From 4f2a5b2cb465c4d020675f693e7ffa588c75a8fb Mon Sep 17 00:00:00 2001
From: Nemo <commits@captnemo.in>
Date: Mon, 26 Dec 2022 13:19:00 +0530
Subject: [PATCH] Additional Mastodon secrets

---
 main.tf            |  5 +++++
 secrets.tf         | 17 +++++++++++++++++
 mastodon/locals.tf | 22 ++++++++++++++++++++++
 mastodon/vars.tf   | 15 +++++++++++++++
 4 files changed, 57 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index b6058be..f6cf3cc 100644
--- a/main.tf
+++ a/main.tf
@@ -94,6 +94,11 @@
 module "mastodon" {
   source = "./mastodon"
   db-password = data.pass_password.mastodon-db-password.password
+  secret-key-base = data.pass_password.mastodon-secret-key-base.password
+  otp-secret = data.pass_password.mastodon-otp-secret.password
+  vapid-private-key = data.pass_password.mastodon-vapid-private-key.password
+  vapid-public-key = data.pass_password.mastodon-vapid-public-key.password
+  smtp-password = data.pass_password.mastodon-smtp-password.password
 }
 
 // Used to force access to ISP related resources
diff --git a/secrets.tf b/secrets.tf
index 5bcb3ce..44d2f20 100644
--- a/secrets.tf
+++ a/secrets.tf
@@ -176,8 +176,21 @@
   path = "Nebula/navidrome-spotify-secret"
 }
 
-
-
 data "pass_password" "mastodon-db-password" {
   path = "Nebula/MASTODON_DB_PASSWORD"
+}
+data "pass_password" "mastodon-secret-key-base" {
+  path = "Nebula/MASTODON_SECRET_KEY_BASE"
+}
+data "pass_password" "mastodon-otp-secret" {
+  path = "Nebula/MASTODON_OTP_SECRET"
+}
+data "pass_password" "mastodon-vapid-private-key" {
+  path = "Nebula/MASTODON_VAPID_PRIVATE_KEY"
+}
+data "pass_password" "mastodon-vapid-public-key" {
+  path = "Nebula/MASTODON_VAPID_PUBLIC_KEY"
+}
+data "pass_password" "mastodon-smtp-password" {
+  path = "Nebula/MASTODON_SMTP_PASSWORD"
 }
diff --git a/mastodon/locals.tf b/mastodon/locals.tf
new file mode 100644
index 0000000..10d6f84 100644
--- /dev/null
+++ a/mastodon/locals.tf
@@ -1,0 +1,22 @@
+locals {
+  env = [
+    "LOCAL_DOMAIN=tatooine.club",
+    "REDIS_HOST=mastodon-redis",
+    "REDIS_PORT=6379",
+    "DB_HOST=postgres",
+    "DB_USER=mastodon",
+    "DB_NAME=mastodon",
+    "DB_PASS=${var.db-password}",
+    "DB_PORT=5432",
+    "ES_ENABLED=false",
+    "SECRET_KEY_BASE=${var.secret-key-base}",
+    "OTP_SECRET=${var.otp-secret}",
+    "VAPID_PRIVATE_KEY=${var.vapid-private-key}",
+    "VAPID_PUBLIC_KEY=${var.vapid-public-key}",
+    "SMTP_SERVER=smtp.eu.mailgun.org",
+    "SMTP_PORT=587",
+    "SMTP_LOGIN=mastodon@mail.tatooine.club",
+    "SMTP_PASSWORD=${var.smtp-password}",
+    "SMTP_FROM_ADDRESS=mastodon@mail.tatooine.club",
+  ]
+}
diff --git a/mastodon/vars.tf b/mastodon/vars.tf
index f47eb44..93e8c94 100644
--- a/mastodon/vars.tf
+++ a/mastodon/vars.tf
@@ -1,3 +1,18 @@
 variable "db-password" {
 	type = string
 }
+variable "secret-key-base" {
+  type = string
+}
+variable "otp-secret" {
+  type = string
+}
+variable "vapid-private-key" {
+  type = string
+}
+variable "vapid-public-key" {
+  type = string
+}
+variable "smtp-password" {
+  type = string
+}
--
rgit 0.1.5