From a9ba8899be7a10051accdc3df761ec68b9d870ec Mon Sep 17 00:00:00 2001 From: Viktor Barzin Date: Sun, 22 Feb 2026 13:56:34 +0000 Subject: [PATCH] [ci skip] Phase 3: Create 66 service stacks and migrate state Generated individual stack directories for all 66 services under stacks/. Each stack has terragrunt.hcl (depends on platform) and main.tf (thin wrapper calling existing module). Migrated all 64 active service states from root terraform.tfstate to individual state files. Root state is now empty. Verified with terragrunt plan on multiple stacks (no changes). --- scripts/gen_service_stacks.py | 535 ++++++++++++++++++++++ scripts/migrate_service_state.sh | 115 +++++ stacks/actualbudget/main.tf | 19 + stacks/actualbudget/terragrunt.hcl | 8 + stacks/affine/main.tf | 21 + stacks/affine/terragrunt.hcl | 8 + stacks/audiobookshelf/main.tf | 17 + stacks/audiobookshelf/terragrunt.hcl | 8 + stacks/blog/main.tf | 17 + stacks/blog/terragrunt.hcl | 8 + stacks/calibre/main.tf | 20 + stacks/calibre/terragrunt.hcl | 8 + stacks/changedetection/main.tf | 17 + stacks/changedetection/terragrunt.hcl | 8 + stacks/city-guesser/main.tf | 17 + stacks/city-guesser/terragrunt.hcl | 8 + stacks/coturn/main.tf | 21 + stacks/coturn/terragrunt.hcl | 8 + stacks/cyberchef/main.tf | 17 + stacks/cyberchef/terragrunt.hcl | 8 + stacks/dashy/main.tf | 17 + stacks/dashy/terragrunt.hcl | 8 + stacks/dawarich/main.tf | 21 + stacks/dawarich/terragrunt.hcl | 8 + stacks/descheduler/main.tf | 3 + stacks/descheduler/terragrunt.hcl | 8 + stacks/diun/main.tf | 21 + stacks/diun/terragrunt.hcl | 8 + stacks/drone/main.tf | 27 ++ stacks/drone/terragrunt.hcl | 8 + stacks/ebook2audiobook/main.tf | 17 + stacks/ebook2audiobook/terragrunt.hcl | 8 + stacks/echo/main.tf | 17 + stacks/echo/terragrunt.hcl | 8 + stacks/excalidraw/main.tf | 17 + stacks/excalidraw/terragrunt.hcl | 8 + stacks/f1-stream/main.tf | 21 + stacks/f1-stream/terragrunt.hcl | 8 + stacks/forgejo/main.tf | 17 + stacks/forgejo/terragrunt.hcl | 8 + stacks/freedify/main.tf | 19 + stacks/freedify/terragrunt.hcl | 8 + stacks/freshrss/main.tf | 17 + stacks/freshrss/terragrunt.hcl | 8 + stacks/frigate/main.tf | 17 + stacks/frigate/terragrunt.hcl | 8 + stacks/grampsweb/main.tf | 19 + stacks/grampsweb/terragrunt.hcl | 8 + stacks/hackmd/main.tf | 19 + stacks/hackmd/terragrunt.hcl | 8 + stacks/health/main.tf | 21 + stacks/health/terragrunt.hcl | 8 + stacks/homepage/main.tf | 17 + stacks/homepage/terragrunt.hcl | 8 + stacks/immich/main.tf | 23 + stacks/immich/terragrunt.hcl | 8 + stacks/isponsorblocktv/main.tf | 14 + stacks/isponsorblocktv/terragrunt.hcl | 8 + stacks/jsoncrack/main.tf | 17 + stacks/jsoncrack/terragrunt.hcl | 8 + stacks/k8s-dashboard/main.tf | 19 + stacks/k8s-dashboard/terragrunt.hcl | 8 + stacks/kms/main.tf | 17 + stacks/kms/terragrunt.hcl | 8 + stacks/linkwarden/main.tf | 23 + stacks/linkwarden/terragrunt.hcl | 8 + stacks/matrix/main.tf | 17 + stacks/matrix/terragrunt.hcl | 8 + stacks/meshcentral/main.tf | 17 + stacks/meshcentral/terragrunt.hcl | 8 + stacks/n8n/main.tf | 19 + stacks/n8n/terragrunt.hcl | 8 + stacks/navidrome/main.tf | 17 + stacks/navidrome/terragrunt.hcl | 8 + stacks/netbox/main.tf | 17 + stacks/netbox/terragrunt.hcl | 8 + stacks/networking-toolbox/main.tf | 17 + stacks/networking-toolbox/terragrunt.hcl | 8 + stacks/nextcloud/main.tf | 19 + stacks/nextcloud/terragrunt.hcl | 8 + stacks/ntfy/main.tf | 17 + stacks/ntfy/terragrunt.hcl | 8 + stacks/ollama/main.tf | 19 + stacks/ollama/terragrunt.hcl | 8 + stacks/onlyoffice/main.tf | 21 + stacks/onlyoffice/terragrunt.hcl | 8 + stacks/openclaw/main.tf | 29 ++ stacks/openclaw/terragrunt.hcl | 8 + stacks/osm_routing/main.tf | 17 + stacks/osm_routing/terragrunt.hcl | 8 + stacks/owntracks/main.tf | 19 + stacks/owntracks/terragrunt.hcl | 8 + stacks/paperless-ngx/main.tf | 22 + stacks/paperless-ngx/terragrunt.hcl | 8 + stacks/plotting-book/main.tf | 17 + stacks/plotting-book/terragrunt.hcl | 8 + stacks/privatebin/main.tf | 17 + stacks/privatebin/terragrunt.hcl | 8 + stacks/real-estate-crawler/main.tf | 21 + stacks/real-estate-crawler/terragrunt.hcl | 8 + stacks/reloader/main.tf | 14 + stacks/reloader/terragrunt.hcl | 8 + stacks/resume/main.tf | 23 + stacks/resume/terragrunt.hcl | 8 + stacks/rybbit/main.tf | 21 + stacks/rybbit/terragrunt.hcl | 8 + stacks/send/main.tf | 17 + stacks/send/terragrunt.hcl | 8 + stacks/servarr/main.tf | 19 + stacks/servarr/terragrunt.hcl | 8 + stacks/shadowsocks/main.tf | 17 + stacks/shadowsocks/terragrunt.hcl | 8 + stacks/speedtest/main.tf | 19 + stacks/speedtest/terragrunt.hcl | 8 + stacks/stirling-pdf/main.tf | 17 + stacks/stirling-pdf/terragrunt.hcl | 8 + stacks/tandoor/main.tf | 21 + stacks/tandoor/terragrunt.hcl | 8 + stacks/tor-proxy/main.tf | 17 + stacks/tor-proxy/terragrunt.hcl | 8 + stacks/travel_blog/main.tf | 17 + stacks/travel_blog/terragrunt.hcl | 8 + stacks/tuya-bridge/main.tf | 25 + stacks/tuya-bridge/terragrunt.hcl | 8 + stacks/url/main.tf | 23 + stacks/url/terragrunt.hcl | 8 + stacks/wealthfolio/main.tf | 19 + stacks/wealthfolio/terragrunt.hcl | 8 + stacks/webhook_handler/main.tf | 31 ++ stacks/webhook_handler/terragrunt.hcl | 8 + stacks/whisper/main.tf | 17 + stacks/whisper/terragrunt.hcl | 8 + stacks/ytdlp/main.tf | 23 + stacks/ytdlp/terragrunt.hcl | 8 + 134 files changed, 2426 insertions(+) create mode 100644 scripts/gen_service_stacks.py create mode 100644 scripts/migrate_service_state.sh create mode 100644 stacks/actualbudget/main.tf create mode 100644 stacks/actualbudget/terragrunt.hcl create mode 100644 stacks/affine/main.tf create mode 100644 stacks/affine/terragrunt.hcl create mode 100644 stacks/audiobookshelf/main.tf create mode 100644 stacks/audiobookshelf/terragrunt.hcl create mode 100644 stacks/blog/main.tf create mode 100644 stacks/blog/terragrunt.hcl create mode 100644 stacks/calibre/main.tf create mode 100644 stacks/calibre/terragrunt.hcl create mode 100644 stacks/changedetection/main.tf create mode 100644 stacks/changedetection/terragrunt.hcl create mode 100644 stacks/city-guesser/main.tf create mode 100644 stacks/city-guesser/terragrunt.hcl create mode 100644 stacks/coturn/main.tf create mode 100644 stacks/coturn/terragrunt.hcl create mode 100644 stacks/cyberchef/main.tf create mode 100644 stacks/cyberchef/terragrunt.hcl create mode 100644 stacks/dashy/main.tf create mode 100644 stacks/dashy/terragrunt.hcl create mode 100644 stacks/dawarich/main.tf create mode 100644 stacks/dawarich/terragrunt.hcl create mode 100644 stacks/descheduler/main.tf create mode 100644 stacks/descheduler/terragrunt.hcl create mode 100644 stacks/diun/main.tf create mode 100644 stacks/diun/terragrunt.hcl create mode 100644 stacks/drone/main.tf create mode 100644 stacks/drone/terragrunt.hcl create mode 100644 stacks/ebook2audiobook/main.tf create mode 100644 stacks/ebook2audiobook/terragrunt.hcl create mode 100644 stacks/echo/main.tf create mode 100644 stacks/echo/terragrunt.hcl create mode 100644 stacks/excalidraw/main.tf create mode 100644 stacks/excalidraw/terragrunt.hcl create mode 100644 stacks/f1-stream/main.tf create mode 100644 stacks/f1-stream/terragrunt.hcl create mode 100644 stacks/forgejo/main.tf create mode 100644 stacks/forgejo/terragrunt.hcl create mode 100644 stacks/freedify/main.tf create mode 100644 stacks/freedify/terragrunt.hcl create mode 100644 stacks/freshrss/main.tf create mode 100644 stacks/freshrss/terragrunt.hcl create mode 100644 stacks/frigate/main.tf create mode 100644 stacks/frigate/terragrunt.hcl create mode 100644 stacks/grampsweb/main.tf create mode 100644 stacks/grampsweb/terragrunt.hcl create mode 100644 stacks/hackmd/main.tf create mode 100644 stacks/hackmd/terragrunt.hcl create mode 100644 stacks/health/main.tf create mode 100644 stacks/health/terragrunt.hcl create mode 100644 stacks/homepage/main.tf create mode 100644 stacks/homepage/terragrunt.hcl create mode 100644 stacks/immich/main.tf create mode 100644 stacks/immich/terragrunt.hcl create mode 100644 stacks/isponsorblocktv/main.tf create mode 100644 stacks/isponsorblocktv/terragrunt.hcl create mode 100644 stacks/jsoncrack/main.tf create mode 100644 stacks/jsoncrack/terragrunt.hcl create mode 100644 stacks/k8s-dashboard/main.tf create mode 100644 stacks/k8s-dashboard/terragrunt.hcl create mode 100644 stacks/kms/main.tf create mode 100644 stacks/kms/terragrunt.hcl create mode 100644 stacks/linkwarden/main.tf create mode 100644 stacks/linkwarden/terragrunt.hcl create mode 100644 stacks/matrix/main.tf create mode 100644 stacks/matrix/terragrunt.hcl create mode 100644 stacks/meshcentral/main.tf create mode 100644 stacks/meshcentral/terragrunt.hcl create mode 100644 stacks/n8n/main.tf create mode 100644 stacks/n8n/terragrunt.hcl create mode 100644 stacks/navidrome/main.tf create mode 100644 stacks/navidrome/terragrunt.hcl