diff --git a/.gitignore b/.gitignore index a48bb56..d497538 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ terraform.tfvars .terraform.lock.hcl .terraform/ +.keys/ +kubeconfig.yaml +kustomization_backup.yaml diff --git a/main.tf b/main.tf index 59d6c7d..7c65046 100644 --- a/main.tf +++ b/main.tf @@ -1,199 +1,122 @@ module "kube-hetzner" { - source = "kube-hetzner/kube-hetzner/hcloud" + source = "kube-hetzner/kube-hetzner/hcloud" - hcloud_token = vars.hcloud_token + hcloud_token = var.hcloud_token - # insert the required variables here found in terraform.tfvars.example - # - # Only the first values starting with a * are obligatory; the rest can remain with their default values, or you -# could adapt them to your needs. -# -# Note that some values, notably "location" and "public_key" have no effect after initializing the cluster. -# This is to keep Terraform from re-provisioning all nodes at once, which would lose data. If you want to update -# those, you should instead change the value here and manually re-provision each node. Grep for "lifecycle". + public_key = ".keys/id_ed25519.pub" + private_key = ".keys/id_ed25519" -# * Your Hetzner project API token -public_key = "./keys/id_ed25519.pub" -# * Your private key must be "private_key = null" when you want to use ssh-agent for a Yubikey-like device authentification or an SSH key-pair with a passphrase. -# For more details on SSH see https://github.com/kube-hetzner/kube-hetzner/blob/master/docs/ssh.md -private_key = "./keys/id_ed25519" + network_region = "eu-central" # change to `us-east` if location is ash + control_plane_nodepools = [ + { + name = "control-plane-fsn1", + server_type = "cpx11", + location = "fsn1", + labels = [], + taints = [], + count = 1 + }, + { + name = "control-plane-nbg1", + server_type = "cpx11", + location = "nbg1", + labels = [], + taints = [], + count = 1 + }, + { + name = "control-plane-hel1", + server_type = "cpx11", + location = "hel1", + labels = [], + taints = [], + count = 1 + } + ] -# These can be customized, or left with the default values -# * For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/ -network_region = "eu-central" # change to `us-east` if location is ash + agent_nodepools = [ + { + name = "agent-small1", + server_type = "cpx11", + location = "fsn1", + labels = [], + taints = [], + count = 1 + }, + { + name = "agent-small2", + server_type = "cpx11", + location = "nbg1", + labels = [], + taints = [], + count = 1 + }, + { + name = "storage1", + server_type = "cpx11", + location = "fsn1", + labels = [ + "node.kubernetes.io/server-usage=storage" + ], + taints = [ + "server-usage=storage:NoSchedule" + ], + count = 1 + } + ] -# For the control planes, at least three nodes are the minimum for HA. Otherwise, you need to turn off the automatic upgrade (see ReadMe). -# As per Rancher docs, it must always be an odd number, never even! See https://rancher.com/docs/k3s/latest/en/installation/ha-embedded/ -# For instance, one is ok (non-HA), two is not ok, and three is ok (becomes HA). It does not matter if they are in the same nodepool or not! So they can be in different locations and of various types. + load_balancer_type = "lb11" + load_balancer_location = "fsn1" + traefik_enabled = true + metrics_server_enabled = true + automatically_upgrade_k3s = true + initial_k3s_channel = "stable" + cluster_name = "clank" + use_cluster_name_in_node_name = true -# Of course, you can choose any number of nodepools you want, with the location you want. The only constraint on the location is that you need to stay in the same network region, Europe, or the US. -# For the server type, the minimum instance supported is cpx11 (just a few cents more than cx11); see https://www.hetzner.com/cloud. + # Adding extra firewall rules, like opening a port + # More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall + # extra_firewall_rules = [ + # # For Postgres + # { + # direction = "in" + # protocol = "tcp" + # port = "5432" + # source_ips = ["0.0.0.0/0", "::/0"] + # destination_ips = [] # Won't be used for this rule + # }, + # # To Allow ArgoCD access to resources via SSH + # { + # direction = "out" + # protocol = "tcp" + # port = "22" + # source_ips = [] # Won't be used for this rule + # destination_ips = ["0.0.0.0/0", "::/0"] + # } + # ] -# IMPORTANT: Before you create your cluster, you can do anything you want with the nodepools, but you need at least one of each control plane and agent. -# Once the cluster is up and running, you can change nodepool count and even set it to 0 (in the case of the first control-plane nodepool, the minimum is 1), -# you can also rename it (if the count is 0), but do not remove a nodepool from the list. - -# The only nodepools that are safe to remove from the list when you edit it are at the end of the lists. That is due to how subnets and IPs get allocated (FILO). -# You can, however, freely add other nodepools at the end of each list if you want! The maximum number of nodepools you can create combined for both lists is 255. -# Also, before decreasing the count of any nodepools to 0, it's essential to drain and cordon the nodes in question. Otherwise, it will leave your cluster in a bad state. - -# Before initializing the cluster, you can change all parameters and add or remove any nodepools. You need at least one nodepool of each kind, control plane, and agent. -# The nodepool names are entirely arbitrary, you can choose whatever you want, but no special characters or underscore, and they must be unique; only alphanumeric characters and dashes are allowed. - -# If you want to have a single node cluster, have one control plane nodepools with a count of 1, and one agent nodepool with a count of 0. - -# * Example below: - -control_plane_nodepools = [ - { - name = "control-plane-fsn1", - server_type = "cpx11", - location = "fsn1", - labels = [], - taints = [], - count = 1 - }, - { - name = "control-plane-nbg1", - server_type = "cpx11", - location = "nbg1", - labels = [], - taints = [], - count = 1 - }, - { - name = "control-plane-hel1", - server_type = "cpx11", - location = "hel1", - labels = [], - taints = [], - count = 1 - } -] - -agent_nodepools = [ - { - name = "agent-small1", - server_type = "cpx11", - location = "fsn1", - labels = [], - taints = [], - count = 1 - }, - { - name = "agent-small2", - server_type = "cpx11", - location = "nbg1", - labels = [], - taints = [], - count = 1 - }, - { - name = "storage1", - server_type = "cpx11", - location = "fsn1", - labels = [ - "node.kubernetes.io/server-usage=storage" - ], - taints = [ - "server-usage=storage:NoSchedule" - ], - count = 1 - } -] - -# * LB location and type, the latter will depend on how much load you want it to handle, see https://www.hetzner.com/cloud/load-balancer -load_balancer_type = "lb11" -load_balancer_location = "fsn1" - -### The following values are entirely optional - -# To use local storage on the nodes, you can enable Longhorn, default is "false". -# enable_longhorn = true - -# To disable Hetzner CSI storage, you can set the following to true, default is "false". -# disable_hetzner_csi = true - -# traefik_acme_tls = true -# traefik_acme_email = "mail@example.com" - -traefik_enabled = true -metrics_server_enabled = true - -# If you want to allow non-control-plane workloads to run on the control-plane nodes, set "true" below. The default is "false". -# True by default for single node clusters. -# allow_scheduling_on_control_plane = true - -# If you want to disable the automatic upgrade of k3s, you can set this to false. The default is "true". - automatically_upgrade_k3s = true - -# Allows you to specify either stable, latest, testing or supported minor versions (defaults to stable) -# see https://rancher.com/docs/k3s/latest/en/upgrades/basic/ and https://update.k3s.io/v1-release/channels -initial_k3s_channel = "stable" - -# The cluster name, by default "k3s" -cluster_name = "clank" - -# Whether to use the cluster name in the node name, in the form of {cluster_name}-{nodepool_name}, the default is "true". - use_cluster_name_in_node_name = true - -# Adding extra firewall rules, like opening a port -# More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall -# extra_firewall_rules = [ -# # For Postgres -# { -# direction = "in" -# protocol = "tcp" -# port = "5432" -# source_ips = ["0.0.0.0/0", "::/0"] -# destination_ips = [] # Won't be used for this rule -# }, -# # To Allow ArgoCD access to resources via SSH -# { -# direction = "out" -# protocol = "tcp" -# port = "22" -# source_ips = [] # Won't be used for this rule -# destination_ips = ["0.0.0.0/0", "::/0"] -# } -# ] - -# If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/ -# Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"] -traefik_additional_options = [ "--tracing=true"] - -# If you want to configure a different CNI for k3s, use this flag -# possible values: flannel (Default), calico -# Cilium or other would be easy to add, you can mirror how Calico was added. PRs are welcome! -# CAVEATS: Calico is not supported for single node setups, because of the following issue https://github.com/k3s-io/klipper-lb/issues/6. -# cni_plugin = "calico" - -# If you want to disable the k3s default network policy controller, use this flag! -# Calico overrides this value to true automatically, the default is "false". -# disable_network_policy = true - -# If you want to disable the automatic use of placement group "spread". See https://docs.hetzner.com/cloud/placement-groups/overview/ -# That may be useful if you need to deploy more than 500 nodes! The default is "false". -# placement_group_disable = true - -# You can enable cert-manager (installed by Helm behind the scenes) with the following flag, the default is "false". -enable_cert_manager = true - -# You can enable Rancher (installed by Helm behind the scenes) with the following flag, the default is "false". -# When Rancher is enabled, it automatically installs cert-manager too, and it uses rancher's own certificates. -# As for the number of replicas, it is set to the numbe of control plane nodes. -# You can customized all of the above by creating and applying a HelmChartConfig to pass the helm chart values of your choice. -# See https://rancher.com/docs/k3s/latest/en/helm/ -# and https://rancher.com/docs/rancher/v2.6/en/installation/install-rancher-on-k8s/chart-options/ -# enable_rancher = true - -# When Rancher is deployed, by default is uses the "stable" channel. But this can be customized. -# The allowed values are "stable", "latest", and "alpha". -# rancher_install_channel = "latest" - -# Set your Rancher hostname, the default is "rancher.example.com". -# It is a required value when using rancher, but up to you to point the DNS to it or not. -# You can also not point the DNS, and just port-forward locally via kubectl to get access to the dashboard. -# rancher_hostname = "rancher.xyz.dev"# - # + # If you want to configure additional Arguments for traefik, enter them here as a list and in the form of traefik CLI arguments; see https://doc.traefik.io/traefik/reference/static-configuration/cli/ + # Example: traefik_additional_options = ["--log.level=DEBUG", "--tracing=true"] + traefik_additional_options = ["--tracing=true"] + enable_cert_manager = true +} + +module "dns" { + source = "./modules/cloudflare" + api_token = var.cloudflare_api_token + + zone_id = "9454b35cb1010b9eab9aadf206fdf11f" + + records = [ + { + name = "kjuulh.app", + ip = module.kube-hetzner.load_balancer_public_ipv4 + ip_type = "A" + }, + { + name = "*.kjuulh.app", + ip = module.kube-hetzner.load_balancer_public_ipv4 + ip_type = "A" + } + ] } diff --git a/modules/cloudflare/main.tf b/modules/cloudflare/main.tf new file mode 100644 index 0000000..07439e6 --- /dev/null +++ b/modules/cloudflare/main.tf @@ -0,0 +1,24 @@ +terraform { + required_providers { + cloudflare = { + source = "cloudflare/cloudflare" + version = "~> 3.0" + } + } +} + +provider "cloudflare" { + api_token = var.api_token +} + +resource "cloudflare_record" "exact" { + zone_id = var.zone_id + for_each = { for record in var.records : record.name => record } + + name = each.value.name + value = each.value.ip + type = each.value.ip_type + ttl = 3600 +} + + diff --git a/modules/cloudflare/variables.tf b/modules/cloudflare/variables.tf new file mode 100644 index 0000000..34a8bc4 --- /dev/null +++ b/modules/cloudflare/variables.tf @@ -0,0 +1,22 @@ +variable "api_token" { + description = "cloudflare token" + type = string + nullable = false + sensitive = true +} + +variable "zone_id" { + description = "cloudflare zone id " + type = string + nullable = false +} + +variable "records" { + description = "cloudflare records" + type = list(object({ + name = string + ip = string + ip_type = string + })) +} + diff --git a/terraform.tfstate b/terraform.tfstate new file mode 100644 index 0000000..f9778fb --- /dev/null +++ b/terraform.tfstate @@ -0,0 +1,2034 @@ +{ + "version": 4, + "terraform_version": "1.1.7", + "serial": 57, + "lineage": "04d648e3-bdd4-2cef-384a-6564647940db", + "outputs": {}, + "resources": [ + { + "module": "module.dns", + "mode": "managed", + "type": "cloudflare_record", + "name": "exact", + "provider": "module.dns.provider[\"registry.terraform.io/cloudflare/cloudflare\"]", + "instances": [ + { + "index_key": "*.kjuulh.app", + "schema_version": 2, + "attributes": { + "allow_overwrite": false, + "created_on": "2022-05-08T13:48:54.289798Z", + "data": [], + "hostname": "*.kjuulh.app", + "id": "7234597988434057f1bc0630efada29b", + "metadata": { + "auto_added": "false", + "managed_by_apps": "false", + "managed_by_argo_tunnel": "false", + "source": "primary" + }, + "modified_on": "2022-05-08T13:48:54.289798Z", + "name": "*.kjuulh.app", + "priority": null, + "proxiable": true, + "proxied": false, + "timeouts": null, + "ttl": 3600, + "type": "A", + "value": "49.12.19.255", + "zone_id": "9454b35cb1010b9eab9aadf206fdf11f" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9", + "dependencies": [ + "module.kube-hetzner.data.hcloud_load_balancer.traefik", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + }, + { + "index_key": "kjuulh.app", + "schema_version": 2, + "attributes": { + "allow_overwrite": false, + "created_on": "2022-05-08T13:48:54.199417Z", + "data": [], + "hostname": "kjuulh.app", + "id": "5bc099d554ee71ea6ce63f76a4531e77", + "metadata": { + "auto_added": "false", + "managed_by_apps": "false", + "managed_by_argo_tunnel": "false", + "source": "primary" + }, + "modified_on": "2022-05-08T13:48:54.199417Z", + "name": "kjuulh.app", + "priority": null, + "proxiable": true, + "proxied": false, + "timeouts": null, + "ttl": 3600, + "type": "A", + "value": "49.12.19.255", + "zone_id": "9454b35cb1010b9eab9aadf206fdf11f" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjozMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMiJ9", + "dependencies": [ + "module.kube-hetzner.data.hcloud_load_balancer.traefik", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "github_release", + "name": "hetzner_ccm", + "provider": "provider[\"registry.terraform.io/integrations/github\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "asserts_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979/assets", + "body": "## Changelog\r\n\r\n1b33f524 Prepare Release v1.21.1\r\n9fa68870 Update hcloud-go to v1.33 (#255)\r\nff044e93 deploy: add missing operator: Exists (#251)\r\n7c9948b6 Bump k8s.io/kubernetes from 1.18.3 to 1.18.19 (#243)\r\n451703ae Testsetup: Unify with CSI Driver test setup suite (#244)\r\n635cf10a Update docs (#240)\r\nf21278cc Health Check: Set healthcheck port to destination port if no port was defined via annotation (#239)\r\n\r\n\r\n## Docker images\r\n\r\n- `docker pull hetznercloud/hcloud-cloud-controller-manager:v1.12.1`\r\n", + "created_at": null, + "draft": false, + "html_url": "https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/tag/v1.12.1", + "id": "52762979", + "name": "v1.12.1", + "owner": "hetznercloud", + "prerelease": false, + "published_at": null, + "release_id": null, + "release_tag": "v1.12.1", + "repository": "hcloud-cloud-controller-manager", + "retrieve_by": "latest", + "tarball_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/tarball/v1.12.1", + "target_commitish": "master", + "upload_url": "https://uploads.