shockrah/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: shockrah:37305fd74e0f457d333cff88e7ae6518f5d912f9
Branches Tags
shockrah:master shockrah:fix/ansible-workflows
..
compare: shockrah:79cb4eb1a6dbf414ad6419dc6adaf664caf87e8a
Branches Tags
shockrah:master shockrah:fix/ansible-workflows

3 Commits
37305fd74e ... 79cb4eb1a6

Author SHA1 Message Date
shockrah
79cb4eb1a6 Cleaning up unused code
Some checks failed
Ansible Linting / ansible-lint (push) Failing after 4s
Details
Secops Linting and Safety Checks / checkov-scan-s3 (push) Failing after 18s
Details
2026-01-07 00:02:11 -08:00
shockrah
e8817fe093 Adding wiki to DNS and opening it up on the ingress for public read access 2026-01-06 19:12:31 -08:00
shockrah
97bffd2042 Adding note regarding git.shockrah.xyz & code.shockrah.xyz 2026-01-06 19:06:23 -08:00
6 changed files with 8 additions and 37 deletions
Expand all files Collapse all files

1
infra/dns/shockrah-xyz.tf
View File

@@ -40,6 +40,7 @@ locals {
{ name = "sanity.shockrah.xyz", records = [ var.vke_lb ] }, { name = "sanity.shockrah.xyz", records = [ var.vke_lb ] },
{ name = "uptime.shockrah.xyz", records = [ var.vke_lb ] }, { name = "uptime.shockrah.xyz", records = [ var.vke_lb ] },
{ name = "code.shockrah.xyz", records = [ var.vke_lb ] }, { name = "code.shockrah.xyz", records = [ var.vke_lb ] },
{ name = "wiki.shockrah.xyz", records = [ var.vke_lb ] },
] ]
} }

13
infra/vultr-kubernetes/firewall.tf
View File

@@ -8,16 +8,3 @@
# port = each.value # port = each.value
# } # }
resource vultr_firewall_group bastion {
description = "For connections into and out of the bastion host"
}
resource vultr_firewall_rule bastion_inbound {
firewall_group_id = vultr_firewall_group.bastion.id
protocol = "tcp"
ip_type = "v4"
subnet = "0.0.0.0"
subnet_size = 0
port = 22
}

3
infra/vultr-kubernetes/git.tf
View File

@@ -1,3 +1,6 @@
# NOTE: this is a simple deployment for demo purposes only.
# Currently it does support SSH access and lacks Gitea runners.
# However a fully working setup can be found at: https://git.shockrah.xyz
resource kubernetes_deployment gitea { resource kubernetes_deployment gitea {
metadata { metadata {
name = "gitea" name = "gitea"

4
infra/vultr-kubernetes/ingress.tf
View File

@@ -3,6 +3,7 @@ locals {
code = kubernetes_service.gitea code = kubernetes_service.gitea
sanity = kubernetes_service.health sanity = kubernetes_service.health
uptime = kubernetes_service.kuma uptime = kubernetes_service.kuma
wiki = kubernetes_service.otterwiki
} }
} }
resource kubernetes_ingress_v1 health { resource kubernetes_ingress_v1 health {
@@ -20,7 +21,8 @@ resource kubernetes_ingress_v1 health {
hosts = [ hosts = [
"sanity.shockrah.xyz", "sanity.shockrah.xyz",
"uptime.shockrah.xyz", "uptime.shockrah.xyz",
"code.shockrah.xyz" "code.shockrah.xyz",
"wiki.shockrah.xyz"
] ]
secret_name = "shockrah" secret_name = "shockrah"
} }

14
infra/vultr-kubernetes/variables.tf
View File

@@ -40,22 +40,10 @@ variable cluster {
variable playground { variable playground {
type = object({ type = object({
namespace = string namespace = string
health = object({ # TODO: Re-incorporate this var for templating later
dns = string
})
tls = object({ tls = object({
email = string email = string
}) })
}) })
} }
variable bastion {
type = object({
plan = string
os = string
label = string
})
}

10
infra/vultr-kubernetes/variables.tfvars
View File

@@ -18,17 +18,7 @@ playground = {
namespace = "playground" namespace = "playground"
# Sanity check service that is used purely for the sake of ensuring # Sanity check service that is used purely for the sake of ensuring
# things are ( at a basic level ) functional # things are ( at a basic level ) functional
health = {
dns = "health"
}
tls = { tls = {
email = "dev@shockrah.xyz" email = "dev@shockrah.xyz"
} }
} }
bastion = {
plan = "vc2-1c-2gb"
label = "bastion"
os = "1743"
}