<![CDATA[TheOpsDev Engineering Blog]]>https://blog.theops.devhttps://cdn.hashnode.com/res/hashnode/image/upload/v1736210267172/13aad556-0ce5-446e-ad22-d0093373e1a8.pngTheOpsDev Engineering Bloghttps://blog.theops.devRSS for NodeWed, 08 Apr 2026 12:59:56 GMT60<![CDATA[How to Use DigitalOcean's Spaces as a Remote State Backend for IaC]]>https://blog.theops.dev/how-to-use-digitaloceans-spaces-as-a-remote-state-backend-for-iachttps://blog.theops.dev/how-to-use-digitaloceans-spaces-as-a-remote-state-backend-for-iacSat, 25 Jan 2025 07:56:32 GMTI recently started building a remote homelab within Digital Ocean’s cloud space and I wanted to see if I could leverage their Spaces Object Storage as a compatible remote backend for OpenTofu. At this point I have been using OpenTofu’s “local” backend setup to manage my state file but this isn’t a sustainable method nor actually used in professional setting. So lets migrate our local state over to a remote object storage.

Prerequisites:

  1. Using =>1.6 OpenTofu version

  2. Create your Digital Ocean account and project

  3. Create a Spaces storage bucket (click here for instructions)

  4. Create a Spaces access key (click here for instructions)

Approach

Spaces Object Storage is an S3 compatible object storage service. With this in mind we are going to reuse OpenTofu’s S3 backend support and extend it to a Spaces storage bucket. If you have have completed the required prerequisites, we can proceed forward.

Instructions

Set up required Environment Variables

Using environment variables is the recommended way to provide your Spaces access key. Other methods, such as tofu init -backend-config or hardcoding values, may expose secrets in your .terraform folder and plan files.

OpenTofu’s S3 backend leverages AWS_ prefixed environment variables for configuration. We will use these same variables but supply our Spaces access key values in place of AWS values.

export AWS_ACCESS_KEY_ID="<your_access_key>"
export AWS_SECRET_ACCESS_KEY="<your_secret_key>"

Replace the <your_access_key> and <your_secret_key> placeholders with your actual values.

Setup S3 Backend Configuration

Here is an example of my remote backend configuration. It uses OpenTofu’s S3 backend with DigitalOcean Spaces bucket values.

terraform {
  required_version = "~> 1.9.0"

  backend "s3" {
    endpoints = {
      s3 = "<spaces_bucket_region>.digitaloceanspaces.com"
    }

    bucket = "<spaces_bucket_name>"
    key    = "<path/and/state/file/name>"

    # Deactivate a few AWS-specific checks
    skip_credentials_validation = true
    skip_requesting_account_id  = true
    skip_metadata_api_check     = true
    skip_region_validation      = true
    skip_s3_checksum            = true
    region                      = "us-east-1"
  }
}

Values required:

  1. S3 : Replace <spaces_bucket_region> with the region of the bucket you created.

  2. bucket : Replace <spaces_bucket_name> with the name of your bucket.

  3. key : Update <path/and/state/file/name> with path and file name you would like to store your OpenTofu state under. If the path does not exist OpenTofu will create it when your initialize your IaC space.

Migrate or Initialize your State

At this point you should be ready to start using your newly setup remote state in DigitalOcean

Migrate local state to remote

tofu init -migrate-state

Initialize empty OpenTofu space

tofu init

Reference

]]><![CDATA[OpenTofu vs. Terraform]]>https://blog.theops.dev/opentofu-vs-terraformhttps://blog.theops.dev/opentofu-vs-terraformThu, 16 Jan 2025 05:36:49 GMTIntroduction

In this article, we will be reviewing the key differences between OpenTofu and Terraform, two popular infrastructure-as-code (IaC) tools used for provisioning and managing cloud resources. While both tools share a similar foundation, OpenTofu emerged as a response to HashiCorp’s 2023 licensing changes to Terraform, offering a fully open-source alternative.

Why was OpenTofu Created?

In August 2023, HashiCorp announced that it would change the license of Terraform from the Mozilla Public License (MPL 2.0) to a Business Source License (BSL). The BSL change sparked a backlash from the open-source community and Terraform users.

In response to these concerns, a group of developers, including former contributors to Terraform, decided to fork Terraform and create an open-source version with a completely permissive license. This fork became OpenTofu. More information can be found under OpenTofu’s Manifesto.

What are the differences?

Compatibility

As of version 1.6, OpenTofu maintains compatibility with Terraform 1.6, allowing for a straightforward migration process. OpenTofu is committed to continuing to support Terraform 1.x releases. More information can be found here.

Development & Community

  • Terraform: Development is primarily driven by HashiCorp, with feature implementation and roadmap decisions made internally. https://github.com/hashicorp/terraform

  • OpenTofu: Emphasizes community involvement, allowing contributors to influence feature development and prioritization. This collaborative approach aims to address user needs more responsively. https://github.com/opentofu/opentofu

Comparison

This table was pulled from Spacelift.io

FeatureOpenTofuTerraform
LanguageHCLHCL
State Management✅ Yes✅ Yes
State Encryption✅ Yes❌ No
Early Variable Evaluation✅ Yes❌ No
Provider Functions✅ Yes✅ Yes
Community Driven✅ Yes, there is an issue ranking system you can influence.❌ No

Examples

Init

Plan

Apply

Reference

]]>