From 8ad18fb38c4765ab8a6ffc1836489cdf9990e0c6 Mon Sep 17 00:00:00 2001 From: Gabriel Arazas Date: Sat, 21 Sep 2024 10:06:03 +0800 Subject: [PATCH] hosts/plover: update Terraform modules and add secondary DNS servers --- configs/nixos/plover/.terraform.lock.hcl | 50 ++++++++++++++++-------- configs/nixos/plover/main.tf | 34 +++++++++++----- configs/nixos/plover/versions.tf | 7 +++- 3 files changed, 63 insertions(+), 28 deletions(-) diff --git a/configs/nixos/plover/.terraform.lock.hcl b/configs/nixos/plover/.terraform.lock.hcl index e3153cc7..05ca9cfd 100644 --- a/configs/nixos/plover/.terraform.lock.hcl +++ b/configs/nixos/plover/.terraform.lock.hcl @@ -2,23 +2,39 @@ # Manual edits may be lost in future updates. provider "registry.opentofu.org/hetznercloud/hcloud" { - version = "1.40.0" - constraints = "1.40.0" + version = "1.48.1" + constraints = "1.48.1" hashes = [ - "h1:73wGxI4xen4QdT5D1HBhcn1Ll1itFu1b6r4ggflG2OM=", - "zh:0451768ebac9c01b2cc9b3fa63014baa6d1d92e4b5cda9f98a15c320eabc62bd", - "zh:399a3c8fd13e69d8ac836ff5cb3e49eaa13f8d588390862d3c84e5221b85a5ec", - "zh:3f1e2310eaf0945e8df20e841437119b4f1a4fbcbf5c8ef9f66d086a6206df2e", - "zh:5088bd924089c49717fd90fd4893df6caccf978b53bdad79762383c519987290", - "zh:50c178c74bc5aaba5f5d5a0fd51257136b6f2cc0b44bc02b0603f656daad8ee7", - "zh:6a25d234eef37ca727bf20aebeb6a2d3cabbc6338b5e53e98aed222def4b1c86", - "zh:7489d6b14b49916d7181e444880ad1f3914606beda0b7c21485e969ba43f84eb", - "zh:8ded3bfeb885a61a6895e400d1476d15500f2a1a67da440ddd4b1ee2fad0407d", - "zh:b34e3430d48c48edbd49064e500e84765ce03d97c01d855db71c738e1928b97d", - "zh:c36241fc84663e90fd693a74773a22a459c55edae71141f13aba58a267cb09ab", - "zh:c5add5e07edf1876486f4ecfa103f3e500040b4801b8cdf68a91224d3bc6c636", - "zh:ebced845b6be85ca6cf3435eec84514146a48ab6438c700f2e48b7e86d89ff37", - "zh:f543dce13d3c28bf1327452a3922acda70742fc53fefe9628666391f448de99e", - "zh:fa1e04522a1fdf8383f93ec5ffd18424abe99a5ce4a1a8af7e4cd28fce43bb1a", + "h1:fa9fxdSV9DG+HDcXyRbcGfb6Dk94SBP3TamHb1yOYiI=", + "zh:086cce10cb005f25f85183c59e639d6675e91e919934c80f660ca1cc4b9bc09b", + "zh:111d185707168b90c7ed3d245b522b2bd508f0bd4275496a1acdc9c0adaa85f2", + "zh:1acba3f30150282d283c46cd7ce25e9afb8b027fd2f594d41de9131d25a42b27", + "zh:1f8858aa81f93d52550502a11c7ea4e9370316ab098f6b75a09ffe75da6129ee", + "zh:20e01e6e6f99f57b3c1ef2a9de5d617c0139d3f3934eeb5e6c5976ae8b831a48", + "zh:2a8489a586a7bdadc42bbc9e3cb7b9deaefdf8020e3f2caba2678877d5d64d52", + "zh:31d8017529b0429bc9e873ec5d358ab9b75af2ba0ae24f21abcd4d09f36b7ee9", + "zh:407b4d7f1407e7e4a51b6f4dcdb0c7fbf81f2f1e25a7275f34054009419125a2", + "zh:42cf7cf867d199054713d4e6060e4b578eff16f0f537e9aaa5fd990c3eab8bc6", + "zh:460ac856ff952c5d41525949b93cfb7ee642f900594eff965494f11999d7496b", + "zh:d09e527d23f62564c82bc24e286cf2cb8cb0ed6cdc6f4c66adf2145cfa62adac", + "zh:d465356710444ac70dea4883252efc429b73e79fc6dc94f075662b838476680e", + "zh:d476c8eca307e30a20eed54c0735b062a6f3066b4ac63eebecd38ab8f40c16f4", + "zh:e0e9b2f6d5e28dbd01fa1ec3147aa88062d6223c5146532a3dcd1d3bb827e1e9", + ] +} + +provider "registry.opentofu.org/timohirt/hetznerdns" { + version = "2.2.0" + constraints = "2.2.0" + hashes = [ + "h1:HyskQAglrOueur79gSCBgx9MNDOs0tz39aNYQiFgxz8=", + "zh:5bb0ab9f62be3ed92070235e507f3c290491d51391ef4edcc70df53b65a83019", + "zh:5ccdfac7284f5515ac3cff748336b77f21c64760e429e811a1eeefa8ebb86e12", + "zh:687c35665139ae37c291e99085be2e38071f6b355c4e1e8957c5a6a3bcdf9caf", + "zh:6de27f0d0d1513b3a4b7e81923b4a8506c52759bd466e2b4f8156997b0478931", + "zh:85770a9199a4c2d16ca41538d7a0f7a7bfc060678104a1faac19213e6f0a800c", + "zh:a5ff723774a9ccfb27d5766c5e6713537f74dd94496048c89c5d64dba597e59e", + "zh:bf9ab76fd37cb8aebb6868d73cbe8c08cee36fc25224cc1ef5949efa3c34b06c", + "zh:db998fe3bdcd4902e99fa470bb3f355883170cf4c711c8da0b5f1f4510f1be41", ] } diff --git a/configs/nixos/plover/main.tf b/configs/nixos/plover/main.tf index e7765634..425609c0 100644 --- a/configs/nixos/plover/main.tf +++ b/configs/nixos/plover/main.tf @@ -2,14 +2,33 @@ variable "hcloud_token" { sensitive = true } +variable "hcloud_dns_token" { + sensitive = true +} + provider "hcloud" { token = var.hcloud_token } +provider "hetznerdns" { + apitoken = var.hcloud_dns_token +} + +resource "hetznerdns_zone" "main" { + name = "foodogsquared.one" + ttl = 3600 +} + +resource "hetznerdns_primary_server" "main" { + address = hcloud_server.plover.ipv4_address + port = 53 + zone_id = hetznerdns_zone.main.id +} + resource "hcloud_server" "plover" { name = "plover" image = "debian-12" - server_type = "cx21" + server_type = "cx22" location = "hel1" datacenter = "hel1-dc2" @@ -18,8 +37,6 @@ resource "hcloud_server" "plover" { delete_protection = true rebuild_protection = true - user_data = file("${path.module}/files/hcloud/hcloud-user-data.yml") - public_net { ipv4_enabled = true ipv6_enabled = true @@ -27,11 +44,7 @@ resource "hcloud_server" "plover" { network { network_id = hcloud_network.plover.id - ip = "172.27.0.1" - alias_ips = [ - "172.27.0.2", - "172.27.0.3" - ] + ip = "10.0.0.1" } depends_on = [ @@ -46,12 +59,13 @@ resource "hcloud_ssh_key" "foodogsquared" { resource "hcloud_network" "plover" { name = "plover" - ip_range = "172.16.0.0/12" + ip_range = "10.0.0.0/8" + delete_protection = true } resource "hcloud_network_subnet" "plover-subnet" { network_id = hcloud_network.plover.id type = "cloud" network_zone = "eu-central" - ip_range = "172.27.0.0/16" + ip_range = "10.0.0.0/12" } diff --git a/configs/nixos/plover/versions.tf b/configs/nixos/plover/versions.tf index b57a4e2b..5f5c1832 100644 --- a/configs/nixos/plover/versions.tf +++ b/configs/nixos/plover/versions.tf @@ -2,7 +2,12 @@ terraform { required_providers { hcloud = { source = "hetznercloud/hcloud" - version = "1.40.0" + version = "1.48.1" + } + + hetznerdns = { + source = "timohirt/hetznerdns" + version = "2.2.0" } } }