9e7cadeded
We don't have an email server configured (yet), we can resurrect it once we do. Change-Id: I568075154c6169d031462f39b43ce5897a754f19 Reviewed-on: https://cl.snix.dev/c/snix/+/30109 Autosubmit: Florian Klink <flokli@flokli.de> Tested-by: besadii Reviewed-by: Ilan Joselevich <personal@ilanjoselevich.com>
121 lines
2.7 KiB
HCL
121 lines
2.7 KiB
HCL
# Hetzner cloud configuration for snix
|
|
|
|
terraform {
|
|
required_providers {
|
|
hcloud = {
|
|
source = "hetznercloud/hcloud"
|
|
}
|
|
}
|
|
|
|
backend "s3" {
|
|
endpoints = {
|
|
s3 = "https://s3.dualstack.eu-central-1.amazonaws.com"
|
|
}
|
|
|
|
bucket = "snix-tfstate"
|
|
key = "terraform/snix-hcloud"
|
|
region = "eu-central-1"
|
|
|
|
skip_credentials_validation = true
|
|
skip_metadata_api_check = true
|
|
skip_requesting_account_id = true
|
|
}
|
|
}
|
|
|
|
provider "hcloud" { }
|
|
|
|
resource "hcloud_ssh_key" "raito" {
|
|
name = "raito"
|
|
public_key = file("./raito.pub")
|
|
}
|
|
|
|
# TODO: pipe it from nix ssh keys
|
|
#
|
|
resource "hcloud_server" "meta01" {
|
|
name = "meta01.infra.snix.dev"
|
|
image = "debian-12"
|
|
# Observability stacks can eat quite the amount of RAM.
|
|
server_type = "cx32"
|
|
datacenter = "fsn1-dc14"
|
|
ssh_keys = [ hcloud_ssh_key.raito.id ]
|
|
public_net {
|
|
ipv4_enabled = true
|
|
ipv6_enabled = true
|
|
}
|
|
|
|
lifecycle {
|
|
ignore_changes = [ ssh_keys ]
|
|
}
|
|
}
|
|
|
|
resource "hcloud_rdns" "meta01-v6" {
|
|
server_id = hcloud_server.meta01.id
|
|
ip_address = hcloud_server.meta01.ipv6_address
|
|
dns_ptr = "meta01.infra.snix.dev"
|
|
}
|
|
|
|
resource "hcloud_rdns" "meta01-v4" {
|
|
server_id = hcloud_server.meta01.id
|
|
ip_address = hcloud_server.meta01.ipv4_address
|
|
dns_ptr = "meta01.infra.snix.dev"
|
|
}
|
|
|
|
resource "hcloud_floating_ip" "mail" {
|
|
type = "ipv4"
|
|
server_id = hcloud_server.public01.id
|
|
description = "IPv4 for mail hosting"
|
|
}
|
|
|
|
resource "hcloud_server" "public01" {
|
|
name = "public01.infra.snix.dev"
|
|
image = "debian-12"
|
|
server_type = "cx22"
|
|
datacenter = "fsn1-dc14"
|
|
ssh_keys = [ hcloud_ssh_key.raito.id ]
|
|
public_net {
|
|
ipv4_enabled = true
|
|
ipv6_enabled = true
|
|
}
|
|
lifecycle {
|
|
ignore_changes = [ ssh_keys ]
|
|
}
|
|
}
|
|
|
|
resource "hcloud_rdns" "public01-v4" {
|
|
server_id = hcloud_server.public01.id
|
|
ip_address = hcloud_server.public01.ipv4_address
|
|
dns_ptr = "public01.infra.snix.dev"
|
|
}
|
|
|
|
resource "hcloud_rdns" "public01-v6" {
|
|
server_id = hcloud_server.public01.id
|
|
ip_address = hcloud_server.public01.ipv6_address
|
|
dns_ptr = "public01.infra.snix.dev"
|
|
}
|
|
|
|
resource "hcloud_server" "gerrit01" {
|
|
name = "gerrit01.infra.snix.dev"
|
|
image = "debian-12"
|
|
server_type = "cpx31"
|
|
datacenter = "fsn1-dc14"
|
|
ssh_keys = [ hcloud_ssh_key.raito.id ]
|
|
public_net {
|
|
ipv4_enabled = true
|
|
ipv6_enabled = true
|
|
}
|
|
lifecycle {
|
|
ignore_changes = [ ssh_keys ]
|
|
}
|
|
}
|
|
|
|
resource "hcloud_rdns" "gerrit01-v6" {
|
|
server_id = hcloud_server.gerrit01.id
|
|
ip_address = hcloud_server.gerrit01.ipv6_address
|
|
dns_ptr = "gerrit01.infra.snix.dev"
|
|
}
|
|
|
|
resource "hcloud_rdns" "gerrit01-v4" {
|
|
server_id = hcloud_server.gerrit01.id
|
|
ip_address = hcloud_server.gerrit01.ipv4_address
|
|
dns_ptr = "gerrit01.infra.snix.dev"
|
|
}
|