diff --git a/config/config.libsonnet b/config/config.libsonnet index 4f8c39b..d563532 100644 --- a/config/config.libsonnet +++ b/config/config.libsonnet @@ -1,30 +1,5 @@ local credentials = import "../credentials.libsonnet"; -local terraform = import "../lib/terraform.libsonnet"; +local servers = import "servers.libsonnet"; +local networking = import "networking.libsonnet"; -credentials + { - local hashIp(name) = std.substr(std.md5(name), 0, 4) + ":" + std.substr(std.md5(name), 4, 4), - - local serverMeta(name, instance) = { - name: name, - publicSubdomain: name + ".infra", - internalSubdomain: name + ".i.infra", - publicDomain: self.publicSubdomain + "." + $.infraDomain, - internalDomain: self.internalSubdomain + $.infraDomain, - wireguardIp: $.ipSubnet + ":" + hashIp(name), - instance: instance + { name: name } - }, - - infraDomain: "m5w.de", - # needs to be /96 - ipSubnet: "fdc2:d459:3f8a:84a3:coffe:coffe", - defaultTTL: 3600, - defaultZoneTTL: 86400, - sshKeys: { - martin: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzXsN8jgzF51mQS5gfo4H7QKNhDKDEyXZSGen83MYw9GyIMi+AdH1fuhnYBlN2fTlHjs88otZkBMhVzE5lbkutz07j+ZpF6AdUvxqesqkXa2hdXFBRRwnG7u0Pxbi7vhr7uUWMa1WzJYynwmYBLL0yNEK6dI1qJcpwaK6v8UOZymiSJh04Sqd1LfEKd7R3BdzRCqkeKab1351OmJSswN+HRsAsDbdOIDBXpUMomvYAxJud4Wv90NcXfYikI7lhaAILBPTSUQqgTFFHhjfw9pe6Uhxb5URVS5ENjYVDyD2Lo1daZwy+sSYvA1LKZLQVEBKyx1o6SLLsuYqOuOIxiy8UEQ9vLHBdYQ+Ca0m2TruPtxEIu67WQFMBjMXcja4p516UkiuFqr0sQftI0HvVIZHS95DTK2BygkOy9Aok/fQ4IBeraN9EjIRkAB5Hn0z8vxBQMf9ZKUisMbN8nk22YpGte1RD9BFS9Swm7IE1c55QD30S6tD5z0lMUcU+ol3rOIh/013hNj9ZLsYxOtGJtIX3Xc+tIbUgXKou1sjPGQx4M2t9RRZTJ8L4l2DYw4joNoFXGiwFW586DBMw6wb9YeikA+Nuy0RFY8ytgBD5Qdh7IbF7+aA8f0ZkGHkmf/VLM1UkO5XXh3bNlz03IPcav091mAAlu/OHCdOhN54V9vE1FQ== cardno:4268913' - }, - servers: [ - serverMeta("dust2", terraform.HcloudInstance { - server_type: "cx11" - }) - ] -} +credentials + servers + networking diff --git a/config/groups.libsonnet b/config/groups.libsonnet new file mode 100644 index 0000000..aec12fe --- /dev/null +++ b/config/groups.libsonnet @@ -0,0 +1,11 @@ +{ + Group:: { + roles: [], + variables: {} + }, + + # all hosts + infra: Group { roles: ['node-exporter'] }, + dockerapps: Group { roles: ['docker', 'nginx'] } , + +} diff --git a/config/networking.libsonnet b/config/networking.libsonnet new file mode 100644 index 0000000..9fedc65 --- /dev/null +++ b/config/networking.libsonnet @@ -0,0 +1,7 @@ +{ + infraDomain: "m5w.de", + # needs to be /96 + ipSubnet: "fdc2:d459:3f8a:84a3:coffe:coffe", + defaultTTL: 3600, + defaultZoneTTL: 86400, +} diff --git a/config/servers.libsonnet b/config/servers.libsonnet new file mode 100644 index 0000000..0d573dd --- /dev/null +++ b/config/servers.libsonnet @@ -0,0 +1,24 @@ +local terraform = import "../lib/terraform.libsonnet"; +local networking = import "networking.libsonnet"; + +local hashIp(name) = std.substr(std.md5(name), 0, 4) + ":" + std.substr(std.md5(name), 4, 4); +local serverMeta(name, instance) = { + [name]: { + name: name, + publicSubdomain: name + ".infra", + internalSubdomain: name + ".i.infra", + publicDomain: self.publicSubdomain + "." + networking.infraDomain, + internalDomain: self.internalSubdomain + "." + networking.infraDomain, + wireguardIp: networking.ipSubnet + ":" + hashIp(name), + instance: instance + { name: name } + } +}; + +{ + servers: serverMeta("dust2", terraform.HcloudInstance { + server_type: "cx11" + }), + sshKeys: { + martin: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzXsN8jgzF51mQS5gfo4H7QKNhDKDEyXZSGen83MYw9GyIMi+AdH1fuhnYBlN2fTlHjs88otZkBMhVzE5lbkutz07j+ZpF6AdUvxqesqkXa2hdXFBRRwnG7u0Pxbi7vhr7uUWMa1WzJYynwmYBLL0yNEK6dI1qJcpwaK6v8UOZymiSJh04Sqd1LfEKd7R3BdzRCqkeKab1351OmJSswN+HRsAsDbdOIDBXpUMomvYAxJud4Wv90NcXfYikI7lhaAILBPTSUQqgTFFHhjfw9pe6Uhxb5URVS5ENjYVDyD2Lo1daZwy+sSYvA1LKZLQVEBKyx1o6SLLsuYqOuOIxiy8UEQ9vLHBdYQ+Ca0m2TruPtxEIu67WQFMBjMXcja4p516UkiuFqr0sQftI0HvVIZHS95DTK2BygkOy9Aok/fQ4IBeraN9EjIRkAB5Hn0z8vxBQMf9ZKUisMbN8nk22YpGte1RD9BFS9Swm7IE1c55QD30S6tD5z0lMUcU+ol3rOIh/013hNj9ZLsYxOtGJtIX3Xc+tIbUgXKou1sjPGQx4M2t9RRZTJ8L4l2DYw4joNoFXGiwFW586DBMw6wb9YeikA+Nuy0RFY8ytgBD5Qdh7IbF7+aA8f0ZkGHkmf/VLM1UkO5XXh3bNlz03IPcav091mAAlu/OHCdOhN54V9vE1FQ== cardno:4268913' + }, +} diff --git a/services.jsonnet b/services.jsonnet index d3f20c0..6afdb55 100644 --- a/services.jsonnet +++ b/services.jsonnet @@ -2,7 +2,7 @@ local terraform = import "lib/terraform.libsonnet"; local config = import "config/config.libsonnet"; { - "terraform.tf.json": std.manifestJson({ + "terraform/terraform.tf.json": std.manifestJson({ terraform: { required_providers: { hcloud: { @@ -31,30 +31,30 @@ local config = import "config/config.libsonnet"; for k in std.objectFields(config.sshKeys) }, hcloud_server: { - [s.name]: s.instance - for s in config.servers + [s]: config.servers[s].instance + for s in std.objectFields(config.servers) }, hetznerdns_zone: { infra: { name: config.infraDomain, ttl: config.defaultZoneTTL }, }, hetznerdns_record: std.foldl(function (a, b) a + b, [ - terraform.serverDnsRecords(s) - for s in config.servers + terraform.serverDnsRecords(config.servers[s]) + for s in std.objectFields(config.servers) ], {}) } }), - "inventory.yaml": std.manifestYamlDoc({ + "ansible/inventory.yaml": std.manifestYamlDoc({ all: { hosts: { - [s.name]: s + { - ansible_host: s.publicDomain, + [s]: config.servers[s] + { + ansible_host: config.servers[s].publicDomain, ansible_user: "root" } - for s in config.servers + for s in std.objectFields(config.servers) } } }), - "site.yaml": std.manifestYamlDoc([ + "ansible/site.yaml": std.manifestYamlDoc([ { name: "Test command", hosts: "all",