diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl index a3ae364..519c8aa 100644 --- a/.terraform.lock.hcl +++ b/.terraform.lock.hcl @@ -36,6 +36,13 @@ provider "registry.terraform.io/hashicorp/vault" { ] } +provider "registry.terraform.io/hetznercloud/hcloud" { + version = "1.39.0" + hashes = [ + "h1:0Zh37Dpokj8+S8BSdbj8N7/Z/Gamyy7iHMt83yDWcuc=", + ] +} + provider "registry.terraform.io/magicrb/influxdb-v2" { version = "0.4.6" hashes = [ diff --git a/flake.nix b/flake.nix index 0e3b5d4..2542ddf 100644 --- a/flake.nix +++ b/flake.nix @@ -134,6 +134,7 @@ p.random p.null p.influxdb-v2 + p.hcloud ] ); flake.nixosModules = { diff --git a/terranix/altra.nix b/terranix/altra.nix new file mode 100644 index 0000000..a3b2062 --- /dev/null +++ b/terranix/altra.nix @@ -0,0 +1,53 @@ +{ tflib, lib, ... }: +let + inherit (lib) + singleton; + inherit (tflib) + tf; +in +{ + terraform.required_providers = { + hcloud.source = "hetznercloud/hcloud"; + }; + + resource."hcloud_primary_ip"."altra_ipv4" = { + name = "altra_ipv4"; + datacenter = "fsn1-dc14"; + type = "ipv4"; + assignee_type = "server"; + auto_delete = false; + delete_protection = true; + }; + + resource."hcloud_primary_ip"."altra_ipv6" = { + name = "altra_ipv6"; + datacenter = "fsn1-dc14"; + type = "ipv6"; + assignee_type = "server"; + auto_delete = false; + delete_protection = true; + }; + + resource."hcloud_ssh_key"."magic_rb" = { + name = "magic_rb"; + public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFVkFvalffJ/SMjJGG3WPiqCqFygnWzhGUaeALBIoCsJ (none)"; + }; + + resource."hcloud_server"."altra" = { + name = "altra"; + image = "debian-12"; + datacenter = "fsn1-dc14"; + server_type = "cax11"; + public_net = { + ipv4_enabled = true; + ipv4 = tf "hcloud_primary_ip.altra_ipv4.id"; + ipv6_enabled = false; + ipv6 = tf "hcloud_primary_ip.altra_ipv6.id"; + }; + + delete_protection = true; + rebuild_protection = true; + + ssh_keys = singleton (tf "hcloud_ssh_key.magic_rb.id"); + }; +} diff --git a/terranix/default.nix b/terranix/default.nix index 2cadff2..36c2925 100644 --- a/terranix/default.nix +++ b/terranix/default.nix @@ -101,6 +101,11 @@ in source = ./containers/nfs-csi; }; + module."altra" = elib.terraformModule { + name = "altra"; + source = ./altra.nix; + }; + imports = [ ./lib ./modules/push_approles.nix @@ -118,9 +123,8 @@ in }; terraform.required_providers = { - influxdb-v2 = { - source = "MagicRB/influxdb-v2"; - }; + hcloud.source = "hetznercloud/hcloud"; + influxdb-v2.source = "MagicRB/influxdb-v2"; }; resource."vault_auth_backend"."approle" = {