Compare commits
12 Commits
153deee8f4
...
master
| Author | SHA1 | Date | |
|---|---|---|---|
| 6edda8ef32 | |||
| 6f51b89e6a | |||
| 8076bbc08d | |||
| ba9c2b639e | |||
| 707f84ebd0 | |||
| d955d86808 | |||
| 68b8b6a599 | |||
| ec94cc8f54 | |||
| cc8c585dbd | |||
| c80f3a53a0 | |||
| ffbb91891e | |||
| 5e090e9de5 |
@@ -9,7 +9,7 @@ jobs:
|
||||
runs-on: almalinux-8
|
||||
container:
|
||||
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
|
||||
options: --privileged
|
||||
options: "--privileged --volume /etc/pki/tls/vault:/etc/pki/tls/vault:ro"
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
@@ -29,4 +29,5 @@ jobs:
|
||||
env:
|
||||
VAULT_ROLEID: ${{ secrets.TERRAFORM_INCUS_VAULT_ROLEID }}
|
||||
run: |
|
||||
dnf install terraform -y
|
||||
make plan
|
||||
|
||||
@@ -11,7 +11,7 @@ jobs:
|
||||
runs-on: almalinux-8
|
||||
container:
|
||||
image: git.unkin.net/unkin/almalinux9-actionsdind:latest
|
||||
options: --privileged
|
||||
options: "--privileged --volume /etc/pki/tls/vault:/etc/pki/tls/vault:ro"
|
||||
|
||||
steps:
|
||||
- name: Checkout code
|
||||
@@ -23,4 +23,5 @@ jobs:
|
||||
env:
|
||||
VAULT_ROLEID: ${{ secrets.TERRAFORM_INCUS_VAULT_ROLEID }}
|
||||
run: |
|
||||
dnf install terraform -y
|
||||
make apply
|
||||
|
||||
@@ -20,9 +20,17 @@ define vault_env
|
||||
mkdir -p $$INCUS_CONFIG_DIR && \
|
||||
mkdir -p $$INCUS_CONFIG_DIR/servercerts && \
|
||||
printf '%s\n' "$$INCUS_CONF_INCUSIMAGES_CERT" > $$INCUS_CONFIG_DIR/servercerts/incus-images.crt && \
|
||||
printf '%s\n' "$$INCUS_CONF_CONFIG_YAML" > $$INCUS_CONFIG_DIR/config.yaml && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key
|
||||
printf '%s\n' "$$INCUS_CONF_CONFIG_YAML" > $$INCUS_CONFIG_DIR/config.yml && \
|
||||
if [ -f /etc/pki/tls/vault/certificate.crt ] && [ -f /etc/pki/tls/vault/private.key ]; then \
|
||||
cp /etc/pki/tls/vault/certificate.crt $$INCUS_CONFIG_DIR/client.crt && \
|
||||
cp /etc/pki/tls/vault/private.key $$INCUS_CONFIG_DIR/client.key; \
|
||||
elif [ -f $$HOME/.config/incus/client.crt ] && [ -f $$HOME/.config/incus/client.key ]; then \
|
||||
cp $$HOME/.config/incus/client.crt $$INCUS_CONFIG_DIR/client.crt && \
|
||||
cp $$HOME/.config/incus/client.key $$INCUS_CONFIG_DIR/client.key; \
|
||||
else \
|
||||
printf '%s\n' "$$INCUS_CLIENT_CRT" > $$INCUS_CONFIG_DIR/client.crt && \
|
||||
printf '%s\n' "$$INCUS_CLIENT_KEY" > $$INCUS_CONFIG_DIR/client.key; \
|
||||
fi
|
||||
endef
|
||||
|
||||
clean:
|
||||
|
||||
@@ -159,6 +159,16 @@ shared_apps_jellyfin:
|
||||
properties:
|
||||
source: /shared/apps/jellyfin
|
||||
path: /shared/apps/jellyfin
|
||||
shared_apps_maildata:
|
||||
description: "Mount /shared/apps/maildata directly into the container"
|
||||
project: null
|
||||
config: {}
|
||||
devices:
|
||||
- type: disk
|
||||
name: maildata-shared
|
||||
properties:
|
||||
source: /shared/apps/maildata
|
||||
path: /shared/apps/maildata
|
||||
|
||||
# storage
|
||||
disk10:
|
||||
|
||||
@@ -10,4 +10,4 @@ storage_volumes:
|
||||
pool: fastpool
|
||||
path: /data
|
||||
config:
|
||||
size: 50GB
|
||||
size: 100GB
|
||||
|
||||
@@ -10,4 +10,4 @@ storage_volumes:
|
||||
pool: fastpool
|
||||
path: /data
|
||||
config:
|
||||
size: 50GB
|
||||
size: 100GB
|
||||
|
||||
@@ -10,4 +10,4 @@ storage_volumes:
|
||||
pool: fastpool
|
||||
path: /data
|
||||
config:
|
||||
size: 50GB
|
||||
size: 100GB
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
description: Postfix MTA
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::mail::gateway
|
||||
profiles:
|
||||
- disk20
|
||||
- net_dmz1_eth0
|
||||
- 2core4096
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0009"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
description: Postfix MTA
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::mail::gateway
|
||||
profiles:
|
||||
- disk20
|
||||
