tf-infra/buckets.tf

# Bucket for backups
resource "b2_bucket" "backups" {
  bucket_name = "lvdb-backups"
  bucket_type = "allPrivate"
}

# Application key for backups bucket
resource "b2_application_key" "restic" {
  bucket_id = b2_bucket.backups.id
  key_name  = "restic"
  capabilities = [
    "deleteFiles",
    "listAllBucketNames",
    "listBuckets",
    "listFiles",
    "readBucketEncryption",
    "readBucketReplications",
    "readBuckets",
    "readFiles",
    "shareFiles",
    "writeBucketEncryption",
    "writeBucketReplications",
    "writeFiles"
  ]
}

output "restic_application_key" {
  value     = b2_application_key.restic.application_key
  sensitive = true
}

output "restic_application_key_id" {
  value = b2_application_key.restic.application_key_id
}

# Bucket for storage of nix cache
resource "cloudflare_r2_bucket" "attic" {
  account_id    = var.account_id
  name          = "attic"
  location      = "weur"
  storage_class = "Standard"
}