From f202e105cf8c168448572a517140b2704789b069 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1s=20Limpinho?=
 <53994778+TomasLimpinho@users.noreply.github.com>
Date: Mon, 18 Aug 2025 19:44:52 +0100
Subject: [PATCH] teste-0

---
 .gitea/workflows/ci-test.yaml      | 11 ++++++++++-
 consul.tf                          |  0
 documentation/start.txt            | 13 +++++++++++++
 main.tf                            | 20 ++++++++++++++++++++
 secrets/consul.secrets.tfvars      |  2 ++
 secrets/vaultwarden.secrets.tfvars |  4 ++++
 variables/consul.variables.tf      |  5 +++++
 variables/vaultwarden.variables.tf | 23 +++++++++++++++++++++++
 vaultwarden.tf                     | 12 ++++++++++++
 9 files changed, 89 insertions(+), 1 deletion(-)
 create mode 100644 consul.tf
 create mode 100644 documentation/start.txt
 create mode 100644 main.tf
 create mode 100644 secrets/consul.secrets.tfvars
 create mode 100644 secrets/vaultwarden.secrets.tfvars
 create mode 100644 variables/consul.variables.tf
 create mode 100644 variables/vaultwarden.variables.tf
 create mode 100644 vaultwarden.tf

diff --git a/.gitea/workflows/ci-test.yaml b/.gitea/workflows/ci-test.yaml
index e1af312..7fce976 100644
--- a/.gitea/workflows/ci-test.yaml
+++ b/.gitea/workflows/ci-test.yaml
@@ -15,4 +15,13 @@ jobs:
           apt-get update -y
 
       - name: Cloning iac repository
-        uses: actions/checkout@v4
\ No newline at end of file
+        uses: actions/checkout@v4
+
+      - name: Init OpenTofu
+        run: tofu init
+
+      - name: Plan
+        run: tofu plan -out=tfplan
+
+      - name: Apply
+        run: tofu apply -auto-approve tfplan
\ No newline at end of file
diff --git a/consul.tf b/consul.tf
new file mode 100644
index 0000000..e69de29
diff --git a/documentation/start.txt b/documentation/start.txt
new file mode 100644
index 0000000..09bf222
--- /dev/null
+++ b/documentation/start.txt
@@ -0,0 +1,13 @@
+https://spacelift.io/blog/opentofu-tutorial - explaining language of opentofu
+
+https://opentofu.org/docs/intro/ - quick start and explaning who to work in team
+
+https://opentofu.org/docs/intro/ - CICD for opentofu explained
+
+
+tofu init
+tofu plan --var-file=opentofu-varfile.json
+yes
+
+tofu apply --var-file=opentofu-varfile.json
+yes
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..238d0b0
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,20 @@
+terraform {
+  required_providers {
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.6"
+    }
+    vaultwarden = {
+      source = "ottramst/vaultwarden"
+      version = "0.4.4"
+    }
+  }
+  backend "consul" {
+    address = "consul-server.iac-consul.svc.cluster.local:8500"  # Consul service DNS inside cluster
+    path    = "opentofu/iac-fenix"                        # unique path per project
+    scheme  = "http"                                      # or "https" if you add TLS
+    lock    = true                                        # enable state locking
+  }
+}
+
+provider "random" {}
diff --git a/secrets/consul.secrets.tfvars b/secrets/consul.secrets.tfvars
new file mode 100644
index 0000000..0c7dfb2
--- /dev/null
+++ b/secrets/consul.secrets.tfvars
@@ -0,0 +1,2 @@
+consul_server   = "consul-server.iac-consul.svc.cluster.local:8500"
+# token is read automatically from CONSUL_HTTP_TOKEN
diff --git a/secrets/vaultwarden.secrets.tfvars b/secrets/vaultwarden.secrets.tfvars
new file mode 100644
index 0000000..9093936
--- /dev/null
+++ b/secrets/vaultwarden.secrets.tfvars
@@ -0,0 +1,4 @@
+vaultwarden_server   = "https://vaultwarden.example.com"
+vaultwarden_email    = "admin@example.com"
+vaultwarden_master_password = "SuperSecretMasterPassword"
+vaultwarden_admin_token = "tokenadmin"
diff --git a/variables/consul.variables.tf b/variables/consul.variables.tf
new file mode 100644
index 0000000..6a2d8ee
--- /dev/null
+++ b/variables/consul.variables.tf
@@ -0,0 +1,5 @@
+variable "consul_server" {
+  description = "consul server URL"
+  type        = string
+  sensitive   = false
+}
diff --git a/variables/vaultwarden.variables.tf b/variables/vaultwarden.variables.tf
new file mode 100644
index 0000000..4a93d14
--- /dev/null
+++ b/variables/vaultwarden.variables.tf
@@ -0,0 +1,23 @@
+variable "vaultwarden_server" {
+  description = "Vaultwarden server URL"
+  type        = string
+  sensitive   = false
+}
+
+variable "vaultwarden_email" {
+  description = "Vaultwarden login email"
+  type        = string
+  sensitive   = true
+}
+
+variable "vaultwarden_master_password" {
+  description = "Vaultwarden master password"
+  type        = string
+  sensitive   = true
+}
+
+variable "vaultwarden_admin_token" {
+  description = "Vaultwarden admin token"
+  type        = string
+  sensitive   = true
+}
\ No newline at end of file
diff --git a/vaultwarden.tf b/vaultwarden.tf
new file mode 100644
index 0000000..70f55db
--- /dev/null
+++ b/vaultwarden.tf
@@ -0,0 +1,12 @@
+provider "vaultwarden" {
+  endpoint        = var.vaultwarden_server
+  email           = var.vaultwarden_email
+  master_password = var.vaultwarden_master_password
+  admin_token     = var.vaultwarden_admin_token
+}
+
+resource "vaultwarden_account_register" "vaultwarden-acount-fenix" {
+  name     = "fenix"
+  email    = var.vaultwarden_email
+  password = var.vaultwarden_master_password
+}
\ No newline at end of file