hosts/plover: initialize Terraform configuration

2025-02-07 12:19:07 +00:00 · 2023-06-22 11:06:43 +08:00 · 2023-06-22 11:06:43 +08:00 · 55eb4d8c0c
commit 55eb4d8c0c
parent 241e2080f2
7 changed files with 134 additions and 1 deletions
--- a/.editorconfig
+++ b/.editorconfig
@ -4,6 +4,6 @@ root = true
 end_of_line = lf
 insert_final_newline = true
-[*.{nix,yaml,json}]
+[*.{nix,yaml,json,tf}]
 indent_style = space
 indent_size = 2
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,40 @@
 .direnv
 result*
 *.qcow2
 ### Terraform ###
 # Local .terraform directories
 **/.terraform/*
 # .tfstate files
 *.tfstate
 *.tfstate.*
 # Crash log files
 crash.log
 crash.*.log
 # Exclude all .tfvars files, which are likely to contain sensitive data, such as
 # password, private keys, and other secrets. These should not be part of version
 # control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 *.tfvars
 *.tfvars.json
 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json
 # Include override files you do wish to add to version control using negated pattern
 # !example_override.tf
 # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
 # example: *tfplan*
 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
--- a/hosts/plover/.terraform.lock.hcl
+++ b/hosts/plover/.terraform.lock.hcl
@ -0,0 +1,24 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 provider "registry.terraform.io/hetznercloud/hcloud" {
  version     = "1.40.0"
  constraints = "1.40.0"
  hashes = [
    "h1:73wGxI4xen4QdT5D1HBhcn1Ll1itFu1b6r4ggflG2OM=",
    "zh:0451768ebac9c01b2cc9b3fa63014baa6d1d92e4b5cda9f98a15c320eabc62bd",
    "zh:399a3c8fd13e69d8ac836ff5cb3e49eaa13f8d588390862d3c84e5221b85a5ec",
    "zh:3f1e2310eaf0945e8df20e841437119b4f1a4fbcbf5c8ef9f66d086a6206df2e",
    "zh:5088bd924089c49717fd90fd4893df6caccf978b53bdad79762383c519987290",
    "zh:50c178c74bc5aaba5f5d5a0fd51257136b6f2cc0b44bc02b0603f656daad8ee7",
    "zh:6a25d234eef37ca727bf20aebeb6a2d3cabbc6338b5e53e98aed222def4b1c86",
    "zh:7489d6b14b49916d7181e444880ad1f3914606beda0b7c21485e969ba43f84eb",
    "zh:8ded3bfeb885a61a6895e400d1476d15500f2a1a67da440ddd4b1ee2fad0407d",
    "zh:b34e3430d48c48edbd49064e500e84765ce03d97c01d855db71c738e1928b97d",
    "zh:c36241fc84663e90fd693a74773a22a459c55edae71141f13aba58a267cb09ab",
    "zh:c5add5e07edf1876486f4ecfa103f3e500040b4801b8cdf68a91224d3bc6c636",
    "zh:ebced845b6be85ca6cf3435eec84514146a48ab6438c700f2e48b7e86d89ff37",
    "zh:f543dce13d3c28bf1327452a3922acda70742fc53fefe9628666391f448de99e",
    "zh:fa1e04522a1fdf8383f93ec5ffd18424abe99a5ce4a1a8af7e4cd28fce43bb1a",
  ]
 }
--- a/hosts/plover/main.tf
+++ b/hosts/plover/main.tf
@ -0,0 +1,57 @@
 variable "hcloud_token" {
  sensitive = true
 }
 provider "hcloud" {
  token = var.hcloud_token
 }
 resource "hcloud_server" "plover" {
  name = "plover"
  image = "debian-12"
  server_type = "cx21"
  location = "hel1"
  datacenter = "hel1-dc2"
  ssh_keys = [ hcloud_ssh_key.foodogsquared.id ]
  delete_protection = true
  rebuild_protection = true
  user_data = file("${path.module}/files/hcloud/hcloud-user-data.yml")
  public_net {
    ipv4_enabled = true
    ipv6_enabled = true
  }
  network {
    network_id  = hcloud_network.plover.id
    ip = "172.27.0.1"
    alias_ips = [
      "172.27.0.2",
      "172.27.0.3"
    ]
  }
  depends_on = [
    hcloud_network_subnet.plover-subnet
  ]
 }
 resource "hcloud_ssh_key" "foodogsquared" {
  name = "foodogsquared@foodogsquared.one"
  public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPR52KfVODfKsgdvYSoQinV3kyOTZ4mtKa0fah5Wkfr foodogsquared@foodogsquared.one"
 }
 resource "hcloud_network" "plover" {
  name = "plover"
  ip_range = "172.16.0.0/12"
 }
 resource "hcloud_network_subnet" "plover-subnet" {
  network_id = hcloud_network.plover.id
  type = "cloud"
  network_zone = "eu-central"
  ip_range = "172.27.0.0/16"
 }
--- a/hosts/plover/versions.tf
+++ b/hosts/plover/versions.tf
@ -0,0 +1,8 @@
 terraform {
  required_providers {
    hcloud = {
      source = "hetznercloud/hcloud"
      version = "1.40.0"
    }
  }
 }
--- a/shell.nix
+++ b/shell.nix
@ -10,11 +10,13 @@ pkgs.mkShell {
    sops
    treefmt
    deploy-rs
    terraform
    # Language servers for various parts of the config that uses a language.
    lua-language-server
    pyright
    rnix-lsp
    terraform-ls
    # Formatters...
    stylua # ...for Lua.
--- a/treefmt.toml
+++ b/treefmt.toml
@ -9,3 +9,8 @@ includes = [ "*.nix" ]
 [formatter.python]
 command = "black"
 includes = [ "*.py" ]
 [formatter.terraform]
 command = "terraform"
 options = [ "fmt" ]
 includes = [ "*.tf" ]