[ci skip] Phase 3: Remove migrated service modules from monolith
All 66 service modules removed from modules/kubernetes/main.tf (now just a migration notice). The kubernetes_cluster module block removed from root main.tf. All services now managed via stacks/<service>/.
This commit is contained in:
Viktor Barzin
parent
a9ba8899be
commit
71bfdc8e89
2 changed files with 8 additions and 1047 deletions
200
main.tf
200
main.tf
|
|
@ -317,200 +317,10 @@ provider "proxmox" {
|
|||
# }
|
||||
# }
|
||||
|
||||
module "kubernetes_cluster" {
|
||||
source = "./modules/kubernetes"
|
||||
|
||||
prod = var.prod
|
||||
tls_secret_name = var.tls_secret_name
|
||||
# dockerhub_password = var.dockerhub_password
|
||||
client_certificate_secret_name = var.client_certificate_secret_name
|
||||
mailserver_accounts = var.mailserver_accounts
|
||||
mailserver_sasl_passwd = var.mailserver_sasl_passwd
|
||||
mailserver_aliases = var.mailserver_aliases
|
||||
mailserver_opendkim_key = var.mailserver_opendkim_key
|
||||
mailserver_roundcubemail_db_password = var.mailserver_roundcubemail_db_password
|
||||
pihole_web_password = var.pihole_web_password
|
||||
|
||||
# Webhook tokens
|
||||
webhook_handler_secret = var.webhook_handler_secret
|
||||
webhook_handler_fb_verify_token = var.webhook_handler_fb_verify_token
|
||||
webhook_handler_fb_page_token = var.webhook_handler_fb_page_token
|
||||
webhook_handler_fb_app_secret = var.webhook_handler_fb_app_secret
|
||||
webhook_handler_git_user = var.webhook_handler_git_user
|
||||
webhook_handler_git_token = var.webhook_handler_git_token
|
||||
webhook_handler_ssh_key = var.webhook_handler_ssh_key
|
||||
|
||||
wireguard_wg_0_conf = var.wireguard_wg_0_conf
|
||||
wireguard_wg_0_key = var.wireguard_wg_0_key
|
||||
wireguard_firewall_sh = var.wireguard_firewall_sh
|
||||
hackmd_db_password = var.hackmd_db_password
|
||||
|
||||
# using the following hack to dynamically update dns from outside
|
||||
bind_db_viktorbarzin_me = replace(var.bind_db_viktorbarzin_me, "85.130.108.6", "85.130.108.6")
|
||||
bind_db_viktorbarzin_lan = var.bind_db_viktorbarzin_lan
|
||||
bind_named_conf_options = var.bind_named_conf_options
|
||||
|
||||
alertmanager_account_password = var.alertmanager_account_password
|
||||
alertmanager_slack_api_url = var.alertmanager_slack_api_url
|
||||
|
||||
# Drone
|
||||
drone_github_client_id = var.drone_github_client_id
|
||||
drone_github_client_secret = var.drone_github_client_secret
|
||||
drone_rpc_secret = var.drone_rpc_secret
|
||||
drone_webhook_secret = var.drone_webhook_secret
|
||||
|
||||
# Oauth proxy
|
||||
oauth2_proxy_client_id = var.oauth2_proxy_client_id
|
||||
oauth2_proxy_client_secret = var.oauth2_proxy_client_secret
|
||||
oauth2_proxy_authenticated_emails = var.oauth2_proxy_authenticated_emails
|
||||
# oauth_client_id = var.oauth_client_id
|
||||
# oauth_client_secret = var.oauth_client_secret
|
||||
# depends_on = [module.k8s_master, module.k8s_node1, module.k8s_node2] # wait until master and at least 2 nodes are up
|
||||
|
||||
idrac_username = var.monitoring_idrac_username
|
||||
idrac_password = var.monitoring_idrac_password
|
||||
|
||||
url_shortener_geolite_license_key = var.url_shortener_geolite_license_key
|
||||
url_shortener_api_key = var.url_shortener_api_key
|
||||
url_shortener_mysql_password = var.url_shortener_mysql_password
|
||||
|
||||
# dbaas
|
||||
dbaas_root_password = var.dbaas_root_password
|
||||
dbaas_postgresql_root_password = var.dbaas_postgresql_root_password
|
||||
dbaas_pgadmin_password = var.dbaas_pgadmin_password
|
||||
|
||||
# home-assistant
|
||||
home_assistant_configuration = var.home_assistant_configuration
|
||||
|
||||
# shadowsocks
|
||||
shadowsocks_password = var.shadowsocks_password
|
||||
|
||||
# finance app
|
||||
finance_app_graphql_api_secret = var.finance_app_graphql_api_secret
|
||||
finance_app_db_connection_string = var.finance_app_db_connection_string
|
||||
finance_app_currency_converter_api_key = var.finance_app_currency_converter_api_key
|
||||
finance_app_gocardless_secret_key = var.finance_app_gocardless_secret_key
|
||||
