--- name: OpenTofu deployments on: # yamllint disable-line rule:truthy push: branches: - 'main' jobs: authentik: runs-on: ubuntu-22.04 steps: - uses: https://code.forgejo.org/actions/checkout@v6 - uses: opentofu/setup-opentofu@v2 with: tofu_version: 1.8.1 - name: Deploy env: AUTHENTIK_URL: ${{ secrets.AUTHENTIK_URL }} AUTHENTIK_TOKEN: ${{ secrets.AUTHENTIK_TOKEN }} TF_VAR_firezone_client_id: ${{ secrets.TF_VAR_firezone_client_id }} TF_VAR_firezone_client_secret: ${{ secrets.TF_VAR_firezone_client_secret }} TF_VAR_gitea_client_id: ${{ secrets.TF_VAR_gitea_client_id }} TF_VAR_gitea_client_secret: ${{ secrets.TF_VAR_gitea_client_secret }} TF_VAR_miniflux_client_id: ${{ secrets.TF_VAR_miniflux_client_id }} TF_VAR_miniflux_client_secret: ${{ secrets.TF_VAR_miniflux_client_secret }} TF_VAR_portainer_client_id: ${{ secrets.TF_VAR_portainer_client_id }} TF_VAR_portainer_client_secret: ${{ secrets.TF_VAR_portainer_client_secret }} TF_VAR_paperless_client_id: ${{ secrets.TF_VAR_paperless_client_id }} TF_VAR_paperless_client_secret: ${{ secrets.TF_VAR_paperless_secret }} TF_VAR_netbird_client_id: ${{ secrets.TF_VAR_netbird_client_id }} TF_VAR_netbird_client_secret: ${{ secrets.TF_VAR_netbird_client_secret }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} run: | cd tofu/authentik tofu init tofu apply -auto-approve adguard: runs-on: ubuntu-22.04 steps: - uses: https://code.forgejo.org/actions/checkout@v6 - uses: opentofu/setup-opentofu@v2 with: tofu_version: 1.7.0 - name: Deploy env: ADGUARD_PASSWORD: ${{ secrets.ADGUARD_PASSWORD }} AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} run: | cd tofu/adguard tofu init tofu apply -auto-approve