diff --git a/scripts/gen_service_stacks.py b/scripts/gen_service_stacks.py new file mode 100644 index 00000000..b0b92c7d --- /dev/null +++ b/scripts/gen_service_stacks.py @@ -0,0 +1,535 @@ +#!/usr/bin/env python3 +"""Generate Terragrunt service stack files for all app-level services.""" +import os +import textwrap + +REPO_ROOT = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +# Each service: (module_name, source_dir, [(arg_name, var_expr), ...], tier) +# var_expr is what goes on the right side of = in the module call. +# If var_expr starts with "var.", it's a variable passthrough and we declare the variable. +# If it's a literal string, we inline it. +# Special: "LOCAL_TIER" means we use local.tiers. +SERVICES = [ + ("blog", "blog", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("descheduler", "descheduler", []), + ("drone", "drone", [ + ("tls_secret_name", "var.tls_secret_name"), + ("github_client_id", "var.drone_github_client_id"), + ("github_client_secret", "var.drone_github_client_secret"), + ("rpc_secret", "var.drone_rpc_secret"), + ("webhook_secret", "var.drone_webhook_secret"), + ("server_host", '"drone.viktorbarzin.me"'), + ("server_proto", '"https"'), + ("tier", "LOCAL_TIER:edge"), + ]), + ("f1-stream", "f1-stream", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("turn_secret", "var.coturn_turn_secret"), + ("public_ip", "var.public_ip"), + ]), + ("coturn", "coturn", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ("turn_secret", "var.coturn_turn_secret"), + ("public_ip", "var.public_ip"), + ]), + ("hackmd", "hackmd", [ + ("hackmd_db_password", "var.hackmd_db_password"), + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("kms", "kms", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("k8s-dashboard", "k8s-dashboard", [ + ("tier", "LOCAL_TIER:cluster"), + ("tls_secret_name", "var.tls_secret_name"), + ("client_certificate_secret_name", "var.client_certificate_secret_name"), + ]), + ("privatebin", "privatebin", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("reloader", "reloader", [ + ("tier", "LOCAL_TIER:aux"), + ]), + ("shadowsocks", "shadowsocks", [ + ("password", "var.shadowsocks_password"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("city-guesser", "city-guesser", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("echo", "echo", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("url", "url-shortener", [ + ("tls_secret_name", "var.tls_secret_name"), + ("geolite_license_key", "var.url_shortener_geolite_license_key"), + ("api_key", "var.url_shortener_api_key"), + ("mysql_password", "var.url_shortener_mysql_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("webhook_handler", "webhook_handler", [ + ("tls_secret_name", "var.tls_secret_name"), + ("webhook_secret", "var.webhook_handler_secret"), + ("fb_verify_token", "var.webhook_handler_fb_verify_token"), + ("fb_page_token", "var.webhook_handler_fb_page_token"), + ("fb_app_secret", "var.webhook_handler_fb_app_secret"), + ("git_user", "var.webhook_handler_git_user"), + ("git_token", "var.webhook_handler_git_token"), + ("ssh_key", "var.webhook_handler_ssh_key"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("excalidraw", "excalidraw", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("travel_blog", "travel_blog", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("dashy", "dashy", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("send", "send", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("ytdlp", "youtube_dl", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("openrouter_api_key", "var.openrouter_api_key"), + ("slack_bot_token", "var.slack_bot_token"), + ("slack_channel", "var.slack_channel"), + ]), + ("immich", "immich", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.immich_postgresql_password"), + ("frame_api_key", "var.immich_frame_api_key"), + ("homepage_token", 'var.homepage_credentials["immich"]["token"]'), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("resume", "resume", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("database_url", "var.resume_database_url"), + ("auth_secret", "var.resume_auth_secret"), + ("smtp_password", 'var.mailserver_accounts["info@viktorbarzin.me"]'), + ]), + ("calibre", "calibre", [ + ("tls_secret_name", "var.tls_secret_name"), + ("homepage_username", 'var.homepage_credentials["calibre-web"]["username"]'), + ("homepage_password", 'var.homepage_credentials["calibre-web"]["password"]'), + ("tier", "LOCAL_TIER:edge"), + ]), + ("audiobookshelf", "audiobookshelf", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("frigate", "frigate", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("paperless-ngx", "paperless-ngx", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.paperless_db_password"), + ("homepage_username", 'var.homepage_credentials["paperless-ngx"]["username"]'), + ("homepage_password", 'var.homepage_credentials["paperless-ngx"]["password"]'), + ("tier", "LOCAL_TIER:edge"), + ]), + ("jsoncrack", "jsoncrack", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("servarr", "servarr", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("aiostreams_database_connection_string", "var.aiostreams_database_connection_string"), + ]), + ("ollama", "ollama", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ("ollama_api_credentials", "var.ollama_api_credentials"), + ]), + ("ntfy", "ntfy", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("cyberchef", "cyberchef", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("diun", "diun", [ + ("tls_secret_name", "var.tls_secret_name"), + ("diun_nfty_token", "var.diun_nfty_token"), + ("diun_slack_url", "var.diun_slack_url"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("meshcentral", "meshcentral", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("netbox", "netbox", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("nextcloud", "nextcloud", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.nextcloud_db_password"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("homepage", "homepage", [ + ("tier", "LOCAL_TIER:aux"), + ("tls_secret_name", "var.tls_secret_name"), + ]), + ("matrix", "matrix", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("linkwarden", "linkwarden", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.linkwarden_postgresql_password"), + ("authentik_client_id", "var.linkwarden_authentik_client_id"), + ("authentik_client_secret", "var.linkwarden_authentik_client_secret"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("actualbudget", "actualbudget", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ("credentials", "var.actualbudget_credentials"), + ]), + ("owntracks", "owntracks", [ + ("tls_secret_name", "var.tls_secret_name"), + ("owntracks_credentials", "var.owntracks_credentials"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("dawarich", "dawarich", [ + ("tls_secret_name", "var.tls_secret_name"), + ("database_password", "var.dawarich_database_password"), + ("geoapify_api_key", "var.geoapify_api_key"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("changedetection", "changedetection", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("tandoor", "tandoor", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tandoor_database_password", "var.tandoor_database_password"), + ("tandoor_email_password", "var.tandoor_email_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("n8n", "n8n", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.n8n_postgresql_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("real-estate-crawler", "real-estate-crawler", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.realestate_crawler_db_password"), + ("notification_settings", "var.realestate_crawler_notification_settings"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("osm_routing", "osm-routing", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("tor-proxy", "tor-proxy", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("onlyoffice", "onlyoffice", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.onlyoffice_db_password"), + ("jwt_token", "var.onlyoffice_jwt_token"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("forgejo", "forgejo", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("freshrss", "freshrss", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("navidrome", "navidrome", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("networking-toolbox", "networking-toolbox", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("tuya-bridge", "tuya-bridge", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:cluster"), + ("tiny_tuya_api_key", "var.tiny_tuya_api_key"), + ("tiny_tuya_api_secret", "var.tiny_tuya_api_secret"), + ("tiny_tuya_service_secret", "var.tiny_tuya_service_secret"), + ("slack_url", "var.tiny_tuya_slack_url"), + ]), + ("stirling-pdf", "stirling-pdf", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("isponsorblocktv", "isponsorblocktv", [ + ("tier", "LOCAL_TIER:edge"), + ]), + ("ebook2audiobook", "ebook2audiobook", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("rybbit", "rybbit", [ + ("tls_secret_name", "var.tls_secret_name"), + ("clickhouse_password", "var.clickhouse_password"), + ("postgres_password", "var.clickhouse_postgres_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("wealthfolio", "wealthfolio", [ + ("tls_secret_name", "var.tls_secret_name"), + ("wealthfolio_password_hash", "var.wealthfolio_password_hash"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("speedtest", "speedtest", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("db_password", "var.speedtest_db_password"), + ]), + ("freedify", "freedify", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("additional_credentials", "var.freedify_credentials"), + ]), + ("affine", "affine", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.affine_postgresql_password"), + ("smtp_password", 'var.mailserver_accounts["info@viktorbarzin.me"]'), + ("tier", "LOCAL_TIER:aux"), + ]), + ("plotting-book", "plotting-book", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("health", "health", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.health_postgresql_password"), + ("secret_key", "var.health_secret_key"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("whisper", "whisper", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("grampsweb", "grampsweb", [ + ("tls_secret_name", "var.tls_secret_name"), + ("smtp_password", 'var.mailserver_accounts["info@viktorbarzin.me"]'), + ("tier", "LOCAL_TIER:aux"), + ]), + ("openclaw", "openclaw", [ + ("tls_secret_name", "var.tls_secret_name"), + ("ssh_key", "var.openclaw_ssh_key"), + ("skill_secrets", "var.openclaw_skill_secrets"), + ("gemini_api_key", "var.gemini_api_key"), + ("llama_api_key", "var.llama_api_key"), + ("brave_api_key", "var.brave_api_key"), + ("modal_api_key", "var.modal_api_key"), + ("tier", "LOCAL_TIER:aux"), + ]), +] + +# Variable type overrides (var_name -> type declaration) +VAR_TYPES = { + "tls_secret_name": "string", + "client_certificate_secret_name": "string", + "public_ip": "string", + "hackmd_db_password": "string", + "shadowsocks_password": "string", + "openrouter_api_key": "string", + "slack_bot_token": "string", + "slack_channel": "string", + "ollama_api_credentials": "string", + "clickhouse_password": "string", + "clickhouse_postgres_password": "string", + "wealthfolio_password_hash": "string", + "speedtest_db_password": "string", + "affine_postgresql_password": "string", + "health_postgresql_password": "string", + "health_secret_key": "string", + "gemini_api_key": "string", + "llama_api_key": "string", + "brave_api_key": "string", + "modal_api_key": "string", + "coturn_turn_secret": "string", + "onlyoffice_db_password": "string", + "onlyoffice_jwt_token": "string", + "resume_database_url": "string", + "resume_auth_secret": "string", + "nextcloud_db_password": "string", + "paperless_db_password": "string", + "diun_nfty_token": "string", + "diun_slack_url": "string", + "dawarich_database_password": "string", + "geoapify_api_key": "string", + "tandoor_database_password": "string", + "tandoor_email_password": "string", + "n8n_postgresql_password": "string", + "realestate_crawler_db_password": "string", + "immich_postgresql_password": "string", + "immich_frame_api_key": "string", + "linkwarden_postgresql_password": "string", + "linkwarden_authentik_client_id": "string", + "linkwarden_authentik_client_secret": "string", + "aiostreams_database_connection_string": "string", + "tiny_tuya_api_key": "string", + "tiny_tuya_api_secret": "string", + "tiny_tuya_service_secret": "string", + "tiny_tuya_slack_url": "string", + "drone_github_client_id": "string", + "drone_github_client_secret": "string", + "drone_rpc_secret": "string", + "drone_webhook_secret": "string", + "url_shortener_geolite_license_key": "string", + "url_shortener_api_key": "string", + "url_shortener_mysql_password": "string", + "webhook_handler_secret": "string", + "webhook_handler_fb_verify_token": "string", + "webhook_handler_fb_page_token": "string", + "webhook_handler_fb_app_secret": "string", + "webhook_handler_git_user": "string", + "webhook_handler_git_token": "string", + "webhook_handler_ssh_key": "string", + "openclaw_ssh_key": "string", + "openclaw_skill_secrets": "map(string)", + "actualbudget_credentials": "map(any)", + "freedify_credentials": "map(any)", + "realestate_crawler_notification_settings": "map(string)", + "homepage_credentials": "map(any)", + "mailserver_accounts": "map(any)", + "owntracks_credentials": "string", +} + +TERRAGRUNT_HCL = """\ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} +""" + +TIERS_BLOCK = """\ +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} +""" + + +def extract_var_name(expr): + """Extract variable name from var.xxx or var.xxx["yyy"]["zzz"].""" + if not expr.startswith("var."): + return None + # Get the base variable name (before any indexing) + name = expr[4:] + bracket = name.find("[") + if bracket != -1: + name = name[:bracket] + return name + + +def gen_main_tf(mod_name, source_dir, args): + """Generate main.tf content for a service stack.""" + lines = [] + + # Collect variables needed + vars_needed = {} + needs_tiers = False + for arg_name, var_expr in args: + if var_expr.startswith("LOCAL_TIER:"): + needs_tiers = True + continue + vname = extract_var_name(var_expr) + if vname and vname not in vars_needed: + vtype = VAR_TYPES.get(vname, None) + vars_needed[vname] = vtype + + # Variable declarations + for vname, vtype in vars_needed.items(): + if vtype: + lines.append(f'variable "{vname}" {{ type = {vtype} }}') + else: + lines.append(f'variable "{vname}" {{}}') + + if vars_needed: + lines.append("") + + # Tiers block if needed + if needs_tiers: + lines.append(TIERS_BLOCK) + + # Module call + lines.append(f'module "{mod_name}" {{') + lines.append(f' source = "../../modules/kubernetes/{source_dir}"') + for arg_name, var_expr in args: + if var_expr.startswith("LOCAL_TIER:"): + tier = var_expr.split(":")[1] + val = f"local.tiers.