Fix state

2022-05-08 20:27:01 +02:00
parent 062d39324e
commit e92c44f7f1
6 changed files with 1596 additions and 77 deletions
--- a/main.tf
+++ b/main.tf
@@ -61,7 +61,7 @@ module "kube-hetzner" {
      taints = [
        "server-usage=storage:NoSchedule"
      ],
-      count = 1
+      count = 2
    }
  ]

@@ -76,24 +76,24 @@ module "kube-hetzner" {

  # Adding extra firewall rules, like opening a port
  # More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall
-  # extra_firewall_rules = [
-  #   # For Postgres
-  #   {
-  #     direction       = "in"
-  #     protocol        = "tcp"
-  #     port            = "5432"
-  #     source_ips      = ["0.0.0.0/0", "::/0"]
-  #     destination_ips = [] # Won't be used for this rule 
-  #   },
-  #   # To Allow ArgoCD access to resources via SSH
-  #   {
-  #     direction       = "out"
-  #     protocol        = "tcp"
-  #     port            = "22"
-  #     source_ips      = [] # Won't be used for this rule 
-  #     destination_ips = ["0.0.0.0/0", "::/0"]
-  #   }
-  # ]
+  extra_firewall_rules = [
+    #   # For Postgres
+    #   {
+    #     direction       = "in"
+    #     protocol        = "tcp"
+    #     port            = "5432"
+    #     source_ips      = ["0.0.0.0/0", "::/0"]
+    #     destination_ips = [] # Won't be used for this rule 
+    #   },
+    #   # To Allow ArgoCD access to resources via SSH
+    {
+      direction       = "out"
+      protocol        = "tcp"
+      port            = "22"
+      source_ips      = [] # Won't be used for this rule 
+      destination_ips = ["0.0.0.0/0", "::/0"]
+    }
+  ]

  # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/
  # Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"]
@@ -124,7 +124,10 @@ module "dns" {
 module "flux" {
  source    = "./modules/flux"
  path      = "clank"
-  namespace = "clank"
+  namespace = "flux-system"
  url       = "ssh://git@git.front.kjuulh.io/clank/kubernetes-state.git"
  branch    = "main"
+
+  ssh_private_key_pem = file(".keys/id_clank")
+  ssh_public_key_pem = file(".keys/id_clank.pub")
 }