From ba4085df1a66e29b4655602a35ae9c5e7bfeb784 Mon Sep 17 00:00:00 2001
From: Tom Alexander <tom@fizz.buzz>
Date: Tue, 14 Jan 2025 23:17:26 -0500
Subject: [PATCH] Add terraform.

---
 nix/configuration/configuration.nix           |  1 +
 nix/configuration/roles/terraform/default.nix | 38 +++++++++++++++++++
 2 files changed, 39 insertions(+)
 create mode 100644 nix/configuration/roles/terraform/default.nix

diff --git a/nix/configuration/configuration.nix b/nix/configuration/configuration.nix
index a2d6aec..58d3b51 100644
--- a/nix/configuration/configuration.nix
+++ b/nix/configuration/configuration.nix
@@ -51,6 +51,7 @@
     ./roles/launch_keyboard
     ./roles/lvfs
     ./roles/nvme
+    ./roles/terraform
   ];
 
   nix.settings.experimental-features = [
diff --git a/nix/configuration/roles/terraform/default.nix b/nix/configuration/roles/terraform/default.nix
new file mode 100644
index 0000000..0204d3d
--- /dev/null
+++ b/nix/configuration/roles/terraform/default.nix
@@ -0,0 +1,38 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  alias_tf = pkgs.writeShellScriptBin "tf" ''
+    exec ${pkgs.terraform}/bin/terraform "''${@}"
+  '';
+in
+{
+  imports = [ ];
+
+  environment.systemPackages = with pkgs; [
+    terraform
+    alias_tf
+  ];
+
+  allowedUnfree = [
+    "terraform"
+  ];
+
+  environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) {
+    hideMounts = true;
+    users.talexander = {
+      directories = [
+        {
+          directory = ".terraform.d";
+          user = "talexander";
+          group = "talexander";
+          mode = "0755";
+        }
+      ];
+    };
+  };
+}