finance_app_gocardless_secret_id = var.finance_app_gocardless_secret_id
|
||||
|
||||
headscale_config = var.headscale_config
|
||||
headscale_acl = var.headscale_acl
|
||||
|
||||
immich_postgresql_password = var.immich_postgresql_password
|
||||
immich_frame_api_key = var.immich_frame_api_key
|
||||
|
||||
ingress_crowdsec_api_key = var.ingress_crowdsec_api_key
|
||||
crowdsec_enroll_key = var.crowdsec_enroll_key
|
||||
crowdsec_db_password = var.crowdsec_db_password
|
||||
crowdsec_dash_api_key = var.crowdsec_dash_api_key
|
||||
crowdsec_dash_machine_id = var.crowdsec_dash_machine_id
|
||||
crowdsec_dash_machine_password = var.crowdsec_dash_machine_password
|
||||
|
||||
vaultwarden_smtp_password = var.vaultwarden_smtp_password
|
||||
|
||||
resume_redis_url = var.resume_redis_url
|
||||
resume_database_password = var.resume_database_password
|
||||
resume_database_url = var.resume_database_url
|
||||
resume_auth_secret = var.resume_auth_secret
|
||||
|
||||
frigate_valchedrym_camera_credentials = var.frigate_valchedrym_camera_credentials
|
||||
|
||||
// updating technitium records
|
||||
technitium_username = var.technitium_username
|
||||
technitium_password = var.technitium_password
|
||||
technitium_db_password = var.technitium_db_password
|
||||
|
||||
paperless_db_password = var.paperless_db_password
|
||||
|
||||
diun_nfty_token = var.diun_nfty_token
|
||||
diun_slack_url = var.diun_slack_url
|
||||
|
||||
nextcloud_db_password = var.nextcloud_db_password
|
||||
homepage_credentials = var.homepage_credentials
|
||||
|
||||
authentik_secret_key = var.authentik_secret_key
|
||||
authentik_postgres_password = var.authentik_postgres_password
|
||||
|
||||
linkwarden_postgresql_password = var.linkwarden_postgresql_password
|
||||
linkwarden_authentik_client_id = var.linkwarden_authentik_client_id
|
||||
linkwarden_authentik_client_secret = var.linkwarden_authentik_client_secret
|
||||
|
||||
# Cloudflare credentials
|
||||
cloudflare_api_key = var.cloudflare_api_key
|
||||
cloudflare_email = var.cloudflare_email
|
||||
cloudflare_account_id = var.cloudflare_account_id
|
||||
cloudflare_zone_id = var.cloudflare_zone_id
|
||||
cloudflare_tunnel_id = var.cloudflare_tunnel_id
|
||||
public_ip = var.public_ip
|
||||
cloudflare_proxied_names = var.cloudflare_proxied_names
|
||||
cloudflare_non_proxied_names = var.cloudflare_non_proxied_names
|
||||
cloudflare_tunnel_token = var.cloudflare_tunnel_token
|
||||
|
||||
owntracks_credentials = var.owntracks_credentials
|
||||
|
||||
ollama_api_credentials = var.ollama_api_credentials
|
||||
|
||||
dawarich_database_password = var.dawarich_database_password
|
||||
geoapify_api_key = var.geoapify_api_key
|
||||
|
||||
tandoor_database_password = var.tandoor_database_password
|
||||
tandoor_email_password = var.mailserver_accounts["info@viktorbarzin.me"]
|
||||
|
||||
n8n_postgresql_password = var.n8n_postgresql_password
|
||||
|
||||
realestate_crawler_db_password = var.realestate_crawler_db_password
|
||||
realestate_crawler_notification_settings = var.realestate_crawler_notification_settings
|
||||
|
||||
kured_notify_url = var.kured_notify_url
|
||||
|
||||
onlyoffice_db_password = var.onlyoffice_db_password
|
||||
onlyoffice_jwt_token = var.onlyoffice_jwt_token
|
||||
|
||||
xray_reality_clients = var.xray_reality_clients
|
||||
xray_reality_private_key = var.xray_reality_private_key
|
||||
xray_reality_short_ids = var.xray_reality_short_ids
|
||||
|
||||
tiny_tuya_api_key = var.tiny_tuya_api_key
|
||||
tiny_tuya_api_secret = var.tiny_tuya_api_secret
|
||||
tiny_tuya_service_secret = var.tiny_tuya_service_secret
|
||||
tiny_tuya_slack_url = var.tiny_tuya_slack_url
|
||||
haos_api_token = var.haos_api_token
|
||||
pve_password = var.pve_password
|
||||
grafana_db_password = var.grafana_db_password
|
||||
grafana_admin_password = var.grafana_admin_password
|
||||
|
||||
clickhouse_password = var.clickhouse_password
|
||||
clickhouse_postgres_password = var.clickhouse_postgres_password
|
||||
|
||||
wealthfolio_password_hash = var.wealthfolio_password_hash
|
||||
|
||||
aiostreams_database_connection_string = var.aiostreams_database_connection_string