create mode 100644 stacks/netbox/main.tf create mode 100644 stacks/netbox/terragrunt.hcl create mode 100644 stacks/networking-toolbox/main.tf create mode 100644 stacks/networking-toolbox/terragrunt.hcl create mode 100644 stacks/nextcloud/main.tf create mode 100644 stacks/nextcloud/terragrunt.hcl create mode 100644 stacks/ntfy/main.tf create mode 100644 stacks/ntfy/terragrunt.hcl create mode 100644 stacks/ollama/main.tf create mode 100644 stacks/ollama/terragrunt.hcl create mode 100644 stacks/onlyoffice/main.tf create mode 100644 stacks/onlyoffice/terragrunt.hcl create mode 100644 stacks/openclaw/main.tf create mode 100644 stacks/openclaw/terragrunt.hcl create mode 100644 stacks/osm_routing/main.tf create mode 100644 stacks/osm_routing/terragrunt.hcl create mode 100644 stacks/owntracks/main.tf create mode 100644 stacks/owntracks/terragrunt.hcl create mode 100644 stacks/paperless-ngx/main.tf create mode 100644 stacks/paperless-ngx/terragrunt.hcl create mode 100644 stacks/plotting-book/main.tf create mode 100644 stacks/plotting-book/terragrunt.hcl create mode 100644 stacks/privatebin/main.tf create mode 100644 stacks/privatebin/terragrunt.hcl create mode 100644 stacks/real-estate-crawler/main.tf create mode 100644 stacks/real-estate-crawler/terragrunt.hcl create mode 100644 stacks/reloader/main.tf create mode 100644 stacks/reloader/terragrunt.hcl create mode 100644 stacks/resume/main.tf create mode 100644 stacks/resume/terragrunt.hcl create mode 100644 stacks/rybbit/main.tf create mode 100644 stacks/rybbit/terragrunt.hcl create mode 100644 stacks/send/main.tf create mode 100644 stacks/send/terragrunt.hcl create mode 100644 stacks/servarr/main.tf create mode 100644 stacks/servarr/terragrunt.hcl create mode 100644 stacks/shadowsocks/main.tf create mode 100644 stacks/shadowsocks/terragrunt.hcl create mode 100644 stacks/speedtest/main.tf create mode 100644 stacks/speedtest/terragrunt.hcl create mode 100644 stacks/stirling-pdf/main.tf create mode 100644 stacks/stirling-pdf/terragrunt.hcl create mode 100644 stacks/tandoor/main.tf create mode 100644 stacks/tandoor/terragrunt.hcl create mode 100644 stacks/tor-proxy/main.tf create mode 100644 stacks/tor-proxy/terragrunt.hcl create mode 100644 stacks/travel_blog/main.tf create mode 100644 stacks/travel_blog/terragrunt.hcl create mode 100644 stacks/tuya-bridge/main.tf create mode 100644 stacks/tuya-bridge/terragrunt.hcl create mode 100644 stacks/url/main.tf create mode 100644 stacks/url/terragrunt.hcl create mode 100644 stacks/wealthfolio/main.tf create mode 100644 stacks/wealthfolio/terragrunt.hcl create mode 100644 stacks/webhook_handler/main.tf create mode 100644 stacks/webhook_handler/terragrunt.hcl create mode 100644 stacks/whisper/main.tf create mode 100644 stacks/whisper/terragrunt.hcl create mode 100644 stacks/ytdlp/main.tf create mode 100644 stacks/ytdlp/terragrunt.hcl diff --git a/scripts/gen_service_stacks.py b/scripts/gen_service_stacks.py new file mode 100644 index 00000000..b0b92c7d --- /dev/null +++ b/scripts/gen_service_stacks.py @@ -0,0 +1,535 @@ +#!/usr/bin/env python3 +"""Generate Terragrunt service stack files for all app-level services.""" +import os +import textwrap + +REPO_ROOT = os.path.dirname(os.path.dirname(os.path.abspath(__file__))) + +# Each service: (module_name, source_dir, [(arg_name, var_expr), ...], tier) +# var_expr is what goes on the right side of = in the module call. +# If var_expr starts with "var.", it's a variable passthrough and we declare the variable. +# If it's a literal string, we inline it. +# Special: "LOCAL_TIER" means we use local.tiers. +SERVICES = [ + ("blog", "blog", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("descheduler", "descheduler", []), + ("drone", "drone", [ + ("tls_secret_name", "var.tls_secret_name"), + ("github_client_id", "var.drone_github_client_id"), + ("github_client_secret", "var.drone_github_client_secret"), + ("rpc_secret", "var.drone_rpc_secret"), + ("webhook_secret", "var.drone_webhook_secret"), + ("server_host", '"drone.viktorbarzin.me"'), + ("server_proto", '"https"'), + ("tier", "LOCAL_TIER:edge"), + ]), + ("f1-stream", "f1-stream", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("turn_secret", "var.coturn_turn_secret"), + ("public_ip", "var.public_ip"), + ]), + ("coturn", "coturn", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ("turn_secret", "var.coturn_turn_secret"), + ("public_ip", "var.public_ip"), + ]), + ("hackmd", "hackmd", [ + ("hackmd_db_password", "var.hackmd_db_password"), + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("kms", "kms", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("k8s-dashboard", "k8s-dashboard", [ + ("tier", "LOCAL_TIER:cluster"), + ("tls_secret_name", "var.tls_secret_name"), + ("client_certificate_secret_name", "var.client_certificate_secret_name"), + ]), + ("privatebin", "privatebin", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("reloader", "reloader", [ + ("tier", "LOCAL_TIER:aux"), + ]), + ("shadowsocks", "shadowsocks", [ + ("password", "var.shadowsocks_password"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("city-guesser", "city-guesser", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("echo", "echo", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("url", "url-shortener", [ + ("tls_secret_name", "var.tls_secret_name"), + ("geolite_license_key", "var.url_shortener_geolite_license_key"), + ("api_key", "var.url_shortener_api_key"), + ("mysql_password", "var.url_shortener_mysql_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("webhook_handler", "webhook_handler", [ + ("tls_secret_name", "var.tls_secret_name"), + ("webhook_secret", "var.webhook_handler_secret"), + ("fb_verify_token", "var.webhook_handler_fb_verify_token"), + ("fb_page_token", "var.webhook_handler_fb_page_token"), + ("fb_app_secret", "var.webhook_handler_fb_app_secret"), + ("git_user", "var.webhook_handler_git_user"), + ("git_token", "var.webhook_handler_git_token"), + ("ssh_key", "var.webhook_handler_ssh_key"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("excalidraw", "excalidraw", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("travel_blog", "travel_blog", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("dashy", "dashy", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("send", "send", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("ytdlp", "youtube_dl", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("openrouter_api_key", "var.openrouter_api_key"), + ("slack_bot_token", "var.slack_bot_token"), + ("slack_channel", "var.slack_channel"), + ]), + ("immich", "immich", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.immich_postgresql_password"), + ("frame_api_key", "var.immich_frame_api_key"), + ("homepage_token", 'var.homepage_credentials["immich"]["token"]'), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("resume", "resume", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("database_url", "var.resume_database_url"), + ("auth_secret", "var.resume_auth_secret"), + ("smtp_password", 'var.mailserver_accounts["info@viktorbarzin.me"]'), + ]), + ("calibre", "calibre", [ + ("tls_secret_name", "var.tls_secret_name"), + ("homepage_username", 'var.homepage_credentials["calibre-web"]["username"]'), + ("homepage_password", 'var.homepage_credentials["calibre-web"]["password"]'), + ("tier", "LOCAL_TIER:edge"), + ]), + ("audiobookshelf", "audiobookshelf", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("frigate", "frigate", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("paperless-ngx", "paperless-ngx", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.paperless_db_password"), + ("homepage_username", 'var.homepage_credentials["paperless-ngx"]["username"]'), + ("homepage_password", 'var.homepage_credentials["paperless-ngx"]["password"]'), + ("tier", "LOCAL_TIER:edge"), + ]), + ("jsoncrack", "jsoncrack", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("servarr", "servarr", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("aiostreams_database_connection_string", "var.aiostreams_database_connection_string"), + ]), + ("ollama", "ollama", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ("ollama_api_credentials", "var.ollama_api_credentials"), + ]), + ("ntfy", "ntfy", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("cyberchef", "cyberchef", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("diun", "diun", [ + ("tls_secret_name", "var.tls_secret_name"), + ("diun_nfty_token", "var.diun_nfty_token"), + ("diun_slack_url", "var.diun_slack_url"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("meshcentral", "meshcentral", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("netbox", "netbox", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("nextcloud", "nextcloud", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.nextcloud_db_password"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("homepage", "homepage", [ + ("tier", "LOCAL_TIER:aux"), + ("tls_secret_name", "var.tls_secret_name"), + ]), + ("matrix", "matrix", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("linkwarden", "linkwarden", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.linkwarden_postgresql_password"), + ("authentik_client_id", "var.linkwarden_authentik_client_id"), + ("authentik_client_secret", "var.linkwarden_authentik_client_secret"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("actualbudget", "actualbudget", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ("credentials", "var.actualbudget_credentials"), + ]), + ("owntracks", "owntracks", [ + ("tls_secret_name", "var.tls_secret_name"), + ("owntracks_credentials", "var.owntracks_credentials"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("dawarich", "dawarich", [ + ("tls_secret_name", "var.tls_secret_name"), + ("database_password", "var.dawarich_database_password"), + ("geoapify_api_key", "var.geoapify_api_key"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("changedetection", "changedetection", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("tandoor", "tandoor", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tandoor_database_password", "var.tandoor_database_password"), + ("tandoor_email_password", "var.tandoor_email_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("n8n", "n8n", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.n8n_postgresql_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("real-estate-crawler", "real-estate-crawler", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.realestate_crawler_db_password"), + ("notification_settings", "var.realestate_crawler_notification_settings"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("osm_routing", "osm-routing", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("tor-proxy", "tor-proxy", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("onlyoffice", "onlyoffice", [ + ("tls_secret_name", "var.tls_secret_name"), + ("db_password", "var.onlyoffice_db_password"), + ("jwt_token", "var.onlyoffice_jwt_token"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("forgejo", "forgejo", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:edge"), + ]), + ("freshrss", "freshrss", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("navidrome", "navidrome", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("networking-toolbox", "networking-toolbox", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("tuya-bridge", "tuya-bridge", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:cluster"), + ("tiny_tuya_api_key", "var.tiny_tuya_api_key"), + ("tiny_tuya_api_secret", "var.tiny_tuya_api_secret"), + ("tiny_tuya_service_secret", "var.tiny_tuya_service_secret"), + ("slack_url", "var.tiny_tuya_slack_url"), + ]), + ("stirling-pdf", "stirling-pdf", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("isponsorblocktv", "isponsorblocktv", [ + ("tier", "LOCAL_TIER:edge"), + ]), + ("ebook2audiobook", "ebook2audiobook", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("rybbit", "rybbit", [ + ("tls_secret_name", "var.tls_secret_name"), + ("clickhouse_password", "var.clickhouse_password"), + ("postgres_password", "var.clickhouse_postgres_password"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("wealthfolio", "wealthfolio", [ + ("tls_secret_name", "var.tls_secret_name"), + ("wealthfolio_password_hash", "var.wealthfolio_password_hash"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("speedtest", "speedtest", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("db_password", "var.speedtest_db_password"), + ]), + ("freedify", "freedify", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ("additional_credentials", "var.freedify_credentials"), + ]), + ("affine", "affine", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.affine_postgresql_password"), + ("smtp_password", 'var.mailserver_accounts["info@viktorbarzin.me"]'), + ("tier", "LOCAL_TIER:aux"), + ]), + ("plotting-book", "plotting-book", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("health", "health", [ + ("tls_secret_name", "var.tls_secret_name"), + ("postgresql_password", "var.health_postgresql_password"), + ("secret_key", "var.health_secret_key"), + ("tier", "LOCAL_TIER:aux"), + ]), + ("whisper", "whisper", [ + ("tls_secret_name", "var.tls_secret_name"), + ("tier", "LOCAL_TIER:gpu"), + ]), + ("grampsweb", "grampsweb", [ + ("tls_secret_name", "var.tls_secret_name"), + ("smtp_password", 'var.mailserver_accounts["info@viktorbarzin.me"]'), + ("tier", "LOCAL_TIER:aux"), + ]), + ("openclaw", "openclaw", [ + ("tls_secret_name", "var.tls_secret_name"), + ("ssh_key", "var.openclaw_ssh_key"), + ("skill_secrets", "var.openclaw_skill_secrets"), + ("gemini_api_key", "var.gemini_api_key"), + ("llama_api_key", "var.llama_api_key"), + ("brave_api_key", "var.brave_api_key"), + ("modal_api_key", "var.modal_api_key"), + ("tier", "LOCAL_TIER:aux"), + ]), +] + +# Variable type overrides (var_name -> type declaration) +VAR_TYPES = { + "tls_secret_name": "string", + "client_certificate_secret_name": "string", + "public_ip": "string", + "hackmd_db_password": "string", + "shadowsocks_password": "string", + "openrouter_api_key": "string", + "slack_bot_token": "string", + "slack_channel": "string", + "ollama_api_credentials": "string", + "clickhouse_password": "string", + "clickhouse_postgres_password": "string", + "wealthfolio_password_hash": "string", + "speedtest_db_password": "string", + "affine_postgresql_password": "string", + "health_postgresql_password": "string", + "health_secret_key": "string", + "gemini_api_key": "string", + "llama_api_key": "string", + "brave_api_key": "string", + "modal_api_key": "string", + "coturn_turn_secret": "string", + "onlyoffice_db_password": "string", + "onlyoffice_jwt_token": "string", + "resume_database_url": "string", + "resume_auth_secret": "string", + "nextcloud_db_password": "string", + "paperless_db_password": "string", + "diun_nfty_token": "string", + "diun_slack_url": "string", + "dawarich_database_password": "string", + "geoapify_api_key": "string", + "tandoor_database_password": "string", + "tandoor_email_password": "string", + "n8n_postgresql_password": "string", + "realestate_crawler_db_password": "string", + "immich_postgresql_password": "string", + "immich_frame_api_key": "string", + "linkwarden_postgresql_password": "string", + "linkwarden_authentik_client_id": "string", + "linkwarden_authentik_client_secret": "string", + "aiostreams_database_connection_string": "string", + "tiny_tuya_api_key": "string", + "tiny_tuya_api_secret": "string", + "tiny_tuya_service_secret": "string", + "tiny_tuya_slack_url": "string", + "drone_github_client_id": "string", + "drone_github_client_secret": "string", + "drone_rpc_secret": "string", + "drone_webhook_secret": "string", + "url_shortener_geolite_license_key": "string", + "url_shortener_api_key": "string", + "url_shortener_mysql_password": "string", + "webhook_handler_secret": "string", + "webhook_handler_fb_verify_token": "string", + "webhook_handler_fb_page_token": "string", + "webhook_handler_fb_app_secret": "string", + "webhook_handler_git_user": "string", + "webhook_handler_git_token": "string", + "webhook_handler_ssh_key": "string", + "openclaw_ssh_key": "string", + "openclaw_skill_secrets": "map(string)", + "actualbudget_credentials": "map(any)", + "freedify_credentials": "map(any)", + "realestate_crawler_notification_settings": "map(string)", + "homepage_credentials": "map(any)", + "mailserver_accounts": "map(any)", + "owntracks_credentials": "string", +} + +TERRAGRUNT_HCL = """\ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} +""" + +TIERS_BLOCK = """\ +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} +""" + + +def extract_var_name(expr): + """Extract variable name from var.xxx or var.xxx["yyy"]["zzz"].""" + if not expr.startswith("var."): + return None + # Get the base variable name (before any indexing) + name = expr[4:] + bracket = name.find("[") + if bracket != -1: + name = name[:bracket] + return name + + +def gen_main_tf(mod_name, source_dir, args): + """Generate main.tf content for a service stack.""" + lines = [] + + # Collect variables needed + vars_needed = {} + needs_tiers = False + for arg_name, var_expr in args: + if var_expr.startswith("LOCAL_TIER:"): + needs_tiers = True + continue + vname = extract_var_name(var_expr) + if vname and vname not in vars_needed: + vtype = VAR_TYPES.get(vname, None) + vars_needed[vname] = vtype + + # Variable declarations + for vname, vtype in vars_needed.items(): + if vtype: + lines.append(f'variable "{vname}" {{ type = {vtype} }}') + else: + lines.append(f'variable "{vname}" {{}}') + + if vars_needed: + lines.append("") + + # Tiers block if needed + if needs_tiers: + lines.append(TIERS_BLOCK) + + # Module call + lines.append(f'module "{mod_name}" {{') + lines.append(f' source = "../../modules/kubernetes/{source_dir}"') + for arg_name, var_expr in args: + if var_expr.startswith("LOCAL_TIER:"): + tier = var_expr.split(":")[1] + val = f"local.tiers.