- net_dmz1_eth0
|
||||
- 2core4096
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0010"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
description: Postfix MTA
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::mail::gateway
|
||||
profiles:
|
||||
- disk20
|
||||
- net_dmz1_eth0
|
||||
- 2core4096
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0011"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
description: Dovecot Backend
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::mail::backend
|
||||
profiles:
|
||||
- disk20
|
||||
- net_com1_eth0
|
||||
- 2core4096
|
||||
- shared_apps_maildata
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0012"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
description: Dovecot Backend
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::mail::backend
|
||||
profiles:
|
||||
- disk20
|
||||
- net_com1_eth0
|
||||
- 2core4096
|
||||
- shared_apps_maildata
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0013"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,8 @@
|
||||
description: Dovecot Backend
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::mail::backend
|
||||
profiles:
|
||||
- disk20
|
||||
- net_com1_eth0
|
||||
- 2core4096
|
||||
- shared_apps_maildata
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0009"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
description: ExternalDNS For K8S
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::dns::externaldns
|
||||
profiles:
|
||||
- disk20
|
||||
- net_com1_eth0
|
||||
- 2core3072
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0010"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
description: ExternalDNS For K8S
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::dns::externaldns
|
||||
profiles:
|
||||
- disk20
|
||||
- net_com1_eth0
|
||||
- 2core3072
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0011"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
@@ -0,0 +1,7 @@
|
||||
description: ExternalDNS For K8S
|
||||
cobbler_mgmt_classes:
|
||||
- roles::infra::dns::externaldns
|
||||
profiles:
|
||||
- disk20
|
||||
- net_com1_eth0
|
||||
- 2core3072
|
||||
@@ -0,0 +1,54 @@
|
||||
locals {
|
||||
node_name = "prodnxsr0012"
|
||||
config_common = yamldecode(file("${get_terragrunt_dir()}/../config_common.yaml"))
|
||||
config_specific = yamldecode(file("${get_terragrunt_dir()}/config.yaml"))
|
||||
config = merge(local.config_common, local.config_specific)
|
||||
instance_name = basename(get_terragrunt_dir())
|
||||
}
|
||||
|
||||
inputs = merge(
|
||||
{
|
||||
name = local.instance_name
|
||||
},
|
||||
local.config
|
||||
)
|
||||
|
||||
include "root" {
|
||||
path = find_in_parent_folders("root.hcl")
|
||||
}
|
||||
|
||||
include "instances" {
|
||||
path = find_in_parent_folders("instances.hcl")
|
||||
expose = true
|
||||
merge_strategy = "deep"
|
||||
}
|
||||
|
||||
dependencies {
|
||||
paths = ["${get_repo_root()}/config/nodes/${local.node_name}"]
|
||||
}
|
||||
|
||||
|
||||
generate "incus" {
|
||||
path = "incus.tf"
|
||||
if_exists = "overwrite_terragrunt"
|
||||
contents = <<-EOF
|
||||
provider "incus" {
|
||||
generate_client_certificates = false
|
||||
accept_remote_certificate = true
|
||||
config_dir = "${get_env("INCUS_CONFIG_DIR")}"
|
||||
|
||||
remote {
|
||||
name = "${basename(get_terragrunt_dir())}"
|
||||
scheme = "https"
|
||||
address = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_addr}"
|
||||
port = "${yamldecode(file("${get_repo_root()}/config/nodes/${local.node_name}/config.yaml")).node_port}"
|
||||
token = "${get_env("INCUS_TOKEN_${upper(local.node_name)}")}"
|
||||
default = true
|
||||
}
|
||||
}
|
||||
EOF
|
||||
}
|
||||
terraform {
|
||||
source = "${get_repo_root()}/modules/instance"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user