From 40b687a3f370b454d7a80324d6df900f8cdde86f Mon Sep 17 00:00:00 2001
From: Marty Oehme <contact@martyoeh.me>
Date: Thu, 20 Nov 2025 21:27:06 +0100
Subject: [PATCH] feat: Create skeleton for terraform provisioning role

The terraform module does not expect its file contents (project_path) in
the 'files/' folder like the core roles, instead looking for it relative
to the _invocation_ pwd.
So, for now it just resides in the root level of the repository and may
be moved from there to wherever it is more pertinent.

Additionally, we check for the existence of the OpenTofu binary (tofu),
and prefer that if it exists. Otherwise we fall back to the Terraform
binary.
---
 roles/infrastructure/tasks/main.yaml | 26 ++++++++++++++++++++++++++
 site.yaml                            |  8 +++++++-
 tofu/main.tf                         |  5 +++++
 3 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 roles/infrastructure/tasks/main.yaml
 create mode 100644 tofu/main.tf

diff --git a/roles/infrastructure/tasks/main.yaml b/roles/infrastructure/tasks/main.yaml
new file mode 100644
index 0000000..1169ce3
--- /dev/null
+++ b/roles/infrastructure/tasks/main.yaml
@@ -0,0 +1,26 @@
+---
+# role currently only works with opentofu
+# Either manually extend to both or just leave out test?
+- name: Check if tofu is installed
+  vars:
+    terraform_bin: tofu
+  ansible.builtin.command:
+    argv:
+      - which
+      - "{{ terraform_bin|quote }}"
+  check_mode: false # run even in check mode
+  tags: debug
+  register: tofu_installed
+  failed_when: false
+  changed_when: false
+
+- name: Run terraform
+  community.general.terraform:
+    binary_path: "{{ (tofu_installed.rc in [ 0 ]) | ternary('tofu', 'terraform') }}"
+    project_path: "tofu/"
+    state: present
+  register: output
+
+- name: Debug output
+  debug:
+    var: output
diff --git a/site.yaml b/site.yaml
index 0f89754..b77d574 100644
--- a/site.yaml
+++ b/site.yaml
@@ -5,7 +5,6 @@
   gather_facts: False
   become: true
   tags:
-    - system
     - bootstrap
   tasks:
     - name: check for python
@@ -50,6 +49,13 @@
     #     name: incus-install
     #   tags: incus
 
+- name: Raise infrastructure
+  hosts: localhost
+  tags: infrastructure
+  tasks:
+    - ansible.builtin.import_role:
+        name: infrastructure
+
   # ansible-galaxy install geerlingguy.docker
 - name: Install docker
   hosts: instance_system
diff --git a/tofu/main.tf b/tofu/main.tf
new file mode 100644
index 0000000..ed46066
--- /dev/null
+++ b/tofu/main.tf
@@ -0,0 +1,5 @@
+
+output "my_debug_output" {
+    description = "just debuggin"
+    value = 42
+}