infrastructure/k8s.tjo.cloud/main.tf

locals {
  cluster_domain = "k8s.tjo.cloud"
}

resource "tailscale_tailnet_key" "nodes" {
  reusable      = true
  ephemeral     = true
  preauthorized = true
  tags          = ["tag:kubernetes-tjo-cloud"]

  description = "tailscale key for k8s-tjo-cloud nodes"
}

module "cluster" {
  source = "./modules/cluster"

  providers = {
    helm.template = helm.template
  }

  talos = {
    version    = "v1.7.5"
    kubernetes = "v1.30.0"
  }

  cluster = {
    name = "k8s-tjo-cloud"
    oidc = {
      client_id  = var.oidc_client_id
      issuer_url = var.oidc_issuer_url
    }
  }

  proxmox = {
    name           = "tjo-cloud"
    url            = "https://proxmox.tjo.cloud/api2/json"
    common_storage = "proxmox-backup-tjo-cloud"
  }

  tailscale_authkey = tailscale_tailnet_key.nodes.key

  nodes = {
    pink = {
      public  = false
      type    = "controlplane"
      host    = "hetzner"
      storage = "main"
      cores   = 4
      memory  = 4096
    }
    blue = {
      public  = false
      type    = "worker"
      host    = "hetzner"
      storage = "main"
      cores   = 6
      memory  = 16384
    }
    cyan = {
      public  = false
      type    = "worker"
      host    = "hetzner"
      storage = "main"
      cores   = 6
      memory  = 16384
    }
  }
}

data "tailscale_device" "controlpane" {
  for_each = { for k, v in module.cluster.nodes : k => v if v.type == "controlplane" }
  hostname = each.value.name
}
resource "digitalocean_record" "api-internal" {
  for_each = toset(flatten([for key, device in data.tailscale_device.controlpane : device.addresses]))

  domain = local.cluster_domain
  type   = strcontains(each.value, ":") ? "AAAA" : "A"
  name   = trimsuffix(module.cluster.api.internal.domain, ".${local.cluster_domain}")
  value  = each.value
  ttl    = 30
}

resource "local_file" "kubeconfig" {
  content = templatefile("${path.module}/kubeconfig.tftpl", {
    cluster : {
      name : module.cluster.name,
      endpoint : module.cluster.api.public.endpoint,
      ca : module.cluster.api.ca,
    }
    oidc : {
      issuer : var.oidc_issuer_url,
      id : var.oidc_client_id,
    }
  })
  filename = "${path.module}/kubeconfig"
}

module "cluster-core" {
  source = "./modules/cluster-core"

  cluster_name = module.cluster.name
}

module "cluster-components" {
  source = "./modules/cluster-components"

  oidc_issuer_url = var.oidc_issuer_url
  oidc_client_id  = var.oidc_client_id

  digitalocean_token = var.digitalocean_token

  cluster_name   = module.cluster.name
  cluster_domain = "k8s.tjo.cloud"
}
feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`locals {`
			`cluster_domain = "k8s.tjo.cloud"`
			`}`

			`resource "tailscale_tailnet_key" "nodes" {`
			`reusable = true`
			`ephemeral = true`
			`preauthorized = true`
			`tags = ["tag:kubernetes-tjo-cloud"]`

			`description = "tailscale key for k8s-tjo-cloud nodes"`
			`}`

feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`module "cluster" {`
feat: monitoring fixes 2024-07-27 14:08:21 +00:00			`source = "./modules/cluster"`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00
			`providers = {`
			`helm.template = helm.template`
			`}`

refactor: use different proxmox provider, figure out nocloud bootstrap 2024-07-17 19:43:11 +00:00			`talos = {`
			`version = "v1.7.5"`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`kubernetes = "v1.30.0"`
			`}`

			`cluster = {`
feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`name = "k8s-tjo-cloud"`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`oidc = {`
			`client_id = var.oidc_client_id`
			`issuer_url = var.oidc_issuer_url`
			`}`
			`}`

			`proxmox = {`
refactor: use different proxmox provider, figure out nocloud bootstrap 2024-07-17 19:43:11 +00:00			`name = "tjo-cloud"`
			`url = "https://proxmox.tjo.cloud/api2/json"`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`common_storage = "proxmox-backup-tjo-cloud"`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`}`

feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`tailscale_authkey = tailscale_tailnet_key.nodes.key`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00
			`nodes = {`
			`pink = {`
feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`public = false`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`type = "controlplane"`
			`host = "hetzner"`
feat: better? 2024-07-21 10:27:40 +00:00			`storage = "main"`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`cores = 4`
			`memory = 4096`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`}`
			`blue = {`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`public = false`
			`type = "worker"`
			`host = "hetzner"`
feat: better? 2024-07-21 10:27:40 +00:00			`storage = "main"`
			`cores = 6`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`memory = 16384`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`}`
			`cyan = {`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`public = false`
			`type = "worker"`
			`host = "hetzner"`
feat: better? 2024-07-21 10:27:40 +00:00			`storage = "main"`
			`cores = 6`
chore: work done, not yet working 2024-07-19 20:48:07 +00:00			`memory = 16384`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`}`
			`}`
			`}`

feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`data "tailscale_device" "controlpane" {`
			`for_each = { for k, v in module.cluster.nodes : k => v if v.type == "controlplane" }`
			`hostname = each.value.name`
			`}`
feat: wip 2024-08-04 17:50:50 +00:00			`resource "digitalocean_record" "api-internal" {`
feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`for_each = toset(flatten([for key, device in data.tailscale_device.controlpane : device.addresses]))`

			`domain = local.cluster_domain`
			`type = strcontains(each.value, ":") ? "AAAA" : "A"`
feat: wip 2024-08-04 17:50:50 +00:00			`name = trimsuffix(module.cluster.api.internal.domain, ".${local.cluster_domain}")`
feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`value = each.value`
			`ttl = 30`
			`}`

feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`resource "local_file" "kubeconfig" {`
feat: wip 2024-08-04 17:50:50 +00:00			`content = templatefile("${path.module}/kubeconfig.tftpl", {`
			`cluster : {`
			`name : module.cluster.name,`
			`endpoint : module.cluster.api.public.endpoint,`
			`ca : module.cluster.api.ca,`
			`}`
			`oidc : {`
			`issuer : var.oidc_issuer_url,`
			`id : var.oidc_client_id,`
			`}`
			`})`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`filename = "${path.module}/kubeconfig"`
			`}`

feat: update 2024-07-23 18:42:22 +00:00			`module "cluster-core" {`
feat: monitoring fixes 2024-07-27 14:08:21 +00:00			`source = "./modules/cluster-core"`

			`cluster_name = module.cluster.name`
feat: update 2024-07-23 18:42:22 +00:00			`}`

			`module "cluster-components" {`
feat: monitoring fixes 2024-07-27 14:08:21 +00:00			`source = "./modules/cluster-components"`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00
feat: finaly working with proxmox-ccm 2024-07-20 11:09:30 +00:00			`oidc_issuer_url = var.oidc_issuer_url`
			`oidc_client_id = var.oidc_client_id`

			`digitalocean_token = var.digitalocean_token`

			`cluster_name = module.cluster.name`
feat: prototyping new ingress setup 2024-08-02 20:10:21 +00:00			`cluster_domain = "k8s.tjo.cloud"`
feat: work done, but using wrong talos image, should use nocloud version not metal 2024-07-16 19:13:04 +00:00			`}`