MyNixOS website logo
Description

HTTP backend to store terraform state using pass and git.

Terraform HTTP Backend Pass

Catchy name! What does it do?

According to terraform docs:

Each Terraform configuration can specify a backend, which defines where and how operations are performed, where state snapshots are stored, etc.

There are a few backends which terraform provides, none of which are very customizable. The http backend, however, provides a way to define where (and how) state snapshots are stored. It additionally allows for a locking the state while some operation is being perfomed.

This project aims to provide a backend to store the terraform state in a git repository. As the state can contain sensitive information, it should be encrypted before storing, for which pass is used.

How to use

  1. Install the backend in one of these ways:
    • Using Stack:
      stack install terraform-http-backend-pass
      
    • Using Cabal:
      cabal install terraform-http-backend-pass
      
    • Using nix:
      nix registry add terraform-http-backend-pass git+https://git.coop/akshay/terraform-http-backend-pass
      nix build 'terraform-http-backend-pass#' --profile $HOME/.nix-profile
      
  2. Create a pass repository:
    export PASSWORD_STORE_DIR=/desired/path/to/store
    pass init <gpg-keys>
    pass git init
    
  3. Push the repository somewhere, set push upstream:
    export PASSWORD_STORE_DIR=/desired/path/to/store
    pass git remote add origin <remote-url>
    pass git push -u origin master
    
  4. Start the backend:
    terraform-http-backend-pass --repositoryPath /desired/path/to/store --port 8888 
    
  5. Setup terraform with backend information:
    terraform {
      backend "http" {
        # Or, something else if the server is not running on localhost
        address = "http://localhost:8888"
      }
    }
    
    The address can also be specified dynamically using the -backend-config option while running terraform init
  6. Use terraform as usual:
    terraform init
    terraform apply
    
Metadata

Version

0.1.0.1

License

Unknown

Executables (1)

  • bin/terraform-http-backend-pass

Platforms (77)

    Darwin
    FreeBSD
    Genode
    GHCJS
    Linux
    MMIXware
    NetBSD
    none
    OpenBSD
    Redox
    Solaris
    WASI
    Windows
Show all
  • aarch64-darwin
  • aarch64-freebsd
  • aarch64-genode
  • aarch64-linux
  • aarch64-netbsd
  • aarch64-none
  • aarch64-windows
  • aarch64_be-none
  • arm-none
  • armv5tel-linux
  • armv6l-linux
  • armv6l-netbsd
  • armv6l-none
  • armv7a-darwin
  • armv7a-linux
  • armv7a-netbsd
  • armv7l-linux
  • armv7l-netbsd
  • avr-none
  • i686-cygwin
  • i686-darwin
  • i686-freebsd
  • i686-genode
  • i686-linux
  • i686-netbsd
  • i686-none
  • i686-openbsd
  • i686-windows
  • javascript-ghcjs
  • loongarch64-linux
  • m68k-linux
  • m68k-netbsd
  • m68k-none
  • microblaze-linux
  • microblaze-none
  • microblazeel-linux
  • microblazeel-none
  • mips-linux
  • mips-none
  • mips64-linux
  • mips64-none
  • mips64el-linux
  • mipsel-linux
  • mipsel-netbsd
  • mmix-mmixware
  • msp430-none
  • or1k-none
  • powerpc-netbsd
  • powerpc-none
  • powerpc64-linux
  • powerpc64le-linux
  • powerpcle-none
  • riscv32-linux
  • riscv32-netbsd
  • riscv32-none
  • riscv64-linux
  • riscv64-netbsd
  • riscv64-none
  • rx-none
  • s390-linux
  • s390-none
  • s390x-linux
  • s390x-none
  • vc4-none
  • wasm32-wasi
  • wasm64-wasi
  • x86_64-cygwin
  • x86_64-darwin
  • x86_64-freebsd
  • x86_64-genode
  • x86_64-linux
  • x86_64-netbsd
  • x86_64-none
  • x86_64-openbsd
  • x86_64-redox
  • x86_64-solaris
  • x86_64-windows