Release CTFp

.gitignore

@@ -0,0 +1,46 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore transient lock info files created by terraform apply
+.terraform.tfstate.lock.info
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# Include example automated tfvars file
+!template.automated.tfvars
+
+# Exclude pycache
+__pycache__/
+**/__pycache__
+
+**/.env

backend/README.md

@@ -0,0 +1,26 @@
+# Backend Terraform Configuration Generator
+
+This script generates Terraform backend configuration files for different components of CTFp.
+
+## Usage
+
+To generate a backend configuration file, run the script with the required arguments:
+
+```bash
+python generate.py <component> <bucket> <region> <endpoint>
+```
+
+It will create a backend configuration file in the `generated` directory.
+
+This can be used when initializing Terraform for the respective component:
+
+```bash
+tofu init -backend-config=../backend/generated/<component>.hcl
+```
+
+### Arguments
+
+- `<component>`: The component for which to generate the backend configuration. Valid options are `cluster`, `ops`, `platform`, and `challenges`.
+- `<bucket>`: The S3 bucket name where the Terraform state will be stored.
+- `<region>`: The region of the S3 bucket.
+- `<endpoint>`: The endpoint URL for the S3-compatible storage.

backend/backend.hcl

@@ -0,0 +1,23 @@
+# BACKEND CONFIGURATION TEMPLATE FOR TERRAFORM
+# This file is a template for the backend configurations located in the `generated` directory.
+
+key = "%%KEY%%"
+
+bucket = "%%S3_BUCKET%%"
+region = "%%S3_REGION%%"
+endpoints = {
+  s3 = "%%S3_ENDPOINT%%"
+}
+
+workspace_key_prefix = "state/%%COMPONENT%%"
+
+# The following settings are to skip various
+# aws related checks and validation
+# which is not possible when using third party s3 compatible storage
+skip_region_validation      = true
+skip_credentials_validation = true
+skip_requesting_account_id  = true
+skip_metadata_api_check     = true
+
+skip_s3_checksum = false
+use_path_style   = false

backend/generate.py

@@ -0,0 +1,125 @@
+import os
+import sys
+import argparse
+
+class Args:
+    args = None
+    subcommand = False
+
+    def __init__(self, parent_parser = None):
+        if parent_parser:
+            self.subcommand = True
+            self.parser = parent_parser.add_parser("generate-backend", help="Generate Terraform backend configuration")
+        else:
+            self.parser = argparse.ArgumentParser(description="Backend generator for Terraform")
+
+        self.parser.add_argument("component", help="Component to generate backend for", choices=["cluster", "ops", "platform", "challenges"])
+        self.parser.add_argument("bucket", help="S3 bucket name for Terraform state storage")
+        self.parser.add_argument("region", help="Region for S3 bucket")
+        self.parser.add_argument("endpoint", help="Endpoint URL for S3-compatible storage")
+
+    def parse(self):
+        if self.subcommand:
+            self.args = self.parser.parse_args(sys.argv[2:])
+        else:
+            self.args = self.parser.parse_args()
+
+    def __getattr__(self, name):
+        return getattr(self.args, name)
+
+class Template:
+    component = None
+    bucket = None
+    region = None
+    endpoint = None
+
+    def __init__(self, component, bucket, region, endpoint):
+        self.component = component
+        self.bucket = bucket
+        self.region = region
+        self.endpoint = endpoint
+        pass
+
+    def replace(self, template_str, replacements):
+        for key, value in replacements.items():
+            template_str = template_str.replace(f"%%{key}%%", value)
+        return template_str
+
+    def get_template_path(self):
+        base_dir = os.path.dirname(os.path.abspath(__file__))
+        template_path = os.path.join(base_dir, "backend.hcl")
+        return template_path
+
+    def get_target_path(self):
+        base_dir = os.path.dirname(os.path.abspath(__file__))
+        target_dir = os.path.join(base_dir, "generated")
+        if not os.path.exists(target_dir):
+            os.makedirs(target_dir)
+        target_path = os.path.join(target_dir, f"{self.component}.hcl")
+        return target_path
+
+    def get_template(self):
+        template_path = self.get_template_path()
+        with open(template_path, "r") as f:
+            template_str = f.read()
+        return template_str
+
+    def template(self) -> str:
+        template  = self.get_template()
+        replacements = {
+            "COMPONENT": self.component,
+            "KEY": f"{self.component}.tfstate",
+            "S3_BUCKET": self.bucket,
+            "S3_REGION": self.region,
+            "S3_ENDPOINT": self.endpoint
+        }
+        output = self.replace(template, replacements)
+        return output
+
+    def run(self):
+        backend = self.template()
+        target_path = self.get_target_path()
+        with open(target_path, "w") as f:
+            f.write(backend)
+        print(f"Generated backend file at: {target_path}")
+
+
+class Generator:
+    args = None
+
+    def __init__(self, subparser = None):
+        if not subparser:
+            self.subparser = argparse.ArgumentParser(description="Backend generator for Terraform")
+            self.subparser.set_defaults(func=self.run)
+            return
+
+        self.subparser = subparser.add_parser("generate-backend", help="Generate Terraform backend configuration", description="Generate Terraform backend configuration for specified component")
+        self.subparser.set_defaults(func=self.run)
+
+    def register_subcommand(self):
+        self.subparser.add_argument("component", help="Component to generate backend for", choices=["cluster", "ops", "platform", "challenges"])
+        self.subparser.add_argument("bucket", help="S3 bucket name for Terraform state storage")
+        self.subparser.add_argument("region", help="Region for S3 bucket")
+        self.subparser.add_argument("endpoint", help="Endpoint URL for S3-compatible storage")
+
+    def run(self, args):
+        template = Template(
+            component=args.component,
+            bucket=args.bucket,
+            region=args.region,
+            endpoint=args.endpoint
+        )
+        template.run()
+
+if __name__ == "__main__":
+    args = Args()
+    if args.parser is None:
+        print("Failed to initialize argument parser")
+        exit(1)
+
+    generator = Generator()
+    generator.register_subcommand()
+
+    namespace = args.parser.parse_args()
+
+    generator.run(namespace)

backend/generated/.gitignore

@@ -0,0 +1,2 @@
+*
+!.gitignore

challenges/.env.example

@@ -0,0 +1,2 @@
+AWS_ACCESS_KEY_ID=<access_key_id>
+AWS_SECRET_ACCESS_KEY=<secret_access_key>

challenges/.gitignore

@@ -0,0 +1,37 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version 
+# control as they are data points which are potentially sensitive and subject 
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Ignore transient lock info files created by terraform apply
+.terraform.tfstate.lock.info
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc