a593af9b27
Sanitized for public release: - Removed all API keys, tokens, and secrets - Removed personal Discord IDs from hermes-openclaw.json - Updated git URLs to be generic placeholders - All sensitive data uses environment variable interpolation
319 lines
No EOL
8.9 KiB
HCL
319 lines
No EOL
8.9 KiB
HCL
# OpenBoatmobile Configuration Variables
|
|
# Environment-based secrets: Set TF_VAR_<name> in your shell or .env file
|
|
|
|
# =============================================================================
|
|
# PROVIDER SELECTION
|
|
# =============================================================================
|
|
|
|
variable "cloud_provider" {
|
|
description = "Cloud provider to use: 'digitalocean' or 'hetzner'"
|
|
type = string
|
|
default = "hetzner"
|
|
|
|
validation {
|
|
condition = contains(["digitalocean", "hetzner"], var.cloud_provider)
|
|
error_message = "Provider must be 'digitalocean' or 'hetzner'."
|
|
}
|
|
}
|
|
|
|
# =============================================================================
|
|
# AGENT FRAMEWORK SELECTION
|
|
# =============================================================================
|
|
|
|
variable "agent_framework" {
|
|
description = "Agent framework to deploy: 'openclaw' or 'hermes'"
|
|
type = string
|
|
default = "hermes"
|
|
|
|
validation {
|
|
condition = contains(["openclaw", "hermes"], var.agent_framework)
|
|
error_message = "Framework must be 'openclaw' or 'hermes'."
|
|
}
|
|
}
|
|
|
|
# =============================================================================
|
|
# PROVIDER TOKENS (Set via environment: TF_VAR_do_token or TF_VAR_hcloud_token)
|
|
# =============================================================================
|
|
|
|
variable "do_token" {
|
|
description = "DigitalOcean API token (set via TF_VAR_do_token)"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "hcloud_token" {
|
|
description = "Hetzner Cloud API token (set via TF_VAR_hcloud)"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
# =============================================================================
|
|
# SERVER CONFIGURATION (Provider-agnostic)
|
|
# =============================================================================
|
|
|
|
variable "server_name" {
|
|
description = "Hostname for the server"
|
|
type = string
|
|
default = "agent-gateway"
|
|
}
|
|
|
|
variable "server_type_hetzner" {
|
|
description = "Hetzner server type (e.g., cx23 for 2vCPU/4GB, cpx21 for 3vCPU/4GB)"
|
|
type = string
|
|
default = "cpx21" # 3 vCPU, 4 GB RAM, 80 GB disk - works in US regions
|
|
}
|
|
|
|
variable "server_image" {
|
|
description = "Hetzner server image (e.g., ubuntu-24.04, ubuntu-22.04)"
|
|
type = string
|
|
default = "ubuntu-24.04"
|
|
}
|
|
|
|
variable "create_network" {
|
|
description = "Create a private network for multi-server deployments"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "network_ip_range" {
|
|
description = "IP range for private network"
|
|
type = string
|
|
default = "10.10.0.0/16"
|
|
}
|
|
|
|
variable "network_zone" {
|
|
description = "Hetzner network zone"
|
|
type = string
|
|
default = "eu-central"
|
|
}
|
|
|
|
variable "droplet_size_digitalocean" {
|
|
description = "DigitalOcean droplet size (e.g., s-2vcpu-4gb)"
|
|
type = string
|
|
default = "s-2vcpu-4gb"
|
|
}
|
|
|
|
variable "region_digitalocean" {
|
|
description = "DigitalOcean region (e.g., nyc3, sfo2, ams3)"
|
|
type = string
|
|
default = "nyc3"
|
|
}
|
|
|
|
variable "location_hetzner" {
|
|
description = "Hetzner location (nbg1, fsn1, hel1, ash)"
|
|
type = string
|
|
default = "ash" # Ashburn, VA - US East Coast
|
|
}
|
|
|
|
# =============================================================================
|
|
# SSH CONFIGURATION
|
|
# =============================================================================
|
|
|
|
variable "ssh_key_names" {
|
|
description = "Names of SSH keys added to the cloud provider (Hetzner: key name in console)"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "ssh_key_fingerprints" {
|
|
description = "DigitalOcean SSH key fingerprints"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "ssh_port" {
|
|
description = "SSH port (non-standard can be more secure)"
|
|
type = number
|
|
default = 22
|
|
}
|
|
|
|
variable "ssh_allowed_ips" {
|
|
description = "IPs allowed to connect via SSH"
|
|
type = list(string)
|
|
default = ["0.0.0.0/0", "::/0"]
|
|
}
|
|
|
|
variable "admin_user" {
|
|
description = "Admin username (not root). Defaults to framework name: 'hermes' for hermes deployments, 'openclaw' for openclaw deployments. Set to override."
