mawalu
/
ansble-terraform-jsonnet
1
0
Fork 0
Code Issues 3 Pull Requests Projects Releases Wiki Activity

Refactor config

This commit is contained in:
Martin 2021-10-03 19:04:37 +02:00
parent affc79adda
commit ae2e359225
Signed by: mawalu
GPG Key ID: BF556F989760A7C8
5 changed files with 55 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
config/config.libsonnet
View File

@ -1,30 +1,5 @@
local credentials = import "../credentials.libsonnet"; local credentials = import "../credentials.libsonnet";
local terraform = import "../lib/terraform.libsonnet"; local servers = import "servers.libsonnet";
local networking = import "networking.libsonnet";
credentials + { credentials + servers + networking
local hashIp(name) = std.substr(std.md5(name), 0, 4) + ":" + std.substr(std.md5(name), 4, 4),
local serverMeta(name, instance) = {
name: name,
publicSubdomain: name + ".infra",
internalSubdomain: name + ".i.infra",
publicDomain: self.publicSubdomain + "." + $.infraDomain,
internalDomain: self.internalSubdomain + $.infraDomain,
wireguardIp: $.ipSubnet + ":" + hashIp(name),
instance: instance + { name: name }
},
infraDomain: "m5w.de",
# needs to be /96
ipSubnet: "fdc2:d459:3f8a:84a3:coffe:coffe",
defaultTTL: 3600,
defaultZoneTTL: 86400,
sshKeys: {
martin: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzXsN8jgzF51mQS5gfo4H7QKNhDKDEyXZSGen83MYw9GyIMi+AdH1fuhnYBlN2fTlHjs88otZkBMhVzE5lbkutz07j+ZpF6AdUvxqesqkXa2hdXFBRRwnG7u0Pxbi7vhr7uUWMa1WzJYynwmYBLL0yNEK6dI1qJcpwaK6v8UOZymiSJh04Sqd1LfEKd7R3BdzRCqkeKab1351OmJSswN+HRsAsDbdOIDBXpUMomvYAxJud4Wv90NcXfYikI7lhaAILBPTSUQqgTFFHhjfw9pe6Uhxb5URVS5ENjYVDyD2Lo1daZwy+sSYvA1LKZLQVEBKyx1o6SLLsuYqOuOIxiy8UEQ9vLHBdYQ+Ca0m2TruPtxEIu67WQFMBjMXcja4p516UkiuFqr0sQftI0HvVIZHS95DTK2BygkOy9Aok/fQ4IBeraN9EjIRkAB5Hn0z8vxBQMf9ZKUisMbN8nk22YpGte1RD9BFS9Swm7IE1c55QD30S6tD5z0lMUcU+ol3rOIh/013hNj9ZLsYxOtGJtIX3Xc+tIbUgXKou1sjPGQx4M2t9RRZTJ8L4l2DYw4joNoFXGiwFW586DBMw6wb9YeikA+Nuy0RFY8ytgBD5Qdh7IbF7+aA8f0ZkGHkmf/VLM1UkO5XXh3bNlz03IPcav091mAAlu/OHCdOhN54V9vE1FQ== cardno:4268913'
},
servers: [
serverMeta("dust2", terraform.HcloudInstance {
server_type: "cx11"
})
]
}

11
config/groups.libsonnet Normal file
View File

@ -0,0 +1,11 @@
{
Group:: {
roles: [],
variables: {}
},
# all hosts
infra: Group { roles: ['node-exporter'] },
dockerapps: Group { roles: ['docker', 'nginx'] } ,
}

7
config/networking.libsonnet Normal file
View File

@ -0,0 +1,7 @@
{
infraDomain: "m5w.de",
# needs to be /96
ipSubnet: "fdc2:d459:3f8a:84a3:coffe:coffe",
defaultTTL: 3600,
defaultZoneTTL: 86400,
}