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979/assets{?name,label}", + "url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979", + "zipball_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/zipball/v1.12.1" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "github_release", + "name": "hetzner_csi", + "provider": "provider[\"registry.terraform.io/integrations/github\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "asserts_url": "https://api.github.com/repos/hetznercloud/csi-driver/releases/48351180/assets", + "body": "## Changelog\n\n2ea4803 Add btrfs support\n7719e45 Add exclude for blockstorage during resize (#211)\n4a69641 Add k8s 1.22 to tests (#225)\nbeb3783 Adjust stale bot to be more userfriendly (#217)\n0de9bd9 CI improvements for speed and fork-friendliness. (#221)\ne07b392 Fix changelog generation\n8cb0bfe Implement Instrumentation from hcloud-go (#227)\nc89c462 Increase default polling interval to 3 seconds. (#230)\n11c9940 Make e2e workflow friendly to running on forks. (#214)\n29893db Migrate Testsuite Setup to be in line with our CCM Testsuite (#219)\n4ad4d69 Prepare release v1.6.0 (#231)\ncf4e7e4 Recognition of root servers (#195)\nc213244 Reduce default log verbosity to info level (#224)\nc74a95b Remove testing for k8s 1.18 as written in our Versioning policy. (#199)\n8d1f531 Run e2e tests in parallel. (#215)\nda859e8 Simplify CSI socket handling (#222)\n6164eaf Update README.md (#196)\n140dad9 Update hcloud-go to v1.29.1 (#218)\nfb90575 Upgrade csi sidecars to latest versions. (#216)\n54f573e Use Go 1.17 (#228)\n5d2ac90 Use Goreleaser to publish changelog (#229)\n\n", + "created_at": null, + "draft": false, + "html_url": "https://github.com/hetznercloud/csi-driver/releases/tag/v1.6.0", + "id": "48351180", + "name": "v1.6.0", + "owner": "hetznercloud", + "prerelease": false, + "published_at": null, + "release_id": null, + "release_tag": "v1.6.0", + "repository": "csi-driver", + "retrieve_by": "latest", + "tarball_url": "https://api.github.com/repos/hetznercloud/csi-driver/tarball/v1.6.0", + "target_commitish": "master", + "upload_url": "https://uploads.github.com/repos/hetznercloud/csi-driver/releases/48351180/assets{?name,label}", + "url": "https://api.github.com/repos/hetznercloud/csi-driver/releases/48351180", + "zipball_url": "https://api.github.com/repos/hetznercloud/csi-driver/zipball/v1.6.0" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "github_release", + "name": "kured", + "provider": "provider[\"registry.terraform.io/integrations/github\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "asserts_url": "https://api.github.com/repos/weaveworks/kured/releases/63019853/assets", + "body": "# Build\r\n- update to alpine@3.15.3 #518\r\n- build(deps): bump helm/chart-testing-action from 2.1.0 to 2.2.0 #493\r\n- build(deps): bump actions/setup-python from 2 to 3 #507\r\n- build(deps): bump helm/chart-testing-action from 2.2.0 to 2.2.1 #512\r\n- build(deps): bump actions/checkout from 2 to 3 #508\r\n\r\n# Dependencies\r\n- build(deps): bump gotest.tools/v3 from 3.0.3 to 3.1.0 #497\r\n- build(deps): bump github.com/prometheus/client_golang to 1.12.1 #502\r\n- build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 #510\r\n- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 #513\r\n\r\n# Helm chart\r\n- Add ability to define ds annotations in helm chart #494\r\n- Use templating in Slack URL, channel and username #505\r\n\r\n# Documentation\r\n- docs: add sentinel command example for RHEL family #504\r\n\r\n# Kubernetes Version Compatibility\r\n\r\nThe daemon image contains a 1.22.x k8s.io/{client-go,kubectl} for the purposes of maintaining the lock and draining worker nodes. Kubernetes aims to provide forwards \u0026 backwards compatibility of one minor version between client and server, so this should work on 1.21.x, 1.22.x and 1.23.x\r\n\r\nThanks a lot to everyone who contributed to kured since 1.9.1. Commits from @bambriy, @khuedoan, @weseven, @ckotzbauer\r\n", + "created_at": null, + "draft": false, + "html_url": "https://github.com/weaveworks/kured/releases/tag/1.9.2", + "id": "63019853", + "name": "Kured 1.9.2", + "owner": "weaveworks", + "prerelease": false, + "published_at": null, + "release_id": null, + "release_tag": "1.9.2", + "repository": "kured", + "retrieve_by": "latest", + "tarball_url": "https://api.github.com/repos/weaveworks/kured/tarball/1.9.2", + "target_commitish": "main", + "upload_url": "https://uploads.github.com/repos/weaveworks/kured/releases/63019853/assets{?name,label}", + "url": "https://api.github.com/repos/weaveworks/kured/releases/63019853", + "zipball_url": "https://api.github.com/repos/weaveworks/kured/zipball/1.9.2" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "hcloud_load_balancer", + "name": "traefik", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "algorithm": [ + { + "type": "round_robin" + } + ], + "delete_protection": false, + "id": 712895, + "ipv4": "49.12.19.255", + "ipv6": "2a01:4f8:c011:61::1", + "labels": { + "hcloud-ccm/service-uid": "769636bc-0b55-441f-b847-140a6b144079" + }, + "load_balancer_type": "lb11", + "location": "fsn1", + "name": "clank-traefik", + "network_zone": "eu-central", + "service": null, + "target": [ + { + "label_selector": "", + "server_id": 20285807, + "type": "server" + }, + { + "label_selector": "", + "server_id": 20285811, + "type": "server" + }, + { + "label_selector": "", + "server_id": 20285809, + "type": "server" + } + ], + "with_selector": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "remote_file", + "name": "kubeconfig", + "provider": "provider[\"registry.terraform.io/tenstad/remote\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "conn": [ + { + "agent": false, + "host": "167.235.247.244", + "password": "", + "port": 22, + "private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsgAAAJiZYtI7mWLS\nOwAAAAtzc2gtZWQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsg\nAAAEDLWiPDiI2P8wK7bHz6Xxg1LKWEVekqnkLNEdp//Fi4uOmlyNDEGxQxnXOLGMn80Dwj\nPt+CqCy17UaW9MSBphOyAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----", + "private_key_env_var": "", + "private_key_path": "", + "sudo": false, + "user": "root" + } + ], + "content": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReW45YTd2ZW1MUzZheE1sbjlvaHRTUENtZTRMaDJZYnJlY0ZHbk1pRmUKeWtKMEllSElEQjBZb3htMzM1NVFjMm5DOW1QODhQUTNlZ2lya2Zkc0pXZFdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWd4aDhLMDVNeklhbHoxb0k3a0lQCjZleVZCVVl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUpwNDJiR1JSK0R5dG8xcFh5SHk1dDZDYS9RNjdoNCsKYWRIVjBsQ2RkRlBWQWlFQXQ2RkpZUXZXcUg2LzlqNkY2K3JFZ0NTZFRwbUM5VDNDd1ZpZm1hNXo4K3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n server: https://127.0.0.1:6443\n name: default\ncontexts:\n- context:\n cluster: default\n user: default\n name: default\ncurrent-context: default\nkind: Config\npreferences: {}\nusers:\n- name: default\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrRENDQVRlZ0F3SUJBZ0lJWHF3azVwR1ZNRG93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOalV5TURFMU1UZ3lNQjRYRFRJeU1EVXdPREV6TURZeU1sb1hEVEl6TURVdwpPREV6TURZeU1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJFOEszZ0tKNkswK2lsYXIKbVVyaXlmN09jSjdaWlpoSHExNk1zbnZKSzVCUHRtQmttU0NxYUVEbFFCT2Y3NXR1MG9hSDdLMGREc0JSV2xtdApVMUF5NXV1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjVicDBabGRLd0U0MWdMeFNXT2IxV1ZTRUxqekFLQmdncWhrak9QUVFEQWdOSEFEQkUKQWlBM2piaW0wVEp4bXdQd2dtUGpLQ3BKWHl4SUVVZ0UxOG0wcW16OXlTTFhRUUlnVUduYjh2RnFOZmpUNmpULwphaXRTUVBjTTQ0RVY5TUFSRGFKUmJFZG0xc1k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReFVCbE0rZjlZRVdaL2toN1BMSmZKeU1IenJscFlqd25udVNINE1GTmUKMlhzb1JGb3ltdlVhWDEvWFBIVnpSaVNTZkp6S0tJU0xLM095Y1lnTWhHR29vMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWVXNmRHWlhTc0JPTllDOFVsam05ClZsVWhDNDh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnWFVsZlJZTVdjMVVhSkcwYXFYME1PRDcvL2VOTG9yVXIKU291NDNuNWlmK0lDSVFDdXNJNmNBcnI2Y2t5cWNHZ1NGRlJwMmxROE40MnIyK2EwN2RPMEFtVWg3dz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUNnME5kRWRSRjRacDBLNzA5R1NHWDhWNXAyZXJ0ZktrN2dHelFnTk1HN1FvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVHdyZUFvbm9yVDZLVnF1WlN1TEovczV3bnRsbG1FZXJYb3l5ZThrcmtFKzJZR1NaSUtwbwpRT1ZBRTUvdm0yN1Nob2ZzclIwT3dGRmFXYTFUVURMbTZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=\n", + "id": "167.235.247.244:22:/etc/rancher/k3s/k3s.yaml", + "path": "/etc/rancher/k3s/k3s.yaml" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "remote_file", + "name": "kustomization_backup", + "provider": "provider[\"registry.terraform.io/tenstad/remote\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "conn": [ + { + "agent": false, + "host": "167.235.247.244", + "password": "", + "port": 22, + "private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsgAAAJiZYtI7mWLS\nOwAAAAtzc2gtZWQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsg\nAAAEDLWiPDiI2P8wK7bHz6Xxg1LKWEVekqnkLNEdp//Fi4uOmlyNDEGxQxnXOLGMn80Dwj\nPt+CqCy17UaW9MSBphOyAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----", + "private_key_env_var": "", + "private_key_path": "", + "sudo": false, + "user": "root" + } + ], + "content": "\"apiVersion\": \"kustomize.config.k8s.io/v1beta1\"\n\"kind\": \"Kustomization\"\n\"patchesStrategicMerge\":\n- |\n apiVersion: apps/v1\n kind: DaemonSet\n metadata:\n name: kured\n namespace: kube-system\n spec:\n selector:\n matchLabels:\n name: kured\n template:\n metadata:\n labels:\n name: kured\n spec:\n serviceAccountName: kured\n containers:\n - name: kured\n command:\n - /usr/bin/kured\n - --reboot-command=/usr/bin/systemctl reboot\n- |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: system-upgrade-controller\n namespace: system-upgrade\n spec:\n template:\n spec:\n containers:\n - name: system-upgrade-controller\n volumeMounts:\n - name: ca-certificates\n mountPath: /var/lib/ca-certificates\n