tony/homelab
1
0
Fork 0
Code Issues 12 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Prepare outpost

Browse Source
This commit is contained in:
Tony Du 2025-02-13 14:36:26 -08:00
parent 94c2ed4e7d
commit 37ce552a0f
12 changed files with 161 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
tf/cloud-init.tf
View File

@ -1,44 +1,3 @@
data "local_file" "ssh_pub_key" {
filename = "${path.module}/data/id_rsa.pub"
}
locals {
common_cloud_init = <<EOF
#cloud-config
chpasswd:
list: |
ubuntu:ubuntu
${var.username}:${var.username}
expire: false
packages:
- qemu-guest-agent
- nfs-common
- avahi-daemon
timezone: America/Vancouver
users:
- default
- name: ubuntu
groups: sudo
shell: /bin/bash
ssh-authorized-keys:
- ${trimspace(data.local_file.ssh_pub_key.content)}
sudo: ALL=(ALL) NOPASSWD:ALL
- name: ${var.username}
groups: sudo
shell: /bin/bash
ssh_import_id:
- ${var.ssh_import_id}
sudo: ALL=(ALL) NOPASSWD:ALL
power_state:
delay: now
mode: reboot
message: Rebooting after cloud-init completion
condition: true
EOF
}
resource "proxmox_virtual_environment_file" "common_cloud_init" { resource "proxmox_virtual_environment_file" "common_cloud_init" {
content_type = "snippets" content_type = "snippets"
datastore_id = var.proxmox_image_storage datastore_id = var.proxmox_image_storage
@ -64,7 +23,7 @@ users:
groups: sudo groups: sudo
shell: /bin/bash shell: /bin/bash
ssh-authorized-keys: ssh-authorized-keys:
- ${trimspace(data.local_file.ssh_pub_key.content)} - ${trimspace(file(var.ssh_public_key_file))}
sudo: ALL=(ALL) NOPASSWD:ALL sudo: ALL=(ALL) NOPASSWD:ALL
- name: ${var.username} - name: ${var.username}
groups: sudo groups: sudo

4
tf/dns-server.tf
View File

@ -14,7 +14,7 @@ module "dns_server" {
proxmox_vm_storage = var.proxmox_vm_storage proxmox_vm_storage = var.proxmox_vm_storage
proxmox_image_storage = var.proxmox_image_storage proxmox_image_storage = var.proxmox_image_storage
cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id
cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id
ssh_private_key_file = var.ssh_private_key_file ssh_private_key_file = var.ssh_private_key_file
} }

4
tf/docker-swarm.tf
View File

@ -12,7 +12,7 @@ module "docker_swarm_stingray" {
proxmox_vm_storage = var.proxmox_vm_storage proxmox_vm_storage = var.proxmox_vm_storage
proxmox_image_storage = var.proxmox_image_storage proxmox_image_storage = var.proxmox_image_storage
cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id
cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id
ssh_private_key_file = var.ssh_private_key_file ssh_private_key_file = var.ssh_private_key_file
} }

34
tf/huts.tf
View File

@ -1,18 +1,3 @@
resource "proxmox_virtual_environment_file" "jumper" {
content_type = "snippets"
datastore_id = var.proxmox_image_storage
node_name = "pve"
source_raw {
data = <<EOF
${local.common_cloud_init}
hostname: jumper
EOF
file_name = "jumper.cloud-config.yaml"
}
}
resource "proxmox_virtual_environment_vm" "jumper_storage_dummy" { resource "proxmox_virtual_environment_vm" "jumper_storage_dummy" {
name = "jumper-dummy" name = "jumper-dummy"
description = "Managed by Terraform" description = "Managed by Terraform"
@ -80,7 +65,7 @@ resource "proxmox_virtual_environment_vm" "jumper" {
} }
datastore_id = var.proxmox_image_storage datastore_id = var.proxmox_image_storage
user_data_file_id = proxmox_virtual_environment_file.jumper.id user_data_file_id = proxmox_virtual_environment_file.common_cloud_init.id
} }
dynamic "disk" { dynamic "disk" {
@ -104,7 +89,24 @@ resource "proxmox_virtual_environment_vm" "jumper" {
type = "l26" type = "l26"
} }
connection {
type = "ssh"
user = "ubuntu"
private_key = file(var.ssh_private_key_file)
host = split("/", self.initialization[0].ip_config[0].ipv4[0].address)[0]
}
provisioner "remote-exec" {
inline = [
"sudo hostnamectl set-hostname ${self.name}",
"sudo systemctl restart avahi-daemon",
]
}
lifecycle { lifecycle {
ignore_changes = [
initialization[0].user_data_file_id,
]
} }
} }

