aaronrene / knowtation public
variables.tf
71 lines 2.6 KB
Raw
sha256:65ccb454656ea5acdea0a10e559b78bcde1eb6ff753ecc2911bc99d1c3d7cadd feat(calendar): enforce agent context tiers in retrieval AP… Human minor ⚠ breaking 1 day ago
1 variable "aws_region" {
2 description = "AWS region for the Paperclip orchestrator. us-west-2 (Oregon) for west-coast users, us-east-1 (Virginia) for east-coast."
3 type = string
4 default = "us-west-2"
5 }
6
7 variable "environment" {
8 description = "Environment tag (prod, staging). Single-environment plan currently."
9 type = string
10 default = "prod"
11
12 validation {
13 condition = contains(["prod", "staging"], var.environment)
14 error_message = "environment must be 'prod' or 'staging'."
15 }
16 }
17
18 variable "instance_type" {
19 description = "EC2 instance type. t3.medium is sufficient for Paperclip + 22 agents at 30 videos/week. Upgrade to t3.large if OOMs occur (one-line change, 90s downtime)."
20 type = string
21 default = "t3.xlarge"
22 }
23
24 variable "ebs_size_gb" {
25 description = "Root EBS volume size. 30 GB covers Paperclip + Postgres + ~6 months of agent logs + Node modules + buffer."
26 type = number
27 default = 30
28
29 validation {
30 condition = var.ebs_size_gb >= 20 && var.ebs_size_gb <= 200
31 error_message = "ebs_size_gb must be between 20 and 200."
32 }
33 }
34
35 variable "home_ip_cidr" {
36 description = "Your home/office public IP in CIDR notation (e.g. 73.214.182.55/32). SSH on port 22 is locked to this IP. Find with: curl ifconfig.me. Tailscale is the preferred access method; SSH port is fallback only."
37 type = string
38
39 validation {
40 condition = can(cidrnetmask(var.home_ip_cidr))
41 error_message = "home_ip_cidr must be a valid CIDR (e.g. 73.214.182.55/32)."
42 }
43 }
44
45 variable "ssh_public_key" {
46 description = "Your SSH public key content (cat ~/.ssh/id_ed25519.pub). Used as fallback access if Tailscale is unreachable."
47 type = string
48
49 validation {
50 condition = startswith(var.ssh_public_key, "ssh-")
51 error_message = "ssh_public_key must start with ssh-rsa, ssh-ed25519, etc."
52 }
53 }
54
55 variable "tailscale_auth_key" {
56 description = "Tailscale ephemeral auth key (https://login.tailscale.com/admin/settings/keys). Used by user-data to auto-join the Tailnet on first boot. Mark the key as Reusable=false, Ephemeral=false, Tags=tag:paperclip-prod."
57 type = string
58 sensitive = true
59 }
60
61 variable "knowtation_hub_url" {
62 description = "Hosted Knowtation Hub URL (https://hub.knowtation.dev or your custom domain). Pre-seeded into SSM at /knowtation/paperclip/KNOWTATION_HUB_URL. Override later via push-secrets.sh."
63 type = string
64 default = ""
65 }
66
67 variable "knowtation_vault_id" {
68 description = "Knowtation vault ID (e.g. 'default'). Pre-seeded into SSM. Override later via push-secrets.sh."
69 type = string
70 default = "default"
71 }
File History 2 commits
sha256:65ccb454656ea5acdea0a10e559b78bcde1eb6ff753ecc2911bc99d1c3d7cadd feat(calendar): enforce agent context tiers in retrieval AP… Human minor 1 day ago
sha256:9103f98c89257ed2b01c237cea895dabb3e85ea337dccb1161c175e4422355b6 docs: accept Calendar Events v0 spec with Phase 0 security … Human 1 day ago