volumes:\n - name: ca-certificates\n hostPath:\n path: /var/lib/ca-certificates\n type: Directory\n- \"ccm.yaml\"\n\"resources\":\n- \"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.12.1/ccm-networks.yaml\"\n- \"https://github.com/weaveworks/kured/releases/download/1.9.2/kured-1.9.2-dockerhub.yaml\"\n- \"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml\"\n- \"https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml\"\n- \"traefik_config.yaml\"\n- \"cert-manager.yaml\"\n", + "id": "167.235.247.244:22:/var/post_install/kustomization.yaml", + "path": "/var/post_install/kustomization.yaml" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_firewall", + "name": "k3s", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "apply_to": [ + { + "label_selector": "", + "server": 20285806 + }, + { + "label_selector": "", + "server": 20285807 + }, + { + "label_selector": "", + "server": 20285808 + }, + { + "label_selector": "", + "server": 20285809 + }, + { + "label_selector": "", + "server": 20285810 + }, + { + "label_selector": "", + "server": 20285811 + } + ], + "id": "385507", + "labels": {}, + "name": "clank", + "rule": [ + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "", + "protocol": "icmp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "123", + "protocol": "udp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "443", + "protocol": "tcp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "53", + "protocol": "tcp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "53", + "protocol": "udp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "80", + "protocol": "tcp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "", + "protocol": "icmp", + "source_ips": [ + "0.0.0.0/0" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "", + "protocol": "icmp", + "source_ips": [ + "10.0.0.0/8", + "127.0.0.1/32", + "169.254.169.254/32", + "213.239.246.1/32" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "22", + "protocol": "tcp", + "source_ips": [ + "0.0.0.0/0" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "6443", + "protocol": "tcp", + "source_ips": [ + "0.0.0.0/0" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "any", + "protocol": "tcp", + "source_ips": [ + "10.0.0.0/8", + "127.0.0.1/32", + "169.254.169.254/32", + "213.239.246.1/32" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "any", + "protocol": "udp", + "source_ips": [ + "10.0.0.0/8", + "127.0.0.1/32", + "169.254.169.254/32", + "213.239.246.1/32" + ] + } + ] + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_network", + "name": "k3s", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "delete_protection": false, + "id": "1628275", + "ip_range": "10.0.0.0/8", + "labels": {}, + "name": "clank" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_network_subnet", + "name": "agent", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.0.0.0/16", + "ip_range": "10.0.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.1.0.0/16", + "ip_range": "10.1.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.2.0.0/16", + "ip_range": "10.2.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_network_subnet", + "name": "control_plane", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.255.0.0/16", + "ip_range": "10.255.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.254.0.0/16", + "ip_range": "10.254.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.253.0.0/16", + "ip_range": "10.253.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_placement_group", + "name": "agent", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "41238", + "labels": {}, + "name": "clank-agent-1", + "servers": [ + 20285807, + 20285809, + 20285811 + ], + "type": "spread" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_placement_group", + "name": "control_plane", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "41239", + "labels": {}, + "name": "clank-control-plane-1", + "servers": [ + 20285806, + 20285808, + 20285810 + ], + "type": "spread" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_ssh_key", + "name": "k3s", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "fingerprint": "f4:16:88:3f:66:9e:f5:7d:d9:ed:20:0e:6a:55:a2:c3", + "id": "6372775", + "labels": {}, + "name": "clank", + "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "local_file", + "name": "kustomization_backup", + "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "content": "\"apiVersion\": \"kustomize.config.k8s.io/v1beta1\"\n\"kind\": \"Kustomization\"\n\"patchesStrategicMerge\":\n- |\n apiVersion: apps/v1\n kind: DaemonSet\n metadata:\n name: kured\n namespace: kube-system\n spec:\n selector:\n matchLabels:\n name: kured\n template:\n metadata:\n labels:\n name: kured\n spec:\n serviceAccountName: kured\n containers:\n - name: kured\n command:\n - /usr/bin/kured\n - --reboot-command=/usr/bin/systemctl reboot\n- |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: system-upgrade-controller\n namespace: system-upgrade\n spec:\n template:\n spec:\n containers:\n - name: system-upgrade-controller\n volumeMounts:\n - name: ca-certificates\n mountPath: /var/lib/ca-certificates\n volumes:\n - name: ca-certificates\n hostPath:\n path: /var/lib/ca-certificates\n type: Directory\n- \"ccm.yaml\"\n\"resources\":\n- \"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.12.1/ccm-networks.yaml\"\n- \"https://github.com/weaveworks/kured/releases/download/1.9.2/kured-1.9.2-dockerhub.yaml\"\n- \"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml\"\n- \"https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml\"\n- \"traefik_config.yaml\"\n- \"cert-manager.yaml\"\n", + "content_base64": null, + "directory_permission": "0777", + "file_permission": "600", + "filename": "kustomization_backup.yaml", + "id": "dbde5be8a5091a964a3247a6c23b5ab4f8e9eb26", + "sensitive_content": null, + "source": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.github_release.hetzner_ccm", + "module.kube-hetzner.data.github_release.hetzner_csi", + "module.kube-hetzner.data.github_release.kured", + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.data.remote_file.kustomization_backup", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.local_sensitive_file.kubeconfig", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.null_resource.kustomization", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "local_sensitive_file", + "name": "kubeconfig", + "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "content": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReW45YTd2ZW1MUzZheE1sbjlvaHRTUENtZTRMaDJZYnJlY0ZHbk1pRmUKeWtKMEllSElEQjBZb3htMzM1NVFjMm5DOW1QODhQUTNlZ2lya2Zkc0pXZFdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWd4aDhLMDVNeklhbHoxb0k3a0lQCjZleVZCVVl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUpwNDJiR1JSK0R5dG8xcFh5SHk1dDZDYS9RNjdoNCsKYWRIVjBsQ2RkRlBWQWlFQXQ2RkpZUXZXcUg2LzlqNkY2K3JFZ0NTZFRwbUM5VDNDd1ZpZm1hNXo4K3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n server: https://167.235.247.244:6443\n name: default\ncontexts:\n- context:\n cluster: default\n user: default\n name: default\ncurrent-context: default\nkind: Config\npreferences: {}\nusers:\n- name: default\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrRENDQVRlZ0F3SUJBZ0lJWHF3azVwR1ZNRG93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOalV5TURFMU1UZ3lNQjRYRFRJeU1EVXdPREV6TURZeU1sb1hEVEl6TURVdwpPREV6TURZeU1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJFOEszZ0tKNkswK2lsYXIKbVVyaXlmN09jSjdaWlpoSHExNk1zbnZKSzVCUHRtQmttU0NxYUVEbFFCT2Y3NXR1MG9hSDdLMGREc0JSV2xtdApVMUF5NXV1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjVicDBabGRLd0U0MWdMeFNXT2IxV1ZTRUxqekFLQmdncWhrak9QUVFEQWdOSEFEQkUKQWlBM2piaW0wVEp4bXdQd2dtUGpLQ3BKWHl4SUVVZ0UxOG0wcW16OXlTTFhRUUlnVUduYjh2RnFOZmpUNmpULwphaXRTUVBjTTQ0RVY5TUFSRGFKUmJFZG0xc1k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReFVCbE0rZjlZRVdaL2toN1BMSmZKeU1IenJscFlqd25udVNINE1GTmUKMlhzb1JGb3ltdlVhWDEvWFBIVnpSaVNTZkp6S0tJU0xLM095Y1lnTWhHR29vMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWVXNmRHWlhTc0JPTllDOFVsam05ClZsVWhDNDh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnWFVsZlJZTVdjMVVhSkcwYXFYME1PRDcvL2VOTG9yVXIKU291NDNuNWlmK0lDSVFDdXNJNmNBcnI2Y2t5cWNHZ1NGRlJwMmxROE40MnIyK2EwN2RPMEFtVWg3dz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUNnME5kRWRSRjRacDBLNzA5R1NHWDhWNXAyZXJ0ZktrN2dHelFnTk1HN1FvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVHdyZUFvbm9yVDZLVnF1WlN1TEovczV3bnRsbG1FZXJYb3l5ZThrcmtFKzJZR1NaSUtwbwpRT1ZBRTUvdm0yN1Nob2ZzclIwT3dGRmFXYTFUVURMbTZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=\n", + "content_base64": null, + "directory_permission": "0700", + "file_permission": "600", + "filename": "kubeconfig.yaml", + "id": "51b0f8e4bb7ae75ae8aed2aa818d47ff02cfdd0e", + "source": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "agents", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "index_key": "0-0-agent-small1", + "schema_version": 0, + "attributes": { + "id": "2176505815644718391", + "triggers": { + "agent_id": "20285807" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.hcloud_server_network.server", + "module.kube-hetzner.module.agents.random_string.server", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "1-0-agent-small2", + "schema_version": 0, + "attributes": { + "id": "2844766948829955151", + "triggers": { + "agent_id": "20285811" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.hcloud_server_network.server", + "module.kube-hetzner.module.agents.random_string.server", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "2-0-storage1", + "schema_version": 0, + "attributes": { + "id": "6929446356437947923", + "triggers": { + "agent_id": "20285809" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.hcloud_server_network.server", + "module.kube-hetzner.module.agents.random_string.server", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "control_planes", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "index_key": "0-0-control-plane-fsn1", + "schema_version": 0, + "attributes": { + "id": "2906291804049488022", + "triggers": { + "control_plane_id": "20285806" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "1-0-control-plane-nbg1", + "schema_version": 0, + "attributes": { + "id": "7519334347044594476", + "triggers": { + "control_plane_id": "20285810" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "2-0-control-plane-hel1", + "schema_version": 0, + "attributes": { + "id": "7465071128357046031", + "triggers": { + "control_plane_id": "20285808" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "destroy_traefik_loadbalancer", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "5718072141935869582", + "triggers": { + "kustomization_id": "6932703477613162485" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.github_release.hetzner_ccm", + "module.kube-hetzner.data.github_release.hetzner_csi", + "module.kube-hetzner.data.github_release.kured", + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.local_sensitive_file.kubeconfig", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.null_resource.kustomization", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "first_control_plane", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "8493463504988894518", + "triggers": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "kustomization", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "6932703477613162485", + "triggers": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.github_release.hetzner_ccm", + "module.kube-hetzner.data.github_release.hetzner_csi", + "module.kube-hetzner.data.github_release.kured", + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.local_sensitive_file.kubeconfig", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "random_password", + "name": "k3s_token", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "none", + "keepers": null, + "length": 48, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": true, + "override_special": null, + "result": "5udRUWWljozBPauxJF4pbyDKc9aljYVyLITb5KN692dFczeK", + "special": false, + "upper": true + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "3259911983", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-agent-small1-mdr\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zHjOUwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3zBdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6bovkUhs7BsA1aDRApVJITdF4d5k+0IKITUDscxXokhRFLyiZ8iqFGtUVLu6RRtXoeaoWtGRuZcUayFJeYRfKZ2XtTS2V8QL4rpF1oRPwThc6OpqOs2E6/TA5W0wn88V8nI3SJJ5Mp3EyHvgNav/XCCH9aN3pPrfR2uPlvuzo4/DzZDzNLN/iYzrPdgSfyb0gZdeuc/8rOpuHdtGvCqIQRtM5OB+V7sJK2hWGDJYNnEm5LtBOAIEloZu6+pVBo+l8Mc/ibDJczMezL+PZfOD7L+R7ofvY1094FPbgbeg+/8k07xBO7Yu3HUxSyloYkCso5LodWaBE2IZf8SsEKRxMN9pguX+Nw7lLJOT6QuMgenA6OXtQjsGSRT9krQQpmNuKTzTwMCHXM7SrkEsxRzqIHgd6W8TNi8TuoWQ1xfaWDFekLgyIulyisrfVglQ6l0bDSskSjoPe0V224CU3XTASXgERrAW8egwAXlZSGSJa6PETLb5ITsezxedJMskGvlXwH8Ve7TZMkKpCddsmHSkpzRMG7RIsJsl5OsviqaXao9/NnrwodP/PQEMtBCJD5qbb7iFXhjOamqILrAXaqgIht7aw9iVarlV4+5vO5d5/tiA48P4NAAD//zWzz/kSCgAA" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "fsn1-dc14", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285807", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "142.132.182.232", + "ipv6_address": "2a01:4f8:c012:d1c0::1", + "ipv6_network": "2a01:4f8:c012:d1c0::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "fsn1", + "name": "clank-agent-small1-mdr", + "network": [], + "placement_group_id": 41238, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "D7VXcW+8XFUt2rIoXtjcDwVNF9U=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285807-1628275", + "ip": "10.0.0.101", + "mac_address": "86:00:00:0f:24:bf", + "network_id": null, + "server_id": 20285807, + "subnet_id": "1628275-10.0.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "mdr", + "keepers": { + "name": "clank-agent-small1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "mdr", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "2042315058", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-agent-small2-tqu\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xWYW/ayhL9bin/YeR84D09bIekVVsqpOcATVFrnAtO23urCC27A95i77q76xBH98df7TppSEiaK8SHnTmcM3tmPGYohUFhgqypsA9lXRheEWWikl8jew9LWQtGVDPwk0kyPk0vpqN49qfv2VPwBZXmUvShFx4deAdeEOyCDrw77hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvv3v8oUEXqFKhgLKhkX6z68WXKzA3AlG7w2ES1kzQIqxYqvD7yEl7hX3OEuxvO2ihtc2AJ03/MOYejitUIwOUKl+BUxCALNVqoNcGFQrQhFLwDayvfhbw8A4DRNs/NZmqWDDstp1XHBeRbPsiQdjQcdUhtpgxUxeR8iNDTSjW7LiG75I76iq3WAJu/ZWkZck2WBoHUOFdF6KxUDUpscheGUWB/36zi/BcYPcCCky37r9T5ItSXKGnkXTMi1RWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8VvkH3CRn/gBUKodR6RX/HFBhv9yAWd2y9btF6ELNrUSwxyNDcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2kNFdquz4igOSpQWEm4HZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrO6ZPJxqGDgP/aUH/daAl0VirYpAbU+l+FKmqDG95Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6P9gqLX7GjO8gGm+c0q3pZcBpusHlo3E1TVZGl0yGL9u8e2pT1MGbMDe5978H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSHDXvHXaNKbZuPXNjZJy6KZjsZn139ci2/p57NEvD0abX+cm/8Nfw6b3psL8vVdMj+t8rRxjSLU/H/zo66LPOSurBlqfoMQXRHVBSENRF07SCYnpqPdM18QbcDuPreogAtIrNnpHHhJ1hh6ayW3Nt93LjK84hR1H777ltS/tCoJ2SDouy2SS23sGADXoNEAlUohNUXj3WX6QAsiNgGxz1WgS1IUx4H5WXuVQo3qChf3SKNq9DxVC1oyt7JiDWQpr7AL5bOy9qaWyngBfNfIutAJeKcLHR1Nx9kwnX6YnC2mk/liPs5GaRJPptM4GQ/8BrX/e4SQfrTudJ/baO3xcl929HH4eTKeZpZv8TGdZzuCz+RekLJr17n/FZ3NQ7voVwVRCKPpHJyPSndhJe0KQwbLBs6kXBdoJ4DAktBNXf3OoNF0vphncTYZLubj2ZfxbD7w/RfyvdB97OsnPAp78DZ0n39lmncIp/bF2w4mKWUtDMgVFHLdjixQImzDr/gVghQOphttsNy/xuHcJRJyfaFxED04nZw9KMdgyaIfslaCFMxtxScaeJiQ6xnaVcilmCMdRI8DvS3i5kVi91CymmJ7S4YrUhcGRF0uUdnbakEqnUujYaVkCcdB7+guW/CSmy4YCa+ACNYCXj0GAC8rqQwRLfT4iRZfJKfj2eLzJJlkA98q+I9ir3YbJkhVobptk46UlOYJg3YJFpPkPJ1l8dRS7dHvZk9eFLr/Z6ChFgKRIXPTbfeQK8MZTU3RBdYCbVWBkFtbWPsSLdcqvP1N53LvP1sQHHj/BAAA//8z9yJHEgoAAA==" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "nbg1-dc3", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285811", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "116.203.85.75", + "ipv6_address": "2a01:4f8:1c1e:c5b5::1", + "ipv6_network": "2a01:4f8:1c1e:c5b5::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "nbg1", + "name": "clank-agent-small2-tqu", + "network": [], + "placement_group_id": 41238, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "2WwhfGNbb8PWIa5HwzRkeftEW60=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285811-1628275", + "ip": "10.1.0.101", + "mac_address": "86:00:00:0f:24:c4", + "network_id": null, + "server_id": 20285811, + "subnet_id": "1628275-10.1.