|
||||
|
||||
actualbudget_credentials = var.actualbudget_credentials
|
||||
|
||||
speedtest_db_password = var.speedtest_db_password
|
||||
freedify_credentials = var.freedify_credentials
|
||||
|
||||
mcaptcha_postgresql_password = var.mcaptcha_postgresql_password
|
||||
mcaptcha_cookie_secret = var.mcaptcha_cookie_secret
|
||||
mcaptcha_captcha_salt = var.mcaptcha_captcha_salt
|
||||
|
||||
openrouter_api_key = var.openrouter_api_key
|
||||
slack_bot_token = var.slack_bot_token
|
||||
slack_channel = var.slack_channel
|
||||
|
||||
affine_postgresql_password = var.affine_postgresql_password
|
||||
health_postgresql_password = var.health_postgresql_password
|
||||
health_secret_key = var.health_secret_key
|
||||
openclaw_ssh_key = var.openclaw_ssh_key
|
||||
openclaw_skill_secrets = var.openclaw_skill_secrets
|
||||
gemini_api_key = var.gemini_api_key
|
||||
llama_api_key = var.llama_api_key
|
||||
brave_api_key = var.brave_api_key
|
||||
modal_api_key = var.modal_api_key
|
||||
coturn_turn_secret = var.coturn_turn_secret
|
||||
|
||||
k8s_users = var.k8s_users
|
||||
ssh_private_key = var.ssh_private_key
|
||||
}
|
||||
# ---------------------------------------------------------------------------
|
||||
# The kubernetes_cluster module (modules/kubernetes/) has been migrated to
|
||||
# individual Terragrunt stacks under stacks/.
|
||||
# See stacks/<service>/main.tf for each service's configuration.
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,852 +1,3 @@
|
|||
variable "prod" {}
|
||||
variable "tls_secret_name" {}
|
||||
variable "client_certificate_secret_name" {}
|
||||
variable "hackmd_db_password" {}
|
||||
variable "mailserver_accounts" {}
|
||||
variable "mailserver_aliases" {}
|
||||
variable "mailserver_opendkim_key" {}
|
||||
variable "mailserver_roundcubemail_db_password" { type = string }
|
||||
variable "mailserver_sasl_passwd" {}
|
||||
variable "pihole_web_password" {}
|
||||
variable "webhook_handler_secret" {}
|
||||
variable "wireguard_wg_0_conf" {}
|
||||
variable "wireguard_wg_0_key" {}
|
||||
variable "wireguard_firewall_sh" {}
|
||||
variable "bind_db_viktorbarzin_me" {}
|
||||
variable "bind_db_viktorbarzin_lan" {}
|
||||
variable "bind_named_conf_options" {}
|
||||
variable "alertmanager_account_password" {}
|
||||
variable "dbaas_root_password" {}
|
||||
variable "dbaas_postgresql_root_password" {}
|
||||
variable "dbaas_pgadmin_password" {}
|
||||
variable "drone_github_client_id" {}
|
||||
variable "drone_github_client_secret" {}
|
||||
variable "drone_rpc_secret" {}
|
||||
variable "drone_webhook_secret" {}
|
||||
variable "oauth2_proxy_client_id" {}
|
||||
variable "oauth2_proxy_client_secret" {}
|
||||
variable "oauth2_proxy_authenticated_emails" {}
|
||||
variable "url_shortener_geolite_license_key" {}
|
||||
variable "url_shortener_api_key" {}
|
||||
variable "url_shortener_mysql_password" {}
|
||||
variable "webhook_handler_fb_verify_token" {}
|
||||
variable "webhook_handler_fb_page_token" {}
|
||||
variable "webhook_handler_fb_app_secret" {}
|
||||
variable "webhook_handler_git_user" {}
|
||||
variable "webhook_handler_git_token" {}
|
||||
variable "webhook_handler_ssh_key" {}
|
||||
variable "technitium_username" {}
|
||||
variable "technitium_password" {}
|
||||
variable "technitium_db_password" {}
|
||||
variable "idrac_username" {}
|
||||
variable "idrac_password" {}
|
||||
variable "alertmanager_slack_api_url" {}
|
||||
variable "home_assistant_configuration" {}
|
||||
variable "shadowsocks_password" {}
|
||||
variable "finance_app_db_connection_string" {}
|
||||
variable "finance_app_currency_converter_api_key" {}
|
||||
variable "finance_app_graphql_api_secret" {}
|
||||
variable "finance_app_gocardless_secret_key" {}
|
||||
variable "finance_app_gocardless_secret_id" {}
|
||||
variable "headscale_config" {}
|
||||
variable "headscale_acl" {}
|
||||
variable "immich_postgresql_password" {}
|
||||
variable "immich_frame_api_key" {}
|
||||
variable "ingress_crowdsec_api_key" {}
|
||||
variable "crowdsec_enroll_key" { type = string }
|
||||
variable "crowdsec_db_password" { type = string }
|
||||
variable "crowdsec_dash_api_key" { type = string }
|
||||
variable "crowdsec_dash_machine_id" { type = string }
|
||||
variable "crowdsec_dash_machine_password" { type = string }
|
||||
variable "vaultwarden_smtp_password" {}
|
||||
variable "resume_database_url" {}
|
||||
variable "resume_database_password" {}
|
||||
variable "resume_redis_url" {}
|
||||
variable "resume_auth_secret" { type = string }
|
||||
variable "frigate_valchedrym_camera_credentials" { default = "" }
|
||||
variable "paperless_db_password" {}
|
||||
variable "diun_nfty_token" {}
|
||||
variable "diun_slack_url" {}
|
||||
variable "nextcloud_db_password" {}
|
||||
variable "homepage_credentials" {}
|
||||
variable "authentik_secret_key" {}
|
||||
variable "authentik_postgres_password" {}
|
||||
variable "linkwarden_postgresql_password" {}
|
||||
variable "linkwarden_authentik_client_id" {}
|
||||
variable "linkwarden_authentik_client_secret" {}
|
||||
variable "cloudflare_tunnel_token" {}
|
||||
variable "cloudflare_api_key" {}
|
||||
variable "cloudflare_email" {}
|
||||
variable "cloudflare_account_id" {}
|
||||
variable "cloudflare_zone_id" {}
|
||||
variable "cloudflare_tunnel_id" {}
|
||||
variable "public_ip" {}
|
||||
variable "cloudflare_proxied_names" {}
|
||||
variable "cloudflare_non_proxied_names" {}
|
||||
variable "owntracks_credentials" {}
|
||||
variable "ollama_api_credentials" {}
|
||||
