created by devops/terraform for jump host access)
locals {
  internal_key_name = "${var.project_name}-${var.environment}-internal-key"
  internal_key_ids  = [for k in data.digitalocean_ssh_keys.all.ssh_keys : k.id if k.name == local.internal_key_name]

  # Combine: internal key (for jump host) + all admin keys
  all_ssh_key_ids = distinct(concat(
    local.internal_key_ids,
    [for k in data.digitalocean_ssh_keys.all.ssh_keys : k.id]
  ))
}

# =============================================================================
# App Server Module
# =============================================================================

module "app_server" {
  source = "./modules/app_server"

  project_name     = var.project_name
  environment      = var.environment
  region           = var.region
  vpc_uuid         = var.vpc_uuid
  vpc_ip_range     = var.vpc_ip_range
  ssh_keys         = local.all_ssh_key_ids
  droplet_size     = var.app_droplet_size
  droplet_image    = var.app_droplet_image
  ssh_port         = var.app_ssh_port
  domain           = var.app_domain
  enable_backups   = var.enable_droplet_backups
  tags             = local.common_tags
  manage_dns       = var.manage_dns
  dns_zone         = var.dns_zone
  dns_record_name  = var.dns_record_name
  forgejo_registry = var.forgejo_registry
}
Initial commit - realms platform 2026-01-05 22:54:27 -05:00			`# =============================================================================`
			`# Realms App Server Infrastructure`
			`# Separate Terraform state from git infrastructure (jump host + Forgejo)`
			`# =============================================================================`

			`locals {`
			`common_tags = concat([`
			`var.project_name,`
			`var.environment,`
			`"terraform-managed",`
			`"app-server"`
			`], var.tags)`
			`}`

			`# =============================================================================`
			`# SSH Keys`
			`# =============================================================================`

Initial commit - realms platform 2026-01-06 00:26:54 -05:00			`# Get all SSH keys on account`
			`data "digitalocean_ssh_keys" "all" {}`
Initial commit - realms platform 2026-01-05 22:54:27 -05:00
Initial commit - realms platform 2026-01-06 00:26:54 -05:00			`# Find the internal VPC key (created by devops/terraform for jump host access)`
			`locals {`
			`internal_key_name = "${var.project_name}-${var.environment}-internal-key"`
			`internal_key_ids = [for k in data.digitalocean_ssh_keys.all.ssh_keys : k.id if k.name == local.internal_key_name]`

			`# Combine: internal key (for jump host) + all admin keys`
			`all_ssh_key_ids = distinct(concat(`
			`local.internal_key_ids,`
			`[for k in data.digitalocean_ssh_keys.all.ssh_keys : k.id]`
			`))`
Initial commit - realms platform 2026-01-05 22:54:27 -05:00			`}`

			`# =============================================================================`
			`# App Server Module`
			`# =============================================================================`

			`module "app_server" {`
			`source = "./modules/app_server"`

			`project_name = var.project_name`
			`environment = var.environment`
			`region = var.region`
			`vpc_uuid = var.vpc_uuid`
			`vpc_ip_range = var.vpc_ip_range`
Initial commit - realms platform 2026-01-06 00:26:54 -05:00			`ssh_keys = local.all_ssh_key_ids`
Initial commit - realms platform 2026-01-05 22:54:27 -05:00			`droplet_size = var.app_droplet_size`
			`droplet_image = var.app_droplet_image`
			`ssh_port = var.app_ssh_port`
			`domain = var.app_domain`
			`enable_backups = var.enable_droplet_backups`
			`tags = local.common_tags`
			`manage_dns = var.manage_dns`
			`dns_zone = var.dns_zone`
Initial commit - realms platform 2026-01-06 00:26:54 -05:00			`dns_record_name = var.dns_record_name`
Initial commit - realms platform 2026-01-05 22:54:27 -05:00			`forgejo_registry = var.forgejo_registry`
			`}`