r/ouranos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
808a775ebe3c2eb0d8a035be86dff1576cb91329
ouranos/terraform/storage.tf

127 lines
4.1 KiB
HCL
Raw Blame History

# Storage Resources for Ouranos Containers
# Provisions Incus storage volumes and S3 buckets with access keys
# Storage volume for Nextcloud data
resource "incus_storage_volume" "nextcloud_data" {
name = "nextcloud-data"
pool = var.storage_pool
project = var.project_name
config = {
size = "100GB"
}
}
# S3 bucket for Lobechat file storage
resource "incus_storage_bucket" "lobechat" {
name = "lobechat"
pool = var.storage_pool
project = var.project_name
description = "Lobechat file storage bucket"
}
# Access key for Lobechat S3 bucket
resource "incus_storage_bucket_key" "lobechat_key" {
name = "lobechat-access"
pool = incus_storage_bucket.lobechat.pool
storage_bucket = incus_storage_bucket.lobechat.name
project = var.project_name
role = "admin"
}
# S3 bucket for Casdoor file storage
resource "incus_storage_bucket" "casdoor" {
name = "casdoor"
pool = var.storage_pool
project = var.project_name
description = "Casdoor file storage bucket"
}
# Access key for Casdoor S3 bucket
resource "incus_storage_bucket_key" "casdoor_key" {
name = "casdoor-access"
pool = incus_storage_bucket.casdoor.pool
storage_bucket = incus_storage_bucket.casdoor.name
project = var.project_name
role = "admin"
}
# S3 bucket for Spelunker file storage
resource "incus_storage_bucket" "spelunker" {
name = "spelunker"
pool = var.storage_pool
project = var.project_name
description = "Spelunker file storage bucket"
}
# Access key for Spelunker S3 bucket
resource "incus_storage_bucket_key" "spelunker_key" {
name = "spelunker-access"
pool = incus_storage_bucket.spelunker.pool
storage_bucket = incus_storage_bucket.spelunker.name
project = var.project_name
role = "admin"
}
# S3 bucket for Daedalus file storage
resource "incus_storage_bucket" "daedalus" {
name = "daedalus"
pool = var.storage_pool
project = var.project_name
description = "Daedalus file storage bucket"
}
# Access key for Daedalus S3 bucket
resource "incus_storage_bucket_key" "daedalus_key" {
name = "daedalus-access"
pool = incus_storage_bucket.daedalus.pool
storage_bucket = incus_storage_bucket.daedalus.name
project = var.project_name
role = "admin"
}
# Outputs for S3 credentials (to be stored in Ansible vault)
output "lobechat_s3_credentials" {
description = "Lobechat S3 bucket credentials - store in vault as vault_lobechat_s3_*"
value = {
bucket = incus_storage_bucket.lobechat.name
access_key = incus_storage_bucket_key.lobechat_key.access_key
secret_key = incus_storage_bucket_key.lobechat_key.secret_key
endpoint = "https://${incus_storage_bucket.lobechat.location}"
}
sensitive = true
}
output "casdoor_s3_credentials" {
description = "Casdoor S3 bucket credentials - store in vault as vault_casdoor_s3_*"
value = {
bucket = incus_storage_bucket.casdoor.name
access_key = incus_storage_bucket_key.casdoor_key.access_key
secret_key = incus_storage_bucket_key.casdoor_key.secret_key
endpoint = "https://${incus_storage_bucket.casdoor.location}"
}
sensitive = true
}
output "spelunker_s3_credentials" {
description = "Spelunker S3 bucket credentials - store in vault as vault_spelunker_s3_*"
value = {
bucket = incus_storage_bucket.spelunker.name
access_key = incus_storage_bucket_key.spelunker_key.access_key
secret_key = incus_storage_bucket_key.spelunker_key.secret_key
endpoint = "https://${incus_storage_bucket.spelunker.location}"
}
sensitive = true
}
output "daedalus_s3_credentials" {
description = "Daedalus S3 bucket credentials - store in vault as vault_daedalus_s3_*"
value = {
bucket = incus_storage_bucket.daedalus.name
access_key = incus_storage_bucket_key.daedalus_key.access_key
secret_key = incus_storage_bucket_key.daedalus_key.secret_key
endpoint = "https://${incus_storage_bucket.daedalus.location}"
}
sensitive = true
}
Reference in New Issue View Git Blame Copy Permalink