{tier}" + else: + val = var_expr + # Pad for alignment + lines.append(f" {arg_name:30s} = {val}") + lines.append("}") + lines.append("") + + return "\n".join(lines) + + +def main(): + stacks_dir = os.path.join(REPO_ROOT, "stacks") + + for mod_name, source_dir, args in SERVICES: + # Use source_dir as the stack directory name for consistency + # But some modules have different names than source dirs + # Use the module name for the stack dir + stack_dir = os.path.join(stacks_dir, mod_name) + os.makedirs(stack_dir, exist_ok=True) + + # terragrunt.hcl + tg_path = os.path.join(stack_dir, "terragrunt.hcl") + with open(tg_path, "w") as f: + f.write(TERRAGRUNT_HCL) + + # main.tf + main_path = os.path.join(stack_dir, "main.tf") + with open(main_path, "w") as f: + f.write(gen_main_tf(mod_name, source_dir, args)) + + # secrets symlink + secrets_link = os.path.join(stack_dir, "secrets") + if not os.path.exists(secrets_link): + os.symlink("../../secrets", secrets_link) + + print(f" Created stacks/{mod_name}/") + + print(f"\nGenerated {len(SERVICES)} service stacks") + + +if __name__ == "__main__": + main() diff --git a/scripts/migrate_service_state.sh b/scripts/migrate_service_state.sh new file mode 100644 index 00000000..eb3e5a80 --- /dev/null +++ b/scripts/migrate_service_state.sh @@ -0,0 +1,115 @@ +#!/bin/bash +# Phase 3: Migrate all service module state from root to individual stacks +# Each module in root state is at: module.kubernetes_cluster.module.[""] +# Target: state/stacks//terraform.tfstate as module. + +set -euo pipefail + +ROOT_STATE="$(pwd)/terraform.tfstate" +STATE_DIR="$(pwd)/state/stacks" + +# All 64 service modules currently in root state +MODULES=( + actualbudget + affine + audiobookshelf + blog + calibre + changedetection + city-guesser + coturn + cyberchef + dashy + dawarich + descheduler + diun + drone + ebook2audiobook + echo + excalidraw + f1-stream + forgejo + freedify + freshrss + frigate + hackmd + health + homepage + immich + isponsorblocktv + jsoncrack + kms + linkwarden + matrix + meshcentral + n8n + navidrome + netbox + networking-toolbox + nextcloud + ntfy + ollama + onlyoffice + openclaw + osm_routing + owntracks + paperless-ngx + plotting-book + privatebin + real-estate-crawler + reloader + resume + rybbit + send + servarr + shadowsocks + speedtest + stirling-pdf + tandoor + tor-proxy + travel_blog + tuya-bridge + url + wealthfolio + webhook_handler + whisper + ytdlp +) + +TOTAL=${#MODULES[@]} +SUCCESS=0 +FAIL=0 + +echo "=== Phase 3: Service State Migration ===" +echo "Migrating $TOTAL modules from root state to individual stacks" +echo "" + +for mod in "${MODULES[@]}"; do + idx=$((SUCCESS + FAIL + 1)) + echo "[$idx/$TOTAL] Migrating: $mod" + + # Create state directory + mkdir -p "$STATE_DIR/$mod" + + # Source address (with for_each key) + SRC="module.kubernetes_cluster.module.${mod}[\"${mod}\"]" + DST="module.${mod}" + DST_STATE="$STATE_DIR/$mod/terraform.tfstate" + + if terraform state mv \ + -state="$ROOT_STATE" \ + -state-out="$DST_STATE" \ + "$SRC" "$DST" 2>&1; then + echo " ✓ $mod migrated successfully" + SUCCESS=$((SUCCESS + 1)) + else + echo " ✗ $mod FAILED" + FAIL=$((FAIL + 1)) + fi + echo "" +done + +echo "=== Migration Summary ===" +echo "Total: $TOTAL" +echo "Success: $SUCCESS" +echo "Failed: $FAIL" diff --git a/stacks/actualbudget/main.tf b/stacks/actualbudget/main.tf new file mode 100644 index 00000000..2bb2d58c --- /dev/null +++ b/stacks/actualbudget/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "actualbudget_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "actualbudget" { + source = "../../modules/kubernetes/actualbudget" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge + credentials = var.actualbudget_credentials +} diff --git a/stacks/actualbudget/terragrunt.hcl b/stacks/actualbudget/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/actualbudget/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/affine/main.tf b/stacks/affine/main.tf new file mode 100644 index 00000000..52137488 --- /dev/null +++ b/stacks/affine/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "affine_postgresql_password" { type = string } +variable "mailserver_accounts" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "affine" { + source = "../../modules/kubernetes/affine" + tls_secret_name = var.tls_secret_name + postgresql_password = var.affine_postgresql_password + smtp_password = var.mailserver_accounts["info@viktorbarzin.me"] + tier = local.tiers.aux +} diff --git a/stacks/affine/terragrunt.hcl b/stacks/affine/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/affine/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/audiobookshelf/main.tf b/stacks/audiobookshelf/main.tf new file mode 100644 index 00000000..a7930049 --- /dev/null +++ b/stacks/audiobookshelf/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "audiobookshelf" { + source = "../../modules/kubernetes/audiobookshelf" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/audiobookshelf/terragrunt.hcl b/stacks/audiobookshelf/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/audiobookshelf/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/blog/main.tf b/stacks/blog/main.tf new file mode 100644 index 00000000..15aefede --- /dev/null +++ b/stacks/blog/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "blog" { + source = "../../modules/kubernetes/blog" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/blog/terragrunt.hcl b/stacks/blog/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/blog/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/calibre/main.tf b/stacks/calibre/main.tf new file mode 100644 index 00000000..4170c94d --- /dev/null +++ b/stacks/calibre/main.tf @@ -0,0 +1,20 @@ +variable "tls_secret_name" { type = string } +variable "homepage_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "calibre" { + source = "../../modules/kubernetes/calibre" + tls_secret_name = var.tls_secret_name + homepage_username = var.homepage_credentials["calibre-web"]["username"] + homepage_password = var.homepage_credentials["calibre-web"]["password"] + tier = local.tiers.edge +} diff --git a/stacks/calibre/terragrunt.hcl b/stacks/calibre/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/calibre/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/changedetection/main.tf b/stacks/changedetection/main.tf new file mode 100644 index 00000000..c6996e46 --- /dev/null +++ b/stacks/changedetection/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "changedetection" { + source = "../../modules/kubernetes/changedetection" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/changedetection/terragrunt.hcl b/stacks/changedetection/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/changedetection/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/city-guesser/main.tf b/stacks/city-guesser/main.tf new file mode 100644 index 00000000..70e5d965 --- /dev/null +++ b/stacks/city-guesser/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "city-guesser" { + source = "../../modules/kubernetes/city-guesser" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/city-guesser/terragrunt.hcl b/stacks/city-guesser/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/city-guesser/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/coturn/main.tf b/stacks/coturn/main.tf new file mode 100644 index 00000000..38be5240 --- /dev/null +++ b/stacks/coturn/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "coturn_turn_secret" { type = string } +variable "public_ip" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "coturn" { + source = "../../modules/kubernetes/coturn" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge + turn_secret = var.coturn_turn_secret + public_ip = var.public_ip +} diff --git a/stacks/coturn/terragrunt.hcl b/stacks/coturn/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/coturn/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/cyberchef/main.tf b/stacks/cyberchef/main.tf new file mode 100644 index 00000000..a331e2fa --- /dev/null +++ b/stacks/cyberchef/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "cyberchef" { + source = "../../modules/kubernetes/cyberchef" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/cyberchef/terragrunt.hcl b/stacks/cyberchef/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/cyberchef/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/dashy/main.tf