diff --git a/apps/example-dev.tfvars b/apps/example-dev.tfvars index 3f874b2..3a8ebc8 100644 --- a/apps/example-dev.tfvars +++ b/apps/example-dev.tfvars @@ -1,11 +1,11 @@ # ─── Remote Host ────────────────────────────────────────────────────────────── -ssh_host = "dev-server.example.com" -ssh_user = "deploy" +ssh_host = "dev-server.example.com" +ssh_user = "deploy" # ssh_key_path is supplied at runtime by CI/CD from gopass — not stored here. # ─── App Identity ───────────────────────────────────────────────────────────── app_name = "myapp" -environment = "dev" # ephemeral containers, no persistent volumes +environment = "dev" # ephemeral containers, no persistent volumes # ─── OpenResty: bind_mount mode ─────────────────────────────────────────────── # Mount a directory that already exists on the remote server. @@ -17,7 +17,7 @@ openresty_external_port = 8080 # ─── PostgreSQL ─────────────────────────────────────────────────────────────── db_name = "myapp_dev" db_user = "myapp" -db_password = "changeme-dev" # use gopass / CI secret for real deployments +db_password = "changeme-dev" # use gopass / CI secret for real deployments # ─── Images (optional overrides) ────────────────────────────────────────────── # postgres_image = "postgres:16-alpine" diff --git a/apps/example-prod.tfvars b/apps/example-prod.tfvars index b69ea5f..8c4c6ae 100644 --- a/apps/example-prod.tfvars +++ b/apps/example-prod.tfvars @@ -1,25 +1,25 @@ # ─── Remote Host ────────────────────────────────────────────────────────────── -ssh_host = "prod-server.example.com" -ssh_user = "deploy" +ssh_host = "prod-server.example.com" +ssh_user = "deploy" # ssh_key_path is supplied at runtime by CI/CD from gopass — not stored here. # ─── App Identity ───────────────────────────────────────────────────────────── app_name = "myapp" -environment = "prod" # named Docker volumes, data persists across container restarts +environment = "prod" # named Docker volumes, data persists across container restarts # ─── OpenResty: git_clone mode ──────────────────────────────────────────────── # The OpenResty Alpine image starts, installs git via apk, then clones the repo. # Pin to a tag or full commit SHA — never use a branch name in prod. # The repo must contain an 'openresty/' directory with a valid nginx.conf. -openresty_source_type = "git_clone" -openresty_git_repo = "https://gitea.example.com/myorg/myapp-openresty.git" -openresty_git_ref = "v1.4.2" # pinned tag — never 'main' in prod +openresty_source_type = "git_clone" +openresty_git_repo = "https://gitea.example.com/myorg/myapp-openresty.git" +openresty_git_ref = "v1.4.2" # pinned tag — never 'main' in prod # openresty_git_token is supplied at runtime by CI/CD from gopass — not stored here. openresty_external_port = 80 # ─── PostgreSQL ─────────────────────────────────────────────────────────────── -db_name = "myapp_prod" -db_user = "myapp" +db_name = "myapp_prod" +db_user = "myapp" # db_password is supplied at runtime by CI/CD from gopass — not stored here. # ─── Images (optional overrides) ────────────────────────────────────────────── diff --git a/k8s/apps/example-nodered.tfvars b/k8s/apps/example-nodered.tfvars index e6efec5..a0ee1fe 100644 --- a/k8s/apps/example-nodered.tfvars +++ b/k8s/apps/example-nodered.tfvars @@ -16,7 +16,7 @@ init_container_image = "gitea.example.com/myorg/mynodered-init:v1.2.0" init_data_src_path = "/app-data" # ─── Storage ────────────────────────────────────────────────────────────────── -storage_class = "local-path" # k3s default provisioner +storage_class = "local-path" # k3s default provisioner app_pvc_size = "2Gi" # ─── Ingress (Traefik) ──────────────────────────────────────────────────────── diff --git a/k8s/tests/k8s_validation.tftest.hcl b/k8s/tests/k8s_validation.tftest.hcl index e45c703..de7490f 100644 --- a/k8s/tests/k8s_validation.tftest.hcl +++ b/k8s/tests/k8s_validation.tftest.hcl @@ -48,8 +48,8 @@ run "valid_with_rabbitmq" { run "valid_prod_environment" { command = plan variables { - environment = "prod" - enable_rabbitmq = true + environment = "prod" + enable_rabbitmq = true rabbitmq_password = "rabbit-secret" } } diff --git a/k8s/variables.tf b/k8s/variables.tf