feat: first version

modules/buckets/locals.tf

@@ -0,0 +1,3 @@
+locals {
+  aliases = concat([var.name], var.global_aliases)
+}

modules/buckets/main.tf

@@ -0,0 +1,22 @@
+resource "garage_bucket" "bucket" {
+  website_access_enabled        = var.website_access_enabled
+  website_config_index_document = var.website_access_enabled == true ? "index.html" : null
+}
+
+resource "garage_bucket_global_alias" "bucket_alias" {
+  bucket_id = garage_bucket.bucket.id
+
+  for_each = toset(local.aliases)
+
+  alias = each.key
+}
+
+resource "garage_bucket_key" "authorized_keys" {
+  bucket_id = garage_bucket.bucket.id
+
+  for_each      = var.allowed_keys
+  access_key_id = var.global_keys[each.key].access_key_id
+  read          = each.value.read
+  write         = each.value.write
+  owner         = each.value.owner
+}

modules/buckets/providers.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    garage = {
+      source  = "ceski23/garage2"
+      version = "0.1.1"
+    }
+  }
+}

modules/buckets/variables.tf

@@ -0,0 +1,32 @@
+variable "name" {
+  description = "Global alias of the bucket"
+  type        = string
+}
+
+variable "website_access_enabled" {
+  description = "Is direct HTTP access enabled?"
+  type        = bool
+  default     = false
+}
+
+variable "global_aliases" {
+  description = "Optional list of aliases for the bucket"
+  type        = list(string)
+  default     = []
+}
+
+variable "global_keys" {
+  description = "List of all keys of the Garage instance"
+  type = map(object({
+    access_key_id = string
+  }))
+}
+
+variable "allowed_keys" {
+  description = "Keys authorized for that specific bucket, with their authorization"
+  type = map(object({
+    read  = optional(bool, false)
+    write = optional(bool, false)
+    owner = optional(bool, false)
+  }))
+}