Bootstrap a config
This commit is contained in:
parent
f9f57a4d79
commit
5a210cfb12
|
@ -11,8 +11,8 @@ crash.log
|
|||
crash.*.log
|
||||
|
||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# to change depending on the environment.
|
||||
*.tfvars
|
||||
*.tfvars.json
|
||||
|
@ -34,3 +34,4 @@ override.tf.json
|
|||
.terraformrc
|
||||
terraform.rc
|
||||
|
||||
.env
|
||||
|
|
|
@ -0,0 +1,16 @@
|
|||
# Run terraform with required environment
|
||||
terraform +ARGS:
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# Load secrets from env file (if it exists)
|
||||
set -a
|
||||
source ./.env || true
|
||||
set +a
|
||||
|
||||
cd src/
|
||||
|
||||
terraform {{ ARGS }}
|
||||
|
||||
terraform-lint:
|
||||
just terraform validate
|
||||
just terraform fmt -check -recursive
|
|
@ -0,0 +1,25 @@
|
|||
# This file is maintained automatically by "terraform init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.terraform.io/gmichels/adguard" {
|
||||
version = "1.1.3"
|
||||
constraints = "1.1.3"
|
||||
hashes = [
|
||||
"h1:fDQLALdZK0HxtJkuNyBkNIw9zo5TF9XYWYSvMyl/hZc=",
|
||||
"zh:082bee13197cd9e08ff8075a13aedf7748a2db19c01330b52392f8544d48a519",
|
||||
"zh:1605f0495354291f3c9efc97d288f9ad503626035fbb75e5c802d7530938142c",
|
||||
"zh:1d6532b8f3624f10d0d4ec77d5d40ef4018085c06c8824c0815d329659ea4c98",
|
||||
"zh:23476033a56cbab898224e9a1815815051561b0d41dad77433d0244329097734",
|
||||
"zh:3032e675072417594c7c795b3bad49b181948f941145164394effb5104e6f153",
|
||||
"zh:382b3d356e320ed441ef46742ca8280947b2d21c2f373ce16c05e58b8b894f4d",
|
||||
"zh:4379a0de8523c08a8e0d6a66d8db55ae5ecf8b70bd089d9cd5b9750999a91726",
|
||||
"zh:70e06f4f5274ba788e93e82dbb3811b97d086bb5b9f9be37555baad496c4d98a",
|
||||
"zh:c98dbe0be18f036721af17fd4d77f0067911d106ca87337ee8089ed4c18d3899",
|
||||
"zh:efff411878f10b279496e0f7c7d619123e1c8a06d52faf0e4f0984f8a337f017",
|
||||
"zh:f3cb868ffce6a7b72629261f4e58b14a3793505a57e5541404792d8e6f9f2c40",
|
||||
"zh:f5a4bf2cc0a128395de5928fbe18de2d47e99349b64aa4ef27c47da6236134da",
|
||||
"zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
|
||||
"zh:fa91214f28374536f17394704cb7b3295c7a1f1f05a6d6243d981fe81d23bf9b",
|
||||
"zh:fb49db6e752ac8513e77eb43e78e6bf446d0a04f3d17f2bdfa2caf3712835d77",
|
||||
]
|
||||
}
|
|
@ -0,0 +1,43 @@
|
|||
resource "adguard_config" "config" {
|
||||
dhcp = {
|
||||
interface = "enp2s0"
|
||||
enabled = true
|
||||
|
||||
ipv4_settings = {
|
||||
gateway_ip = "192.168.1.1"
|
||||
subnet_mask = "255.255.252.0"
|
||||
range_start = "192.168.1.10"
|
||||
range_end = "192.168.1.199"
|
||||
lease_duration = 86400
|
||||
}
|
||||
|
||||
static_leases = [
|
||||
{
|
||||
hostname = "tang"
|
||||
ip = "192.168.1.53"
|
||||
mac = "18:66:da:00:70:d8"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
stats = {
|
||||
interval = 168
|
||||
}
|
||||
|
||||
querylog = {
|
||||
interval = 168
|
||||
}
|
||||
|
||||
dns = {
|
||||
rate_limit = 50
|
||||
blocked_response_ttl = 30
|
||||
rate_limit_subnet_len_ipv4 = 22
|
||||
|
||||
|
||||
upstream_dns = [
|
||||
"https://dns10.quad9.net:443/dns-query",
|
||||
"[/theorangeone.net/]${local.coredns_host}",
|
||||
"[/jakehoward.tech/]${local.coredns_host}"
|
||||
]
|
||||
}
|
||||
}
|
|
@ -0,0 +1,6 @@
|
|||
provider "adguard" {
|
||||
host = "192.168.1.53"
|
||||
username = var.adguardhome_username
|
||||
password = var.adguardhome_password
|
||||
scheme = "http"
|
||||
}
|
|
@ -0,0 +1,24 @@
|
|||
terraform {
|
||||
backend "s3" {
|
||||
bucket = "adguardhome"
|
||||
key = "terraform.tfstate"
|
||||
region = "main"
|
||||
|
||||
endpoints = {
|
||||
s3 = "https://s3.jakehoward.tech"
|
||||
}
|
||||
|
||||
skip_region_validation = true
|
||||
skip_requesting_account_id = true
|
||||
skip_credentials_validation = true
|
||||
skip_metadata_api_check = true
|
||||
force_path_style = true
|
||||
}
|
||||
|
||||
required_providers {
|
||||
adguard = {
|
||||
source = "gmichels/adguard"
|
||||
version = "1.1.3"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
locals {
|
||||
coredns_host = "127.0.0.53:5353"
|
||||
}
|
||||
|
||||
variable "adguardhome_username" {
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "adguardhome_password" {
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
Loading…
Reference in New Issue