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "admin_ssh_keys" {
|
|
description = "Additional public SSH keys for admin user"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
# =============================================================================
|
|
# AGENT CONFIGURATION
|
|
# =============================================================================
|
|
|
|
variable "agent_name" {
|
|
description = "Name for the agent"
|
|
type = string
|
|
default = "hermes"
|
|
}
|
|
|
|
variable "docker_enabled" {
|
|
description = "Whether to deploy Hermes in Docker container (true) or install directly on host (false)"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "agent_timezone" {
|
|
description = "Timezone for the agent"
|
|
type = string
|
|
default = "UTC"
|
|
}
|
|
|
|
# =============================================================================
|
|
# MODEL CONFIGURATION
|
|
# =============================================================================
|
|
|
|
variable "primary_model" {
|
|
description = "Primary model for inference (without venice/ prefix when using Venice API directly)"
|
|
type = string
|
|
default = "olafangensan-glm-4.7-flash-heretic"
|
|
}
|
|
|
|
variable "primary_model_name" {
|
|
description = "Human-readable name for the primary model"
|
|
type = string
|
|
default = "GLM 4.7 Flash Heretic"
|
|
}
|
|
|
|
variable "fallback_models" {
|
|
description = "List of fallback models in priority order (without venice/ prefix)"
|
|
type = list(string)
|
|
default = ["zai-org-glm-5"]
|
|
}
|
|
|
|
# =============================================================================
|
|
# API KEYS (Set via environment: TF_VAR_<name>)
|
|
# =============================================================================
|
|
|
|
variable "venice_api_key" {
|
|
description = "Venice AI API key for inference (used as OPENAI_API_KEY for custom endpoint)"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "venice_base_url" {
|
|
description = "Venice AI base URL (default: https://api.venice.ai/api/v1)"
|
|
type = string
|
|
default = "https://api.venice.ai/api/v1"
|
|
}
|
|
|
|
variable "brave_search_api_key" {
|
|
description = "Brave Search API key"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
# =============================================================================
|
|
# DISCORD CONFIGURATION
|
|
# =============================================================================
|
|
|
|
variable "discord_bot_token" {
|
|
description = "Discord bot token"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "discord_server_id" {
|
|
description = "Discord server/guild ID"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "discord_user_id" {
|
|
description = "Discord user IDs for allowlist"
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "discord_home_channel" {
|
|
description = "Discord channel ID for home channel (cron delivery, notifications)"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "discord_allowed_users" {
|
|
description = "Comma-separated Discord user IDs allowed (DISCORD_ALLOWED_USERS)"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "discord_auto_thread" {
|
|
description = "Auto-create threads on @mention (DISCORD_AUTO_THREAD)"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "gateway_allow_all_users" {
|
|
description = "Allow all users without allowlist (GATEWAY_ALLOW_ALL_USERS)"
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
# =============================================================================
|
|
# GATEWAY CONFIGURATION
|
|
# =============================================================================
|
|
|
|
variable "gateway_token" {
|
|
description = "Gateway authentication token"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "gateway_allowed_users" {
|
|
description = "Comma-separated list of allowed user IDs"
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
# =============================================================================
|
|
# PROJECT METADATA
|
|
# =============================================================================
|
|
|
|
variable "project_name" {
|
|
description = "Project name for tagging"
|
|
type = string
|
|
default = "OpenBoatmobile"
|
|
}
|
|
|
|
variable "environment" {
|
|
description = "Environment name (e.g., production, staging, development)"
|
|
type = string
|
|
default = "production"
|
|
}
|
|
|
|
# =============================================================================
|
|
# TAILSCALE (OPTIONAL)
|
|
# =============================================================================
|
|
|
|
variable "enable_tailscale" {
|
|
description = "Install Tailscale for secure remote access"
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "tailscale_auth_key" {
|
|
description = "Tailscale auth key"
|
|
type = string
|
|
sensitive = true
|
|
default = ""
|
|
}
|
|
|
|
variable "tailscale_tailnet_domain" {
|
|
description = "Tailscale tailnet domain (without .ts.net suffix)"
|
|
type = string
|
|
default = "tailnet"
|
|
} |