5 files changed, 118 insertions, 0 deletions

diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
new file mode 100644
index 0000000..f43b3d2
--- /dev/null
+++ b/terraform/.terraform.lock.hcl
@@ -0,0 +1,24 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/integrations/github" {
+  version     = "5.25.1"
+  constraints = "~> 5.0"
+  hashes = [
+    "h1:epBNElISklZEWSsyr18XAV1GxZcvT6DQSwfFu8b2dLQ=",
+    "zh:06ac78e7a7ba44627abb0181b6808ad5f219f39234a32832c3e1dee08905e928",
+    "zh:114e70c06e2f1c009071179573b2b4b4c3901bdb1704e192ad1c6551ddfdf6e8",
+    "zh:39991a7ea20e5b0b7705356b1806064674ccd4b4fa6529b46f606e2892acc60c",
+    "zh:5729ba50585e1ecb68f1e04834d843abd501245e28d3c957b7a1e77afbfa15f4",
+    "zh:64a3b862957c3dfcec7dc9ff388eb6b523b26af560b7e06d3573069978184018",
+    "zh:7614541276cafc106b7295d7252d1bb6677a5f69b511aba7984205510211d500",
+    "zh:8200efc0c692f6b6b59805942f81e6ac27384d58fb0167096354e8caae81f4e7",
+    "zh:868781725ee47d01c92eaeb305f3b08b15edfc16a5f1cc78fde3c87b00cb66aa",
+    "zh:a304816fff34fda8c57cfe0e7488b5b80966c83c4a054b56bfc6ccfd24267147",
+    "zh:a31db2c92b72c77a2e645a0738868e2ee9c80e1317d6138522b5989cd8c9c9c3",
+    "zh:e8597b2239ac1052881db28521a789e9cb3fafc6375ecb2fca824a169fba5821",
+    "zh:e8f25412bfa36124126952193e81713bfb6a4a16f37a7dd2825b99d1ed07f991",
+    "zh:fcaa06621b7e21c3cb76219e49a1ffda971a60a7d0b0f4ee1a9c209077d214ee",
+    "zh:fd39c18b45ae72e4ee40d79be4fdda3d4c6c37d3665b7d494b849c7d7a67e994",
+  ]
+}
diff --git a/terraform/ansible.tf b/terraform/ansible.tf
new file mode 100644
index 0000000..7ea0701
--- /dev/null
+++ b/terraform/ansible.tf
@@ -0,0 +1,56 @@
+resource "github_repository" "ansible" {
+  for_each = { for idx, repo in var.repos : idx => repo }
+
+  name         = "ansible-role-${each.value.name}"
+  description  = each.value.description
+  topics       = each.value.topics
+  homepage_url = each.value.homepage_url
+  visibility   = each.value.visibility
+  archived     = each.value.archived
+
+  has_discussions      = false
+  has_issues           = true
+  allow_merge_commit   = false
+  archive_on_destroy   = true
+  vulnerability_alerts = true
+}
+
+resource "github_actions_secret" "example_secret" {
+  for_each = { for idx, repo in var.repos : idx => repo if repo.galaxy }
+
+  repository      = "ansible-role-${each.value.name}"
+  secret_name     = "GALAXY_API_KEY"
+  plaintext_value = var.galaxy_api_key
+}
+
+variable "repos" {
+  type = list(object({
+    name         = string
+    description  = string
+    topics       = list(string)
+    homepage_url = string
+    visibility   = string
+    galaxy       = bool
+    archived     = bool
+  }))
+  default = [
+    {
+      name         = "prometheus-target"
+      description  = "Ansible role for pushing targets to prometheus instance"
+      topics       = ["ansible", "role", "galaxy", "prometheus", "monitoring", "metrics", "prometheus-exporter", "node-exporter"]
+      homepage_url = "https://galaxy.ansible.com/kliwniloc/prometheus_target"
+      visibility   = "public"
+      galaxy       = true
+      archived     = false
+    },
+    {
+      name         = "borgbackup"
+      description  = "Ansible role for deploying borgbackup on client and server"
+      topics       = ["ansible", "role", "galaxy", "backup", "borgbackup"]
+      homepage_url = "https://galaxy.ansible.com/kliwniloc/borgbackup"
+      visibility   = "private"
+      galaxy       = false
+      archived     = false
+    },
+  ]
+}
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..ef02089
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_version = ">= 1.0"
+  required_providers {
+    github = {
+      source  = "integrations/github"
+      version = "~> 5.0"
+    }
+  }
+}
+
+provider "github" {
+  token = var.github_token
+  owner = "kliwniloc"
+}
diff --git a/terraform/misc.tf b/terraform/misc.tf
new file mode 100644
index 0000000..7a9f754
--- /dev/null
+++ b/terraform/misc.tf
@@ -0,0 +1,13 @@
+resource "github_repository" "terraform-github" {
+  name        = "terraform-github"
+  description = "Terraform configuration managing my github repositories"
+  topics      = ["terraform", "github"]
+
+  visibility = "private"
+  archived   = false
+
+  has_discussions = false
+  has_projects    = false
+  has_issues      = true
+  homepage_url    = "https://github.com/kliwniloc"
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 0000000..4b6c01a
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,11 @@
+variable "github_token" {
+  description = "GITHUB_TOKEN"
+  type        = string
+  sensitive   = true
+}
+
+variable "galaxy_api_key" {
+  description = "Ansible Galaxy api key"
+  type        = string
+  sensitive   = true
+}