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "tqu", + "keepers": { + "name": "clank-agent-small2" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "tqu", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "264943894", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-storage1-dsi\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zjD2UwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3ny+INmB3n1tUwAUk1ux0Drwkawy9tZJbm+87FxlecYq6D999S+pfWpWEbBD03RbJpTZ2DIBr0GiASqWQmqLx7jJ9oAURm0AbqcgaewHT3KsUalRXuLhHGVWj56la0JK5dRVrIEt5hV0on5W0t7RUxgvgu0bWhU7AO13o6Gg6zobp9MPkbDGdzBfzcTZKk3gyncbJeOA3qP1fI4T0o3Wn+9w2a4+X+7Kjj8PPk/E0s3yLj+k82xF8JveClF25zvmv6Cwe2iW/KohCGE3n4HxUugsradcXMlg2cCblukDbfQJLQjd19SuDRtP5Yp7F2WS4mI9nX8az+cD3X8j3Qvexj57wKOzB29B9/pNp3iGc2oduO5SklLUwIFdQyHU7rkCJsA2/4lcIUjiYbrTBcv8ah3OXSMj1hcZB9OB0cvagHIMli37IWglSMLcRn2jgYUKuZ2jXIJdijnQQPQ70toibF4ndH5LVFNtbMlyRujAg6nKJyt5WC1LpXBoNKyVLOA56R3fZgpfcdMFIeAVEsBbw6jEAeFlJZYhoocdPtPgiOR3PFp8nySQb+FbBfxR7tdswQaoK1W2bdKSkNE8YtEuwmCTn6SyLp5Zqj343e/Ki0P1bgYZaCESGzE233UGuDGc0NUUXWAu0VQVCbm1h7QO0XKvw9jedy733tSA48P4NAAD//3Tq5JEOCgAA" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "fsn1-dc14", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285809", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "142.132.189.194", + "ipv6_address": "2a01:4f8:c012:d1c2::1", + "ipv6_network": "2a01:4f8:c012:d1c2::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "fsn1", + "name": "clank-storage1-dsi", + "network": [], + "placement_group_id": 41238, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "Nr7zQ070fY606hamZAdNr8bKW6M=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285809-1628275", + "ip": "10.2.0.101", + "mac_address": "86:00:00:0f:24:be", + "network_id": null, + "server_id": 20285809, + "subnet_id": "1628275-10.2.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "dsi", + "keepers": { + "name": "clank-storage1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "dsi", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "3900639102", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-fsn1-xgb\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW3W7bOBO9F5B3GCgX/j6sJcVJi7YuDKxiu6nRysraStvdIjBocmyxlkgtScVWsA+/IJU0P06aheELzhyfMzwzHmkohUFhgqypsA9lXRheEWWiku+QvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCO6DDrxb7hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvt3v8oUEXqFKhgLKhkX6z68WXJzD+BKNrgzES1kzQIqxYqvD7yEl7hX3OF9jOdtFTe4sAXovucdwtDFa4VgcoRK8StiEASarVQb4MKgWhGKXgC0le/DPx4AwGmaZuezNEsHHZbTquOC8yyeZUk6Gg86pDbSBiti8j5EaGikG92WEd3wR3xFV+sATd6ztYy4JssCQescKqL1VioGpDY5CsMpsT7u13F+A4wf4EBIl/3W632QakuUNfI2mJCdRWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8WvkX3CRn/gBUKodR6Rn/HFBhv9yAWd2y9btF6ELNrUSwxyNNcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2oNFdquz4igOSpQWEm4GZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrW6ZPJxqGDgP/a0H/d6Al0VirYpAbU+l+FKmqDG94Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6O9gqLn7GjW8gGm+c0q3pZcBpusHlo3HVTVZGl0yGL9u8e2pT1MGbMDe5d78H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSbDXvHXaNKbZuPXNjZJy6KZjsZnuz924lv6+SwRb49G2x/n5rfh38Om9+aCfH2XzE+rPG1cowg1v29+1HWRh9yVNUPNrxGiK6K6IKSBqGsHyeTEdLT7zxdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6dovkUhs7BsA1aDRApVJITdF4t5k+0IKIjd1KRskiqAoiMFhp0Qt266VXKdSornBxhzeqRs9TtaAlc4sr1kCW8gq7UD4rbu9rqYwXwHeNrAudgHe60NHRdJwN0+mHydliOpkv5uNslCbxZDqNk/HAb1D7v0YI6UfrTve5vdYeL/dlRx+HnyfjaWb5Fh/TeXZP8JncC1J2+boefEVn9tCu+1VBFMJoOgfno9JdWEm7yJDBsoEzKdcF2jkgsCR0U1e/Mmg0nS/mWZxNhov5ePZlPJsPfP+FfC90H/sQCo/CHrwN3ec/meYdwql9/LbjSUpZCwNyBYVct4MLlAjb8Ct+hSCFg+lGGyz3r3E4d4mE7C40DqIHp5OzB+UYLFn0Q9ZKkIK53fhEAw8TspuhXYhcijnSQfQ40Nsibl4kdn9NVlNsb8lwRerCgKjLJSp7Wy1IpXNpNKyULOE46B3dZgtectMFI+EVEMFawKvHAOBlJZUhooUeP9Hii+R0PFt8niSTbOBbBf9R7NX9hglSVahu2qQjJaV5wqD7BItJcp7Osnhqqfbo72dPXhS6ez/QUAuByJC56bbbyJXhjKam6AJrgbaqQMitLax9lJZrFd78pnO59+YWBAfevwEAAP//ZWbgRxgKAAA=" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "fsn1-dc14", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285806", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "167.235.247.244", + "ipv6_address": "2a01:4f8:c012:d005::1", + "ipv6_network": "2a01:4f8:c012:d005::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "fsn1", + "name": "clank-control-plane-fsn1-xgb", + "network": [], + "placement_group_id": 41239, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "q20D423pjuDyFaau0XZQMqAEBkU=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285806-1628275", + "ip": "10.255.0.101", + "mac_address": "86:00:00:0f:24:bc", + "network_id": null, + "server_id": 20285806, + "subnet_id": "1628275-10.255.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "xgb", + "keepers": { + "name": "clank-control-plane-fsn1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "xgb", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "995672426", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-nbg1-qoq\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xWYW/ayhL9bin/YeR84D09bIekVVsqpOcATVFrnAtO23urCC27A95i77q76xBH98df7TppSEiaK8SHnTmcM3tmGHsohUFhgqypsA9lXRheEWWikl8jew9LWQtGVDPwk0kyPk0vpqN49qfv2VPwBZXmUvShFx4deAdeEOyCDrw77hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvv3v8oUEXqFKhgLKhkX6z68WXKzA3AlG7w2ES1kzQIqxYqvD7yEl7hX3OEuxvO2ihtc2AJ03/MOYejitUIwOUKl+BUxCALNVqoNcGFQrQhFLwDayvfhbw8A4DRNs/NZmqWDDstp1XHBeRbPsiQdjQcdUhtpgxUxeR8iNDTSjW7LiG75I76iq3WAJu/ZWkZck2WBoHUOFdF6KxUDUpscheGUWB/36zi/BcYPcCCky37r9T5ItSXKGnkXTMi1RWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8VvkH3CRn/gBUKodR6RX/HFBhv9yAWd2y9btF6ELNrUSwxyNDcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2kNFdquz4igOSpQWEm4HZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrO6ZPJxqGDgP/aUH/daAl0VirYpAbU+l+FKmqDG95Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6P9gqLX7GjO8gGm+c0q3pZcBpusHlo3E1TVZGl0yGL9u8e2pT1MGbMDe5978H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSHDXvHXaNKbZuPXNjZJy6KZjsZn139ci2/p57NEvD0abX+cm/8Nfw6b3psL8vVdMj+t8rRxjSLU/H/zo66LPOSurBlqfoMQXRHVBSENRF07SCYnpqPdf74g2oDdfW5RAReQWLPTOfCSrDH01kpubb7vXGR4xSnqPnz3Lal/aVUSskHQd1skl9rYMQCuQaMBKpVCaorGu8v0gRZEbOxWMkoWQVUQgYFYrnvBT/nTqxRqVFe4uMcbVaPnqVrQkrnFFWsgS3mFXSifFbf3tVTGC+C7RtaFTsA7XejoaDrOhun0w+RsMZ3MF/NxNkqTeDKdxsl44Deo/d8jhPSjdaf73F5rj5f7sqOPw8+T8TSzfIuP6TzbEXwm94KUXb6uB1/RmT20635VEIUwms7B+ah0F1bSLjJksGzgTMp1gXYOCCwJ3dTV7wwaTeeLeRZnk+FiPp59Gc/mA99/Id8L3cc+hMKjsAdvQ/f5V6Z5h3BqH7/teJJS1sKAXEEh1+3gAiXCNvyKXyFI4WC60QbL/Wsczl0iIdcXGgfRg9PJ2YNyDJYs+iFrJUjB3G58ooGHCbmeoV2IXIo50kH0ONDbIm5eJHZ/TVZTbG/JcEXqwoCoyyUqe1stSKVzaTSslCzhOOgd3WULXnLTBSPhFRDBWsCrxwDgZSWVIaKFHj/R4ovkdDxbfJ4kk2zgWwX/UezVbsMEqSpUt23SkZLSPGHQLsFikpynsyyeWqo9+t3syYtC9+8HGmohEBkyN912G7kynNHUFF1gLdBWFQi5tYW1j9JyrcLb33Qu997cguDA+ycAAP//VEY9HRgKAAA=" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "nbg1-dc3", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285810", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "116.203.29.245", + "ipv6_address": "2a01:4f8:1c1e:c5b4::1", + "ipv6_network": "2a01:4f8:1c1e:c5b4::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "nbg1", + "name": "clank-control-plane-nbg1-qoq", + "network": [], + "placement_group_id": 41239, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "sd58J9GBO6v2yR7ice2U4SlzYwA=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285810-1628275", + "ip": "10.254.0.101", + "mac_address": "86:00:00:0f:24:c2", + "network_id": null, + "server_id": 20285810, + "subnet_id": "1628275-10.254.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "qoq", + "keepers": { + "name": "clank-control-plane-nbg1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "qoq", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "1329203202", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-hel1-ugh\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zHjOUwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3zBdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6bovkUhs7BsA1aDRApVJITdF4d5k+0IKIjd1KRskiqAoi7CNQ9IJ6nXuVQo3qChf3eKNq9DxVC1oyt7hiDWQpr7AL5bPi9r6WyngBfNfIutAJeKcLHR1Nx9kwnX6YnC2mk/liPs5GaRJPptM4GQ/8BrX/a4SQfrTudJ/ba+3xcl929HH4eTKeZpZv8TGdZzuCz+RekLLL1/XgKzqzh3bdrwqiEEbTOTgfle7CStpFhgyWDZxJuS7QzgGBJaGbuvqVQaPpfDHP4mwyXMzHsy/j2Xzg+y/ke6H72JdQeBT24G3oPv/JNO8QTu3rtx1PUspaGJArKOS6HVygRNiGX/ErBCkcTDfaYLl/jcO5SyTk+kLjIHpwOjl7UI7BkkU/ZK0EKZjbjU808DAh1zO0C5FLMUc6iB4HelvEzYvE7tFkNcX2lgxXpC4MiLpcorK31YJUOpdGw0rJEo6D3tFdtuAlN10wEl4BEawFvHoMAF5WUhkiWujxEy2+SE7Hs8XnSTLJBr5V8B/FXu02TJCqQnXbJh0pKc0TBu0SLCbJeTrL4qml2qPfzZ68KHT//0BDLQQiQ+am224jV4YzmpqiC6wF2qoCIbe2sPZVWq5VePubzuXeP7cgOPD+DQAA//9dHkfzGAoAAA==" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "hel1-dc2", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285808", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "65.108.211.112", + "ipv6_address": "2a01:4f9:c012:5e83::1", + "ipv6_network": "2a01:4f9:c012:5e83::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "hel1", + "name": "clank-control-plane-hel1-ugh", + "network": [], + "placement_group_id": 41239, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "F4b9NkwJcbpEFxr8BVunS+1C0zo=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285808-1628275", + "ip": "10.253.0.101", + "mac_address": "86:00:00:0f:24:c3", + "network_id": null, + "server_id": 20285808, + "subnet_id": "1628275-10.253.