37 lines
1.2 KiB
Makefile
37 lines
1.2 KiB
Makefile
SHELL := /usr/bin/env bash
|
|
|
|
# Decrypt Hetzner token at runtime (requires your SOPS_AGE_KEY loaded locally)
|
|
HCLOUD_TOKEN := $(shell sops -d --extract '["ops"]["hcloud_token"]' inventory/group_vars/secrets.sops.yaml 2>/dev/null)
|
|
|
|
.PHONY: all apply tf-init tf-apply ansible destroy fmt check sops-edit sops-rotate
|
|
|
|
all: apply
|
|
|
|
fmt:
|
|
terraform -chdir=terraform/hetzner fmt -recursive || true
|
|
|
|
tf-init:
|
|
terraform -chdir=terraform/hetzner init
|
|
|
|
tf-apply: tf-init
|
|
@if [ -z "$(HCLOUD_TOKEN)" ]; then echo "HCLOUD_TOKEN empty. Did you load your SOPS key and encrypt ops.hcloud_token?"; exit 1; fi
|
|
@export HCLOUD_TOKEN=$(HCLOUD_TOKEN); \
|
|
terraform -chdir=terraform/hetzner apply -auto-approve
|
|
|
|
ansible:
|
|
cd ansible && ansible-playbook playbooks/bootstrap.yaml -u admin
|
|
|
|
apply: fmt tf-apply ansible
|
|
|
|
destroy:
|
|
@if [ -z "$(HCLOUD_TOKEN)" ]; then echo "HCLOUD_TOKEN empty. Did you load your SOPS key?"; exit 1; fi
|
|
@export HCLOUD_TOKEN=$(HCLOUD_TOKEN); \
|
|
terraform -chdir=terraform/hetzner destroy -auto-approve
|
|
|
|
sops-edit:
|
|
sops inventory/group_vars/secrets.sops.yaml
|
|
|
|
check:
|
|
terraform -chdir=terraform/hetzner plan >/dev/null || true
|
|
cd ansible && ansible-inventory --list >/dev/null
|