mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-12-12 09:51:59 +01:00
aff0158ef7
Signed-off-by: magic_rb <magic_rb@redalder.org>
75 lines
1.6 KiB
Nix
75 lines
1.6 KiB
Nix
{
|
|
tflib,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit
|
|
(lib)
|
|
singleton
|
|
;
|
|
inherit
|
|
(tflib)
|
|
tf
|
|
;
|
|
in {
|
|
terraform.required_providers = {
|
|
hcloud.source = "hetznercloud/hcloud";
|
|
};
|
|
|
|
resource."hcloud_primary_ip"."altra_ipv4" = {
|
|
name = "altra_ipv4";
|
|
datacenter = "fsn1-dc14";
|
|
type = "ipv4";
|
|
assignee_type = "server";
|
|
auto_delete = false;
|
|
delete_protection = true;
|
|
};
|
|
|
|
resource."hcloud_primary_ip"."altra_ipv6" = {
|
|
name = "altra_ipv6";
|
|
datacenter = "fsn1-dc14";
|
|
type = "ipv6";
|
|
assignee_type = "server";
|
|
auto_delete = false;
|
|
delete_protection = true;
|
|
};
|
|
|
|
resource."hcloud_ssh_key"."magic_rb" = {
|
|
name = "magic_rb";
|
|
public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFVkFvalffJ/SMjJGG3WPiqCqFygnWzhGUaeALBIoCsJ (none)";
|
|
};
|
|
|
|
resource."hcloud_server"."altra" = {
|
|
name = "altra";
|
|
image = "debian-12";
|
|
datacenter = "fsn1-dc14";
|
|
server_type = "cax11";
|
|
public_net = {
|
|
ipv4_enabled = true;
|
|
ipv4 = tf "hcloud_primary_ip.altra_ipv4.id";
|
|
ipv6_enabled = false;
|
|
ipv6 = tf "hcloud_primary_ip.altra_ipv6.id";
|
|
};
|
|
|
|
delete_protection = true;
|
|
rebuild_protection = true;
|
|
|
|
# ssh_keys = singleton (tf "hcloud_ssh_key.magic_rb.id");
|
|
};
|
|
|
|
prefab.pushApproles."altra" = {
|
|
host = "10.64.0.11";
|
|
user = "main";
|
|
|
|
policies = [
|
|
# (tf "vault_policy.toothpick_consul.name")
|
|
# (tf "vault_policy.toothpick_nomad.name")
|
|
];
|
|
|
|
metadata = {
|
|
"ip_address" = "altra.redalder.org";
|
|
};
|
|
|
|
approlePath = tf "vault_auth_backend.approle.path";
|
|
};
|
|
}
|