server.garden privileged automation agent

forest 114f2dfff0 HollywoodOS is working!! 4 weeks ago
ansible-wrapper 2c62f13759 terraform apply creates instance and ansible runs successfully 1 month ago
automation 114f2dfff0 HollywoodOS is working!! 4 weeks ago
configuration a9c79d739f Got terraform apply triggered by code and apply status streamed to 1 month ago
host-key-poller a9c79d739f Got terraform apply triggered by code and apply status streamed to 1 month ago
objectStorage 92d00ae677 omit post_to_object_storage_shell_script from diagram 4 weeks ago
.gitignore a9c79d739f Got terraform apply triggered by code and apply status streamed to 1 month ago
ReadMe.md dd5f6e350b Merge branch 'master' of https://git.sequentialread.com/forest/rootsystem 3 months ago
lock.go 81e4aeaa96 start working on terraform actions 3 months ago
main.go a9c79d739f Got terraform apply triggered by code and apply status streamed to 1 month ago
notes.txt a9c79d739f Got terraform apply triggered by code and apply status streamed to 1 month ago
terraformStateHandler.go 17547cf0db fixing encryption padding bug and terraform state storage issues 1 month ago
test.html 114f2dfff0 HollywoodOS is working!! 4 weeks ago

ReadMe.md

rootsystem

server.garden Privileged Automation Agent

notes

Ideally we could use TLS on the connection between terraform and rootsystem.

Currently this backend only has two options, either use a public x.509 trust based TLS cert, or skip cert verification. We want to use TLS for improved security, but we also want to do it all on the private network without having a domain name or asking for permission.

So we will have to modify terraform to add a new "Trusted CAs" option here: https://github.com/hashicorp/terraform/blob/master/backend/remote-state/http/backend.go

That way we can make our own CA, our own certificate, and then tell terraform to trust that CA. Then terraform can connect to our HTTP server securely for remote state storage.

https://github.com/avelino/awesome-go#gui