about summary refs log tree commit diff
path: root/users/grfn/terraform
diff options
context:
space:
mode:
Diffstat (limited to 'users/grfn/terraform')
-rw-r--r--users/grfn/terraform/globals.nix19
-rw-r--r--users/grfn/terraform/nixosMachine.nix71
-rw-r--r--users/grfn/terraform/workspace.nix25
3 files changed, 63 insertions, 52 deletions
diff --git a/users/grfn/terraform/globals.nix b/users/grfn/terraform/globals.nix
index 5f373c664604..c6bc24c22b65 100644
--- a/users/grfn/terraform/globals.nix
+++ b/users/grfn/terraform/globals.nix
@@ -1,20 +1,23 @@
 { pkgs, ... }:
 
 {
-  provider.aws = map (region: {
-    inherit region;
-    alias = region;
-    profile = "personal";
-  }) [
+  provider.aws = map
+    (region: {
+      inherit region;
+      alias = region;
+      profile = "personal";
+    }) [
     "us-east-1"
     "us-east-2"
     "us-west-2"
   ];
 
   data.external.cloudflare_api_key = {
-    program = [(pkgs.writeShellScript "cloudflare_api_key" ''
-      jq -n --arg api_key "$(pass cloudflare-api-key)" '{"api_key":$api_key}'
-    '')];
+    program = [
+      (pkgs.writeShellScript "cloudflare_api_key" ''
+        jq -n --arg api_key "$(pass cloudflare-api-key)" '{"api_key":$api_key}'
+      '')
+    ];
   };
 
   provider.cloudflare = {
diff --git a/users/grfn/terraform/nixosMachine.nix b/users/grfn/terraform/nixosMachine.nix
index ef8830d66c21..dfecbff60a3e 100644
--- a/users/grfn/terraform/nixosMachine.nix
+++ b/users/grfn/terraform/nixosMachine.nix
@@ -9,7 +9,7 @@
 , region ? "us-east-2"
 , rootVolumeSizeGb ? 50
 , securityGroupId ? null
-, extraIngressPorts ? []
+, extraIngressPorts ? [ ]
 }:
 
 let
@@ -40,13 +40,14 @@ let
 
   machineResource = "aws_instance.${prefix}machine";
 
-  recursiveMerge = builtins.foldl' lib.recursiveUpdate {};
+  recursiveMerge = builtins.foldl' lib.recursiveUpdate { };
 
   securityGroupId' =
     if isNull securityGroupId
     then "\${aws_security_group.${prefix}group.id}"
     else securityGroupId;
-in recursiveMerge [
+in
+recursiveMerge [
   (lib.optionalAttrs (isNull securityGroupId) {
     resource.aws_security_group."${prefix}group" = {
       provider = "aws.${region}";
@@ -60,12 +61,12 @@ in recursiveMerge [
     resource.aws_security_group_rule.all_egress = {
       provider = "aws.${region}";
       security_group_id = securityGroupId';
-      type            = "egress";
-      protocol        = "-1";
-      from_port       = 0;
-      to_port         = 0;
-      cidr_blocks     = ["0.0.0.0/0"];
-      ipv6_cidr_blocks = ["::/0"];
+      type = "egress";
+      protocol = "-1";
+      from_port = 0;
+      to_port = 0;
+      cidr_blocks = [ "0.0.0.0/0" ];
+      ipv6_cidr_blocks = [ "::/0" ];
 
       description = null;
       prefix_list_ids = null;
@@ -74,12 +75,14 @@ in recursiveMerge [
   })
   rec {
     data.external.my_ip = {
-      program = [(pkgs.writeShellScript "my_ip" ''
-        ${pkgs.jq}/bin/jq \
-          -n \
-          --arg ip "$(curl ifconfig.me)" \
-          '{"ip":$ip}'
-      '')];
+      program = [
+        (pkgs.writeShellScript "my_ip" ''
+          ${pkgs.jq}/bin/jq \
+            -n \
+            --arg ip "$(curl ifconfig.me)" \
+            '{"ip":$ip}'
+        '')
+      ];
     };
 
