From 145e1dab68caf3f57c53820c6359bef83a5ce52a Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Sun, 31 Aug 2025 13:33:54 -0700
Subject: manage terraform configuration with terranix

All the terraform configuration is managed within one state instead of
having multiple state for each components. This might not be the best
practice but it simplifies things for me.

Now, all I need to do is to run `nix run .#tf -- plan` and I can see
what will be changed for all the resources that I care about.
---
 scripts/common.nix | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'scripts/common.nix')

diff --git a/scripts/common.nix b/scripts/common.nix
index 931480c..b8ab82e 100644
--- a/scripts/common.nix
+++ b/scripts/common.nix
@@ -1,4 +1,29 @@
 { pkgs }:
 [
   (pkgs.writeScriptBin "update-deps" "nix flake update --commit-lock-file")
+
+  (pkgs.writeShellScriptBin "gcloud-auth" ''
+    set -xeuo pipefail
+    ${pkgs.google-cloud-sdk}/bin/gcloud auth print-identity-token > /dev/null 2>&1 || \
+    ${pkgs.google-cloud-sdk}/bin/gcloud auth login --quiet
+    ${pkgs.google-cloud-sdk}/bin/gcloud auth application-default print-access-token > /dev/null 2>&1 || \
+    ${pkgs.google-cloud-sdk}/bin/gcloud auth application-default login --quiet
+  '')
+
+  (pkgs.writeShellScriptBin "tf-state-setup" ''
+    set -xeuo pipefail
+    ${pkgs.google-cloud-sdk}/bin/gcloud storage buckets describe \
+      gs://fcuny-infra-tofu-state \
+      --project=fcuny-infra \
+      --quiet || \
+
+    ${pkgs.google-cloud-sdk}/bin/gcloud storage buckets create \
+      gs://fcuny-infra-tofu-state \
+      --project=fcuny-infra \
+      --uniform-bucket-level-access \
+      --public-access-prevention \
+      --location=us-west1 \
+      --default-storage-class=STANDARD \
+      --quiet
+  '')
 ]
-- 
cgit v1.2.3