feat: add all of the terraform files

Signed-off-by: Vojtech Mares <iam@vojtechmares.com>
2024-01-22 15:03:40 +01:00 · 2024-01-22 15:03:40 +01:00 · 3a2ac8bc50
commit 3a2ac8bc50
parent 4dff9a8639
9 changed files with 453 additions and 0 deletions
--- a/terraform/dns.tf
+++ b/terraform/dns.tf
@ -0,0 +1,77 @@
+resource "cloudflare_zone" "cthulhunetes" {
+  account_id = "f24333bb3c47d6db753e57e2a0c90082"
+  zone       = "cthulhunetes.net"
+}
+
+resource "cloudflare_zone_dnssec" "cthulhunetes" {
+  zone_id = cloudflare_zone.cthulhunetes.id
+}
+
+resource "cloudflare_zone_settings_override" "cthulhunetes" {
+  zone_id = cloudflare_zone.cthulhunetes.id
+  settings {
+    always_use_https         = "on"
+    automatic_https_rewrites = "on"
+    ssl                      = "full"
+  }
+}
+
+resource "cloudflare_record" "cthulhu_masters" {
+  count = length(hcloud_server.cthulhu_masters)
+
+  zone_id = local.vxm_cz_zone_id
+  name    = "master-${count.index}.cthulhu.k8s"
+  value   = hcloud_server.cthulhu_masters[count.index].ipv4_address
+  type    = "A"
+  proxied = false
+}
+
+resource "cloudflare_record" "cthulhu_masters_ipv6" {
+  count = length(hcloud_server.cthulhu_masters)
+
+  zone_id = local.vxm_cz_zone_id
+  name    = "master-${count.index}.cthulhu.k8s"
+  value   = hcloud_server.cthulhu_masters[count.index].ipv6_address
+  type    = "AAAA"
+  proxied = false
+}
+
+resource "cloudflare_record" "cthulhu_kubeapi_singlenode" {
+  count = length(hcloud_server.cthulhu_masters) == 1 ? 1 : 0
+
+  zone_id = local.vxm_cz_zone_id
+  name    = "api.cthulhu.k8s"
+  value   = hcloud_server.cthulhu_masters[0].ipv4_address
+  type    = "A"
+  proxied = false
+}
+
+resource "cloudflare_record" "cthulhu_kubeapi_singlenode_ipv6" {
+  count = length(hcloud_server.cthulhu_masters) == 1 ? 1 : 0
+
+  zone_id = local.vxm_cz_zone_id
+  name    = "api.cthulhu.k8s"
+  value   = hcloud_server.cthulhu_masters[0].ipv6_address
+  type    = "AAAA"
+  proxied = false
+}
+
+resource "cloudflare_record" "cthulhu_workers" {
+  count = length(hcloud_server.cthulhu_workers)
+
+  zone_id = local.vxm_cz_zone_id
+  name    = "worker-${random_string.workers_suffix.result}-${count.index}.cthulhu.k8s"
+  value   = hcloud_server.cthulhu_workers[count.index].ipv4_address
+  type    = "A"
+  proxied = false
+}
+
+resource "cloudflare_record" "cthulhu_workers_ipv6" {
+  count = length(hcloud_server.cthulhu_workers)
+
+  zone_id = local.vxm_cz_zone_id
+  name    = "worker-${random_string.workers_suffix.result}-${count.index}.cthulhu.k8s"
+  value   = hcloud_server.cthulhu_workers[count.index].ipv6_address
+  type    = "AAAA"
+  proxied = false
+}