variable "dawarich_database_password" {}
|
||||
variable "geoapify_api_key" {}
|
||||
variable "tandoor_database_password" {}
|
||||
variable "tandoor_email_password" {}
|
||||
variable "n8n_postgresql_password" {}
|
||||
variable "realestate_crawler_db_password" {}
|
||||
variable "realestate_crawler_notification_settings" {
|
||||
type = map(string)
|
||||
default = {
|
||||
}
|
||||
}
|
||||
variable "kured_notify_url" {}
|
||||
variable "onlyoffice_db_password" { type = string }
|
||||
variable "onlyoffice_jwt_token" { type = string }
|
||||
variable "xray_reality_clients" { type = list(map(string)) }
|
||||
variable "xray_reality_private_key" { type = string }
|
||||
variable "xray_reality_short_ids" { type = list(string) }
|
||||
variable "tiny_tuya_api_key" { type = string }
|
||||
variable "tiny_tuya_api_secret" { type = string }
|
||||
variable "tiny_tuya_service_secret" { type = string }
|
||||
variable "tiny_tuya_slack_url" { type = string }
|
||||
variable "haos_api_token" { type = string }
|
||||
variable "pve_password" { type = string }
|
||||
variable "grafana_db_password" { type = string }
|
||||
variable "grafana_admin_password" { type = string }
|
||||
variable "clickhouse_password" { type = string }
|
||||
variable "clickhouse_postgres_password" { type = string }
|
||||
variable "wealthfolio_password_hash" { type = string }
|
||||
variable "aiostreams_database_connection_string" { type = string }
|
||||
variable "actualbudget_credentials" { type = map(any) }
|
||||
variable "speedtest_db_password" { type = string }
|
||||
variable "freedify_credentials" { type = map(any) }
|
||||
variable "mcaptcha_postgresql_password" { type = string }
|
||||
variable "mcaptcha_cookie_secret" { type = string }
|
||||
variable "mcaptcha_captcha_salt" { type = string }
|
||||
variable "openrouter_api_key" { type = string }
|
||||
variable "slack_bot_token" { type = string }
|
||||
variable "slack_channel" { type = string }
|
||||
variable "affine_postgresql_password" { type = string }
|
||||
variable "health_postgresql_password" { type = string }
|
||||
variable "health_secret_key" { type = string }
|
||||
variable "openclaw_ssh_key" { type = string }
|
||||
variable "openclaw_skill_secrets" { type = map(string) }
|
||||
variable "modal_api_key" { type = string }
|
||||
variable "gemini_api_key" { type = string }
|
||||
variable "llama_api_key" { type = string }
|
||||
variable "brave_api_key" { type = string }
|
||||
variable "coturn_turn_secret" { type = string }
|
||||
|
||||
variable "k8s_users" {
|
||||
type = map(any)
|
||||
default = {}
|
||||
}
|
||||
variable "ssh_private_key" {
|
||||
type = string
|
||||
default = ""
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
|
||||
variable "defcon_level" {
|
||||
type = number
|
||||
default = 5
|
||||
validation {
|
||||
condition = var.defcon_level >= 1 && var.defcon_level <= 5
|
||||
error_message = "DEFCON level must be between 1 and 5. 1 is highest level of alertness"
|
||||
}
|
||||
}
|
||||
locals {
|
||||
defcon_modules = {
|
||||
1 : ["wireguard", "technitium", "headscale", "traefik", "xray", "authentik", "cloudflare", "authelia", "monitoring"], # Critical connectivity services
|
||||
2 : ["vaultwarden", "redis", "immich", "nvidia", "metrics-server", "uptime-kuma", "crowdsec", "kyverno"], # Storage and other db services
|
||||
3 : ["reverse-proxy"], # Cluster admin services (k8s-dashboard chart repo still 404)
|
||||
4 : [
|
||||
"mailserver", "shadowsocks", "webhook_handler", "tuya-bridge", "dawarich", "owntracks", "nextcloud",
|
||||
"calibre", "onlyoffice", "f1-stream", "rybbit", "isponsorblocktv", "actualbudget", "coturn"
|
||||
], # Activel used services
|
||||
# Optional services
|
||||
5 : [
|
||||
"blog", "descheduler", "drone", "hackmd", "health", "kms", "privatebin", "vault", "reloader", "city-guesser", "echo",
|
||||
"url", "excalidraw", "travel_blog", "dashy", "send", "ytdlp", "wealthfolio", "rybbit", "stirling-pdf",
|
||||
"networking-toolbox", "navidrome", "freshrss", "forgejo", "tor-proxy", "real-estate-crawler", "n8n",
|
||||
"changedetection", "linkwarden", "matrix", "homepage", "meshcentral", "diun", "cyberchef", "ntfy", "ollama",
|
||||
"servarr", "jsoncrack", "paperless-ngx", "frigate", "audiobookshelf", "tandoor", "ebook2audiobook", "netbox", "speedtest", "resume", "freedify", "mcaptcha", "affine", "plotting-book", "whisper", "osm-routing", "openclaw"
|
||||
],
|
||||
}
|
||||
active_modules = distinct(flatten([
|
||||
for level in range(1, var.defcon_level + 1) : # From current level to 5
|
||||
lookup(local.defcon_modules, level, [])
|
||||
]))
|
||||
|
||||
tiers = {
|
||||
core = "0-core" # Bare minimum cluster primitives
|
||||
cluster = "1-cluster" # All cluster primitives
|
||||
gpu = "2-gpu" # GPU services
|
||||
edge = "3-edge" # Critical user services
|
||||
aux = "4-aux" # Optional user services
|
||||
}
|
||||
}
|
||||
|
||||
module "blog" {
|
||||
for_each = contains(local.active_modules, "blog") ? { blog = true } : {}
|
||||
source = "./blog"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
# dockerhub_password = var.dockerhub_password
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
# module "bind" {
|
||||
# source = "./bind"
|
||||
# db_viktorbarzin_me = var.bind_db_viktorbarzin_me
|
||||
# db_viktorbarzin_lan = var.bind_db_viktorbarzin_lan
|
||||
# named_conf_options = var.bind_named_conf_options
|
||||
# }
|
||||
|
||||
module "descheduler" {
|
||||
source = "./descheduler"
|
||||
for_each = contains(local.active_modules, "descheduler") ? { descheduler = true } : {}
