doomtube/beeta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
beeta/terraform/main.tf
doomtube 38ecb718e7
All checks were successful
Build and Push / build-all (push) Successful in 15s
Details
Add automatic SSL certificate generation
2026-01-06 03:46:28 -05:00

58 lines
2 KiB
HCL
Raw Permalink Blame History

# =============================================================================
# Realms App Server Infrastructure
# Separate Terraform state from git infrastructure (jump host + Forgejo)
# =============================================================================
locals {
common_tags = concat([
var.project_name,
var.environment,
"terraform-managed",
"app-server"
], var.tags)
}
# =============================================================================
# SSH Keys
# =============================================================================
# Get all SSH keys on account
data "digitalocean_ssh_keys" "all" {}
# Find the internal VPC key (created by devops/terraform for jump host access)
locals {
internal_key_name = "${var.project_name}-${var.environment}-internal-key"
internal_key_ids = [for k in data.digitalocean_ssh_keys.all.ssh_keys : k.id if k.name == local.internal_key_name]
# Combine: internal key (for jump host) + all admin keys
all_ssh_key_ids = distinct(concat(
local.internal_key_ids,
[for k in data.digitalocean_ssh_keys.all.ssh_keys : k.id]
))
}
# =============================================================================
# App Server Module
# =============================================================================
module "app_server" {
source = "./modules/app_server"
project_name = var.project_name
environment = var.environment
region = var.region
vpc_uuid = var.vpc_uuid
vpc_ip_range = var.vpc_ip_range
ssh_keys = local.all_ssh_key_ids
droplet_size = var.app_droplet_size
droplet_image = var.app_droplet_image
ssh_port = var.app_ssh_port
domain = var.app_domain
enable_backups = var.enable_droplet_backups
tags = local.common_tags
manage_dns = var.manage_dns
dns_zone = var.dns_zone
dns_record_name = var.dns_record_name
forgejo_registry = var.forgejo_registry
letsencrypt_email = var.letsencrypt_email
}
Reference in a new issue View git blame Copy permalink