{tier}" + else: + val = var_expr + # Pad for alignment + lines.append(f" {arg_name:30s} = {val}") + lines.append("}") + lines.append("") + + return "\n".join(lines) + + +def main(): + stacks_dir = os.path.join(REPO_ROOT, "stacks") + + for mod_name, source_dir, args in SERVICES: + # Use source_dir as the stack directory name for consistency + # But some modules have different names than source dirs + # Use the module name for the stack dir + stack_dir = os.path.join(stacks_dir, mod_name) + os.makedirs(stack_dir, exist_ok=True) + + # terragrunt.hcl + tg_path = os.path.join(stack_dir, "terragrunt.hcl") + with open(tg_path, "w") as f: + f.write(TERRAGRUNT_HCL) + + # main.tf + main_path = os.path.join(stack_dir, "main.tf") + with open(main_path, "w") as f: + f.write(gen_main_tf(mod_name, source_dir, args)) + + # secrets symlink + secrets_link = os.path.join(stack_dir, "secrets") + if not os.path.exists(secrets_link): + os.symlink("../../secrets", secrets_link) + + print(f" Created stacks/{mod_name}/") + + print(f"\nGenerated {len(SERVICES)} service stacks") + + +if __name__ == "__main__": + main() diff --git a/scripts/migrate_service_state.sh b/scripts/migrate_service_state.sh new file mode 100644 index 00000000..eb3e5a80 --- /dev/null +++ b/scripts/migrate_service_state.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# Phase 3: Migrate all service module state from root to individual stacks +# Each module in root state is at: module.kubernetes_cluster.module.[""] +# Target: state/stacks//terraform.tfstate as module. + +set -euo pipefail + +ROOT_STATE="$(pwd)/terraform.tfstate" +STATE_DIR="$(pwd)/state/stacks" + +# All 64 service modules currently in root state +MODULES=( + actualbudget + affine + audiobookshelf + blog + calibre + changedetection + city-guesser + coturn + cyberchef + dashy + dawarich + descheduler + diun + drone + ebook2audiobook + echo + excalidraw + f1-stream + forgejo + freedify + freshrss + frigate + hackmd + health + homepage + immich + isponsorblocktv + jsoncrack + kms + linkwarden + matrix + meshcentral + n8n + navidrome + netbox + networking-toolbox + nextcloud + ntfy + ollama + onlyoffice + openclaw + osm_routing + owntracks + paperless-ngx + plotting-book + privatebin + real-estate-crawler + reloader + resume + rybbit + send + servarr + shadowsocks + speedtest + stirling-pdf + tandoor + tor-proxy + travel_blog + tuya-bridge + url + wealthfolio + webhook_handler + whisper + ytdlp +) + +TOTAL=${#MODULES[@]} +SUCCESS=0 +FAIL=0 + +echo "=== Phase 3: Service State Migration ===" +echo "Migrating $TOTAL modules from root state to individual stacks" +echo "" + +for mod in "${MODULES[@]}"; do + idx=$((SUCCESS + FAIL + 1)) + echo "[$idx/$TOTAL] Migrating: $mod" + + # Create state directory + mkdir -p "$STATE_DIR/$mod" + + # Source address (with for_each key) + SRC="module.kubernetes_cluster.module.${mod}[\"${mod}\"]" + DST="module.${mod}" + DST_STATE="$STATE_DIR/$mod/terraform.tfstate" + + if terraform state mv \ + -state="$ROOT_STATE" \ + -state-out="$DST_STATE" \ + "$SRC" "$DST" 2>&1; then + echo " ✓ $mod migrated successfully" + SUCCESS=$((SUCCESS + 1)) + else + echo " ✗ $mod FAILED" + FAIL=$((FAIL + 1)) + fi + echo "" +done + +echo "=== Migration Summary ===" +echo "Total: $TOTAL" +echo "Success: $SUCCESS" +echo "Failed: $FAIL" diff --git a/stacks/actualbudget/main.tf b/stacks/actualbudget/main.tf new file mode 100644 index 00000000..2bb2d58c --- /dev/null +++ b/stacks/actualbudget/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "actualbudget_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "actualbudget" { + source = "../../modules/kubernetes/actualbudget" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge + credentials = var.actualbudget_credentials +} diff --git a/stacks/actualbudget/terragrunt.hcl b/stacks/actualbudget/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/actualbudget/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/affine/main.tf b/stacks/affine/main.tf new file mode 100644 index 00000000..52137488 --- /dev/null +++ b/stacks/affine/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "affine_postgresql_password" { type = string } +variable "mailserver_accounts" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "affine" { + source = "../../modules/kubernetes/affine" + tls_secret_name = var.tls_secret_name + postgresql_password = var.affine_postgresql_password + smtp_password = var.mailserver_accounts["info@viktorbarzin.me"] + tier = local.tiers.aux +} diff --git a/stacks/affine/terragrunt.hcl b/stacks/affine/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/affine/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/audiobookshelf/main.tf b/stacks/audiobookshelf/main.tf new file mode 100644 index 00000000..a7930049 --- /dev/null +++ b/stacks/audiobookshelf/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "audiobookshelf" { + source = "../../modules/kubernetes/audiobookshelf" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/audiobookshelf/terragrunt.hcl b/stacks/audiobookshelf/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/audiobookshelf/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/blog/main.tf b/stacks/blog/main.tf new file mode 100644 index 00000000..15aefede --- /dev/null +++ b/stacks/blog/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "blog" { + source = "../../modules/kubernetes/blog" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/blog/terragrunt.hcl b/stacks/blog/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/blog/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/calibre/main.tf b/stacks/calibre/main.tf new file mode 100644 index 00000000..4170c94d --- /dev/null +++ b/stacks/calibre/main.tf @@ -0,0 +1,20 @@ +variable "tls_secret_name" { type = string } +variable "homepage_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "calibre" { + source = "../../modules/kubernetes/calibre" + tls_secret_name = var.tls_secret_name + homepage_username = var.homepage_credentials["calibre-web"]["username"] + homepage_password = var.homepage_credentials["calibre-web"]["password"] + tier = local.tiers.edge +} diff --git a/stacks/calibre/terragrunt.hcl b/stacks/calibre/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/calibre/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/changedetection/main.tf b/stacks/changedetection/main.tf new file mode 100644 index 00000000..c6996e46 --- /dev/null +++ b/stacks/changedetection/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "changedetection" { + source = "../../modules/kubernetes/changedetection" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/changedetection/terragrunt.hcl