main.tf - infra - Terraform IoC for my remote (Hetzner) and local (Incus) servers.
(HTM) git clone git://jay.scot/infra
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
---
main.tf (1451B)
---
1 terraform {
2 required_version = ">=1.7.0"
3 required_providers {
4 hcloud = {
5 source = "hetznercloud/hcloud"
6 version = "1.47.0"
7 }
8 }
9 }
10
11 resource "hcloud_ssh_key" "this" {
12 for_each = var.public_ssh_keys
13
14 name = each.key
15 public_key = file(each.value)
16 }
17
18
19 resource "hcloud_firewall" "this" {
20 for_each = var.firewall_rules
21
22 name = each.key
23
24 dynamic "rule" {
25 for_each = each.value.rules
26
27 content {
28 description = rule.key
29 direction = rule.value.direction
30 protocol = rule.value.protocol
31 source_ips = rule.value.source_ips
32 port = rule.value.port
33 }
34 }
35 }
36
37
38 resource "hcloud_server" "this" {
39 for_each = var.nodes
40
41 name = each.key
42 image = each.value.image
43 server_type = each.value.server_type
44 location = each.value.location
45 labels = each.value.labels
46 ssh_keys = [hcloud_ssh_key.this[each.value.public_key].id]
47 user_data = file(each.value.user_data)
48 firewall_ids = [hcloud_firewall.this[each.key].id]
49
50 public_net {
51 ipv4_enabled = each.value.ipv4
52 ipv6_enabled = each.value.ipv6
53 }
54
55 lifecycle {
56 postcondition {
57 condition = self.status == "running"
58 error_message = "Instance must be running."
59 }
60 }
61 }
62
63 resource "hcloud_rdns" "this" {
64 for_each = hcloud_server.this
65
66 server_id = each.value.id
67 ip_address = each.value.ipv4_address
68 dns_ptr = var.nodes[each.key].reverse_dns
69 }