24
config/servers.libsonnet Normal file
View File

@ -0,0 +1,24 @@
local terraform = import "../lib/terraform.libsonnet";
local networking = import "networking.libsonnet";
local hashIp(name) = std.substr(std.md5(name), 0, 4) + ":" + std.substr(std.md5(name), 4, 4);
local serverMeta(name, instance) = {
[name]: {
name: name,
publicSubdomain: name + ".infra",
internalSubdomain: name + ".i.infra",
publicDomain: self.publicSubdomain + "." + networking.infraDomain,
internalDomain: self.internalSubdomain + "." + networking.infraDomain,
wireguardIp: networking.ipSubnet + ":" + hashIp(name),
instance: instance + { name: name }
}
};
{
servers: serverMeta("dust2", terraform.HcloudInstance {
server_type: "cx11"
}),
sshKeys: {
martin: 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCzXsN8jgzF51mQS5gfo4H7QKNhDKDEyXZSGen83MYw9GyIMi+AdH1fuhnYBlN2fTlHjs88otZkBMhVzE5lbkutz07j+ZpF6AdUvxqesqkXa2hdXFBRRwnG7u0Pxbi7vhr7uUWMa1WzJYynwmYBLL0yNEK6dI1qJcpwaK6v8UOZymiSJh04Sqd1LfEKd7R3BdzRCqkeKab1351OmJSswN+HRsAsDbdOIDBXpUMomvYAxJud4Wv90NcXfYikI7lhaAILBPTSUQqgTFFHhjfw9pe6Uhxb5URVS5ENjYVDyD2Lo1daZwy+sSYvA1LKZLQVEBKyx1o6SLLsuYqOuOIxiy8UEQ9vLHBdYQ+Ca0m2TruPtxEIu67WQFMBjMXcja4p516UkiuFqr0sQftI0HvVIZHS95DTK2BygkOy9Aok/fQ4IBeraN9EjIRkAB5Hn0z8vxBQMf9ZKUisMbN8nk22YpGte1RD9BFS9Swm7IE1c55QD30S6tD5z0lMUcU+ol3rOIh/013hNj9ZLsYxOtGJtIX3Xc+tIbUgXKou1sjPGQx4M2t9RRZTJ8L4l2DYw4joNoFXGiwFW586DBMw6wb9YeikA+Nuy0RFY8ytgBD5Qdh7IbF7+aA8f0ZkGHkmf/VLM1UkO5XXh3bNlz03IPcav091mAAlu/OHCdOhN54V9vE1FQ== cardno:4268913'
},
}

20
services.jsonnet
View File

@ -2,7 +2,7 @@ local terraform = import "lib/terraform.libsonnet";
local config = import "config/config.libsonnet"; local config = import "config/config.libsonnet";
{ {
"terraform.tf.json": std.manifestJson({ "terraform/terraform.tf.json": std.manifestJson({
terraform: { terraform: {
required_providers: { required_providers: {
hcloud: { hcloud: {
@ -31,30 +31,30 @@ local config = import "config/config.libsonnet";
for k in std.objectFields(config.sshKeys) for k in std.objectFields(config.sshKeys)
}, },
hcloud_server: { hcloud_server: {
[s.name]: s.instance [s]: config.servers[s].instance
for s in config.servers for s in std.objectFields(config.servers)
}, },
hetznerdns_zone: { hetznerdns_zone: {
infra: { name: config.infraDomain, ttl: config.defaultZoneTTL }, infra: { name: config.infraDomain, ttl: config.defaultZoneTTL },
}, },
hetznerdns_record: std.foldl(function (a, b) a + b, [ hetznerdns_record: std.foldl(function (a, b) a + b, [
terraform.serverDnsRecords(s) terraform.serverDnsRecords(config.servers[s])
for s in config.servers for s in std.objectFields(config.servers)
], {}) ], {})
} }
}), }),
"inventory.yaml": std.manifestYamlDoc({ "ansible/inventory.yaml": std.manifestYamlDoc({
all: { all: {
hosts: { hosts: {
[s.name]: s + { [s]: config.servers[s] + {
ansible_host: s.publicDomain, ansible_host: config.servers[s].publicDomain,
ansible_user: "root" ansible_user: "root"
} }
for s in config.servers for s in std.objectFields(config.servers)
} }
} }
}), }),
"site.yaml": std.manifestYamlDoc([ "ansible/site.yaml": std.manifestYamlDoc([
{ {
name: "Test command", name: "Test command",
hosts: "all", hosts: "all",