Create initial tf file
This commit is contained in:
parent
186d492ab5
commit
df8ab4016a
GPG key ID:
198E9EB433DB1B28
5 changed files with 76 additions and 0 deletions
6
.gitignore
vendored
Normal file
6
.gitignore
vendored
Normal file
|
|
@ -0,0 +1,6 @@
|
||||||
|
*.tfvars
|
||||||
|
.terraform/
|
||||||
|
*.env
|
||||||
|
.terraform.lock.hcl
|
||||||
|
*.tfstate
|
||||||
|
*.tfstate.backup
|
||||||
18
README.md
Normal file
18
README.md
Normal file
|
|
@ -0,0 +1,18 @@
|
||||||
|
# OpenTofu server configuration
|
||||||
|
|
||||||
|
This is an experimental configuration for my Hetzner VPS using OpenTofu and Nix.
|
||||||
|
|
||||||
|
## How to use
|
||||||
|
|
||||||
|
Copy `secret.tfvars.example` to `secret.tfvars` and fill in the values.
|
||||||
|
|
||||||
|
To generate a token with Hetzner, go to the project and click `Security -> API Tokens`.
|
||||||
|
|
||||||
|
Run `nix develop` to access a shell where OpenTofu is accessible.
|
||||||
|
|
||||||
|
## Aliases
|
||||||
|
|
||||||
|
The following aliases in the development shell include the secrets file automatically.
|
||||||
|
|
||||||
|
- `tofu-plan`
|
||||||
|
- `tofu-apply`
|
||||||
|
|
@ -20,6 +20,11 @@
|
||||||
tofuPkg
|
tofuPkg
|
||||||
pkgs.terraform-ls
|
pkgs.terraform-ls
|
||||||
];
|
];
|
||||||
|
|
||||||
|
shellHook = ''
|
||||||
|
alias tofu-plan="tofu plan -var-file=secret.tfvars"
|
||||||
|
alias tofu-apply="tofu apply -var-file=secret.tfvars"
|
||||||
|
'';
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
|
|
|
||||||
46
main.tf
Normal file
46
main.tf
Normal file
|
|
@ -0,0 +1,46 @@
|
||||||
|
terraform {
|
||||||
|
required_providers {
|
||||||
|
hcloud = {
|
||||||
|
source = "hetznercloud/hcloud"
|
||||||
|
version = "~> 1.45"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
variable "hcloud_token" {
|
||||||
|
sensitive = true
|
||||||
|
}
|
||||||
|
|
||||||
|
provider "hcloud" {
|
||||||
|
token = var.hcloud_token
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "hcloud_ssh_key" "main" {
|
||||||
|
name = "my-ssh-key"
|
||||||
|
public_key = file("~/.ssh/id_ed25519.pub")
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "hcloud_server" "vpn" {
|
||||||
|
name = "vpn"
|
||||||
|
image = "debian-12"
|
||||||
|
server_type = "cpx11"
|
||||||
|
location = "hil"
|
||||||
|
ssh_keys = [hcloud_ssh_key.main.id]
|
||||||
|
|
||||||
|
//provisioner "local-exec" {
|
||||||
|
// command = "sleep 120"
|
||||||
|
//}
|
||||||
|
|
||||||
|
provisioner "remote-exec" {
|
||||||
|
connection {
|
||||||
|
type = "ssh"
|
||||||
|
user = "root"
|
||||||
|
host = self.ipv4_address
|
||||||
|
// private_key = file("~/.ssh/id_ed25519")
|
||||||
|
agent = true
|
||||||
|
}
|
||||||
|
inline = [
|
||||||
|
"curl https://raw.githubusercontent.com/elitak/NixOS-infect/master/NixOS-infect | PROVIDER=hetznercloud Nix_CHANNEL=NixOS-Unstable bash 2>&1 | tee /tmp/infect.log",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
}
|
||||||
1
secret.tfvars.example
Normal file
1
secret.tfvars.example
Normal file
|
|
@ -0,0 +1 @@
|
||||||
|
hcloud_token = "your_token_here"
|
||||||
Loading…
Add table
Reference in a new issue