Add basic secrets loading in flake.nix

2022-12-16 17:42:21 +00:00 · 2022-12-16 17:42:21 +00:00 · 1149b52bee
parent 6d15871e5f
commit 1149b52bee
4 changed files with 43 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -12,7 +12,16 @@
      pkgs = nixpkgs.legacyPackages.${system};
    in {
      devShells.default = pkgs.mkShell {
+        shellHook =
+          ''
+            bw sync
+            export BW_SESSION=$(bw unlock --raw)
+            export VERCEL_API_TOKEN=$(bw list items --search "Vercel API" | jq -r '.[0].notes')
+            export HCLOUD_TOKEN=$(bw list items --search "Hetzner" | jq -r '.[0].fields[] | select(.name | contains("API")) | .value')
+            # alias terraform='terraform -chdir=terraform'
+          '';
        nativeBuildInputs = [
+          pkgs.jq
          pkgs.terraform
          pkgs.ansible
          pkgs.kubectl
--- a/terraform/.terraform.lock.hcl
+++ b/terraform/.terraform.lock.hcl
@ -20,6 +20,28 @@ provider "registry.terraform.io/hashicorp/aws" {
  ]
 }

+provider "registry.terraform.io/hetznercloud/hcloud" {
+  version     = "1.36.1"
+  constraints = "1.36.1"
+  hashes = [
+    "h1:xZSvxx6aUo0oZp2uqNxi/+wqnCNEBBuu8y7GeXIO9qA=",
+    "zh:16558b25c7f92f187278e94e951b0ab687882b06acff5b1387f3293f27939f8c",
+    "zh:28fc79ac2189ff0f5e6c9535ada8f57552b6e21c978b59dc78e086c27b9e4b23",
+    "zh:373907f9f7f2cefa94e2d5638bf5bef3d3b17e7655dc84dd6089346c6f4f9096",
+    "zh:394716cd877de682a0772d660f1bdb3838c5d751eca2211105d5ede248c48c39",
+    "zh:3c438c6590fcc8ac65a10039b2f5ba9ee379a734cb93a59c6cf74f385d891e87",
+    "zh:3f777a460a62fd23b283c269f1533b3887bf0c5564581e1e96cf294e077f5a8a",
+    "zh:4f62967553d7ce81ec14db7685306b625970ba6640b5764dc0137675ab97af0b",
+    "zh:56da08f8d75f596d6f9da4f0fd16bd60d1733cabcc260e885e1d7a711d6d3d8b",
+    "zh:62776c885bfa8e715dba6662f1744b5251f4cdd523dd4d1e4ccb2e25489593e9",
+    "zh:64cbb68139aa65f95ab3e654d872f9d34ef991fbf667fc30e0f29b96b5e8b4ed",
+    "zh:75a4b7a73ff0a537214d12d820438b7ae7a33d660e5d793f4ae0ebe3152bff00",
+    "zh:7b59d72538772ada7d51eaa50c905285200b1889ab29948b533412ccdf4d18de",
+    "zh:b84eeaa82bf765c6dd945ae83f1a9271fa5fad53b861b18b09cb8deda67dae13",
+    "zh:e81c3ea971e32a6ca3fdb0cd9e644614308ab2cf2a19482dd8a109d67fe3fb6f",
+  ]
+}
+
 provider "registry.terraform.io/vercel/vercel" {
  version     = "0.8.0"
  constraints = "~> 0.3"
--- a/terraform/hcloud-kubernetes-cluster.tf
+++ b/terraform/hcloud-kubernetes-cluster.tf
@ -0,0 +1,4 @@
+resource "hcloud_network" "kube-network" {
+  name     = "kube-network"
+  ip_range = "10.0.1.0/24"
+}
--- a/terraform/main.tf
+++ b/terraform/main.tf
@ -7,6 +7,10 @@ terraform {
    aws = {
      source  = "hashicorp/aws"
      version = "4.28.0"
+	}
+	hcloud = {
+      source = "hetznercloud/hcloud"
+      version = "1.36.1"
    }
  }
  backend "s3" {
@ -26,3 +30,7 @@ provider "aws" {
 provider "aws" {
  region = "eu-west-2"
 }
+
+provider "hcloud" {
+
+}