[ci skip] phase 2: split terraform.tfvars into config.tfvars + secrets.sops.json

Browse source

config.tfvars (29 vars, plaintext): hostnames, IPs, DNS records, IDs
secrets.sops.json (140 vars, SOPS-encrypted): passwords, tokens, keys, maps

Both files coexist with terraform.tfvars — no functional change yet.
Complex types preserved: maps (mailserver_accounts, k8s_users, homepage_credentials),
lists (xray_reality_clients), heredocs as \n-escaped JSON strings (SSH keys,
WireGuard conf, headscale config).

...

This commit is contained in:

Viktor Barzin 2026-03-07 14:04:40 +00:00

parent 39333033a6

commit 0d8e3484be

2 changed files with 263 additions and 0 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

BIN

config.tfvars Normal file

View file

Binary file not shown.

263

secrets.sops.json Normal file

View file

File diff suppressed because one or more lines are too long