init

7 files changed, 140 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..f6a70f5
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.terraform/
+*.tfstate
+*.tfstate.backup
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..62f8a2f
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,24 @@
+default_stages: [commit, push]
+
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.0.1
+    hooks:
+      - id: check-added-large-files
+      - id: trailing-whitespace
+      - id: detect-private-key
+      - id: end-of-file-fixer
+
+  - repo: https://github.com/antonbabenko/pre-commit-terraform.git
+    rev: v1.77.3
+    hooks:
+      - id: terraform_validate
+        stages: [commit]
+      - id: terraform_fmt
+        args:
+          - --args=-no-color
+          - --args=-diff
+          - --args=-write=false
+      - id: terraform_tflint
+        args:
+          - --args=--module
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
new file mode 100644
index 0000000..f43b3d2
--- /dev/null
+++ b/.terraform.lock.hcl
@@ -0,0 +1,24 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/integrations/github" {
+  version     = "5.25.1"
+  constraints = "~> 5.0"
+  hashes = [
+    "h1:epBNElISklZEWSsyr18XAV1GxZcvT6DQSwfFu8b2dLQ=",
+    "zh:06ac78e7a7ba44627abb0181b6808ad5f219f39234a32832c3e1dee08905e928",
+    "zh:114e70c06e2f1c009071179573b2b4b4c3901bdb1704e192ad1c6551ddfdf6e8",
+    "zh:39991a7ea20e5b0b7705356b1806064674ccd4b4fa6529b46f606e2892acc60c",
+    "zh:5729ba50585e1ecb68f1e04834d843abd501245e28d3c957b7a1e77afbfa15f4",
+    "zh:64a3b862957c3dfcec7dc9ff388eb6b523b26af560b7e06d3573069978184018",
+    "zh:7614541276cafc106b7295d7252d1bb6677a5f69b511aba7984205510211d500",
+    "zh:8200efc0c692f6b6b59805942f81e6ac27384d58fb0167096354e8caae81f4e7",
+    "zh:868781725ee47d01c92eaeb305f3b08b15edfc16a5f1cc78fde3c87b00cb66aa",
+    "zh:a304816fff34fda8c57cfe0e7488b5b80966c83c4a054b56bfc6ccfd24267147",
+    "zh:a31db2c92b72c77a2e645a0738868e2ee9c80e1317d6138522b5989cd8c9c9c3",
+    "zh:e8597b2239ac1052881db28521a789e9cb3fafc6375ecb2fca824a169fba5821",
+    "zh:e8f25412bfa36124126952193e81713bfb6a4a16f37a7dd2825b99d1ed07f991",
+    "zh:fcaa06621b7e21c3cb76219e49a1ffda971a60a7d0b0f4ee1a9c209077d214ee",
+    "zh:fd39c18b45ae72e4ee40d79be4fdda3d4c6c37d3665b7d494b849c7d7a67e994",
+  ]
+}
diff --git a/ansible.tf b/ansible.tf
new file mode 100644
index 0000000..bb5ff51
--- /dev/null
+++ b/ansible.tf
@@ -0,0 +1,53 @@
+resource "github_repository" "ansible" {
+  for_each = { for idx, repo in var.repos : idx => repo }
+
+  name        = "ansible-role-${each.value.name}"
+  description = each.value.description
+  topics      = each.value.topics
+  visibility  = each.value.visibility
+  archived    = each.value.archived
+
+  has_discussions      = false
+  has_issues           = true
+  allow_merge_commit   = false
+  archive_on_destroy   = true
+  vulnerability_alerts = true
+}
+
+resource "github_actions_secret" "example_secret" {
+  for_each = { for idx, repo in var.repos : idx => repo if repo.galaxy }
+
+  repository      = "ansible-role-${each.value.name}"
+  secret_name     = "GALAXY_API_KEY"
+  plaintext_value = var.galaxy_api_key
+}
+
+variable "repos" {
+  type = list(object({
+    name        = string
+    description = string
+    topics      = list(string)
+    visibility  = string
+    galaxy      = bool
+    archived    = bool
+  }))
+  default = [
+    {
+      name        = "prometheus-target"
+      description = "Ansible role for pushing targets to prometheus instance"
+      topics = ["ansible", "role", "galaxy", "prometheus", "monitoring",
+      "metrics", "prometheus-exporter", "node-exporter"]
+      visibility = "public"
+      galaxy     = true
+      archived   = false
+    },
+    {
+      name        = "borgbackup"
+      description = "Ansible role for deploying borgbackup on client and server"
+      topics      = ["ansible", "role", "galaxy", "backup", "borgbackup"]
+      visibility  = "private"
+      galaxy      = false
+      archived    = false
+    },
+  ]
+}
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..ef02089
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    github = {
+      source  = "integrations/github"
+      version = "~> 5.0"
+    }
+  }
+}
+
+provider "github" {
+  token = var.github_token
+  owner = "kliwniloc"
+}
diff --git a/misc.tf b/misc.tf
new file mode 100644
index 0000000..75c3001
--- /dev/null
+++ b/misc.tf
@@ -0,0 +1,11 @@
+resource "github_repository" "terraform-github" {
+  name        = "terraform-github"
+  description = "Terraform configuration managing my github repositories"
+  topics      = ["terraform", "github"]
+
+  visibility = "private"
+  archived   = false
+
+  has_discussions = false
+  has_issues      = true
+}
diff --git a/variables.tf b/variables.tf
new file mode 100644
index 0000000..4b6c01a
--- /dev/null
+++ b/variables.tf
@@ -0,0 +1,11 @@
+variable "github_token" {
+  description = "GITHUB_TOKEN"
+  type        = string
+  sensitive   = true
+}
+
+variable "galaxy_api_key" {
+  description = "Ansible Galaxy api key"
+  type        = string
+  sensitive   = true
+}