b/stacks/changedetection/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/changedetection/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/city-guesser/main.tf b/stacks/city-guesser/main.tf new file mode 100644 index 00000000..70e5d965 --- /dev/null +++ b/stacks/city-guesser/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "city-guesser" { + source = "../../modules/kubernetes/city-guesser" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/city-guesser/terragrunt.hcl b/stacks/city-guesser/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/city-guesser/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/coturn/main.tf b/stacks/coturn/main.tf new file mode 100644 index 00000000..38be5240 --- /dev/null +++ b/stacks/coturn/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "coturn_turn_secret" { type = string } +variable "public_ip" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "coturn" { + source = "../../modules/kubernetes/coturn" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge + turn_secret = var.coturn_turn_secret + public_ip = var.public_ip +} diff --git a/stacks/coturn/terragrunt.hcl b/stacks/coturn/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/coturn/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/cyberchef/main.tf b/stacks/cyberchef/main.tf new file mode 100644 index 00000000..a331e2fa --- /dev/null +++ b/stacks/cyberchef/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "cyberchef" { + source = "../../modules/kubernetes/cyberchef" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/cyberchef/terragrunt.hcl b/stacks/cyberchef/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/cyberchef/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/dashy/main.tf b/stacks/dashy/main.tf new file mode 100644 index 00000000..ea12817f --- /dev/null +++ b/stacks/dashy/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "dashy" { + source = "../../modules/kubernetes/dashy" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/dashy/terragrunt.hcl b/stacks/dashy/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/dashy/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/dawarich/main.tf b/stacks/dawarich/main.tf new file mode 100644 index 00000000..7124910b --- /dev/null +++ b/stacks/dawarich/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "dawarich_database_password" { type = string } +variable "geoapify_api_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "dawarich" { + source = "../../modules/kubernetes/dawarich" + tls_secret_name = var.tls_secret_name + database_password = var.dawarich_database_password + geoapify_api_key = var.geoapify_api_key + tier = local.tiers.edge +} diff --git a/stacks/dawarich/terragrunt.hcl b/stacks/dawarich/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/dawarich/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/descheduler/main.tf b/stacks/descheduler/main.tf new file mode 100644 index 00000000..2a761e02 --- /dev/null +++ b/stacks/descheduler/main.tf @@ -0,0 +1,3 @@ +module "descheduler" { + source = "../../modules/kubernetes/descheduler" +} diff --git a/stacks/descheduler/terragrunt.hcl b/stacks/descheduler/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/descheduler/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/diun/main.tf b/stacks/diun/main.tf new file mode 100644 index 00000000..941d3fd3 --- /dev/null +++ b/stacks/diun/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "diun_nfty_token" { type = string } +variable "diun_slack_url" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "diun" { + source = "../../modules/kubernetes/diun" + tls_secret_name = var.tls_secret_name + diun_nfty_token = var.diun_nfty_token + diun_slack_url = var.diun_slack_url + tier = local.tiers.aux +} diff --git a/stacks/diun/terragrunt.hcl b/stacks/diun/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/diun/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/drone/main.tf b/stacks/drone/main.tf new file mode 100644 index 00000000..ae4d1206 --- /dev/null +++ b/stacks/drone/main.tf @@ -0,0 +1,27 @@ +variable "tls_secret_name" { type = string } +variable "drone_github_client_id" { type = string } +variable "drone_github_client_secret" { type = string } +variable "drone_rpc_secret" { type = string } +variable "drone_webhook_secret" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "drone" { + source = "../../modules/kubernetes/drone" + tls_secret_name = var.tls_secret_name + github_client_id = var.drone_github_client_id + github_client_secret = var.drone_github_client_secret + rpc_secret = var.drone_rpc_secret + webhook_secret = var.drone_webhook_secret + server_host = "drone.viktorbarzin.me" + server_proto = "https" + tier = local.tiers.edge +} diff --git a/stacks/drone/terragrunt.hcl b/stacks/drone/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/drone/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ebook2audiobook/main.tf b/stacks/ebook2audiobook/main.tf new file mode 100644 index 00000000..354a39a4 --- /dev/null +++ b/stacks/ebook2audiobook/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ebook2audiobook" { + source = "../../modules/kubernetes/ebook2audiobook" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu +} diff --git a/stacks/ebook2audiobook/terragrunt.hcl b/stacks/ebook2audiobook/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ebook2audiobook/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/echo/main.tf b/stacks/echo/main.tf new file mode 100644 index 00000000..9aab5baf --- /dev/null +++ b/stacks/echo/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "echo" { + source = "../../modules/kubernetes/echo" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/echo/terragrunt.hcl b/stacks/echo/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/echo/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/excalidraw/main.tf b/stacks/excalidraw/main.tf new file mode 100644 index 00000000..d2e4fcbc --- /dev/null +++ b/stacks/excalidraw/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "excalidraw" { + source = "../../modules/kubernetes/excalidraw" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/excalidraw/terragrunt.hcl b/stacks/excalidraw/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/excalidraw/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/f1-stream/main.tf b/stacks/f1-stream/main.tf new file mode 100644 index 00000000..8f939303 --- /dev/null +++ b/stacks/f1-stream/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "coturn_turn_secret" { type = string } +variable "public_ip" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "f1-stream" { + source = "../../modules/kubernetes/f1-stream" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + turn_secret = var.coturn_turn_secret + public_ip = var.public_ip +} diff --git a/stacks/f1-stream/terragrunt.hcl b/stacks/f1-stream/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/f1-stream/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/forgejo/main.tf b/stacks/forgejo/main.tf new file mode 100644 index 00000000..37c5fd1d --- /dev/null +++ b/stacks/forgejo/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "forgejo" { + source = "../../modules/kubernetes/forgejo" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/forgejo/terragrunt.hcl