feat: add all of the terraform files

Signed-off-by: Vojtech Mares <iam@vojtechmares.com>

terraform/loadbalancers.tf

@@ -0,0 +1,59 @@
+resource "hcloud_load_balancer" "ingress" {
+  name               = "ingress"
+  load_balancer_type = "lb11"
+  location           = "fsn1"
+  labels = {
+    "env"                     = "production"
+    "k8s.cluster.name"        = "cthulhu"
+    "k8s.loadbalancer.target" = "ingress"
+  }
+}
+
+resource "hcloud_load_balancer_target" "ingress" {
+  type           = "label_selector"
+  label_selector = "k8s.node.role=worker"
+  use_private_ip = true
+
+  load_balancer_id = hcloud_load_balancer.ingress.id
+
+  depends_on = [ hcloud_load_balancer_network.ingress_to_network ]
+}
+
+resource "hcloud_load_balancer_service" "ingress_workers_tcp_80" {
+  load_balancer_id = hcloud_load_balancer.ingress.id
+  protocol         = "tcp"
+  listen_port      = 80
+  destination_port = 32080
+  proxyprotocol    = true
+}
+
+resource "hcloud_load_balancer_service" "ingress_workers_tcp_443" {
+  load_balancer_id = hcloud_load_balancer.ingress.id
+  protocol         = "tcp"
+  listen_port      = 443
+  destination_port = 32443
+  proxyprotocol    = true
+}
+
+resource "cloudflare_record" "ingress_cthulhu_k8s_vxm_cz" {
+  zone_id = local.vxm_cz_zone_id
+  name    = "ingress.cthulhu.k8s"
+  value   = hcloud_load_balancer.ingress.ipv4
+  type    = "A"
+  proxied = false
+}
+
+resource "cloudflare_record" "ingress_cthulhu_k8s_vxm_cz_ipv6" {
+  zone_id = local.vxm_cz_zone_id
+  name    = "ingress.cthulhu.k8s"
+  value   = hcloud_load_balancer.ingress.ipv6
+  type    = "AAAA"
+  proxied = false
+}
+
+resource "hcloud_load_balancer_network" "ingress_to_network" {
+  load_balancer_id = hcloud_load_balancer.ingress.id
+  network_id       = hcloud_network.cthulhu.id
+  ip               = cidrhost(hcloud_network_subnet.service.ip_range, 1)
+}
+