Create initial tf file
This commit is contained in:
parent
186d492ab5
commit
df8ab4016a
GPG key ID:
198E9EB433DB1B28
5 changed files with 76 additions and 0 deletions
6
.gitignore
vendored
Normal file
6
.gitignore
vendored
Normal file
|
|
@ -0,0 +1,6 @@
|
|||
*.tfvars
|
||||
.terraform/
|
||||
*.env
|
||||
.terraform.lock.hcl
|
||||
*.tfstate
|
||||
*.tfstate.backup
|
||||
18
README.md
Normal file
18
README.md
Normal file
|
|
@ -0,0 +1,18 @@
|
|||
# OpenTofu server configuration
|
||||
|
||||
This is an experimental configuration for my Hetzner VPS using OpenTofu and Nix.
|
||||
|
||||
## How to use
|
||||
|
||||
Copy `secret.tfvars.example` to `secret.tfvars` and fill in the values.
|
||||
|
||||
To generate a token with Hetzner, go to the project and click `Security -> API Tokens`.
|
||||
|
||||
Run `nix develop` to access a shell where OpenTofu is accessible.
|
||||
|
||||
## Aliases
|
||||
|
||||
The following aliases in the development shell include the secrets file automatically.
|
||||
|
||||
- `tofu-plan`
|
||||
- `tofu-apply`
|
||||
|
|
@ -20,6 +20,11 @@
|
|||
tofuPkg
|
||||
pkgs.terraform-ls
|
||||
];
|
||||
|
||||
shellHook = ''
|
||||
alias tofu-plan="tofu plan -var-file=secret.tfvars"
|
||||
alias tofu-apply="tofu apply -var-file=secret.tfvars"
|
||||
'';
|
||||
};
|
||||
}
|
||||
);
|
||||
|
|
|
|||
46
main.tf
Normal file
46
main.tf
Normal file
|
|
@ -0,0 +1,46 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
hcloud = {
|
||||
source = "hetznercloud/hcloud"
|
||||
version = "~> 1.45"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
variable "hcloud_token" {
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
provider "hcloud" {
|
||||
token = var.hcloud_token
|
||||
}
|
||||
|
||||
resource "hcloud_ssh_key" "main" {
|
||||
name = "my-ssh-key"
|
||||
public_key = file("~/.ssh/id_ed25519.pub")
|
||||
}
|
||||
|
||||
resource "hcloud_server" "vpn" {
|
||||
name = "vpn"
|
||||
image = "debian-12"
|
||||
server_type = "cpx11"
|
||||
location = "hil"
|
||||
ssh_keys = [hcloud_ssh_key.main.id]
|
||||
|
||||
//provisioner "local-exec" {
|
||||
// command = "sleep 120"
|
||||
//}
|
||||
|
||||
provisioner "remote-exec" {
|
||||
connection {
|
||||
type = "ssh"
|
||||
user = "root"
|
||||
host = self.ipv4_address
|
||||
// private_key = file("~/.ssh/id_ed25519")
|
||||
agent = true
|
||||
}
|
||||
inline = [
|
||||
"curl https://raw.githubusercontent.com/elitak/NixOS-infect/master/NixOS-infect | PROVIDER=hetznercloud Nix_CHANNEL=NixOS-Unstable bash 2>&1 | tee /tmp/infect.log",
|
||||
]
|
||||
}
|
||||
}
|
||||
1
secret.tfvars.example
Normal file
1
secret.tfvars.example
Normal file
|
|
@ -0,0 +1 @@
|
|||
hcloud_token = "your_token_here"
|
||||
Loading…
Add table
Reference in a new issue