     resource.aws_security_group_rule.provision_ssh_access = {
@@ -89,8 +92,8 @@ in recursiveMerge [
       protocol = "TCP";
       from_port = 22;
       to_port = 22;
-      cidr_blocks = ["\${data.external.my_ip.result.ip}/32"];
-      ipv6_cidr_blocks = [];
+      cidr_blocks = [ "\${data.external.my_ip.result.ip}/32" ];
+      ipv6_cidr_blocks = [ ];
       description = null;
       prefix_list_ids = null;
       self = null;
@@ -183,21 +186,23 @@ in recursiveMerge [
   }
 
   {
-    resource.aws_security_group_rule = builtins.listToAttrs (map (port: {
-      name = "ingress_${toString port}";
-      value = {
-        provider = "aws.${region}";
-        security_group_id = securityGroupId';
-        type = "ingress";
-        protocol = "TCP";
-        from_port = port;
-        to_port = port;
-        cidr_blocks = ["0.0.0.0/0"];
-        ipv6_cidr_blocks = [];
-        description = null;
-        prefix_list_ids = null;
-        self = null;
-      };
-    }) extraIngressPorts);
+    resource.aws_security_group_rule = builtins.listToAttrs (map
+      (port: {
+        name = "ingress_${toString port}";
+        value = {
+          provider = "aws.${region}";
+          security_group_id = securityGroupId';
+          type = "ingress";
+          protocol = "TCP";
+          from_port = port;
+          to_port = port;
+          cidr_blocks = [ "0.0.0.0/0" ];
+          ipv6_cidr_blocks = [ ];
+          description = null;
+          prefix_list_ids = null;
+          self = null;
+        };
+      })
+      extraIngressPorts);
   }
 ]
diff --git a/users/grfn/terraform/workspace.nix b/users/grfn/terraform/workspace.nix
index c2a0fdb97793..92bf6e4ec1c5 100644
--- a/users/grfn/terraform/workspace.nix
+++ b/users/grfn/terraform/workspace.nix
@@ -21,13 +21,15 @@ let
   ]));
 
   plugins_tf = {
-    terraform.required_providers = (builtins.listToAttrs (map (p: {
-      name = lib.last (lib.splitString "/" p.provider-source-address);
-      value = {
-        source = p.provider-source-address;
-        version = p.version;
-      };
-    }) (allPlugins pkgs.terraform.plugins)));
+    terraform.required_providers = (builtins.listToAttrs (map
+      (p: {
+        name = lib.last (lib.splitString "/" p.provider-source-address);
+        value = {
+          source = p.provider-source-address;
+          version = p.version;
+        };
+      })
+      (allPlugins pkgs.terraform.plugins)));
   };
 
 
@@ -36,7 +38,7 @@ let
     plugins = plugins_tf;
   };
 
-  module = runCommandNoCC "module" {} ''
+  module = runCommandNoCC "module" { } ''
     mkdir $out
     ${lib.concatStrings (lib.mapAttrsToList (k: config_tf:
       (let
@@ -70,7 +72,7 @@ let
   '';
 
   # TODO: import (-config)
-  tfcmds = runCommandNoCC "${name}-tfcmds" {} ''
+  tfcmds = runCommandNoCC "${name}-tfcmds" { } ''
     mkdir -p $out/bin
     ln -s ${init} $out/bin/init
     ln -s ${tfcmd} $out/bin/validate
@@ -79,7 +81,8 @@ let
     ln -s ${tfcmd} $out/bin/destroy
   '';
 
-in {
+in
+{
   inherit name module;
   terraform = tf;
   cmds = tfcmds;
@@ -92,7 +95,7 @@ in {
   #   destroy = depot.nix.nixRunWrapper "destroy" tfcmds;
   # };
 
-  test = runCommandNoCC "${name}-test" {} ''
+  test = runCommandNoCC "${name}-test" { } ''
     set -e
     export TF_STATE_ROOT=$(pwd)
     ${tfcmds}/bin/init