b/stacks/forgejo/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/forgejo/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/freedify/main.tf b/stacks/freedify/main.tf new file mode 100644 index 00000000..776f1059 --- /dev/null +++ b/stacks/freedify/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "freedify_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "freedify" { + source = "../../modules/kubernetes/freedify" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + additional_credentials = var.freedify_credentials +} diff --git a/stacks/freedify/terragrunt.hcl b/stacks/freedify/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/freedify/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/freshrss/main.tf b/stacks/freshrss/main.tf new file mode 100644 index 00000000..50ffe62f --- /dev/null +++ b/stacks/freshrss/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "freshrss" { + source = "../../modules/kubernetes/freshrss" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/freshrss/terragrunt.hcl b/stacks/freshrss/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/freshrss/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/frigate/main.tf b/stacks/frigate/main.tf new file mode 100644 index 00000000..e2cc8294 --- /dev/null +++ b/stacks/frigate/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "frigate" { + source = "../../modules/kubernetes/frigate" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu +} diff --git a/stacks/frigate/terragrunt.hcl b/stacks/frigate/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/frigate/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/grampsweb/main.tf b/stacks/grampsweb/main.tf new file mode 100644 index 00000000..c91e2494 --- /dev/null +++ b/stacks/grampsweb/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "mailserver_accounts" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "grampsweb" { + source = "../../modules/kubernetes/grampsweb" + tls_secret_name = var.tls_secret_name + smtp_password = var.mailserver_accounts["info@viktorbarzin.me"] + tier = local.tiers.aux +} diff --git a/stacks/grampsweb/terragrunt.hcl b/stacks/grampsweb/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/grampsweb/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/hackmd/main.tf b/stacks/hackmd/main.tf new file mode 100644 index 00000000..8ca1bcb4 --- /dev/null +++ b/stacks/hackmd/main.tf @@ -0,0 +1,19 @@ +variable "hackmd_db_password" { type = string } +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "hackmd" { + source = "../../modules/kubernetes/hackmd" + hackmd_db_password = var.hackmd_db_password + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/hackmd/terragrunt.hcl b/stacks/hackmd/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/hackmd/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/health/main.tf b/stacks/health/main.tf new file mode 100644 index 00000000..9dece505 --- /dev/null +++ b/stacks/health/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "health_postgresql_password" { type = string } +variable "health_secret_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "health" { + source = "../../modules/kubernetes/health" + tls_secret_name = var.tls_secret_name + postgresql_password = var.health_postgresql_password + secret_key = var.health_secret_key + tier = local.tiers.aux +} diff --git a/stacks/health/terragrunt.hcl b/stacks/health/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/health/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/homepage/main.tf b/stacks/homepage/main.tf new file mode 100644 index 00000000..da77e866 --- /dev/null +++ b/stacks/homepage/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "homepage" { + source = "../../modules/kubernetes/homepage" + tier = local.tiers.aux + tls_secret_name = var.tls_secret_name +} diff --git a/stacks/homepage/terragrunt.hcl b/stacks/homepage/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/homepage/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/immich/main.tf b/stacks/immich/main.tf new file mode 100644 index 00000000..1025b368 --- /dev/null +++ b/stacks/immich/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "immich_postgresql_password" { type = string } +variable "immich_frame_api_key" { type = string } +variable "homepage_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "immich" { + source = "../../modules/kubernetes/immich" + tls_secret_name = var.tls_secret_name + postgresql_password = var.immich_postgresql_password + frame_api_key = var.immich_frame_api_key + homepage_token = var.homepage_credentials["immich"]["token"] + tier = local.tiers.gpu +} diff --git a/stacks/immich/terragrunt.hcl b/stacks/immich/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/immich/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/isponsorblocktv/main.tf b/stacks/isponsorblocktv/main.tf new file mode 100644 index 00000000..ff1d19fb --- /dev/null +++ b/stacks/isponsorblocktv/main.tf @@ -0,0 +1,14 @@ +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "isponsorblocktv" { + source = "../../modules/kubernetes/isponsorblocktv" + tier = local.tiers.edge +} diff --git a/stacks/isponsorblocktv/terragrunt.hcl b/stacks/isponsorblocktv/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/isponsorblocktv/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/jsoncrack/main.tf b/stacks/jsoncrack/main.tf new file mode 100644 index 00000000..c312d30a --- /dev/null +++ b/stacks/jsoncrack/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "jsoncrack" { + source = "../../modules/kubernetes/jsoncrack" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/jsoncrack/terragrunt.hcl b/stacks/jsoncrack/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/jsoncrack/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/k8s-dashboard/main.tf b/stacks/k8s-dashboard/main.tf new file mode 100644 index 00000000..ccaf95e0 --- /dev/null +++ b/stacks/k8s-dashboard/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "client_certificate_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "k8s-dashboard" { + source = "../../modules/kubernetes/k8s-dashboard" + tier = local.tiers.cluster + tls_secret_name = var.tls_secret_name + client_certificate_secret_name = var.client_certificate_secret_name +} diff --git a/stacks/k8s-dashboard/terragrunt.hcl b/stacks/k8s-dashboard/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/k8s-dashboard/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/kms/main.tf b/stacks/kms/main.tf new file mode 100644 index 00000000..756d9608 --- /dev/null +++ b/stacks/kms/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "kms" { + source = "../../modules/kubernetes/kms" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/kms/terragrunt.hcl b/stacks/kms/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/kms/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/linkwarden/main.tf b/stacks/linkwarden/main.tf new file mode 100644 index 00000000..7f28b58f --- /dev/null +++ b/stacks/linkwarden/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "linkwarden_postgresql_password" { type = string } +variable "linkwarden_authentik_client_id" { type = string } +variable "linkwarden_authentik_client_secret" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "linkwarden" { + source = "../../modules/kubernetes/linkwarden" + tls_secret_name = var.tls_secret_name + postgresql_password = var.linkwarden_postgresql_password + authentik_client_id = var.linkwarden_authentik_client_id + authentik_client_secret = var.linkwarden_authentik_client_secret + tier = local.tiers.aux +} diff --git a/stacks/linkwarden/terragrunt.hcl b/stacks/linkwarden/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/linkwarden/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/matrix/main.tf b/stacks/matrix/main.tf new file mode 100644 index 00000000..5c3eec2e --- /dev/null +++ b/stacks/matrix/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "matrix" { + source = "../../modules/kubernetes/matrix" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/matrix/terragrunt.hcl b/stacks/matrix/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/matrix/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/meshcentral/main.tf b/stacks/meshcentral/main.tf new file mode 100644 index 00000000..673708dd --- /dev/null +++ b/stacks/meshcentral/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "meshcentral" { + source = "../../modules/kubernetes/meshcentral" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/meshcentral/terragrunt.hcl b/stacks/meshcentral/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/meshcentral/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/n8n/main.tf b/stacks/n8n/main.tf new file mode 100644 index 00000000..d53ec250 --- /dev/null +++ b/stacks/n8n/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "n8n_postgresql_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "n8n" { + source = "../../modules/kubernetes/n8n" + tls_secret_name = var.tls_secret_name + postgresql_password = var.n8n_postgresql_password + tier = local.tiers.aux +} diff --git a/stacks/n8n/terragrunt.hcl b/stacks/n8n/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/n8n/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/navidrome/main.tf b/stacks/navidrome/main.tf new file mode 100644 index 00000000..95f11b1c --- /dev/null +++ b/stacks/navidrome/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "navidrome" { + source = "../../modules/kubernetes/navidrome" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/navidrome/terragrunt.hcl b/stacks/navidrome/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/navidrome/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/netbox/main.tf b/stacks/netbox/main.tf new file mode 100644 index 00000000..f96914e0 --- /dev/null +++ b/stacks/netbox/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "netbox" { + source = "../../modules/kubernetes/netbox" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/netbox/terragrunt.hcl b/stacks/netbox/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/netbox/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/networking-toolbox/main.tf b/stacks/networking-toolbox/main.tf new file mode 100644 index 00000000..2db7624d --- /dev/null +++ b/stacks/networking-toolbox/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "networking-toolbox" { + source = "../../modules/kubernetes/networking-toolbox" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/networking-toolbox/terragrunt.hcl b/stacks/networking-toolbox/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/networking-toolbox/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/nextcloud/main.tf b/stacks/nextcloud/main.tf new file mode 100644 index 00000000..dace9617 --- /dev/null +++ b/stacks/nextcloud/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "nextcloud_db_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "nextcloud" { + source = "../../modules/kubernetes/nextcloud" + tls_secret_name = var.tls_secret_name + db_password = var.nextcloud_db_password + tier = local.tiers.edge +} diff --git a/stacks/nextcloud/terragrunt.hcl b/stacks/nextcloud/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/nextcloud/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ntfy/main.tf b/stacks/ntfy/main.tf new file mode 100644 index 00000000..171cfca8 --- /dev/null +++ b/stacks/ntfy/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ntfy" { + source = "../../modules/kubernetes/ntfy" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/ntfy/terragrunt.hcl b/stacks/ntfy/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ntfy/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ollama/main.tf b/stacks/ollama/main.tf new file mode 100644 index 00000000..872c9b6f --- /dev/null +++ b/stacks/ollama/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "ollama_api_credentials" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ollama" { + source = "../../modules/kubernetes/ollama" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu + ollama_api_credentials = var.ollama_api_credentials +} diff --git a/stacks/ollama/terragrunt.hcl b/stacks/ollama/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ollama/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/onlyoffice/main.tf b/stacks/onlyoffice/main.tf new file mode 100644 index 00000000..115a58ef --- /dev/null +++ b/stacks/onlyoffice/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "onlyoffice_db_password" { type = string } +variable "onlyoffice_jwt_token" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "onlyoffice" { + source = "../../modules/kubernetes/onlyoffice" + tls_secret_name = var.tls_secret_name + db_password = var.onlyoffice_db_password + jwt_token = var.onlyoffice_jwt_token + tier = local.tiers.edge +} diff --git a/stacks/onlyoffice/terragrunt.hcl b/stacks/onlyoffice/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/onlyoffice/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/openclaw/main.tf b/stacks/openclaw/main.tf new file mode 100644 index 00000000..17f5a532 --- /dev/null +++ b/stacks/openclaw/main.tf @@ -0,0 +1,29 @@ +variable "tls_secret_name" { type = string } +variable "openclaw_ssh_key" { type = string } +variable "openclaw_skill_secrets" { type = map(string) } +variable "gemini_api_key" { type = string } +variable "llama_api_key" { type = string } +variable "brave_api_key" { type = string } +variable "modal_api_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "openclaw" { + source = "../../modules/kubernetes/openclaw" + tls_secret_name = var.tls_secret_name + ssh_key = var.openclaw_ssh_key + skill_secrets = var.openclaw_skill_secrets + gemini_api_key = var.gemini_api_key + llama_api_key = var.llama_api_key + brave_api_key = var.brave_api_key + modal_api_key = var.modal_api_key + tier = local.tiers.aux +} diff --git a/stacks/openclaw/terragrunt.hcl b/stacks/openclaw/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/openclaw/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/osm_routing/main.tf b/stacks/osm_routing/main.tf new file mode 100644 index 00000000..f3664fef --- /dev/null +++ b/stacks/osm_routing/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "osm_routing" { + source = "../../modules/kubernetes/osm-routing" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/osm_routing/terragrunt.hcl b/stacks/osm_routing/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/osm_routing/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/owntracks/main.tf