manage terraform configuration with terranix

All the terraform configuration is managed within one state instead of having multiple state for each components. This might not be the best practice but it simplifies things for me. Now, all I need to do is to run `nix run .#tf -- plan` and I can see what will be changed for all the resources that I care about.
author: Franck Cuny <franck@fcuny.net> 2025-08-31 13:33:54 -0700
committer: Franck Cuny <franck@fcuny.net> 2025-08-31 13:33:54 -0700
commit: 145e1dab68caf3f57c53820c6359bef83a5ce52a (patch)
tree: 592546ad50121b32f386f532e3be8f75cb521d54 /flake
parent: add terranix (diff)
download: infra-145e1dab68caf3f57c53820c6359bef83a5ce52a.tar.gz
2 files changed, 62 insertions, 1 deletions
diff --git a/flake/overlays.nix b/flake/overlays.nix
index 1eecfcf..2f9100d 100644
--- a/flake/overlays.nix
+++ b/flake/overlays.nix
@@ -1,4 +1,9 @@
-{ inputs, self, ... }:
+{
+  inputs,
+  self,
+  config,
+  ...
+}:
 {
 
   flake.overlays.default = _final: prev: {
@@ -8,6 +13,17 @@
 
   perSystem =
     { system, ... }:
+    let
+      mkTerraformCfg =
+        modules:
+        inputs.terranix.lib.terranixConfiguration {
+          inherit system;
+          extraArgs = {
+            inherit (config.flake) nixosConfigurations;
+          };
+          inherit modules;
+        };
+    in
     {
       _module.args.pkgs = import inputs.nixpkgs {
         inherit system;
@@ -18,6 +34,11 @@
           inputs.nur.overlays.default
           inputs.my-go-tools.overlays.default
           self.overlays.default
+          (_self: _super: {
+            adminTerraformCfg = mkTerraformCfg [
+              "${self}/terraform/admin"
+            ];
+          })
         ];
       };
     };
diff --git a/flake/terraform.nix b/flake/terraform.nix
new file mode 100644
index 0000000..23cc6d3
--- /dev/null
+++ b/flake/terraform.nix
@@ -0,0 +1,40 @@
+{ lib, ... }:
+{
+  perSystem =
+    { pkgs, ... }:
+    let
+      mkTfWrapper =
+        {
+          tfPlugins,
+          cfg,
+        }:
+        let
+          pkg = pkgs.opentofu.withPlugins tfPlugins;
+        in
+        {
+          type = "app";
+          program = toString (
+            pkgs.writers.writeBash "tf" ''
+              set -xeuo pipefail
+              ln -snf ${cfg} config.tf.json
+              exec ${lib.getExe pkg} "$@"
+            ''
+          );
+        };
+    in
+    {
+      apps = {
+        tf = mkTfWrapper {
+          cfg = pkgs.adminTerraformCfg;
+          tfPlugins = p: [
+            p.cloudflare
+            p.digitalocean
+            p.external
+            p.google
+            p.null
+            p.random
+          ];
+        };
+      };
+    };
+}
author	Franck Cuny <franck@fcuny.net>	2025-08-31 13:33:54 -0700
committer	Franck Cuny <franck@fcuny.net>	2025-08-31 13:33:54 -0700
commit	145e1dab68caf3f57c53820c6359bef83a5ce52a (patch)
tree	592546ad50121b32f386f532e3be8f75cb521d54 /flake
parent	add terranix (diff)
download	infra-145e1dab68caf3f57c53820c6359bef83a5ce52a.tar.gz