feat: separated taskfiles

Taskfile.yml

@@ -1,20 +1,12 @@
 version: 3
-env: { TF: terraform -chdir=terraform }
 silent: true
 
+includes:
+  tf: { taskfile: terraform, dir: terraform }
+
 tasks:
   dev: docker compose -f compose.dev.yml up --build --force-recreate --no-deps
 
-  tf/init: $TF init -backend-config=backend.tfvars
-  tf/plan: $TF plan -var-file=secret.tfvars
-  tf/destroy: $TF destroy
-  tf/format: $TF fmt -recursive
-  tf/apply: 
-    - $TF apply -var-file=secret.tfvars
-    - $TF output -json > secrets.tf.json
-  tf/import:
-    - $TF import -var-file=secret.tfvars {{.CLI_ARGS}}
-
   build: ansible-playbook playbooks/build.yml
   deploy: ansible-playbook playbooks/deploy.yml
   restore: ansible-playbook playbooks/restore.yml
@@ -26,13 +18,10 @@ tasks:
     cmd: aws ssm start-session --target $INSTANCE_ID
     env:
       INSTANCE_ID: { sh: jq -r .instance_id.value < secrets.tf.json }
-      AWS_REGION: { sh: jq -r .aws_region < secrets/gitea.json }
-      AWS_ACCESS_KEY_ID: { sh: jq -r .aws_access_key < secrets/gitea.json }
-      AWS_SECRET_ACCESS_KEY: { sh: jq -r .aws_secret_key < secrets/gitea.json }
   
-  prune:
+  push:
-    - docker system prune -af
+    dir: gitea
-    - docker image prune -af
+    cmds:
-    - docker system prune -af --volumes
+      - docker build -t web/git . -f Dockerfile --platform linux/amd64,linux/arm64
-    - docker volume prune -af
+      - docker login code.maximhutz.com
-    - docker system df
+      - defer: docker logout

gitea/Dockerfile

@@ -6,4 +6,4 @@ ENV GITEA_CUSTOM /etc/gitea-custom
 
 WORKDIR /etc/gitea-custom
 
-RUN gitea cert --host localhost --ca
+RUN gitea cert --host code.maximhutz.com --ca

gitea/Dockerfile.dev

@@ -9,4 +9,4 @@ RUN mv /etc/gitea/dev.app.ini /etc/gitea/app.ini
 
 WORKDIR /etc/gitea-custom
 
-RUN gitea cert --host code.maximhutz.com --ca
+RUN gitea cert --host localhost --ca

playbooks/build.yml

@@ -1,6 +1,6 @@
 - name: Make build artifact.
   hosts: localhost
-  vars_files: ../secrets/gitea.json
+  vars_files: ../config/ansible.json
   tasks:
     - name: Build image.
       community.docker.docker_image_build:

playbooks/deploy.yml

@@ -2,8 +2,8 @@
   hosts: localhost
   become: true
   vars_files:
-    - ../secrets/gitea.json
+    - ../config/ansible.json
-    - ../secrets.tf.json
+    - ../config/infrastructure.json
   vars:
     ansible_connection: aws_ssm
     ansible_python_interpreter: /usr/bin/python3

playbooks/restore.yml

@@ -2,8 +2,8 @@
   hosts: localhost
   become: true
   vars_files:
-    - ../secrets/gitea.json
+    - ../config/ansible.json
-    - ../secrets.tf.json
+    - ../config/infrastructure.json
   vars:
     ansible_connection: aws_ssm
     ansible_python_interpreter: /usr/bin/python3

terraform/Taskfile.yml

@@ -0,0 +1,13 @@
+version: 3
+silent: true
+
+tasks:
+  init: terraform init -backend-config=../config/backend.tf.json
+  plan: terraform plan -var-file=../config/variables.tf.json
+  destroy: terraform destroy
+  format: terraform fmt -recursive
+  out: terraform output -json > ../config/infrastructure.tf.json
+  apply: 
+    - terraform apply -var-file=../config/variables.tf.json
+    - task: out
+  import: terraform import -var-file=../config/variables.tf.json {{.CLI_ARGS}}

terraform/main.tf

@@ -16,7 +16,7 @@ resource "aws_instance" "gitea" {
   subnet_id     = module.vpc.public_subnets[0]
 
   user_data                   = file("install.sh")
-  user_data_replace_on_change = true
+  user_data_replace_on_change = false
 
   iam_instance_profile   = data.aws_iam_instance_profile.ssm.name
   vpc_security_group_ids = [aws_security_group.public_access.id]