b/stacks/dashy/main.tf new file mode 100644 index 00000000..ea12817f --- /dev/null +++ b/stacks/dashy/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "dashy" { + source = "../../modules/kubernetes/dashy" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/dashy/terragrunt.hcl b/stacks/dashy/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/dashy/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/dawarich/main.tf b/stacks/dawarich/main.tf new file mode 100644 index 00000000..7124910b --- /dev/null +++ b/stacks/dawarich/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "dawarich_database_password" { type = string } +variable "geoapify_api_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "dawarich" { + source = "../../modules/kubernetes/dawarich" + tls_secret_name = var.tls_secret_name + database_password = var.dawarich_database_password + geoapify_api_key = var.geoapify_api_key + tier = local.tiers.edge +} diff --git a/stacks/dawarich/terragrunt.hcl b/stacks/dawarich/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/dawarich/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/descheduler/main.tf b/stacks/descheduler/main.tf new file mode 100644 index 00000000..2a761e02 --- /dev/null +++ b/stacks/descheduler/main.tf @@ -0,0 +1,3 @@ +module "descheduler" { + source = "../../modules/kubernetes/descheduler" +} diff --git a/stacks/descheduler/terragrunt.hcl b/stacks/descheduler/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/descheduler/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/diun/main.tf b/stacks/diun/main.tf new file mode 100644 index 00000000..941d3fd3 --- /dev/null +++ b/stacks/diun/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "diun_nfty_token" { type = string } +variable "diun_slack_url" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "diun" { + source = "../../modules/kubernetes/diun" + tls_secret_name = var.tls_secret_name + diun_nfty_token = var.diun_nfty_token + diun_slack_url = var.diun_slack_url + tier = local.tiers.aux +} diff --git a/stacks/diun/terragrunt.hcl b/stacks/diun/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/diun/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/drone/main.tf b/stacks/drone/main.tf new file mode 100644 index 00000000..ae4d1206 --- /dev/null +++ b/stacks/drone/main.tf @@ -0,0 +1,27 @@ +variable "tls_secret_name" { type = string } +variable "drone_github_client_id" { type = string } +variable "drone_github_client_secret" { type = string } +variable "drone_rpc_secret" { type = string } +variable "drone_webhook_secret" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "drone" { + source = "../../modules/kubernetes/drone" + tls_secret_name = var.tls_secret_name + github_client_id = var.drone_github_client_id + github_client_secret = var.drone_github_client_secret + rpc_secret = var.drone_rpc_secret + webhook_secret = var.drone_webhook_secret + server_host = "drone.viktorbarzin.me" + server_proto = "https" + tier = local.tiers.edge +} diff --git a/stacks/drone/terragrunt.hcl b/stacks/drone/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/drone/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ebook2audiobook/main.tf b/stacks/ebook2audiobook/main.tf new file mode 100644 index 00000000..354a39a4 --- /dev/null +++ b/stacks/ebook2audiobook/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ebook2audiobook" { + source = "../../modules/kubernetes/ebook2audiobook" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu +} diff --git a/stacks/ebook2audiobook/terragrunt.hcl b/stacks/ebook2audiobook/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ebook2audiobook/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/echo/main.tf b/stacks/echo/main.tf new file mode 100644 index 00000000..9aab5baf --- /dev/null +++ b/stacks/echo/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "echo" { + source = "../../modules/kubernetes/echo" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/echo/terragrunt.hcl b/stacks/echo/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/echo/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/excalidraw/main.tf b/stacks/excalidraw/main.tf new file mode 100644 index 00000000..d2e4fcbc --- /dev/null +++ b/stacks/excalidraw/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "excalidraw" { + source = "../../modules/kubernetes/excalidraw" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/excalidraw/terragrunt.hcl b/stacks/excalidraw/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/excalidraw/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/f1-stream/main.tf b/stacks/f1-stream/main.tf new file mode 100644 index 00000000..8f939303 --- /dev/null +++ b/stacks/f1-stream/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "coturn_turn_secret" { type = string } +variable "public_ip" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "f1-stream" { + source = "../../modules/kubernetes/f1-stream" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + turn_secret = var.coturn_turn_secret + public_ip = var.public_ip +} diff --git a/stacks/f1-stream/terragrunt.hcl b/stacks/f1-stream/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/f1-stream/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/forgejo/main.tf b/stacks/forgejo/main.tf new file mode 100644 index 00000000..37c5fd1d --- /dev/null +++ b/stacks/forgejo/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "forgejo" { + source = "../../modules/kubernetes/forgejo" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/forgejo/terragrunt.hcl b/stacks/forgejo/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/forgejo/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/freedify/main.tf b/stacks/freedify/main.tf new file mode 100644 index 00000000..776f1059 --- /dev/null +++ b/stacks/freedify/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "freedify_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "freedify" { + source = "../../modules/kubernetes/freedify" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + additional_credentials = var.freedify_credentials +} diff --git a/stacks/freedify/terragrunt.hcl b/stacks/freedify/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/freedify/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/freshrss/main.tf b/stacks/freshrss/main.tf new file mode 100644 index 00000000..50ffe62f --- /dev/null +++ b/stacks/freshrss/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "freshrss" { + source = "../../modules/kubernetes/freshrss" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/freshrss/terragrunt.hcl b/stacks/freshrss/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/freshrss/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/frigate/main.tf b/stacks/frigate/main.tf new file mode 100644 index 00000000..e2cc8294 --- /dev/null +++ b/stacks/frigate/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "frigate" { + source = "../../modules/kubernetes/frigate" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu +} diff --git a/stacks/frigate/terragrunt.hcl b/stacks/frigate/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/frigate/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/grampsweb/main.tf b/stacks/grampsweb/main.tf new file mode 100644 index 00000000..c91e2494 --- /dev/null +++ b/stacks/grampsweb/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "mailserver_accounts" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "grampsweb" { + source = "../../modules/kubernetes/grampsweb" + tls_secret_name = var.tls_secret_name + smtp_password = var.mailserver_accounts["info@viktorbarzin.me"] + tier = local.tiers.aux +} diff --git a/stacks/grampsweb/terragrunt.hcl b/stacks/grampsweb/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/grampsweb/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/hackmd/main.tf b/stacks/hackmd/main.tf new file mode 100644 index 00000000..8ca1bcb4 --- /dev/null +++ b/stacks/hackmd/main.tf @@ -0,0 +1,19 @@ +variable "hackmd_db_password" { type = string } +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "hackmd" { + source = "../../modules/kubernetes/hackmd" + hackmd_db_password = var.hackmd_db_password + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/hackmd/terragrunt.hcl b/stacks/hackmd/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/hackmd/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/health/main.tf b/stacks/health/main.tf new file mode 100644 index 00000000..9dece505 --- /dev/null +++ b/stacks/health/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "health_postgresql_password" { type = string } +variable "health_secret_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "health" { + source = "../../modules/kubernetes/health" + tls_secret_name = var.tls_secret_name + postgresql_password = var.health_postgresql_password + secret_key = var.health_secret_key + tier = local.tiers.aux +} diff --git a/stacks/health/terragrunt.hcl b/stacks/health/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/health/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/homepage/main.tf b/stacks/homepage/main.tf new file mode 100644 index 00000000..da77e866 --- /dev/null +++ b/stacks/homepage/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "homepage" { + source = "../../modules/kubernetes/homepage" + tier = local.tiers.aux + tls_secret_name = var.tls_secret_name +} diff --git a/stacks/homepage/terragrunt.hcl b/stacks/homepage/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/homepage/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/immich/main.tf b/stacks/immich/main.tf new file mode 100644 index 00000000..1025b368 --- /dev/null +++ b/stacks/immich/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "immich_postgresql_password" { type = string } +variable "immich_frame_api_key" { type = string } +variable "homepage_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "immich" { + source = "../../modules/kubernetes/immich" + tls_secret_name = var.tls_secret_name + postgresql_password = var.immich_postgresql_password + frame_api_key = var.immich_frame_api_key + homepage_token = var.homepage_credentials["immich"]["token"] + tier = local.tiers.gpu +} diff --git a/stacks/immich/terragrunt.hcl b/stacks/immich/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/immich/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/isponsorblocktv/main.tf b/stacks/isponsorblocktv/main.tf new file mode 100644 index 00000000..ff1d19fb --- /dev/null +++ b/stacks/isponsorblocktv/main.tf @@ -0,0 +1,14 @@ +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "isponsorblocktv" { + source = "../../modules/kubernetes/isponsorblocktv" + tier = local.tiers.edge +} diff --git a/stacks/isponsorblocktv/terragrunt.hcl b/stacks/isponsorblocktv/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/isponsorblocktv/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/jsoncrack/main.tf b/stacks/jsoncrack/main.tf new file mode 100644 index 00000000..c312d30a --- /dev/null +++ b/stacks/jsoncrack/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "jsoncrack" { + source = "../../modules/kubernetes/jsoncrack" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/jsoncrack/terragrunt.hcl b/stacks/jsoncrack/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/jsoncrack/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/k8s-dashboard/main.tf b/stacks/k8s-dashboard/main.tf new file mode 100644 index 00000000..ccaf95e0 --- /dev/null +++ b/stacks/k8s-dashboard/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "client_certificate_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "k8s-dashboard" { + source = "../../modules/kubernetes/k8s-dashboard" + tier = local.tiers.cluster + tls_secret_name = var.tls_secret_name + client_certificate_secret_name = var.client_certificate_secret_name +} diff --git a/stacks/k8s-dashboard/terragrunt.hcl b/stacks/k8s-dashboard/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/k8s-dashboard/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/kms/main.tf b/stacks/kms/main.tf new file mode 100644 index 00000000..756d9608 --- /dev/null +++ b/stacks/kms/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "kms" { + source = "../../modules/kubernetes/kms" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/kms/terragrunt.hcl b/stacks/kms/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/kms/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/linkwarden/main.tf b/stacks/linkwarden/main.tf new file mode 100644 index 00000000..7f28b58f --- /dev/null +++ b/stacks/linkwarden/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "linkwarden_postgresql_password" { type = string } +variable "linkwarden_authentik_client_id" { type = string } +variable "linkwarden_authentik_client_secret" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "linkwarden" { + source = "../../modules/kubernetes/linkwarden" + tls_secret_name = var.tls_secret_name + postgresql_password = var.linkwarden_postgresql_password + authentik_client_id = var.linkwarden_authentik_client_id + authentik_client_secret = var.linkwarden_authentik_client_secret + tier = local.tiers.aux +} diff --git a/stacks/linkwarden/terragrunt.hcl b/stacks/linkwarden/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/linkwarden/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/matrix/main.tf b/stacks/matrix/main.tf new file mode 100644 index 00000000..5c3eec2e --- /dev/null +++ b/stacks/matrix/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "matrix" { + source = "../../modules/kubernetes/matrix" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/matrix/terragrunt.hcl b/stacks/matrix/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/matrix/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/meshcentral/main.tf b/stacks/meshcentral/main.tf new file mode 100644 index 00000000..673708dd --- /dev/null +++ b/stacks/meshcentral/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "meshcentral" { + source = "../../modules/kubernetes/meshcentral" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/meshcentral/terragrunt.hcl b/stacks/meshcentral/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/meshcentral/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/n8n/main.tf b/stacks/n8n/main.tf new file mode 100644 index 00000000..d53ec250 --- /dev/null +++ b/stacks/n8n/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "n8n_postgresql_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "n8n" { + source = "../../modules/kubernetes/n8n" + tls_secret_name = var.tls_secret_name + postgresql_password = var.n8n_postgresql_password + tier = local.tiers.aux +} diff --git a/stacks/n8n/terragrunt.hcl b/stacks/n8n/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/n8n/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/navidrome/main.tf b/stacks/navidrome/main.tf new file mode 100644 index 00000000..95f11b1c --- /dev/null +++ b/stacks/navidrome/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "navidrome" { + source = "../../modules/kubernetes/navidrome" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/navidrome/terragrunt.hcl b/stacks/navidrome/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/navidrome/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/netbox/main.tf b/stacks/netbox/main.tf new file mode 100644 index 00000000..f96914e0 --- /dev/null +++ b/stacks/netbox/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "netbox" { + source = "../../modules/kubernetes/netbox" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/netbox/terragrunt.hcl b/stacks/netbox/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/netbox/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/networking-toolbox/main.tf b/stacks/networking-toolbox/main.tf new file mode 100644 index 00000000..2db7624d --- /dev/null +++ b/stacks/networking-toolbox/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "networking-toolbox" { + source = "../../modules/kubernetes/networking-toolbox" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/networking-toolbox/terragrunt.hcl b/stacks/networking-toolbox/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/networking-toolbox/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/nextcloud/main.tf b/stacks/nextcloud/main.tf new file mode 100644 index 00000000..dace9617 --- /dev/null +++ b/stacks/nextcloud/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "nextcloud_db_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "nextcloud" { + source = "../../modules/kubernetes/nextcloud" + tls_secret_name = var.tls_secret_name + db_password = var.nextcloud_db_password + tier = local.tiers.edge +} diff --git a/stacks/nextcloud/terragrunt.hcl b/stacks/nextcloud/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/nextcloud/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ntfy/main.tf b/stacks/ntfy/main.tf new file mode 100644 index 00000000..171cfca8 --- /dev/null +++ b/stacks/ntfy/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ntfy" { + source = "../../modules/kubernetes/ntfy" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/ntfy/terragrunt.hcl b/stacks/ntfy/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ntfy/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ollama/main.tf b/stacks/ollama/main.tf new file mode 100644 index 00000000..872c9b6f --- /dev/null +++ b/stacks/ollama/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "ollama_api_credentials" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ollama" { + source = "../../modules/kubernetes/ollama" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu + ollama_api_credentials = var.ollama_api_credentials +} diff --git a/stacks/ollama/terragrunt.hcl b/stacks/ollama/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ollama/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/onlyoffice/main.tf b/stacks/onlyoffice/main.tf new file mode 100644 index 00000000..115a58ef --- /dev/null +++ b/stacks/onlyoffice/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "onlyoffice_db_password" { type = string } +variable "onlyoffice_jwt_token" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "onlyoffice" { + source = "../../modules/kubernetes/onlyoffice" + tls_secret_name = var.tls_secret_name + db_password = var.onlyoffice_db_password + jwt_token = var.onlyoffice_jwt_token + tier = local.tiers.edge +} diff --git a/stacks/onlyoffice/terragrunt.hcl b/stacks/onlyoffice/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/onlyoffice/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/openclaw/main.tf b/stacks/openclaw/main.tf new file mode 100644 index 00000000..17f5a532 --- /dev/null +++ b/stacks/openclaw/main.tf @@ -0,0 +1,29 @@ +variable "tls_secret_name" { type = string } +variable "openclaw_ssh_key" { type = string } +variable "openclaw_skill_secrets" { type = map(string) } +variable "gemini_api_key" { type = string } +variable "llama_api_key" { type = string } +variable "brave_api_key" { type = string } +variable "modal_api_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "openclaw" { + source = "../../modules/kubernetes/openclaw" + tls_secret_name = var.tls_secret_name + ssh_key = var.openclaw_ssh_key + skill_secrets = var.openclaw_skill_secrets + gemini_api_key = var.gemini_api_key + llama_api_key = var.llama_api_key + brave_api_key = var.brave_api_key + modal_api_key = var.modal_api_key + tier = local.tiers.aux +} diff --git a/stacks/openclaw/terragrunt.hcl b/stacks/openclaw/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/openclaw/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/osm_routing/main.tf b/stacks/osm_routing/main.tf new file mode 100644 index 00000000..f3664fef --- /dev/null +++ b/stacks/osm_routing/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "osm_routing" { + source = "../../modules/kubernetes/osm-routing" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/osm_routing/terragrunt.hcl b/stacks/osm_routing/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/osm_routing/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/owntracks/main.tf b/stacks/owntracks/main.tf new file mode 100644 index 00000000..9a1b17c3 --- /dev/null +++ b/stacks/owntracks/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "owntracks_credentials" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "owntracks" { + source = "../../modules/kubernetes/owntracks" + tls_secret_name = var.tls_secret_name + owntracks_credentials = var.owntracks_credentials + tier = local.tiers.aux +} diff --git a/stacks/owntracks/terragrunt.hcl b/stacks/owntracks/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/owntracks/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/paperless-ngx/main.tf b/stacks/paperless-ngx/main.tf new file mode 100644 index 00000000..df02e87e --- /dev/null +++ b/stacks/paperless-ngx/main.tf @@ -0,0 +1,22 @@ +variable "tls_secret_name" { type = string } +variable "paperless_db_password" { type = string } +variable "homepage_credentials" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "paperless-ngx" { + source = "../../modules/kubernetes/paperless-ngx" + tls_secret_name = var.tls_secret_name + db_password = var.paperless_db_password + homepage_username = var.homepage_credentials["paperless-ngx"]["username"] + homepage_password = var.homepage_credentials["paperless-ngx"]["password"] + tier = local.tiers.edge +} diff --git a/stacks/paperless-ngx/terragrunt.hcl b/stacks/paperless-ngx/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/paperless-ngx/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/plotting-book/main.tf b/stacks/plotting-book/main.tf new file mode 100644 index 00000000..c3f77857 --- /dev/null +++ b/stacks/plotting-book/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "plotting-book" { + source = "../../modules/kubernetes/plotting-book" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/plotting-book/terragrunt.hcl b/stacks/plotting-book/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/plotting-book/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/privatebin/main.tf b/stacks/privatebin/main.tf new file mode 100644 index 00000000..c885ae07 --- /dev/null +++ b/stacks/privatebin/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "privatebin" { + source = "../../modules/kubernetes/privatebin" + tls_secret_name = var.tls_secret_name + tier = local.tiers.edge +} diff --git a/stacks/privatebin/terragrunt.hcl b/stacks/privatebin/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/privatebin/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/real-estate-crawler/main.tf b/stacks/real-estate-crawler/main.tf new file mode 100644 index 00000000..e17f6091 --- /dev/null +++ b/stacks/real-estate-crawler/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "realestate_crawler_db_password" { type = string } +variable "realestate_crawler_notification_settings" { type = map(string) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "real-estate-crawler" { + source = "../../modules/kubernetes/real-estate-crawler" + tls_secret_name = var.tls_secret_name + db_password = var.realestate_crawler_db_password + notification_settings = var.realestate_crawler_notification_settings + tier = local.tiers.aux +} diff --git a/stacks/real-estate-crawler/terragrunt.hcl b/stacks/real-estate-crawler/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/real-estate-crawler/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/reloader/main.tf b/stacks/reloader/main.tf new file mode 100644 index 00000000..ab9be77b --- /dev/null +++ b/stacks/reloader/main.tf @@ -0,0 +1,14 @@ +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "reloader" { + source = "../../modules/kubernetes/reloader" + tier = local.tiers.aux +} diff --git a/stacks/reloader/terragrunt.hcl b/stacks/reloader/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/reloader/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/resume/main.tf b/stacks/resume/main.tf new file mode 100644 index 00000000..990dda90 --- /dev/null +++ b/stacks/resume/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "resume_database_url" { type = string } +variable "resume_auth_secret" { type = string } +variable "mailserver_accounts" { type = map(any) } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "resume" { + source = "../../modules/kubernetes/resume" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + database_url = var.resume_database_url + auth_secret = var.resume_auth_secret + smtp_password = var.mailserver_accounts["info@viktorbarzin.me"] +} diff --git a/stacks/resume/terragrunt.hcl b/stacks/resume/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/resume/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/rybbit/main.tf b/stacks/rybbit/main.tf new file mode 100644 index 00000000..4bea7369 --- /dev/null +++ b/stacks/rybbit/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "clickhouse_password" { type = string } +variable "clickhouse_postgres_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "rybbit" { + source = "../../modules/kubernetes/rybbit" + tls_secret_name = var.tls_secret_name + clickhouse_password = var.clickhouse_password + postgres_password = var.clickhouse_postgres_password + tier = local.tiers.aux +} diff --git a/stacks/rybbit/terragrunt.hcl b/stacks/rybbit/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/rybbit/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/send/main.tf b/stacks/send/main.tf new file mode 100644 index 00000000..bbd9d21d --- /dev/null +++ b/stacks/send/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "send" { + source = "../../modules/kubernetes/send" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/send/terragrunt.hcl b/stacks/send/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/send/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/servarr/main.tf b/stacks/servarr/main.tf new file mode 100644 index 00000000..dba981fa --- /dev/null +++ b/stacks/servarr/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "aiostreams_database_connection_string" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "servarr" { + source = "../../modules/kubernetes/servarr" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + aiostreams_database_connection_string = var.aiostreams_database_connection_string +} diff --git a/stacks/servarr/terragrunt.hcl