|
||||
}
|
||||
|
||||
# module "dnscrypt" {
|
||||
# source = "./dnscrypt"
|
||||
# }
|
||||
|
||||
# CI/CD
|
||||
module "drone" {
|
||||
source = "./drone"
|
||||
for_each = contains(local.active_modules, "drone") ? { drone = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
|
||||
github_client_id = var.drone_github_client_id
|
||||
github_client_secret = var.drone_github_client_secret
|
||||
rpc_secret = var.drone_rpc_secret
|
||||
webhook_secret = var.drone_webhook_secret
|
||||
server_host = "drone.viktorbarzin.me"
|
||||
server_proto = "https"
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "f1-stream" {
|
||||
source = "./f1-stream"
|
||||
for_each = contains(local.active_modules, "f1-stream") ? { f1-stream = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
turn_secret = var.coturn_turn_secret
|
||||
public_ip = var.public_ip
|
||||
}
|
||||
|
||||
module "coturn" {
|
||||
source = "./coturn"
|
||||
for_each = contains(local.active_modules, "coturn") ? { coturn = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.edge
|
||||
turn_secret = var.coturn_turn_secret
|
||||
public_ip = var.public_ip
|
||||
}
|
||||
|
||||
module "hackmd" {
|
||||
source = "./hackmd"
|
||||
for_each = contains(local.active_modules, "hackmd") ? { hackmd = true } : {}
|
||||
hackmd_db_password = var.hackmd_db_password
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
# module "kafka" {
|
||||
# source = "./kafka"
|
||||
# client_certificate_secret_name = var.client_certificate_secret_name
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
module "kms" {
|
||||
source = "./kms"
|
||||
for_each = contains(local.active_modules, "kms") ? { kms = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "k8s-dashboard" {
|
||||
source = "./k8s-dashboard"
|
||||
tier = local.tiers.cluster
|
||||
for_each = contains(local.active_modules, "k8s-dashboard") ? { k8s-dashboard = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
client_certificate_secret_name = var.client_certificate_secret_name
|
||||
}
|
||||
|
||||
# module "oauth" {
|
||||
# source = "./oauth-proxy"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# oauth2_proxy_client_id = var.oauth2_proxy_client_id
|
||||
# oauth2_proxy_client_secret = var.oauth2_proxy_client_secret
|
||||
# authenticated_emails = var.oauth2_proxy_authenticated_emails
|
||||
|
||||
# depends_on = [null_resource.core_services]
|
||||
# }
|
||||
|
||||
# module "openid_help_page" {
|
||||
# source = "./openid_help_page"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
|
||||
# depends_on = [null_resource.core_services]
|
||||
# }
|
||||
|
||||
# module "pihole" {
|
||||
# source = "./pihole"
|
||||
# web_password = var.pihole_web_password
|
||||
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
|
||||
# depends_on = [module.bind] # DNS goes like pihole -> bind -> dnscrypt
|
||||
# }
|
||||
|
||||
module "privatebin" {
|
||||
source = "./privatebin"
|
||||
for_each = contains(local.active_modules, "privatebin") ? { privatebin = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
# module "mcaptcha" {
|
||||
# source = "./mcaptcha"
|
||||
# for_each = contains(local.active_modules, "mcaptcha") ? { mcaptcha = true } : {}
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# tier = local.tiers.edge
|
||||
# postgresql_password = var.mcaptcha_postgresql_password
|
||||
# cookie_secret = var.mcaptcha_cookie_secret
|
||||
# captcha_salt = var.mcaptcha_captcha_salt
|
||||
|
||||
# depends_on = [null_resource.core_services]
|
||||
# }
|
||||
|
||||
# module "vault" {
|
||||
# source = "./vault"
|
||||
# tier = local.tiers.edge
|
||||
# for_each = contains(local.active_modules, "vault") ? { vault = true } : {}
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
|
||||
# depends_on = [null_resource.core_services]
|
||||
# }
|
||||
|
||||
module "reloader" {
|
||||
source = "./reloader"
|
||||
for_each = contains(local.active_modules, "reloader") ? { reloader = true } : {}
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "shadowsocks" {
|
||||
source = "./shadowsocks"
|
||||
for_each = contains(local.active_modules, "shadowsocks") ? { shadowsocks = true } : {}
|
||||
password = var.shadowsocks_password
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "city-guesser" {
|
||||
source = "./city-guesser"
|
||||
for_each = contains(local.active_modules, "city-guesser") ? { city-guesser = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "echo" {
|
||||
source = "./echo"
|
||||
for_each = contains(local.active_modules, "echo") ? { echo = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "url" {
|
||||
source = "./url-shortener"
|
||||
for_each = contains(local.active_modules, "url") ? { url = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
geolite_license_key = var.url_shortener_geolite_license_key
|
||||
api_key = var.url_shortener_api_key
|
||||
mysql_password = var.url_shortener_mysql_password
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "webhook_handler" {
|
||||
source = "./webhook_handler"
|
||||
for_each = contains(local.active_modules, "webhook_handler") ? { webhook_handler = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
webhook_secret = var.webhook_handler_secret
|
||||
fb_verify_token = var.webhook_handler_fb_verify_token
|
||||
fb_page_token = var.webhook_handler_fb_page_token
|
||||
fb_app_secret = var.webhook_handler_fb_app_secret
|
||||
git_user = var.webhook_handler_git_user
|
||||
git_token = var.webhook_handler_git_token
