~damien/infrastructure

0891707e4707c437c5b6ad0340ede511cf09239c — Damien Radtke 8 months ago a39e121
I forget
2 files changed, 39 insertions(+), 26 deletions(-)

M terraform/main.tf
M tools/set-cluster-env
M terraform/main.tf => terraform/main.tf +5 -6
@@ 16,7 16,6 @@ locals {
  # image = "private/8694776"
  image = {
    default = "linode/opensuse15.1"
    next    = "linode/opensuse15.2"
  }
  instance_type    = "g6-nanode-1"
  stackscript_id   = 535217


@@ 30,7 29,7 @@ module "consul-server" {
  consul_version = "1.7.2"

  datacenter       = local.region
  image            = local.image[terraform.workspace]
  image            = "linode/opensuse15.2"
  instance_type    = local.instance_type
  stackscript_id   = local.stackscript_id
  authorized_users = local.authorized_users


@@ 47,7 46,7 @@ module "nomad-server" {
  consul_server_ips = module.consul-server.instances[*].ipv6

  datacenter       = local.region
  image            = local.image[terraform.workspace]
  image            = lookup(local.image, terraform.workspace, local.image["default"])
  instance_type    = local.instance_type
  stackscript_id   = local.stackscript_id
  authorized_users = local.authorized_users


@@ 65,7 64,7 @@ module "nomad-client" {
  consul_server_ips = module.consul-server.instances[*].ipv6

  datacenter       = local.region
  image            = local.image[terraform.workspace]
  image            = lookup(local.image, terraform.workspace, local.image["default"])
  instance_type    = local.instance_type
  stackscript_id   = local.stackscript_id
  authorized_users = local.authorized_users


@@ 83,7 82,7 @@ module "nomad-client-load-balancer" {
  consul_server_ips = module.consul-server.instances[*].ipv6

  datacenter       = local.region
  image            = local.image[terraform.workspace]
  image            = lookup(local.image, terraform.workspace, local.image["default"])
  instance_type    = local.instance_type
  stackscript_id   = local.stackscript_id
  authorized_users = local.authorized_users


@@ 100,7 99,7 @@ module "vault-server" {
  consul_server_ips = module.consul-server.instances[*].ipv6

  datacenter       = local.region
  image            = local.image[terraform.workspace]
  image            = lookup(local.image, terraform.workspace, local.image["default"])
  instance_type    = local.instance_type
  stackscript_id   = local.stackscript_id
  authorized_users = local.authorized_users

M tools/set-cluster-env => tools/set-cluster-env +34 -20
@@ 6,31 6,45 @@
#
# In order for CLI tools to work immediately, add something like this to your .bashrc:
#
#     $ source "$(which set-cluster-env)" "${HOME}/infrastructure/terraform/terraform.tfstate"
#     $ source "$(which set-cluster-env)" "${HOME}/infrastructure/terraform/"
#

state_file="${1:-terraform.tfstate}"

if [[ ! -f "${state_file}" ]]; then
	echo "state file '${state_file}' not found, are you in the right directory?"
if [[ "${BASH_SOURCE[0]}" = "$0" ]]; then
	echo "$(tput setaf 1)set-cluster-env should be sourced, not executed$(tput sgr0)"
	exit 1
fi

consul_server="$(terraform output -json -state "${state_file}" consul_server_ips | jq -r '.[0]')"
nomad_server="$(terraform output -json -state "${state_file}" nomad_server_ips | jq -r '.[0]')"
vault_server="$(terraform output -json -state "${state_file}" vault_server_ips | jq -r '.[0]')"
state_dir="${1:-.}"

if [[ ! -d "${state_dir}" ]]; then
	echo "directory '${state_dir}' not found"

	# This puts everything else into an else case here rather than exiting
	# because it is intended to be sourced, and running "exit" in your
	# .bashrc is an easy way to deny access to your server ever again.
else
	pushd "${state_dir}" >/dev/null

	consul_server="$(terraform output -json consul_server_ips | jq -r '.[0]')"
	nomad_server="$(terraform output -json nomad_server_ips | jq -r '.[0]')"
	vault_server="$(terraform output -json vault_server_ips | jq -r '.[0]')"

export CONSUL_HTTP_ADDR="https://[${consul_server}]:8501"
export CONSUL_CACERT="/etc/ssl/consul/ca.pem"
export CONSUL_CLIENT_CERT="${HOME}/consul-cli.pem"
export CONSUL_CLIENT_KEY="${HOME}/consul-cli-key.pem"
	export CONSUL_HTTP_ADDR="https://[${consul_server}]:8501"
	export CONSUL_CACERT="/etc/ssl/consul/ca.pem"
	export CONSUL_CLIENT_CERT="${HOME}/consul-cli.pem"
	export CONSUL_CLIENT_KEY="${HOME}/consul-cli-key.pem"

export NOMAD_ADDR="https://[${nomad_server}]:4646"
export NOMAD_CACERT="/etc/ssl/nomad/ca.pem"
export NOMAD_CLIENT_CERT="${HOME}/nomad-cli.pem"
export NOMAD_CLIENT_KEY="${HOME}/nomad-cli-key.pem"
	export NOMAD_ADDR="https://[${nomad_server}]:4646"
	export NOMAD_CACERT="/etc/ssl/nomad/ca.pem"
	export NOMAD_CLIENT_CERT="${HOME}/nomad-cli.pem"
	export NOMAD_CLIENT_KEY="${HOME}/nomad-cli-key.pem"

export VAULT_ADDR="https://[${vault_server}]:8200"
export VAULT_CACERT="/etc/ssl/vault/ca.pem"
export VAULT_CLIENT_CERT="${HOME}/vault-cli.pem"
export VAULT_CLIENT_KEY="${HOME}/vault-cli-key.pem"
	export VAULT_ADDR="https://[${vault_server}]:8200"
	export VAULT_CACERT="/etc/ssl/vault/ca.pem"
	export VAULT_CLIENT_CERT="${HOME}/vault-cli.pem"
	export VAULT_CLIENT_KEY="${HOME}/vault-cli-key.pem"

	echo "$(tput dim)cluster environment set for workspace \"$(terraform workspace show)$(tput sgr0)\""

	popd >/dev/null
fi