1 files changed, 72 insertions, 0 deletions

diff --git a/ops/glesys/main.tf b/ops/glesys/main.tf
new file mode 100644
index 0000000000..9032d501a5
--- /dev/null
+++ b/ops/glesys/main.tf
@@ -0,0 +1,72 @@
+# Configure TVL resources hosted with GleSYS.
+#
+# Most importantly:
+#  - all of our DNS
+#  - object storage (e.g. backups)
+
+terraform {
+  required_providers {
+    glesys = {
+      source = "depot/glesys"
+    }
+  }
+
+  backend "s3" {
+    endpoint = "https://objects.dc-sto1.glesys.net"
+    bucket   = "tvl-state"
+    key      = "terraform/tvl-glesys"
+    region   = "glesys"
+
+    skip_credentials_validation = true
+    skip_region_validation      = true
+    skip_metadata_api_check     = true
+  }
+}
+
+provider "glesys" {
+  userid = "cl26117" # generated by GleSYS
+}
+
+resource "glesys_objectstorage_instance" "tvl-backups" {
+  description = "tvl-backups"
+  datacenter  = "dc-sto1"
+}
+
+resource "glesys_objectstorage_instance" "tvl-state" {
+  description = "tvl-state"
+  datacenter  = "dc-sto1"
+
+  lifecycle {
+    ignore_changes = [accesskey]
+  }
+}
+
+resource "glesys_objectstorage_credential" "terraform-state" {
+  instanceid  = glesys_objectstorage_instance.tvl-state.id
+  description = "key for terraform state"
+}
+
+resource "glesys_objectstorage_credential" "litestream" {
+  instanceid  = glesys_objectstorage_instance.tvl-state.id
+  description = "key for litestream"
+}
+
+variable "whitby_ipv4" {
+  type    = string
+  default = "49.12.129.211"
+}
+
+variable "whitby_ipv6" {
+  type    = string
+  default = "2a01:4f8:242:5b21:0:feed:edef:beef"
+}
+
+variable "sanduny_ipv4" {
+  type    = string
+  default = "85.119.82.231"
+}
+
+variable "sanduny_ipv6" {
+  type    = string
+  default = "2001:ba8:1f1:f109::feed:edef:beef"
+}