Added terraform for demo VM

nicholasdille · Nov 2, 2023 · 4c422ef · 4c422ef
1 parent 77ca5d8
commit 4c422ef
Show file tree

Hide file tree

Showing 7 changed files with 110 additions and 80 deletions.
diff --git a/tf/.gitignore b/tf/.gitignore
@@ -1,2 +1,5 @@
+.env.mk
+ssh*
 .terraform*
-terraform.*
+plan.out
+terraform.tfstate*
diff --git a/tf/Makefile b/tf/Makefile
@@ -0,0 +1,41 @@
+-include ../.env.mk
+
+TERRAFORM_BACKEND="terraform-backend-git git --repository https://github.com/nicholasdille/terraform-state --ref main --state demo/state.json"
+
+.PHONY:
+clean:
+	@rm -rf plan.out terraform.tfstate* ssh*
+
+.PHONY:
+show:
+	@terraform show
+
+.PHONY:
+output:
+	@terraform output
+
+.PHONY:
+init: .terraform.lock.hcl
+
+.terraform.lock.hcl:
+	@$(TERRAFORM_BACKEND) \
+		terraform init
+
+ssh:
+	@ssh-keygen -t ed25519 -f ssh -N ''
+
+.PHONY:
+plan: plan.out
+
+plan.out: *.tf ssh .terraform.lock.hcl
+	@terraform plan -out=plan.out -var="hcloud_token=$(HCLOUD_TOKEN)" -var="hetznerdns_token=$(HETZNERDNS_TOKEN)"
+
+.PHONY:
+apply: plan.out
+	@terraform apply -auto-approve -state=terraform.tfstate plan.out
+	@rm -f plan.out
+
+.PHONY:
+destroy: terraform.tfstate
+	@terraform destroy -auto-approve -state=terraform.tfstate -var="hcloud_token=$(HCLOUD_TOKEN)" -var="hetznerdns_token=$(HETZNERDNS_TOKEN)"
+	@rm -f terraform.tfstate*
diff --git a/tf/locals.tf b/tf/locals.tf
@@ -0,0 +1,4 @@
+locals {
+    server_type  = "cx41"
+    server_image = "ubuntu-22.04"
+}
diff --git a/tf/main.tf b/tf/main.tf
@@ -1,95 +1,49 @@
-terraform {
-  required_providers {
-    hcloud = {
-      source = "hetznercloud/hcloud"
-    }
-  }
-  required_version = ">= 0.13"
-}
-
-variable "hcloud_token" {
-  sensitive = true
-}
-
 provider "hcloud" {
   token = var.hcloud_token
 }
 
-module "ssh_key_pair" {
-  source = "cloudposse/ssh-key-pair/tls"
-
-  ssh_public_key_path   = "."
-  name = "demo"
+provider "hetznerdns" {
+  apitoken = var.hetznerdns_token
 }
 
 resource "hcloud_ssh_key" "demo" {
-  name       = module.ssh_key_pair.key_name
-  public_key = module.ssh_key_pair.public_key
+  name       = "demo"
+  public_key = file("./ssh.pub")
 }
 
 resource "hcloud_server" "demo" {
-  name        = module.ssh_key_pair.key_name
-  location    = "fsn1"
-  image       = "ubuntu-20.04"
-  server_type = "cx11"
-  ssh_keys = [
-    hcloud_ssh_key.demo.id
+  name        = "demo"
+  location    = "nbg1"
+  server_type = "cx41"
+  image       = "ubuntu-22.04"
+  ssh_keys    = [
+    hcloud_ssh_key.demo.name
   ]
-  labels = {}
-  user_data = <<EOT
-#cloud-config
-
-groups:
-- user
-users:
-- name: user
-  primary_group: user
-  ssh_authorized_keys:
-  - ${hcloud_ssh_key.demo.public_key}
-  sudo:
-  - ALL=(ALL) NOPASSWD:ALL
-
-apt:
-  conf: |
-    APT {
-      Install-Recommends "false";
-      Install-Suggests "false";
-      Get {
-        Assume-Yes "true";
-        Fix-Broken "true";
-      };
-    };
-
-package_update: true
-package_upgrade: true
-packages:
-- bash
-- curl
-- ca-certificates
-- jq
-- git
-- make
-
-runcmd:
-- sed -i 's/GRUB_CMDLINE_LINUX=""/GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=1"/' /etc/default/grub
-- update-grub
-- curl -fL https://get.docker.com | sh
-- sudo -u user env "USER=user" "HOME=/home/user" bash /opt/init_dotfiles.sh
-
-power_state:
-  mode: reboot
-  delay: now
-EOT
+  public_net {
+    ipv4_enabled = true
+    ipv6_enabled = true
+  }
+  labels = {
+    "purpose" : "demo"
+  }
 }
 
-module "demo" {
-  source = "mcgrof/add-host-ssh-config/kdevops"
+data "hetznerdns_zone" "inmylab" {
+  name = "inmylab.de"
+}
 
-  update_ssh_config_enable = true
-  ssh_config = "./${module.ssh_key_pair.key_name}.config"
+resource "hetznerdns_record" "demo" {
+  zone_id = data.hetznerdns_zone.inmylab.id
+  name = "demo"
+  value = hcloud_server.demo.ipv4_address
+  type = "A"
+  ttl= 120
+}
 
-  shorthosts = "demo"
-  hostnames = hcloud_server.demo.ipv4_address
-  user = "root"
-  id = module.ssh_key_pair.local_file.private_key_pem
+resource "hetznerdns_record" "wildcard-demo" {
+  zone_id = data.hetznerdns_zone.inmylab.id
+  name = "*.demo"
+  value = hetznerdns_record.demo.name
+  type = "CNAME"
+  ttl= 120
 }
diff --git a/tf/outputs.tf b/tf/outputs.tf
@@ -0,0 +1,7 @@
+output "public_ip4" {
+  value = "${hcloud_server.demo.ipv4_address}"
+}
+
+output "status" {
+  value = "${hcloud_server.demo.status}"
+}
diff --git a/tf/variables.tf b/tf/variables.tf
@@ -0,0 +1,7 @@
+variable "hcloud_token" {
+  sensitive = true
+}
+
+variable "hetznerdns_token" {
+  sensitive = true
+}
diff --git a/tf/versions.tf b/tf/versions.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    hcloud = {
+      # https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs
+      source = "hetznercloud/hcloud"
+      version = "1.38.2"
+    }
+    hetznerdns = {
+      # https://registry.terraform.io/providers/timohirt/hetznerdns/latest/docs
+      source = "timohirt/hetznerdns"
+      version = "2.2.0"
+    }
+  }
+}