|
||||
ssh_key = var.webhook_handler_ssh_key
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
# module "home_assistant" {
|
||||
# source = "./home_assistant"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# client_certificate_secret_name = var.client_certificate_secret_name
|
||||
# configuration_yaml = var.home_assistant_configuration
|
||||
# }
|
||||
|
||||
# module "finance_app" {
|
||||
# source = "./finance_app"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# graphql_api_secret = var.finance_app_graphql_api_secret
|
||||
# db_connection_string = var.finance_app_db_connection_string
|
||||
# currency_converter_api_key = var.finance_app_currency_converter_api_key
|
||||
# gocardless_secret_key = var.finance_app_gocardless_secret_key
|
||||
# gocardless_secret_id = var.finance_app_gocardless_secret_id
|
||||
# }
|
||||
|
||||
module "excalidraw" {
|
||||
source = "./excalidraw"
|
||||
for_each = contains(local.active_modules, "excalidraw") ? { excalidraw = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "travel_blog" {
|
||||
source = "./travel_blog"
|
||||
for_each = contains(local.active_modules, "travel_blog") ? { travel_blog = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "dashy" {
|
||||
source = "./dashy"
|
||||
for_each = contains(local.active_modules, "dashy") ? { dashy = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
# module "localai" {
|
||||
# source = "./localai"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
# Selfhosted Firefox send
|
||||
module "send" {
|
||||
source = "./send"
|
||||
for_each = contains(local.active_modules, "send") ? { send = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "ytdlp" {
|
||||
source = "./youtube_dl"
|
||||
for_each = contains(local.active_modules, "ytdlp") ? { ytdlp = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
openrouter_api_key = var.openrouter_api_key
|
||||
slack_bot_token = var.slack_bot_token
|
||||
slack_channel = var.slack_channel
|
||||
}
|
||||
|
||||
module "immich" {
|
||||
source = "./immich"
|
||||
for_each = contains(local.active_modules, "immich") ? { immich = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
postgresql_password = var.immich_postgresql_password
|
||||
frame_api_key = var.immich_frame_api_key
|
||||
homepage_token = var.homepage_credentials["immich"]["token"]
|
||||
tier = local.tiers.gpu
|
||||
}
|
||||
|
||||
module "resume" {
|
||||
source = "./resume"
|
||||
for_each = contains(local.active_modules, "resume") ? { resume = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
database_url = var.resume_database_url
|
||||
auth_secret = var.resume_auth_secret
|
||||
smtp_password = var.mailserver_accounts["info@viktorbarzin.me"]
|
||||
}
|
||||
|
||||
module "calibre" {
|
||||
source = "./calibre"
|
||||
for_each = contains(local.active_modules, "calibre") ? { calibre = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
homepage_username = var.homepage_credentials["calibre-web"]["username"]
|
||||
homepage_password = var.homepage_credentials["calibre-web"]["password"]
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
# Audiobooks are served using audiobookshelf; still looking for a usecawe for JF
|
||||
# module "jellyfin" {
|
||||
# source = "./jellyfin"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
module "audiobookshelf" {
|
||||
source = "./audiobookshelf"
|
||||
for_each = contains(local.active_modules, "audiobookshelf") ? { audiobookshelf = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "frigate" {
|
||||
source = "./frigate"
|
||||
for_each = contains(local.active_modules, "frigate") ? { frigate = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.gpu
|
||||
}
|
||||
|
||||
# TODO: Currently very unstable and half of the functionality does not work:
|
||||
# notifications, import from todoist, email
|
||||
# module "vikunja" {
|
||||
# source = "./vikunja"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
# module "istio" {
|
||||
# source = "./istio"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
# module "authelia" {
|
||||
# source = "./authelia"
|
||||
# for_each = contains(local.active_modules, "authelia") ? { authelia = true } : {}
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
# module "discount-bandit" {
|
||||
# source = "./discount-bandit"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
module "paperless-ngx" {
|
||||
source = "./paperless-ngx"
|
||||
for_each = contains(local.active_modules, "paperless-ngx") ? { paperless-ngx = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
db_password = var.paperless_db_password
|
||||
# homepage_token = var.homepage_credentials["paperless-ngx"]["token"]
|
||||
homepage_username = var.homepage_credentials["paperless-ngx"]["username"]
|
||||
homepage_password = var.homepage_credentials["paperless-ngx"]["password"]
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "jsoncrack" {
|
||||
source = "./jsoncrack"
|
||||
for_each = contains(local.active_modules, "jsoncrack") ? { jsoncrack = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "servarr" {
|
||||
source = "./servarr"
|
||||
for_each = contains(local.active_modules, "servarr") ? { servarr = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
|
||||
aiostreams_database_connection_string = var.aiostreams_database_connection_string
|
||||
}
|
||||
|
||||
# module "dnscat2" {
|
||||
# source = "./dnscat2"
|
||||
# # tls_secret_name = var.tls_secret_name
|
||||
# }
|
||||
|
||||
module "ollama" { # Disabled as it requires too much resources...
|
||||
source = "./ollama"
|
||||
for_each = contains(local.active_modules, "ollama") ? { ollama = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.gpu
|
||||
ollama_api_credentials = var.ollama_api_credentials
|
||||
}
|
||||
|
||||
module "ntfy" {
|
||||
source = "./ntfy"
|
||||
for_each = contains(local.active_modules, "ntfy") ? { ntfy = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "cyberchef" {
|
||||
source = "./cyberchef"
|
||||
for_each = contains(local.active_modules, "cyberchef") ? { cyberchef = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "diun" {
|
||||
source = "./diun"
|
||||
for_each = contains(local.active_modules, "diun") ? { diun = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
diun_nfty_token = var.diun_nfty_token
|
||||
diun_slack_url = var.diun_slack_url
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "meshcentral" {
|
||||
source = "./meshcentral"
|
||||
for_each = contains(local.active_modules, "meshcentral") ? { meshcentral = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
module "netbox" {
|
||||
source = "./netbox"
|
||||
for_each = contains(local.active_modules, "netbox") ? { netbox = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "nextcloud" {
|
||||
source = "./nextcloud"
|
||||
for_each = contains(local.active_modules, "nextcloud") ? { nextcloud = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
db_password = var.nextcloud_db_password
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "homepage" {
|
||||
source = "./homepage"
|
||||
tier = local.tiers.aux
|
||||
for_each = contains(local.active_modules, "homepage") ? { homepage = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
}
|
||||
|
||||
module "matrix" {
|
||||
source = "./matrix"
|
||||
for_each = contains(local.active_modules, "matrix") ? { matrix = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "linkwarden" {
|
||||
source = "./linkwarden"
|
||||
for_each = contains(local.active_modules, "linkwarden") ? { linkwarden = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
postgresql_password = var.linkwarden_postgresql_password
|
||||
authentik_client_id = var.linkwarden_authentik_client_id
|
||||
authentik_client_secret = var.linkwarden_authentik_client_secret
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "actualbudget" {
|
||||
source = "./actualbudget"
|
||||
for_each = contains(local.active_modules, "actualbudget") ? { actualbudget = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.edge
|
||||
credentials = var.actualbudget_credentials
|
||||
}
|
||||
|
||||
module "owntracks" {
|
||||
source = "./owntracks"
|
||||
for_each = contains(local.active_modules, "owntracks") ? { owntracks = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
owntracks_credentials = var.owntracks_credentials
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "dawarich" {
|
||||
source = "./dawarich"
|
||||
for_each = contains(local.active_modules, "dawarich") ? { dawarich = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
database_password = var.dawarich_database_password
|
||||
geoapify_api_key = var.geoapify_api_key
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "changedetection" {
|
||||
source = "./changedetection"
|
||||
for_each = contains(local.active_modules, "changedetection") ? { changedetection = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
module "tandoor" {
|
||||
source = "./tandoor"
|
||||
for_each = contains(local.active_modules, "tandoor") ? { tandoor = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tandoor_database_password = var.tandoor_database_password
|
||||
tandoor_email_password = var.tandoor_email_password
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "n8n" {
|
||||
source = "./n8n"
|
||||
for_each = contains(local.active_modules, "n8n") ? { n8n = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
postgresql_password = var.n8n_postgresql_password
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "real-estate-crawler" {
|
||||
source = "./real-estate-crawler"
|
||||
for_each = contains(local.active_modules, "real-estate-crawler") ? { real-estate-crawler = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
db_password = var.realestate_crawler_db_password
|
||||
notification_settings = var.realestate_crawler_notification_settings
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "osm_routing" {
|
||||
source = "./osm-routing"
|
||||
for_each = contains(local.active_modules, "osm-routing") ? { osm-routing = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "tor-proxy" {
|
||||
source = "./tor-proxy"
|
||||
for_each = contains(local.active_modules, "tor-proxy") ? { tor-proxy = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
# module "kured" {
|
||||
# source = "./kured"
|
||||
# tls_secret_name = var.tls_secret_name
|
||||
# notify_url = var.kured_notify_url
|
||||
# }
|
||||
|
||||
module "onlyoffice" {
|
||||
source = "./onlyoffice"
|
||||
for_each = contains(local.active_modules, "onlyoffice") ? { onlyoffice = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
db_password = var.onlyoffice_db_password
|
||||
