f0fd9b48d9
- Update terraform main.tf and variables.tf for infrastructure changes - Modify stackscripts/essentials.sh provisioning - Adjust setup script for deployment workflow Note: Includes various infrastructure hardening and configuration updates
166 lines
2.9 KiB
HCL
166 lines
2.9 KiB
HCL
variable "linode_token" {
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "region" {
|
|
type = string
|
|
default = "ca-central"
|
|
}
|
|
|
|
variable "instance_type" {
|
|
type = string
|
|
default = "g6-nanode-1"
|
|
}
|
|
|
|
variable "image" {
|
|
type = string
|
|
default = "linode/debian13"
|
|
}
|
|
|
|
variable "ssh_public_key" {
|
|
type = string
|
|
}
|
|
|
|
variable "root_pass" {
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "web_label" {
|
|
type = string
|
|
default = "web"
|
|
}
|
|
|
|
variable "services_label" {
|
|
type = string
|
|
default = "services"
|
|
}
|
|
|
|
variable "user" {
|
|
type = string
|
|
default = "ansible"
|
|
}
|
|
|
|
variable "user_password" {
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "group" {
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "ssh_port" {
|
|
type = number
|
|
default = 22
|
|
}
|
|
|
|
variable "timezone" {
|
|
type = string
|
|
default = "America/Toronto"
|
|
}
|
|
|
|
variable "add_cloudflare_ips" {
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "cloudflare_api_token" {
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "cloudflare_zone_id" {
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "enable_cloudflare_dns" {
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "enable_services_wildcard" {
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "cloudflare_ttl" {
|
|
type = number
|
|
default = 300
|
|
}
|
|
|
|
variable "cloudflare_proxied" {
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "object_storage_bucket" {
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "object_storage_region" {
|
|
type = string
|
|
default = "us-east-1"
|
|
}
|
|
|
|
variable "dkim_hostname" {
|
|
description = "DKIM record hostname including _domainkey suffix (e.g., 'default._domainkey')"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "dkim_value" {
|
|
description = "DKIM public key base64 value (without v=DKIM1; k=rsa; p= prefix)"
|
|
type = string
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
variable "return_path_target" {
|
|
description = "Return path CNAME target for bounce handling"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "dmarc_rua_email" {
|
|
description = "Email address for DMARC aggregate reports"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "tf_state_bucket" {
|
|
description = "S3 bucket for Terraform state storage (e.g., mybucket)"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "tf_state_region" {
|
|
description = "S3 region for Terraform state storage"
|
|
type = string
|
|
default = "us-east-1"
|
|
}
|
|
|
|
variable "tf_state_endpoint" {
|
|
description = "S3-compatible endpoint for Terraform state (e.g., https://us-east-1.linodeobjects.com)"
|
|
type = string
|
|
default = "https://us-east-1.linodeobjects.com"
|
|
}
|
|
|
|
variable "tf_state_access_key" {
|
|
description = "S3 access key for Terraform state backend"
|
|
type = string
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
variable "tf_state_secret_key" {
|
|
description = "S3 secret key for Terraform state backend"
|
|
type = string
|
|
default = ""
|
|
sensitive = true
|
|
}
|