8
tf/k8s.tf
View File

@ -15,8 +15,8 @@ module "k8s_dolo" {
proxmox_vm_storage = var.proxmox_vm_storage proxmox_vm_storage = var.proxmox_vm_storage
proxmox_image_storage = var.proxmox_image_storage proxmox_image_storage = var.proxmox_image_storage
cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id
cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id
ssh_private_key_file = var.ssh_private_key_file ssh_private_key_file = var.ssh_private_key_file
} }
@ -36,8 +36,8 @@ module "k8s_folly" {
proxmox_vm_storage = var.proxmox_vm_storage proxmox_vm_storage = var.proxmox_vm_storage
proxmox_image_storage = var.proxmox_image_storage proxmox_image_storage = var.proxmox_image_storage
cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id cloud_init_file_id = proxmox_virtual_environment_file.common_cloud_init.id
cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id cloud_image_id = proxmox_virtual_environment_file.ubuntu_cloud_image.id
ssh_private_key_file = var.ssh_private_key_file ssh_private_key_file = var.ssh_private_key_file
} }

92
tf/modules/outpost/main.tf Normal file
View File

@ -0,0 +1,92 @@
resource "aws_key_pair" "titanium" {
key_name = "titanium"
public_key = file(var.ssh_public_key_file)
}
resource "aws_vpc" "outpost" {
# whatever
cidr_block = "172.32.0.0/16"
}
resource "aws_subnet" "outpost" {
vpc_id = aws_vpc.outpost.id
cidr_block = cidrsubnet(aws_vpc.outpost.cidr_block, 8, 1)
availability_zone = "us-west-2a"
}
resource "aws_internet_gateway" "outpost" {
vpc_id = aws_vpc.outpost.id
}
resource "aws_security_group" "outpost" {
vpc_id = aws_vpc.outpost.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_route_table" "outpost" {
vpc_id = aws_vpc.outpost.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.outpost.id
}
}
resource "aws_route_table_association" "outpost_assoc" {
subnet_id = aws_subnet.outpost.id
route_table_id = aws_route_table.outpost.id
}
resource "aws_network_interface" "outpost" {
subnet_id = aws_subnet.outpost.id
# Required for private_ip_list
private_ip_list_enabled = true
# private_ips aren't ordered meaning this NIC and its dependent resources may
# be re-created upon changing the number of IPs.
# private_ip_list, however, _is_ ordered, hence why we use it over private_ips
private_ip_list = [
for i in range(var.ip_count) : cidrhost(aws_subnet.outpost.cidr_block, i + 32)
]
security_groups = [aws_security_group.outpost.id]
}
resource "aws_instance" "outpost" {
ami = "ami-00c257e12d6828491"
instance_type = "t2.micro"
availability_zone = aws_subnet.outpost.availability_zone
key_name = aws_key_pair.titanium.key_name
network_interface {
network_interface_id = aws_network_interface.outpost.id
device_index = 0
}
tags = {
Name = "outpost-01"
}
}
resource "aws_eip" "eip" {
count = var.ip_count
}
resource "aws_eip_association" "eip_assoc" {
count = var.ip_count
network_interface_id = aws_network_interface.outpost.id
allocation_id = aws_eip.eip[count.index].id
private_ip_address = aws_network_interface.outpost.private_ip_list[count.index]
}

12
tf/modules/outpost/providers.tf Normal file
View File

@ -0,0 +1,12 @@
terraform {
required_providers {
ansible = {
source = "ansible/ansible"
version = "1.3.0"
}
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}

7
tf/modules/outpost/variables.tf Normal file
View File

@ -0,0 +1,7 @@
variable "ssh_public_key_file" {
type = string
}
variable "ip_count" {
type = number
}

6
tf/outpost.tf Normal file
View File

@ -0,0 +1,6 @@
# module "outpost" {
# source = "./modules/outpost"
# ip_count = 1
# ssh_public_key_file = var.ssh_public_key_file
# }

8
tf/providers.tf
View File

@ -16,6 +16,10 @@ terraform {
source = "hashicorp/dns" source = "hashicorp/dns"
version = "3.4.2" version = "3.4.2"
} }
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
} }
backend "s3" { backend "s3" {
@ -56,3 +60,7 @@ provider "dns" {
key_secret = var.technitium_tsig_secret key_secret = var.technitium_tsig_secret
} }
} }
provider "aws" {
region = "us-west-2"
}

11
tf/variables.tf
View File

@ -51,7 +51,12 @@ variable "technitium_tsig_secret" {
sensitive = true sensitive = true
} }
variable "ssh_private_key_file" { variable "ssh_public_key_file" {
type = string type = string
description = "Path to private key file. Make sure this matches the public key defined in the cloud init." description = "Path to private key file. Make sure this matches the private key"
}
variable "ssh_private_key_file" {
type = string
description = "Path to private key file. Make sure this matches the public key"
} }

1
tf/vars.auto.tfvars
View File

@ -5,4 +5,5 @@ gateway = "10.0.0.1"
username = "tony" username = "tony"
ssh_import_id = "gh:tonyd33" ssh_import_id = "gh:tonyd33"
ssh_public_key_file = "~/.ssh/id_rsa.pub"
ssh_private_key_file = "~/.ssh/id_rsa" ssh_private_key_file = "~/.ssh/id_rsa"