Add non-lab and a workflow

.forgejo/workflows/non-lab.yml

@@ -0,0 +1,13 @@
+on:
+  - push
+
+jobs:
+  init:
+    runs-on: docker
+    container:
+      image: alpine:latest
+    steps:
+      - curl --proto '=https' --tlsv1.2 -fsSL https://get.opentofu.org/install-opentofu.sh -o install-opentofu.sh
+      - chmod +x ./install-opentofu.sh
+      - ./install-opentofu.sh --install-method apk
+    ZZ  - rm -f ./install-opentofu.sh

non-lab/.terraform.lock.hcl

@@ -0,0 +1,32 @@
+# This file is maintained automatically by "tofu init".
+# Manual edits may be lost in future updates.
+
+provider "registry.opentofu.org/backblaze/b2" {
+  version     = "0.8.12"
+  constraints = "0.8.12"
+  hashes = [
+    "h1:+zf4b76chIrJbVcbzoenR8X+uFFnGhUjPUACpnBIYcs=",
+    "zh:bc9d25d21adeafba8edde8d6ffb6150cd5c86c207412c8941347966be3363de5",
+    "zh:c538eaea1b15379635b9d8a2cb862248813022bb0de5481741f18fcc77a10a1b",
+    "zh:cc2767797ad27b9a3b4ad97b6a2f3eeea9f50a6000bbcfa9b44189945dae30b3",
+    "zh:d83b5f0e632ea56570a0737c1896f049367201cc67f5de83baa24272ccdd56a4",
+  ]
+}
+
+provider "registry.opentofu.org/hashicorp/kubernetes" {
+  version     = "2.31.0"
+  constraints = "2.31.0"
+  hashes = [
+    "h1:MfkGdRph9sDol+ukIgIigdXuLLpC2JPUHH5oF2zEfTM=",
+    "zh:0dd25babf78a88a61dd329b8c18538a295ea63630f1b69575e7898c89307da39",
+    "zh:3138753e4b2ce6e9ffa5d65d73e9236169ff077c10089c7dc71031a0a139ff6d",
+    "zh:644f94692dc33de0bb1183c307ae373efbf4ef4cb92654ccc646a5716edf9593",
+    "zh:6cc630e43193220b1599e3227286cc4e3ca195910e8c56b6bacb50c5b5176dbf",
+    "zh:764173875e77aa482da4dca9fec5f77c455d028848edfc394aa7dac5dfed6afd",
+    "zh:7b1d380362d50ffbb3697483036ae351b0571e93b33754255cde6968e62b839f",
+    "zh:a1d93ca3d8d1ecdd3b69242d16ff21c91b34e2e98f02a3b2d02c908aeb45189b",
+    "zh:b471d0ab56dbf19c95fba68d2ef127bdb353be96a2be4c4a3dcd4d0db4b4180a",
+    "zh:d610f725ded4acd3d31a240472bb283aa5e657ed020395bdefea18d094b8c2bf",
+    "zh:d7f3ddd636ad5af6049922f212feb24830b7158410819c32073bf81c359cd2fa",
+  ]
+}

non-lab/Makefile

@@ -0,0 +1,8 @@
+init:
+	@tofu init
+
+plan:
+	@tofu plan -out tfplan
+
+apply:plan
+	@tofu apply tfplan

non-lab/backup.tf

@@ -0,0 +1,44 @@
+resource "b2_bucket" "cowley-tech-home-backup" {
+  bucket_name = "cowley-tech-home-backup"
+  bucket_type = "allPrivate"
+}
+
+resource "b2_application_key" "user" {
+  for_each = toset(["timothy", "nicolas"])
+
+  key_name = "cowley-tech-${each.key}-backup"
+  bucket_id = b2_bucket.cowley-tech-home-backup.id
+  capabilities       = [
+        "deleteFiles",
+        "listBuckets",
+        "listFiles",
+        "readBuckets",
+        "readFiles",
+        "writeFiles",
+    ]
+}
+
+resource "b2_application_key" "admin" {
+
+  key_name = "cowley-tech-admin-backup"
+  bucket_id = b2_bucket.cowley-tech-home-backup.id
+  capabilities       = [
+        "deleteFiles",
+        "listBuckets",
+        "listFiles",
+        "readBuckets",
+        "readFiles",
+        "writeFiles",
+    ]
+}
+#
+#resource "kubernetes_secret" "b2-loki" {
+#  metadata {
+#    name = "b2-loki-credentials"
+#    namespace = "logging"
+#  }
+#  data = {
+#    B2_APPLICATION_KEY_ID = b2_application_key.loki.application_key_id
+#    B2_APPLICATION_KEY = b2_application_key.loki.application_key
+#  }
+#}

non-lab/provider.tf

@@ -0,0 +1,23 @@
+terraform {
+  backend "kubernetes" {
+    secret_suffix = "terraform-state-nonlab"
+    namespace     = "default"
+  }
+  required_version = ">= 1.0"
+  required_providers {
+    b2 = {
+      source  = "Backblaze/b2"
+      version = "0.8.12"
+    }
+    kubernetes = {
+      source = "hashicorp/kubernetes"
+      version = "2.31.0"
+    }
+  }
+}
+
+provider "b2" {
+}
+
+provider "kubernetes" {
+}