b/stacks/owntracks/main.tf new file mode 100644 index 00000000..9a1b17c3 --- /dev/null +++ b/stacks/owntracks/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "owntracks_credentials" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "owntracks" { + source = "../../modules/kubernetes/owntracks" + tls_secret_name = var.tls_secret_name + owntracks_credentials = var.owntracks_credentials + tier = local.tiers.aux +} diff --git a/stacks/owntracks/terragrunt.hcl b/stacks/owntracks/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/owntracks/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/paperless-ngx/main.tf b/stacks/paperless-ngx/main.tf new file mode 100644 index 00000000..df02e87e --- /dev/null +++ b/stacks/paperless-ngx/main.tf @@ -0,0 +1,22 @@ +variable "tls_secret_name" { type = string } +variable "paperless_db_password" { type = string } +variable "homepage_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "paperless-ngx" { + source = "../../modules/kubernetes/paperless-ngx" + tls_secret_name = var.tls_secret_name + db_password = var.paperless_db_password + homepage_username = var.homepage_credentials["paperless-ngx"]["username"] + homepage_password = var.homepage_credentials["paperless-ngx"]["password"] + tier = local.tiers.edge +} diff --git a/stacks/paperless-ngx/terragrunt.hcl b/stacks/paperless-ngx/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/paperless-ngx/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/plotting-book/main.tf b/stacks/plotting-book/main.tf new file mode 100644 index 00000000..c3f77857 --- /dev/null +++ b/stacks/plotting-book/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "plotting-book" { + source = "../../modules/kubernetes/plotting-book" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/plotting-book/terragrunt.hcl b/stacks/plotting-book/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/plotting-book/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/privatebin/main.tf b/stacks/privatebin/main.tf new file mode 100644 index 00000000..c885ae07 --- /dev/null +++ b/stacks/privatebin/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "privatebin" { + source = "../../modules/kubernetes/privatebin" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/privatebin/terragrunt.hcl b/stacks/privatebin/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/privatebin/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/real-estate-crawler/main.tf b/stacks/real-estate-crawler/main.tf new file mode 100644 index 00000000..e17f6091 --- /dev/null +++ b/stacks/real-estate-crawler/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "realestate_crawler_db_password" { type = string } +variable "realestate_crawler_notification_settings" { type = map(string) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "real-estate-crawler" { + source = "../../modules/kubernetes/real-estate-crawler" + tls_secret_name = var.tls_secret_name + db_password = var.realestate_crawler_db_password + notification_settings = var.realestate_crawler_notification_settings + tier = local.tiers.aux +} diff --git a/stacks/real-estate-crawler/terragrunt.hcl b/stacks/real-estate-crawler/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/real-estate-crawler/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/reloader/main.tf b/stacks/reloader/main.tf new file mode 100644 index 00000000..ab9be77b --- /dev/null +++ b/stacks/reloader/main.tf @@ -0,0 +1,14 @@ +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "reloader" { + source = "../../modules/kubernetes/reloader" + tier = local.tiers.aux +} diff --git a/stacks/reloader/terragrunt.hcl b/stacks/reloader/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/reloader/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/resume/main.tf b/stacks/resume/main.tf new file mode 100644 index 00000000..990dda90 --- /dev/null +++ b/stacks/resume/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "resume_database_url" { type = string } +variable "resume_auth_secret" { type = string } +variable "mailserver_accounts" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "resume" { + source = "../../modules/kubernetes/resume" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + database_url = var.resume_database_url + auth_secret = var.resume_auth_secret + smtp_password = var.mailserver_accounts["info@viktorbarzin.me"] +} diff --git a/stacks/resume/terragrunt.hcl b/stacks/resume/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/resume/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/rybbit/main.tf b/stacks/rybbit/main.tf new file mode 100644 index 00000000..4bea7369 --- /dev/null +++ b/stacks/rybbit/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "clickhouse_password" { type = string } +variable "clickhouse_postgres_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "rybbit" { + source = "../../modules/kubernetes/rybbit" + tls_secret_name = var.tls_secret_name + clickhouse_password = var.clickhouse_password + postgres_password = var.clickhouse_postgres_password + tier = local.tiers.aux +} diff --git a/stacks/rybbit/terragrunt.hcl b/stacks/rybbit/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/rybbit/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/send/main.tf b/stacks/send/main.tf new file mode 100644 index 00000000..bbd9d21d --- /dev/null +++ b/stacks/send/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "send" { + source = "../../modules/kubernetes/send" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/send/terragrunt.hcl b/stacks/send/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/send/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/servarr/main.tf b/stacks/servarr/main.tf new file mode 100644 index 00000000..dba981fa --- /dev/null +++ b/stacks/servarr/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "aiostreams_database_connection_string" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "servarr" { + source = "../../modules/kubernetes/servarr" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + aiostreams_database_connection_string = var.aiostreams_database_connection_string +} diff --git a/stacks/servarr/terragrunt.hcl b/stacks/servarr/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/servarr/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/shadowsocks/main.tf b/stacks/shadowsocks/main.tf new file mode 100644 index 00000000..881f1b8d --- /dev/null +++ b/stacks/shadowsocks/main.tf @@ -0,0 +1,17 @@ +variable "shadowsocks_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "shadowsocks" { + source = "../../modules/kubernetes/shadowsocks" + password = var.shadowsocks_password + tier = local.tiers.edge +} diff --git a/stacks/shadowsocks/terragrunt.hcl b/stacks/shadowsocks/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/shadowsocks/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/speedtest/main.tf b/stacks/speedtest/main.tf new file mode 100644 index 00000000..cf1c73ee --- /dev/null +++ b/stacks/speedtest/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "speedtest_db_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "speedtest" { + source = "../../modules/kubernetes/speedtest" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + db_password = var.speedtest_db_password +} diff --git a/stacks/speedtest/terragrunt.hcl b/stacks/speedtest/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/speedtest/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/stirling-pdf/main.tf b/stacks/stirling-pdf/main.tf new file mode 100644 index 00000000..3005ea2f --- /dev/null +++ b/stacks/stirling-pdf/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "stirling-pdf" { + source = "../../modules/kubernetes/stirling-pdf" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/stirling-pdf/terragrunt.hcl b/stacks/stirling-pdf/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/stirling-pdf/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/tandoor/main.tf b/stacks/tandoor/main.tf new file mode 100644 index 00000000..cfa19b43 --- /dev/null +++ b/stacks/tandoor/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "tandoor_database_password" { type = string } +variable "tandoor_email_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "tandoor" { + source = "../../modules/kubernetes/tandoor" + tls_secret_name = var.tls_secret_name + tandoor_database_password = var.tandoor_database_password + tandoor_email_password = var.tandoor_email_password + tier = local.tiers.aux +} diff --git a/stacks/tandoor/terragrunt.hcl b/stacks/tandoor/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/tandoor/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/tor-proxy/main.tf b/stacks/tor-proxy/main.tf new file mode 100644 index 00000000..303d9699 --- /dev/null +++ b/stacks/tor-proxy/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "tor-proxy" { + source = "../../modules/kubernetes/tor-proxy" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/tor-proxy/terragrunt.hcl b/stacks/tor-proxy/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/tor-proxy/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/travel_blog/main.tf b/stacks/travel_blog/main.tf new file mode 100644 index 00000000..4b978820 --- /dev/null +++ b/stacks/travel_blog/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "travel_blog" { + source = "../../modules/kubernetes/travel_blog" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/travel_blog/terragrunt.hcl b/stacks/travel_blog/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/travel_blog/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/tuya-bridge/main.tf b/stacks/tuya-bridge/main.tf new file mode 100644 index 00000000..39b8efb0 --- /dev/null +++ b/stacks/tuya-bridge/main.tf @@ -0,0 +1,25 @@ +variable "tls_secret_name" { type = string } +variable "tiny_tuya_api_key" { type = string } +variable "tiny_tuya_api_secret" { type = string } +variable "tiny_tuya_service_secret" { type = string } +variable "tiny_tuya_slack_url" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "tuya-bridge" { + source = "../../modules/kubernetes/tuya-bridge" + tls_secret_name = var.tls_secret_name + tier = local.tiers.cluster + tiny_tuya_api_key = var.tiny_tuya_api_key + tiny_tuya_api_secret = var.tiny_tuya_api_secret + tiny_tuya_service_secret = var.tiny_tuya_service_secret + slack_url = var.tiny_tuya_slack_url +} diff --git a/stacks/tuya-bridge/terragrunt.hcl b/stacks/tuya-bridge/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/tuya-bridge/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/url/main.tf b/stacks/url/main.tf new file mode 100644 index 00000000..c4479290 --- /dev/null +++ b/stacks/url/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "url_shortener_geolite_license_key" { type = string } +variable "url_shortener_api_key" { type = string } +variable "url_shortener_mysql_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "url" { + source = "../../modules/kubernetes/url-shortener" + tls_secret_name = var.tls_secret_name + geolite_license_key = var.url_shortener_geolite_license_key + api_key = var.url_shortener_api_key + mysql_password = var.url_shortener_mysql_password + tier = local.tiers.aux +} diff --git a/stacks/url/terragrunt.hcl b/stacks/url/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/url/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/wealthfolio/main.tf b/stacks/wealthfolio/main.tf new file mode 100644 index 00000000..a0a006af --- /dev/null +++ b/stacks/wealthfolio/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "wealthfolio_password_hash" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "wealthfolio" { + source = "../../modules/kubernetes/wealthfolio" + tls_secret_name = var.tls_secret_name + wealthfolio_password_hash = var.wealthfolio_password_hash + tier = local.tiers.aux +} diff --git a/stacks/wealthfolio/terragrunt.hcl b/stacks/wealthfolio/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/wealthfolio/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/webhook_handler/main.tf b/stacks/webhook_handler/main.tf new file mode 100644 index 00000000..3ac6c8c9 --- /dev/null +++ b/stacks/webhook_handler/main.tf @@ -0,0 +1,31 @@ +variable "tls_secret_name" { type = string } +variable "webhook_handler_secret" { type = string } +variable "webhook_handler_fb_verify_token" { type = string } +variable "webhook_handler_fb_page_token" { type = string } +variable "webhook_handler_fb_app_secret" { type = string } +variable "webhook_handler_git_user" { type = string } +variable "webhook_handler_git_token" { type = string } +variable "webhook_handler_ssh_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "webhook_handler" { + source = "../../modules/kubernetes/webhook_handler" + tls_secret_name = var.tls_secret_name + webhook_secret = var.webhook_handler_secret + fb_verify_token = var.webhook_handler_fb_verify_token + fb_page_token = var.webhook_handler_fb_page_token + fb_app_secret = var.webhook_handler_fb_app_secret + git_user = var.webhook_handler_git_user + git_token = var.webhook_handler_git_token + ssh_key = var.webhook_handler_ssh_key + tier = local.tiers.aux +} diff --git a/stacks/webhook_handler/terragrunt.hcl b/stacks/webhook_handler/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/webhook_handler/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/whisper/main.tf b/stacks/whisper/main.tf new file mode 100644 index 00000000..b9a38083 --- /dev/null +++ b/stacks/whisper/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "whisper" { + source = "../../modules/kubernetes/whisper" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu +} diff --git a/stacks/whisper/terragrunt.hcl b/stacks/whisper/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/whisper/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ytdlp/main.tf b/stacks/ytdlp/main.tf new file mode 100644 index 00000000..d5fc3224 --- /dev/null +++ b/stacks/ytdlp/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "openrouter_api_key" { type = string } +variable "slack_bot_token" { type = string } +variable "slack_channel" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ytdlp" { + source = "../../modules/kubernetes/youtube_dl" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + openrouter_api_key = var.openrouter_api_key + slack_bot_token = var.slack_bot_token + slack_channel = var.slack_channel +} diff --git a/stacks/ytdlp/terragrunt.hcl b/stacks/ytdlp/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ytdlp/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +}