Bootstrap a config
This commit is contained in:
parent
f9f57a4d79
commit
5a210cfb12
|
@ -11,8 +11,8 @@ crash.log
|
||||||
crash.*.log
|
crash.*.log
|
||||||
|
|
||||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||||
# password, private keys, and other secrets. These should not be part of version
|
# password, private keys, and other secrets. These should not be part of version
|
||||||
# control as they are data points which are potentially sensitive and subject
|
# control as they are data points which are potentially sensitive and subject
|
||||||
# to change depending on the environment.
|
# to change depending on the environment.
|
||||||
*.tfvars
|
*.tfvars
|
||||||
*.tfvars.json
|
*.tfvars.json
|
||||||
|
@ -34,3 +34,4 @@ override.tf.json
|
||||||
.terraformrc
|
.terraformrc
|
||||||
terraform.rc
|
terraform.rc
|
||||||
|
|
||||||
|
.env
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
# Run terraform with required environment
|
||||||
|
terraform +ARGS:
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# Load secrets from env file (if it exists)
|
||||||
|
set -a
|
||||||
|
source ./.env || true
|
||||||
|
set +a
|
||||||
|
|
||||||
|
cd src/
|
||||||
|
|
||||||
|
terraform {{ ARGS }}
|
||||||
|
|
||||||
|
terraform-lint:
|
||||||
|
just terraform validate
|
||||||
|
just terraform fmt -check -recursive
|
|
@ -0,0 +1,25 @@
|
||||||
|
# This file is maintained automatically by "terraform init".
|
||||||
|
# Manual edits may be lost in future updates.
|
||||||
|
|
||||||
|
provider "registry.terraform.io/gmichels/adguard" {
|
||||||
|
version = "1.1.3"
|
||||||
|
constraints = "1.1.3"
|
||||||
|
hashes = [
|
||||||
|
"h1:fDQLALdZK0HxtJkuNyBkNIw9zo5TF9XYWYSvMyl/hZc=",
|
||||||
|
"zh:082bee13197cd9e08ff8075a13aedf7748a2db19c01330b52392f8544d48a519",
|
||||||
|
"zh:1605f0495354291f3c9efc97d288f9ad503626035fbb75e5c802d7530938142c",
|
||||||
|
"zh:1d6532b8f3624f10d0d4ec77d5d40ef4018085c06c8824c0815d329659ea4c98",
|
||||||
|
"zh:23476033a56cbab898224e9a1815815051561b0d41dad77433d0244329097734",
|
||||||
|
"zh:3032e675072417594c7c795b3bad49b181948f941145164394effb5104e6f153",
|
||||||
|
"zh:382b3d356e320ed441ef46742ca8280947b2d21c2f373ce16c05e58b8b894f4d",
|
||||||
|
"zh:4379a0de8523c08a8e0d6a66d8db55ae5ecf8b70bd089d9cd5b9750999a91726",
|
||||||
|
"zh:70e06f4f5274ba788e93e82dbb3811b97d086bb5b9f9be37555baad496c4d98a",
|
||||||
|
"zh:c98dbe0be18f036721af17fd4d77f0067911d106ca87337ee8089ed4c18d3899",
|
||||||
|
"zh:efff411878f10b279496e0f7c7d619123e1c8a06d52faf0e4f0984f8a337f017",
|
||||||
|
"zh:f3cb868ffce6a7b72629261f4e58b14a3793505a57e5541404792d8e6f9f2c40",
|
||||||
|
"zh:f5a4bf2cc0a128395de5928fbe18de2d47e99349b64aa4ef27c47da6236134da",
|
||||||
|
"zh:f809ab383cca0a5f83072981c64208cbd7fa67e986a86ee02dd2c82333221e32",
|
||||||
|
"zh:fa91214f28374536f17394704cb7b3295c7a1f1f05a6d6243d981fe81d23bf9b",
|
||||||
|
"zh:fb49db6e752ac8513e77eb43e78e6bf446d0a04f3d17f2bdfa2caf3712835d77",
|
||||||
|
]
|
||||||
|
}
|
|
@ -0,0 +1,43 @@
|
||||||
|
resource "adguard_config" "config" {
|
||||||
|
dhcp = {
|
||||||
|
interface = "enp2s0"
|
||||||
|
enabled = true
|
||||||
|
|
||||||
|
ipv4_settings = {
|
||||||
|
gateway_ip = "192.168.1.1"
|
||||||
|
subnet_mask = "255.255.252.0"
|
||||||
|
range_start = "192.168.1.10"
|
||||||
|
range_end = "192.168.1.199"
|
||||||
|
lease_duration = 86400
|
||||||
|
}
|
||||||
|
|
||||||
|
static_leases = [
|
||||||
|
{
|
||||||
|
hostname = "tang"
|
||||||
|
ip = "192.168.1.53"
|
||||||
|
mac = "18:66:da:00:70:d8"
|
||||||
|
}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
stats = {
|
||||||
|
interval = 168
|
||||||
|
}
|
||||||
|
|
||||||
|
querylog = {
|
||||||
|
interval = 168
|
||||||
|
}
|
||||||
|
|
||||||
|
dns = {
|
||||||
|
rate_limit = 50
|
||||||
|
blocked_response_ttl = 30
|
||||||
|
rate_limit_subnet_len_ipv4 = 22
|
||||||
|
|
||||||
|
|
||||||
|
upstream_dns = [
|
||||||
|
"https://dns10.quad9.net:443/dns-query",
|
||||||
|
"[/theorangeone.net/]${local.coredns_host}",
|
||||||
|
"[/jakehoward.tech/]${local.coredns_host}"
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,6 @@
|
||||||
|
provider "adguard" {
|
||||||
|
host = "192.168.1.53"
|
||||||
|
username = var.adguardhome_username
|
||||||
|
password = var.adguardhome_password
|
||||||
|
scheme = "http"
|
||||||
|
}
|
|
@ -0,0 +1,24 @@
|
||||||
|
terraform {
|
||||||
|
backend "s3" {
|
||||||
|
bucket = "adguardhome"
|
||||||
|
key = "terraform.tfstate"
|
||||||
|
region = "main"
|
||||||
|
|
||||||
|
endpoints = {
|
||||||
|
s3 = "https://s3.jakehoward.tech"
|
||||||
|
}
|
||||||
|
|
||||||
|
skip_region_validation = true
|
||||||
|
skip_requesting_account_id = true
|
||||||
|
skip_credentials_validation = true
|
||||||
|
skip_metadata_api_check = true
|
||||||
|
force_path_style = true
|
||||||
|
}
|
||||||
|
|
||||||
|
required_providers {
|
||||||
|
adguard = {
|
||||||
|
source = "gmichels/adguard"
|
||||||
|
version = "1.1.3"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,13 @@
|
||||||
|
locals {
|
||||||
|
coredns_host = "127.0.0.53:5353"
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "adguardhome_username" {
|
||||||
|
type = string
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "adguardhome_password" {
|
||||||
|
type = string
|
||||||
|
sensitive = true
|
||||||
|
}
|
Loading…
Reference in New Issue