jwt_token = var.onlyoffice_jwt_token
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
|
||||
module "forgejo" {
|
||||
source = "./forgejo"
|
||||
for_each = contains(local.active_modules, "forgejo") ? { forgejo = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "freshrss" {
|
||||
source = "./freshrss"
|
||||
for_each = contains(local.active_modules, "freshrss") ? { freshrss = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "navidrome" {
|
||||
source = "./navidrome"
|
||||
for_each = contains(local.active_modules, "navidrome") ? { navidrome = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "networking-toolbox" {
|
||||
source = "./networking-toolbox"
|
||||
for_each = contains(local.active_modules, "networking-toolbox") ? { networking-toolbox = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "tuya-bridge" {
|
||||
source = "./tuya-bridge"
|
||||
for_each = contains(local.active_modules, "tuya-bridge") ? { tuya-bridge = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.cluster
|
||||
|
||||
tiny_tuya_api_key = var.tiny_tuya_api_key
|
||||
tiny_tuya_api_secret = var.tiny_tuya_api_secret
|
||||
tiny_tuya_service_secret = var.tiny_tuya_service_secret
|
||||
slack_url = var.tiny_tuya_slack_url
|
||||
}
|
||||
|
||||
|
||||
module "stirling-pdf" {
|
||||
source = "./stirling-pdf"
|
||||
for_each = contains(local.active_modules, "stirling-pdf") ? { stirling-pdf = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "isponsorblocktv" {
|
||||
source = "./isponsorblocktv"
|
||||
for_each = contains(local.active_modules, "isponsorblocktv") ? { isponsorblocktv = true } : {}
|
||||
tier = local.tiers.edge
|
||||
}
|
||||
|
||||
module "ebook2audiobook" {
|
||||
source = "./ebook2audiobook"
|
||||
for_each = contains(local.active_modules, "ebook2audiobook") ? { ebook2audiobook = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.gpu
|
||||
}
|
||||
|
||||
module "rybbit" {
|
||||
source = "./rybbit"
|
||||
for_each = contains(local.active_modules, "rybbit") ? { rybbit = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
clickhouse_password = var.clickhouse_password
|
||||
postgres_password = var.clickhouse_postgres_password
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "wealthfolio" {
|
||||
source = "./wealthfolio"
|
||||
for_each = contains(local.active_modules, "wealthfolio") ? { wealthfolio = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
wealthfolio_password_hash = var.wealthfolio_password_hash
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "speedtest" {
|
||||
source = "./speedtest"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
for_each = contains(local.active_modules, "speedtest") ? { speedtest = true } : {}
|
||||
db_password = var.speedtest_db_password
|
||||
}
|
||||
|
||||
module "freedify" {
|
||||
source = "./freedify"
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
for_each = contains(local.active_modules, "freedify") ? { freedify = true } : {}
|
||||
additional_credentials = var.freedify_credentials
|
||||
}
|
||||
|
||||
module "affine" {
|
||||
source = "./affine"
|
||||
for_each = contains(local.active_modules, "affine") ? { affine = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
postgresql_password = var.affine_postgresql_password
|
||||
smtp_password = var.mailserver_accounts["info@viktorbarzin.me"]
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "plotting-book" {
|
||||
source = "./plotting-book"
|
||||
for_each = contains(local.active_modules, "plotting-book") ? { plotting-book = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "health" {
|
||||
source = "./health"
|
||||
for_each = contains(local.active_modules, "health") ? { health = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
postgresql_password = var.health_postgresql_password
|
||||
secret_key = var.health_secret_key
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "whisper" {
|
||||
source = "./whisper"
|
||||
for_each = contains(local.active_modules, "whisper") ? { whisper = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
tier = local.tiers.gpu
|
||||
}
|
||||
|
||||
module "grampsweb" {
|
||||
source = "./grampsweb"
|
||||
for_each = contains(local.active_modules, "grampsweb") ? { grampsweb = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
smtp_password = var.mailserver_accounts["info@viktorbarzin.me"]
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
|
||||
module "openclaw" {
|
||||
source = "./openclaw"
|
||||
for_each = contains(local.active_modules, "openclaw") ? { openclaw = true } : {}
|
||||
tls_secret_name = var.tls_secret_name
|
||||
ssh_key = var.openclaw_ssh_key
|
||||
skill_secrets = var.openclaw_skill_secrets
|
||||
gemini_api_key = var.gemini_api_key
|
||||
llama_api_key = var.llama_api_key
|
||||
brave_api_key = var.brave_api_key
|
||||
modal_api_key = var.modal_api_key
|
||||
tier = local.tiers.aux
|
||||
}
|
||||
# All service modules have been migrated to individual Terragrunt stacks under stacks/.
|
||||
# See stacks/<service>/main.tf for each service's configuration.
|
||||
# This file is no longer used.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue