This repo aims to build the hole Trinami Infrastructure with just a single command
- Init
#create a secrets.yaml with values:
cloudflare_api_token: "********"
hetzner_api_token: "********"
trinami_org_zone_id: "********"
trinami_zip_zone_id: "********"
github_token: "********"
onion_key: "********"
#install sops and encrypt the secrets
sops -e -p KEYID secrets.yaml > secrets.enc.yaml
#decrypt
cd terraform && sops -d secrets.enc.yaml > secrets.yaml
#create images
export HCLOUD_TOKEN=$(cat secrets.yaml | yq -r .hetzner_api_token)
packer init hcloud-microos-snapshots.pkr.hcl
packer build hcloud-microos-snapshots.pkr.hcl
#install fluxcd
- Setup
terraform init
terraform plan
terraform import github_repository.this infrastructure
terraform apply- Get kubeconfig access
terraform output --raw kubeconfig > ~/.kube/config- Add Zytadel
- Post-Quantum sops?
- Auto scaling
- 2FA
- gvisor
- ...