made s3 buckets work

terraform/terranix.org/.gitignore

@@ -0,0 +1 @@
+terraform.tfstate*

terraform/terranix.org/targets/namecheap/__backend.tf

@@ -0,0 +1,18 @@
+# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
+terraform {
+  backend "s3" {
+    bucket                      = "terraform-state-terranix-website"
+    encrypt                     = false
+    endpoint                    = "http://s3.chungus.private"
+    force_path_style            = true
+    iam_endpoint                = "http://s3.chungus.private"
+    key                         = "namecheap/terraform.tfstate"
+    region                      = "home"
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    skip_region_validation      = true
+    skip_requesting_account_id  = true
+    skip_s3_checksum            = true
+    sts_endpoint                = "http://s3.chunugs.private"
+  }
+}

terraform/terranix.org/targets/namecheap/__provider.tf

@@ -0,0 +1,19 @@
+# Generated by Terragrunt. Sig: nIlQXj57tbuaRZEa
+terraform {
+  required_providers {
+    namecheap = {
+      source  = "namecheap/namecheap"
+      version = ">= 2.0.0"
+    }
+  }
+}
+
+# Namecheap API credentials
+provider "namecheap" {
+  user_name = var.namecheap_user
+  api_user  = var.namecheap_user
+  api_key   = var.namecheap_api_key
+}
+
+variable "namecheap_user" {}
+variable "namecheap_api_key" {}

terraform/terranix.org/targets/namecheap/main.tf

@@ -0,0 +1,73 @@
+locals {
+  minutes = 60
+  hours   = 60 * local.minutes
+  days    = 24 * local.hours
+
+  normal_ttl     = 12 * local.hours
+  short_ttl      = 30 * local.minutes
+  very_short_ttl = 2 * local.minutes
+}
+
+resource "namecheap_domain_records" "terranix" {
+  domain     = "terranix.org"
+  mode       = "OVERWRITE"
+  email_type = "OX"
+
+  # terranix.org
+  record {
+    address  = "terranix.github.io"
+    hostname = "@"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "CNAME"
+  }
+  record {
+    address  = "terranix.github.io"
+    hostname = "www"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "CNAME"
+  }
+
+  # matrix.terranix.org
+  record {
+    address  = "144.76.13.147"
+    hostname = "matrix"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "A"
+  }
+  record {
+    address  = "144.76.13.147"
+    hostname = "element"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "A"
+  }
+
+  # Github Challenges
+  record {
+    address  = "c3fd9329fe"
+    hostname = "_github-challenge-terranix-org"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "TXT"
+  }
+  record {
+    address  = "ece2e1608cde1d7785b1315d0b0019"
+    hostname = "_github-pages-challenge-terranix"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "TXT"
+  }
+
+  # Mail Challenges
+  record {
+    address  = "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvlSGd9dcuYFJ8CNAIgF/IWzKD8MlW41V4QeMgWgAQvKCW4JU2pF9IlcQGN+7IQf4PtJlzr/ClUspex58q75IZUjcLCGU0QdaqWPveQuIlS4JwgQadfNc8JtOiDlUSxMWfpROyvNyLtXUQftUvmppJDml2evo2OA5CpN7cKPzR4KcVINHlaL23m7mw9rLWWIpoxaGgp/aTi/a9m3PovUQ/lfDPrgvnmEGIc9piVO3DVE64dB/7yAZe9Jd2Qka3nwq5x3so1YPIOKXVK8G40NlyBOfPdKOeKhERuFL5zMIsLlcJd0BeLiuVqobc6DWLQMjrKDUEVnBsx2dJmhosqeG2wIDAQAB"
+    hostname = "default._domainkey"
+    mx_pref  = 10
+    ttl      = local.normal_ttl
+    type     = "TXT"
+  }
+
+}

terraform/terranix.org/targets/namecheap/terragrunt.hcl

@@ -0,0 +1,34 @@
+
+include {
+  path = find_in_parent_folders()
+}
+
+inputs = {
+  namecheap_user    = run_cmd("--terragrunt-quiet", "pass", "show", "development/namecheap.com/username")
+  namecheap_api_key = run_cmd("--terragrunt-quiet", "pass", "show", "development/namecheap.com/api-key")
+}
+
+generate "provider" {
+  path      = "__provider.tf"
+  if_exists = "overwrite_terragrunt"
+  contents  = <<EOF
+terraform {
+  required_providers {
+    namecheap = {
+      source  = "namecheap/namecheap"
+      version = ">= 2.0.0"
+    }
+  }
+}
+
+# Namecheap API credentials
+provider "namecheap" {
+  user_name = var.namecheap_user
+  api_user  = var.namecheap_user
+  api_key   = var.namecheap_api_key
+}
+
+variable "namecheap_user" {}
+variable "namecheap_api_key" {}
+EOF
+}

terraform/terranix.org/targets/terragrunt.hcl

@@ -0,0 +1,31 @@
+
+remote_state {
+  backend = "s3"
+  generate = {
+    path      = "__backend.tf"
+    if_exists = "overwrite"
+  }
+  config = {
+    bucket  = "terraform-state-terranix-website"
+    key     = "${path_relative_to_include()}/terraform.tfstate"
+    region  = "home"
+    encrypt = false
+
+    endpoint     = "http://s3.chungus.private"
+    iam_endpoint = "http://s3.chungus.private"
+    sts_endpoint = "http://s3.chunugs.private"
+
+    force_path_style                   = true
+    enable_lock_table_ssencryption     = false
+    skip_s3_checksum                   = true
+    skip_bucket_public_access_blocking = true
+    skip_bucket_enforced_tls           = true
+    skip_credentials_validation        = true
+    skip_bucket_root_access            = true # use only if the AWS account root user should not have access to the remote state bucket for some reason
+    skip_bucket_versioning             = true # use only if the object store does not support versioning
+    skip_bucket_ssencryption           = true # use only if non-encrypted Terraform State is required and/or the object store does not support server-side encryption
+    skip_metadata_api_check            = true
+    skip_region_validation             = true
+    skip_requesting_account_id         = true
+  }
+}