b/stacks/servarr/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/servarr/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/shadowsocks/main.tf b/stacks/shadowsocks/main.tf new file mode 100644 index 00000000..881f1b8d --- /dev/null +++ b/stacks/shadowsocks/main.tf @@ -0,0 +1,17 @@ +variable "shadowsocks_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "shadowsocks" { + source = "../../modules/kubernetes/shadowsocks" + password = var.shadowsocks_password + tier = local.tiers.edge +} diff --git a/stacks/shadowsocks/terragrunt.hcl b/stacks/shadowsocks/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/shadowsocks/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/speedtest/main.tf b/stacks/speedtest/main.tf new file mode 100644 index 00000000..cf1c73ee --- /dev/null +++ b/stacks/speedtest/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "speedtest_db_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "speedtest" { + source = "../../modules/kubernetes/speedtest" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + db_password = var.speedtest_db_password +} diff --git a/stacks/speedtest/terragrunt.hcl b/stacks/speedtest/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/speedtest/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/stirling-pdf/main.tf b/stacks/stirling-pdf/main.tf new file mode 100644 index 00000000..3005ea2f --- /dev/null +++ b/stacks/stirling-pdf/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "stirling-pdf" { + source = "../../modules/kubernetes/stirling-pdf" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/stirling-pdf/terragrunt.hcl b/stacks/stirling-pdf/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/stirling-pdf/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/tandoor/main.tf b/stacks/tandoor/main.tf new file mode 100644 index 00000000..cfa19b43 --- /dev/null +++ b/stacks/tandoor/main.tf @@ -0,0 +1,21 @@ +variable "tls_secret_name" { type = string } +variable "tandoor_database_password" { type = string } +variable "tandoor_email_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "tandoor" { + source = "../../modules/kubernetes/tandoor" + tls_secret_name = var.tls_secret_name + tandoor_database_password = var.tandoor_database_password + tandoor_email_password = var.tandoor_email_password + tier = local.tiers.aux +} diff --git a/stacks/tandoor/terragrunt.hcl b/stacks/tandoor/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/tandoor/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/tor-proxy/main.tf b/stacks/tor-proxy/main.tf new file mode 100644 index 00000000..303d9699 --- /dev/null +++ b/stacks/tor-proxy/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "tor-proxy" { + source = "../../modules/kubernetes/tor-proxy" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/tor-proxy/terragrunt.hcl b/stacks/tor-proxy/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/tor-proxy/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/travel_blog/main.tf b/stacks/travel_blog/main.tf new file mode 100644 index 00000000..4b978820 --- /dev/null +++ b/stacks/travel_blog/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "travel_blog" { + source = "../../modules/kubernetes/travel_blog" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux +} diff --git a/stacks/travel_blog/terragrunt.hcl b/stacks/travel_blog/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/travel_blog/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/tuya-bridge/main.tf b/stacks/tuya-bridge/main.tf new file mode 100644 index 00000000..39b8efb0 --- /dev/null +++ b/stacks/tuya-bridge/main.tf @@ -0,0 +1,25 @@ +variable "tls_secret_name" { type = string } +variable "tiny_tuya_api_key" { type = string } +variable "tiny_tuya_api_secret" { type = string } +variable "tiny_tuya_service_secret" { type = string } +variable "tiny_tuya_slack_url" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "tuya-bridge" { + source = "../../modules/kubernetes/tuya-bridge" + tls_secret_name = var.tls_secret_name + tier = local.tiers.cluster + tiny_tuya_api_key = var.tiny_tuya_api_key + tiny_tuya_api_secret = var.tiny_tuya_api_secret + tiny_tuya_service_secret = var.tiny_tuya_service_secret + slack_url = var.tiny_tuya_slack_url +} diff --git a/stacks/tuya-bridge/terragrunt.hcl b/stacks/tuya-bridge/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/tuya-bridge/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/url/main.tf b/stacks/url/main.tf new file mode 100644 index 00000000..c4479290 --- /dev/null +++ b/stacks/url/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "url_shortener_geolite_license_key" { type = string } +variable "url_shortener_api_key" { type = string } +variable "url_shortener_mysql_password" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "url" { + source = "../../modules/kubernetes/url-shortener" + tls_secret_name = var.tls_secret_name + geolite_license_key = var.url_shortener_geolite_license_key + api_key = var.url_shortener_api_key + mysql_password = var.url_shortener_mysql_password + tier = local.tiers.aux +} diff --git a/stacks/url/terragrunt.hcl b/stacks/url/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/url/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/wealthfolio/main.tf b/stacks/wealthfolio/main.tf new file mode 100644 index 00000000..a0a006af --- /dev/null +++ b/stacks/wealthfolio/main.tf @@ -0,0 +1,19 @@ +variable "tls_secret_name" { type = string } +variable "wealthfolio_password_hash" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "wealthfolio" { + source = "../../modules/kubernetes/wealthfolio" + tls_secret_name = var.tls_secret_name + wealthfolio_password_hash = var.wealthfolio_password_hash + tier = local.tiers.aux +} diff --git a/stacks/wealthfolio/terragrunt.hcl b/stacks/wealthfolio/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/wealthfolio/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/webhook_handler/main.tf b/stacks/webhook_handler/main.tf new file mode 100644 index 00000000..3ac6c8c9 --- /dev/null +++ b/stacks/webhook_handler/main.tf @@ -0,0 +1,31 @@ +variable "tls_secret_name" { type = string } +variable "webhook_handler_secret" { type = string } +variable "webhook_handler_fb_verify_token" { type = string } +variable "webhook_handler_fb_page_token" { type = string } +variable "webhook_handler_fb_app_secret" { type = string } +variable "webhook_handler_git_user" { type = string } +variable "webhook_handler_git_token" { type = string } +variable "webhook_handler_ssh_key" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "webhook_handler" { + source = "../../modules/kubernetes/webhook_handler" + tls_secret_name = var.tls_secret_name + webhook_secret = var.webhook_handler_secret + fb_verify_token = var.webhook_handler_fb_verify_token + fb_page_token = var.webhook_handler_fb_page_token + fb_app_secret = var.webhook_handler_fb_app_secret + git_user = var.webhook_handler_git_user + git_token = var.webhook_handler_git_token + ssh_key = var.webhook_handler_ssh_key + tier = local.tiers.aux +} diff --git a/stacks/webhook_handler/terragrunt.hcl b/stacks/webhook_handler/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/webhook_handler/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/whisper/main.tf b/stacks/whisper/main.tf new file mode 100644 index 00000000..b9a38083 --- /dev/null +++ b/stacks/whisper/main.tf @@ -0,0 +1,17 @@ +variable "tls_secret_name" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "whisper" { + source = "../../modules/kubernetes/whisper" + tls_secret_name = var.tls_secret_name + tier = local.tiers.gpu +} diff --git a/stacks/whisper/terragrunt.hcl b/stacks/whisper/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/whisper/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +} diff --git a/stacks/ytdlp/main.tf b/stacks/ytdlp/main.tf new file mode 100644 index 00000000..d5fc3224 --- /dev/null +++ b/stacks/ytdlp/main.tf @@ -0,0 +1,23 @@ +variable "tls_secret_name" { type = string } +variable "openrouter_api_key" { type = string } +variable "slack_bot_token" { type = string } +variable "slack_channel" { type = string } + +locals { + tiers = { + core = "0-core" + cluster = "1-cluster" + gpu = "2-gpu" + edge = "3-edge" + aux = "4-aux" + } +} + +module "ytdlp" { + source = "../../modules/kubernetes/youtube_dl" + tls_secret_name = var.tls_secret_name + tier = local.tiers.aux + openrouter_api_key = var.openrouter_api_key + slack_bot_token = var.slack_bot_token + slack_channel = var.slack_channel +} diff --git a/stacks/ytdlp/terragrunt.hcl b/stacks/ytdlp/terragrunt.hcl new file mode 100644 index 00000000..0d1c8e53 --- /dev/null +++ b/stacks/ytdlp/terragrunt.hcl @@ -0,0 +1,8 @@ +include "root" { + path = find_in_parent_folders() +} + +dependency "platform" { + config_path = "../platform" + skip_outputs = true +}