-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.tf
125 lines (118 loc) · 3.45 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# main.tf
# Define terraform backend
terraform {
required_version = "~> 0.12.0"
backend "remote" {}
}
# Definition of variables
variable "hcloud_token" {
type = string
description = "Use -var='hcloud_token=...' CLI option"
}
variable "hetzner_dns" {
type = list(string)
description = "Dns servers proposed by Hetzner infrastructure"
default = [
"213.133.98.98",
"213.133.99.99",
"213.133.100.100",
]
}
variable "server" {
description = "The mapping of servername to server Data Center"
type = "map"
default = {
"etc00" = "nbg1"
"etc01" = "fsn1"
"etc10" = "hel1"
}
}
variable "server_type" {
type = string
description = "defines resources for provisioned server"
default = "cx31-ceph"
}
variable "ssh_key_private" {
type = string
description = "Ssh private key to use for connection to a server. Export TF_VAR_ssh_key_private environment variable to define a value."
}
variable "ssh_key" {
type = string
description = "An id of public key of ssh key-pairs that will be used for connection to a server. Export TF_VAR_ssh_key environment variable to define a value."
}
variable "remote_user" {
type = string
description = "A user being used for a connection to a server. By default is root, unless redefined with user-data (cloud-init)."
default = "root"
}
variable "server_image" {
type = string
description = "An image being used for a server provisioning."
default = "centos-8"
}
variable "domain" {
type = string
description = "A domain name for FreeIPA server. Export TF_VAR_domain environment variable to define."
}
# User Hetzner cloud
provider "hcloud" {
token = "${var.hcloud_token}"
}
# Get data from Hetzner Cloud
data "hcloud_floating_ip" "fip4" {
for_each = var.server
with_selector = "host==${each.key},object=freeipa4"
}
data "hcloud_volume" "vol" {
for_each = var.server
with_selector = "host==${each.key},object=freeipa"
}
# Create resources
resource "hcloud_server" "host" {
for_each = var.server
name = each.key
location = each.value
server_type = "${var.server_type}"
keep_disk = true
backups = true
image = "${var.server_image}"
ssh_keys = [
"${var.ssh_key}",
]
provisioner "remote-exec" {
inline = [
"dnf install -y python3 python3-libselinux"
]
connection {
host = "${self.ipv4_address}"
type = "ssh"
user = "${var.remote_user}"
private_key = "${file("${var.ssh_key_private}")}"
}
}
}
# Assign floating IP
resource "hcloud_floating_ip_assignment" "fip4_ass" {
for_each = var.server
floating_ip_id = "${data.hcloud_floating_ip.fip4[each.key].id}"
server_id = "${hcloud_server.host[each.key].id}"
}
# Attach volume
resource "hcloud_volume_attachment" "vol_att" {
for_each = var.server
volume_id = "${data.hcloud_volume.vol[each.key].id}"
server_id = "${hcloud_server.host[each.key].id}"
}
# Create an inventory file from template
resource "null_resource" "inventory" {
depends_on = [
hcloud_floating_ip_assignment.fip4_ass,
]
# Changes to any instance of the cluster requires re-provisioning
triggers = {
cluster_instance_ids = "${join(",", [ for k, v in var.server: hcloud_server.host[k].id ])}"
}
provisioner "local-exec" {
command = "echo '${templatefile("inventory.template", { hosts = "${hcloud_server.host}", fips4 = "${data.hcloud_floating_ip.fip4}", volumes = "${data.hcloud_volume.vol}", domain = "${var.domain}", user = "${var.remote_user}", forwarders = "${var.hetzner_dns}" })}' > inventory.yml"
}
}