|forest 114f2dfff0 HollywoodOS is working!!||4 weeks ago|
|ansible-wrapper||1 month ago|
|automation||4 weeks ago|
|configuration||1 month ago|
|host-key-poller||1 month ago|
|objectStorage||4 weeks ago|
|.gitignore||1 month ago|
|ReadMe.md||3 months ago|
|lock.go||3 months ago|
|main.go||1 month ago|
|notes.txt||1 month ago|
|terraformStateHandler.go||1 month ago|
|test.html||4 weeks ago|
server.garden Privileged Automation Agent
Ideally we could use TLS on the connection between terraform and rootsystem.
Currently this backend only has two options, either use a public x.509 trust based TLS cert, or skip cert verification. We want to use TLS for improved security, but we also want to do it all on the private network without having a domain name or asking for permission.
So we will have to modify terraform to add a new "Trusted CAs" option here: https://github.com/hashicorp/terraform/blob/master/backend/remote-state/http/backend.go
That way we can make our own CA, our own certificate, and then tell terraform to trust that CA. Then terraform can connect to our HTTP server securely for remote state storage.