🏡 index : github.com/captn3m0/nebula.git

author Nemo <commits@captnemo.in> 2022-12-26 13:19:00.0 +05:30:00
committer Nemo <commits@captnemo.in> 2022-12-26 13:19:00.0 +05:30:00
commit
4f2a5b2cb465c4d020675f693e7ffa588c75a8fb [patch]
tree
05ef83cd2447e55294d933e45056a39f530a6471
parent
ecaacaf3a5a6ac97ff14505239d103d98d91db61
download
4f2a5b2cb465c4d020675f693e7ffa588c75a8fb.tar.gz

Additional Mastodon secrets



Diff

 main.tf            |  5 +++++
 secrets.tf         | 17 +++++++++++++++++
 mastodon/locals.tf | 22 ++++++++++++++++++++++
 mastodon/vars.tf   | 15 +++++++++++++++
 4 files changed, 57 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index b6058be..f6cf3cc 100644
--- a/main.tf
+++ a/main.tf
@@ -94,6 +94,11 @@
module "mastodon" {

  source = "./mastodon"
  db-password = data.pass_password.mastodon-db-password.password
  secret-key-base = data.pass_password.mastodon-secret-key-base.password
  otp-secret = data.pass_password.mastodon-otp-secret.password
  vapid-private-key = data.pass_password.mastodon-vapid-private-key.password
  vapid-public-key = data.pass_password.mastodon-vapid-public-key.password
  smtp-password = data.pass_password.mastodon-smtp-password.password
}

// Used to force access to ISP related resources
diff --git a/secrets.tf b/secrets.tf
index 5bcb3ce..44d2f20 100644
--- a/secrets.tf
+++ a/secrets.tf
@@ -176,8 +176,21 @@
  path = "Nebula/navidrome-spotify-secret"
}



data "pass_password" "mastodon-db-password" {

  path = "Nebula/MASTODON_DB_PASSWORD"
}
data "pass_password" "mastodon-secret-key-base" {

  path = "Nebula/MASTODON_SECRET_KEY_BASE"
}
data "pass_password" "mastodon-otp-secret" {

  path = "Nebula/MASTODON_OTP_SECRET"
}
data "pass_password" "mastodon-vapid-private-key" {

  path = "Nebula/MASTODON_VAPID_PRIVATE_KEY"
}
data "pass_password" "mastodon-vapid-public-key" {

  path = "Nebula/MASTODON_VAPID_PUBLIC_KEY"
}
data "pass_password" "mastodon-smtp-password" {

  path = "Nebula/MASTODON_SMTP_PASSWORD"
}
diff --git a/mastodon/locals.tf b/mastodon/locals.tf
new file mode 100644
index 0000000..10d6f84 100644
--- /dev/null
+++ a/mastodon/locals.tf
@@ -1,0 +1,22 @@
locals {

  env = [

    "LOCAL_DOMAIN=tatooine.club",
    "REDIS_HOST=mastodon-redis",
    "REDIS_PORT=6379",
    "DB_HOST=postgres",
    "DB_USER=mastodon",
    "DB_NAME=mastodon",
    "DB_PASS=${var.db-password}",
    "DB_PORT=5432",
    "ES_ENABLED=false",
    "SECRET_KEY_BASE=${var.secret-key-base}",
    "OTP_SECRET=${var.otp-secret}",
    "VAPID_PRIVATE_KEY=${var.vapid-private-key}",
    "VAPID_PUBLIC_KEY=${var.vapid-public-key}",
    "SMTP_SERVER=smtp.eu.mailgun.org",
    "SMTP_PORT=587",
    "SMTP_LOGIN=mastodon@mail.tatooine.club",
    "SMTP_PASSWORD=${var.smtp-password}",
    "SMTP_FROM_ADDRESS=mastodon@mail.tatooine.club",
  ]
}
diff --git a/mastodon/vars.tf b/mastodon/vars.tf
index f47eb44..93e8c94 100644
--- a/mastodon/vars.tf
+++ a/mastodon/vars.tf
@@ -1,3 +1,18 @@
variable "db-password" {

	type = string
}
variable "secret-key-base" {

  type = string
}
variable "otp-secret" {

  type = string
}
variable "vapid-private-key" {

  type = string
}
variable "vapid-public-key" {

  type = string
}
variable "smtp-password" {

  type = string
}