dotfiles/terranix/main/altra.nix

76 lines
1.6 KiB
Nix
Raw Normal View History

{
tflib,
lib,
...
}: let
inherit
(lib)
singleton
;
inherit
(tflib)
tf
;
in {
terraform.required_providers = {
hcloud.source = "hetznercloud/hcloud";
};
resource."hcloud_primary_ip"."altra_ipv4" = {
name = "altra_ipv4";
datacenter = "fsn1-dc14";
type = "ipv4";
assignee_type = "server";
auto_delete = false;
delete_protection = true;
};
resource."hcloud_primary_ip"."altra_ipv6" = {
name = "altra_ipv6";
datacenter = "fsn1-dc14";
type = "ipv6";
assignee_type = "server";
auto_delete = false;
delete_protection = true;
};
resource."hcloud_ssh_key"."magic_rb" = {
name = "magic_rb";
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFVkFvalffJ/SMjJGG3WPiqCqFygnWzhGUaeALBIoCsJ (none)";
};
resource."hcloud_server"."altra" = {
name = "altra";
image = "debian-12";
datacenter = "fsn1-dc14";
server_type = "cax11";
public_net = {
ipv4_enabled = true;
ipv4 = tf "hcloud_primary_ip.altra_ipv4.id";
ipv6_enabled = false;
ipv6 = tf "hcloud_primary_ip.altra_ipv6.id";
};
delete_protection = true;
rebuild_protection = true;
# ssh_keys = singleton (tf "hcloud_ssh_key.magic_rb.id");
};
prefab.pushApproles."altra" = {
host = "10.64.0.11";
user = "main";
policies = [
# (tf "vault_policy.toothpick_consul.name")
# (tf "vault_policy.toothpick_nomad.name")
];
metadata = {
"ip_address" = "altra.redalder.org";
};
approlePath = tf "vault_auth_backend.approle.path";
};
}