index f9a6143..8fbaa2f 100644 --- a/k8s/variables.tf +++ b/k8s/variables.tf @@ -92,9 +92,9 @@ variable "loki_endpoint" { variable "loki_auth_token" { description = "Bearer token for Loki. Leave empty for unauthenticated Loki." - type = string - default = "" - sensitive = true + type = string + default = "" + sensitive = true } # ─── RabbitMQ ───────────────────────────────────────────────────────────────── @@ -119,9 +119,9 @@ variable "rabbitmq_user" { variable "rabbitmq_password" { description = "RabbitMQ default user password." - type = string - sensitive = true - default = "" + type = string + sensitive = true + default = "" } variable "rabbitmq_vhost" { diff --git a/modules/app-k8s-nodered-rabbitmq/variables.tf b/modules/app-k8s-nodered-rabbitmq/variables.tf index 1e3f882..26bcd27 100644 --- a/modules/app-k8s-nodered-rabbitmq/variables.tf +++ b/modules/app-k8s-nodered-rabbitmq/variables.tf @@ -83,9 +83,9 @@ variable "loki_endpoint" { variable "loki_auth_token" { description = "Bearer token for Loki authentication. Leave empty for unauthenticated Loki." - type = string - default = "" - sensitive = true + type = string + default = "" + sensitive = true } # ─── RabbitMQ (optional) ────────────────────────────────────────────────────── @@ -110,9 +110,9 @@ variable "rabbitmq_user" { variable "rabbitmq_password" { description = "RabbitMQ default user password." - type = string - sensitive = true - default = "" + type = string + sensitive = true + default = "" } variable "rabbitmq_vhost" { diff --git a/modules/app-openresty-pg-redis/variables.tf b/modules/app-openresty-pg-redis/variables.tf index 870f2d3..9b49e91 100644 --- a/modules/app-openresty-pg-redis/variables.tf +++ b/modules/app-openresty-pg-redis/variables.tf @@ -48,8 +48,8 @@ variable "openresty_remote_config_path" { Absolute path on the REMOTE HOST to mount as /usr/local/openresty/nginx/conf inside the container. Only used when openresty_source_type = 'bind_mount'. EOT - type = string - default = "" + type = string + default = "" } # ─── OpenResty: local_build options ─────────────────────────────────────────── @@ -60,8 +60,8 @@ variable "openresty_local_build_context" { The context is transferred to the remote Docker daemon over SSH and built there. Only used when openresty_source_type = 'local_build'. EOT - type = string - default = "" + type = string + default = "" } variable "openresty_dockerfile" { @@ -78,8 +78,8 @@ variable "openresty_git_repo" { Only used when openresty_source_type = 'git_clone'. The cloned repo must contain an 'openresty/' directory with a valid nginx.conf. EOT - type = string - default = "" + type = string + default = "" } variable "openresty_git_ref" { @@ -89,8 +89,8 @@ variable "openresty_git_ref" { could contain different code each time the container is recreated). Only used when openresty_source_type = 'git_clone'. EOT - type = string - default = "" + type = string + default = "" validation { condition = var.openresty_git_ref == "" || !contains( @@ -107,9 +107,9 @@ variable "openresty_git_token" { Injected into the clone URL as oauth2:@. Only used when openresty_source_type = 'git_clone'. EOT - type = string - default = "" - sensitive = true + type = string + default = "" + sensitive = true } # ─── Networking & Ports ─────────────────────────────────────────────────────── @@ -133,8 +133,8 @@ variable "db_user" { variable "db_password" { description = "PostgreSQL password." - type = string - sensitive = true + type = string + sensitive = true } variable "postgres_image" { diff --git a/variables.tf b/variables.tf index 14ea1c9..ed6be67 100644 --- a/variables.tf +++ b/variables.tf @@ -89,9 +89,9 @@ variable "openresty_git_ref" { variable "openresty_git_token" { description = "Optional auth token for private git repos (git_clone mode)." - type = string - default = "" - sensitive = true + type = string + default = "" + sensitive = true } # ─── PostgreSQL ─────────────────────────────────────────────────────────────── @@ -108,8 +108,8 @@ variable "db_user" { variable "db_password" { description = "PostgreSQL password." - type = string - sensitive = true + type = string + sensitive = true } variable "postgres_image" {