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "ugh", + "keepers": { + "name": "clank-control-plane-hel1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "ugh", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane" + ] + } + ] + } + ] +} diff --git a/terraform.tfstate.backup b/terraform.tfstate.backup new file mode 100644 index 0000000..b88ebc6 --- /dev/null +++ b/terraform.tfstate.backup @@ -0,0 +1,1945 @@ +{ + "version": 4, + "terraform_version": "1.1.7", + "serial": 54, + "lineage": "04d648e3-bdd4-2cef-384a-6564647940db", + "outputs": {}, + "resources": [ + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "github_release", + "name": "hetzner_ccm", + "provider": "provider[\"registry.terraform.io/integrations/github\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "asserts_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979/assets", + "body": "## Changelog\r\n\r\n1b33f524 Prepare Release v1.21.1\r\n9fa68870 Update hcloud-go to v1.33 (#255)\r\nff044e93 deploy: add missing operator: Exists (#251)\r\n7c9948b6 Bump k8s.io/kubernetes from 1.18.3 to 1.18.19 (#243)\r\n451703ae Testsetup: Unify with CSI Driver test setup suite (#244)\r\n635cf10a Update docs (#240)\r\nf21278cc Health Check: Set healthcheck port to destination port if no port was defined via annotation (#239)\r\n\r\n\r\n## Docker images\r\n\r\n- `docker pull hetznercloud/hcloud-cloud-controller-manager:v1.12.1`\r\n", + "created_at": null, + "draft": false, + "html_url": "https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/tag/v1.12.1", + "id": "52762979", + "name": "v1.12.1", + "owner": "hetznercloud", + "prerelease": false, + "published_at": null, + "release_id": null, + "release_tag": "v1.12.1", + "repository": "hcloud-cloud-controller-manager", + "retrieve_by": "latest", + "tarball_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/tarball/v1.12.1", + "target_commitish": "master", + "upload_url": "https://uploads.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979/assets{?name,label}", + "url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/releases/52762979", + "zipball_url": "https://api.github.com/repos/hetznercloud/hcloud-cloud-controller-manager/zipball/v1.12.1" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "github_release", + "name": "hetzner_csi", + "provider": "provider[\"registry.terraform.io/integrations/github\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "asserts_url": "https://api.github.com/repos/hetznercloud/csi-driver/releases/48351180/assets", + "body": "## Changelog\n\n2ea4803 Add btrfs support\n7719e45 Add exclude for blockstorage during resize (#211)\n4a69641 Add k8s 1.22 to tests (#225)\nbeb3783 Adjust stale bot to be more userfriendly (#217)\n0de9bd9 CI improvements for speed and fork-friendliness. (#221)\ne07b392 Fix changelog generation\n8cb0bfe Implement Instrumentation from hcloud-go (#227)\nc89c462 Increase default polling interval to 3 seconds. (#230)\n11c9940 Make e2e workflow friendly to running on forks. (#214)\n29893db Migrate Testsuite Setup to be in line with our CCM Testsuite (#219)\n4ad4d69 Prepare release v1.6.0 (#231)\ncf4e7e4 Recognition of root servers (#195)\nc213244 Reduce default log verbosity to info level (#224)\nc74a95b Remove testing for k8s 1.18 as written in our Versioning policy. (#199)\n8d1f531 Run e2e tests in parallel. (#215)\nda859e8 Simplify CSI socket handling (#222)\n6164eaf Update README.md (#196)\n140dad9 Update hcloud-go to v1.29.1 (#218)\nfb90575 Upgrade csi sidecars to latest versions. (#216)\n54f573e Use Go 1.17 (#228)\n5d2ac90 Use Goreleaser to publish changelog (#229)\n\n", + "created_at": null, + "draft": false, + "html_url": "https://github.com/hetznercloud/csi-driver/releases/tag/v1.6.0", + "id": "48351180", + "name": "v1.6.0", + "owner": "hetznercloud", + "prerelease": false, + "published_at": null, + "release_id": null, + "release_tag": "v1.6.0", + "repository": "csi-driver", + "retrieve_by": "latest", + "tarball_url": "https://api.github.com/repos/hetznercloud/csi-driver/tarball/v1.6.0", + "target_commitish": "master", + "upload_url": "https://uploads.github.com/repos/hetznercloud/csi-driver/releases/48351180/assets{?name,label}", + "url": "https://api.github.com/repos/hetznercloud/csi-driver/releases/48351180", + "zipball_url": "https://api.github.com/repos/hetznercloud/csi-driver/zipball/v1.6.0" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "github_release", + "name": "kured", + "provider": "provider[\"registry.terraform.io/integrations/github\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "asserts_url": "https://api.github.com/repos/weaveworks/kured/releases/63019853/assets", + "body": "# Build\r\n- update to alpine@3.15.3 #518\r\n- build(deps): bump helm/chart-testing-action from 2.1.0 to 2.2.0 #493\r\n- build(deps): bump actions/setup-python from 2 to 3 #507\r\n- build(deps): bump helm/chart-testing-action from 2.2.0 to 2.2.1 #512\r\n- build(deps): bump actions/checkout from 2 to 3 #508\r\n\r\n# Dependencies\r\n- build(deps): bump gotest.tools/v3 from 3.0.3 to 3.1.0 #497\r\n- build(deps): bump github.com/prometheus/client_golang to 1.12.1 #502\r\n- build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 #510\r\n- build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 #513\r\n\r\n# Helm chart\r\n- Add ability to define ds annotations in helm chart #494\r\n- Use templating in Slack URL, channel and username #505\r\n\r\n# Documentation\r\n- docs: add sentinel command example for RHEL family #504\r\n\r\n# Kubernetes Version Compatibility\r\n\r\nThe daemon image contains a 1.22.x k8s.io/{client-go,kubectl} for the purposes of maintaining the lock and draining worker nodes. Kubernetes aims to provide forwards \u0026 backwards compatibility of one minor version between client and server, so this should work on 1.21.x, 1.22.x and 1.23.x\r\n\r\nThanks a lot to everyone who contributed to kured since 1.9.1. Commits from @bambriy, @khuedoan, @weseven, @ckotzbauer\r\n", + "created_at": null, + "draft": false, + "html_url": "https://github.com/weaveworks/kured/releases/tag/1.9.2", + "id": "63019853", + "name": "Kured 1.9.2", + "owner": "weaveworks", + "prerelease": false, + "published_at": null, + "release_id": null, + "release_tag": "1.9.2", + "repository": "kured", + "retrieve_by": "latest", + "tarball_url": "https://api.github.com/repos/weaveworks/kured/tarball/1.9.2", + "target_commitish": "main", + "upload_url": "https://uploads.github.com/repos/weaveworks/kured/releases/63019853/assets{?name,label}", + "url": "https://api.github.com/repos/weaveworks/kured/releases/63019853", + "zipball_url": "https://api.github.com/repos/weaveworks/kured/zipball/1.9.2" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "hcloud_load_balancer", + "name": "traefik", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "algorithm": [ + { + "type": "round_robin" + } + ], + "delete_protection": false, + "id": 712895, + "ipv4": "49.12.19.255", + "ipv6": "2a01:4f8:c011:61::1", + "labels": { + "hcloud-ccm/service-uid": "769636bc-0b55-441f-b847-140a6b144079" + }, + "load_balancer_type": "lb11", + "location": "fsn1", + "name": "clank-traefik", + "network_zone": "eu-central", + "service": null, + "target": [ + { + "label_selector": "", + "server_id": 20285807, + "type": "server" + }, + { + "label_selector": "", + "server_id": 20285811, + "type": "server" + }, + { + "label_selector": "", + "server_id": 20285809, + "type": "server" + } + ], + "with_selector": null + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "remote_file", + "name": "kubeconfig", + "provider": "provider[\"registry.terraform.io/tenstad/remote\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "conn": [ + { + "agent": false, + "host": "167.235.247.244", + "password": "", + "port": 22, + "private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsgAAAJiZYtI7mWLS\nOwAAAAtzc2gtZWQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsg\nAAAEDLWiPDiI2P8wK7bHz6Xxg1LKWEVekqnkLNEdp//Fi4uOmlyNDEGxQxnXOLGMn80Dwj\nPt+CqCy17UaW9MSBphOyAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----", + "private_key_env_var": "", + "private_key_path": "", + "sudo": false, + "user": "root" + } + ], + "content": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReW45YTd2ZW1MUzZheE1sbjlvaHRTUENtZTRMaDJZYnJlY0ZHbk1pRmUKeWtKMEllSElEQjBZb3htMzM1NVFjMm5DOW1QODhQUTNlZ2lya2Zkc0pXZFdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWd4aDhLMDVNeklhbHoxb0k3a0lQCjZleVZCVVl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUpwNDJiR1JSK0R5dG8xcFh5SHk1dDZDYS9RNjdoNCsKYWRIVjBsQ2RkRlBWQWlFQXQ2RkpZUXZXcUg2LzlqNkY2K3JFZ0NTZFRwbUM5VDNDd1ZpZm1hNXo4K3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n server: https://127.0.0.1:6443\n name: default\ncontexts:\n- context:\n cluster: default\n user: default\n name: default\ncurrent-context: default\nkind: Config\npreferences: {}\nusers:\n- name: default\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrRENDQVRlZ0F3SUJBZ0lJWHF3azVwR1ZNRG93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOalV5TURFMU1UZ3lNQjRYRFRJeU1EVXdPREV6TURZeU1sb1hEVEl6TURVdwpPREV6TURZeU1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJFOEszZ0tKNkswK2lsYXIKbVVyaXlmN09jSjdaWlpoSHExNk1zbnZKSzVCUHRtQmttU0NxYUVEbFFCT2Y3NXR1MG9hSDdLMGREc0JSV2xtdApVMUF5NXV1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjVicDBabGRLd0U0MWdMeFNXT2IxV1ZTRUxqekFLQmdncWhrak9QUVFEQWdOSEFEQkUKQWlBM2piaW0wVEp4bXdQd2dtUGpLQ3BKWHl4SUVVZ0UxOG0wcW16OXlTTFhRUUlnVUduYjh2RnFOZmpUNmpULwphaXRTUVBjTTQ0RVY5TUFSRGFKUmJFZG0xc1k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReFVCbE0rZjlZRVdaL2toN1BMSmZKeU1IenJscFlqd25udVNINE1GTmUKMlhzb1JGb3ltdlVhWDEvWFBIVnpSaVNTZkp6S0tJU0xLM095Y1lnTWhHR29vMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWVXNmRHWlhTc0JPTllDOFVsam05ClZsVWhDNDh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnWFVsZlJZTVdjMVVhSkcwYXFYME1PRDcvL2VOTG9yVXIKU291NDNuNWlmK0lDSVFDdXNJNmNBcnI2Y2t5cWNHZ1NGRlJwMmxROE40MnIyK2EwN2RPMEFtVWg3dz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUNnME5kRWRSRjRacDBLNzA5R1NHWDhWNXAyZXJ0ZktrN2dHelFnTk1HN1FvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVHdyZUFvbm9yVDZLVnF1WlN1TEovczV3bnRsbG1FZXJYb3l5ZThrcmtFKzJZR1NaSUtwbwpRT1ZBRTUvdm0yN1Nob2ZzclIwT3dGRmFXYTFUVURMbTZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=\n", + "id": "167.235.247.244:22:/etc/rancher/k3s/k3s.yaml", + "path": "/etc/rancher/k3s/k3s.yaml" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "data", + "type": "remote_file", + "name": "kustomization_backup", + "provider": "provider[\"registry.terraform.io/tenstad/remote\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "conn": [ + { + "agent": false, + "host": "167.235.247.244", + "password": "", + "port": 22, + "private_key": "-----BEGIN OPENSSH PRIVATE KEY-----\nb3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\nQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsgAAAJiZYtI7mWLS\nOwAAAAtzc2gtZWQyNTUxOQAAACDppcjQxBsUMZ1zixjJ/NA8Iz7fgqgste1GlvTEgaYTsg\nAAAEDLWiPDiI2P8wK7bHz6Xxg1LKWEVekqnkLNEdp//Fi4uOmlyNDEGxQxnXOLGMn80Dwj\nPt+CqCy17UaW9MSBphOyAAAAEWNvbnRhY3RAa2p1dWxoLmlvAQIDBA==\n-----END OPENSSH PRIVATE KEY-----", + "private_key_env_var": "", + "private_key_path": "", + "sudo": false, + "user": "root" + } + ], + "content": "\"apiVersion\": \"kustomize.config.k8s.io/v1beta1\"\n\"kind\": \"Kustomization\"\n\"patchesStrategicMerge\":\n- |\n apiVersion: apps/v1\n kind: DaemonSet\n metadata:\n name: kured\n namespace: kube-system\n spec:\n selector:\n matchLabels:\n name: kured\n template:\n metadata:\n labels:\n name: kured\n spec:\n serviceAccountName: kured\n containers:\n - name: kured\n command:\n - /usr/bin/kured\n - --reboot-command=/usr/bin/systemctl reboot\n- |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: system-upgrade-controller\n namespace: system-upgrade\n spec:\n template:\n spec:\n containers:\n - name: system-upgrade-controller\n volumeMounts:\n - name: ca-certificates\n mountPath: /var/lib/ca-certificates\n volumes:\n - name: ca-certificates\n hostPath:\n path: /var/lib/ca-certificates\n type: Directory\n- \"ccm.yaml\"\n\"resources\":\n- \"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.12.1/ccm-networks.yaml\"\n- \"https://github.com/weaveworks/kured/releases/download/1.9.2/kured-1.9.2-dockerhub.yaml\"\n- \"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml\"\n- \"https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml\"\n- \"traefik_config.yaml\"\n- \"cert-manager.yaml\"\n", + "id": "167.235.247.244:22:/var/post_install/kustomization.yaml", + "path": "/var/post_install/kustomization.yaml" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_firewall", + "name": "k3s", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "apply_to": [ + { + "label_selector": "", + "server": 20285806 + }, + { + "label_selector": "", + "server": 20285807 + }, + { + "label_selector": "", + "server": 20285808 + }, + { + "label_selector": "", + "server": 20285809 + }, + { + "label_selector": "", + "server": 20285810 + }, + { + "label_selector": "", + "server": 20285811 + } + ], + "id": "385507", + "labels": {}, + "name": "clank", + "rule": [ + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "", + "protocol": "icmp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "123", + "protocol": "udp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "443", + "protocol": "tcp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "53", + "protocol": "tcp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "53", + "protocol": "udp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [ + "0.0.0.0/0" + ], + "direction": "out", + "port": "80", + "protocol": "tcp", + "source_ips": [] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "", + "protocol": "icmp", + "source_ips": [ + "0.0.0.0/0" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "", + "protocol": "icmp", + "source_ips": [ + "10.0.0.0/8", + "127.0.0.1/32", + "169.254.169.254/32", + "213.239.246.1/32" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "22", + "protocol": "tcp", + "source_ips": [ + "0.0.0.0/0" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "6443", + "protocol": "tcp", + "source_ips": [ + "0.0.0.0/0" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "any", + "protocol": "tcp", + "source_ips": [ + "10.0.0.0/8", + "127.0.0.1/32", + "169.254.169.254/32", + "213.239.246.1/32" + ] + }, + { + "description": "", + "destination_ips": [], + "direction": "in", + "port": "any", + "protocol": "udp", + "source_ips": [ + "10.0.0.0/8", + "127.0.0.1/32", + "169.254.169.254/32", + "213.239.246.1/32" + ] + } + ] + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_network", + "name": "k3s", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "delete_protection": false, + "id": "1628275", + "ip_range": "10.0.0.0/8", + "labels": {}, + "name": "clank" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_network_subnet", + "name": "agent", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.0.0.0/16", + "ip_range": "10.0.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.1.0.0/16", + "ip_range": "10.1.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.2.0.0/16", + "ip_range": "10.2.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_network_subnet", + "name": "control_plane", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.255.0.0/16", + "ip_range": "10.255.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.254.0.0/16", + "ip_range": "10.254.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "gateway": "10.0.0.1", + "id": "1628275-10.253.0.0/16", + "ip_range": "10.253.0.0/16", + "network_id": 1628275, + "network_zone": "eu-central", + "type": "cloud", + "vswitch_id": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_placement_group", + "name": "agent", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "41238", + "labels": {}, + "name": "clank-agent-1", + "servers": [ + 20285807, + 20285809, + 20285811 + ], + "type": "spread" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_placement_group", + "name": "control_plane", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "41239", + "labels": {}, + "name": "clank-control-plane-1", + "servers": [ + 20285806, + 20285808, + 20285810 + ], + "type": "spread" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "hcloud_ssh_key", + "name": "k3s", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "fingerprint": "f4:16:88:3f:66:9e:f5:7d:d9:ed:20:0e:6a:55:a2:c3", + "id": "6372775", + "labels": {}, + "name": "clank", + "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io" + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "local_file", + "name": "kustomization_backup", + "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "content": "\"apiVersion\": \"kustomize.config.k8s.io/v1beta1\"\n\"kind\": \"Kustomization\"\n\"patchesStrategicMerge\":\n- |\n apiVersion: apps/v1\n kind: DaemonSet\n metadata:\n name: kured\n namespace: kube-system\n spec:\n selector:\n matchLabels:\n name: kured\n template:\n metadata:\n labels:\n name: kured\n spec:\n serviceAccountName: kured\n containers:\n - name: kured\n command:\n - /usr/bin/kured\n - --reboot-command=/usr/bin/systemctl reboot\n- |\n apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: system-upgrade-controller\n namespace: system-upgrade\n spec:\n template:\n spec:\n containers:\n - name: system-upgrade-controller\n volumeMounts:\n - name: ca-certificates\n mountPath: /var/lib/ca-certificates\n volumes:\n - name: ca-certificates\n hostPath:\n path: /var/lib/ca-certificates\n type: Directory\n- \"ccm.yaml\"\n\"resources\":\n- \"https://github.com/hetznercloud/hcloud-cloud-controller-manager/releases/download/v1.12.1/ccm-networks.yaml\"\n- \"https://github.com/weaveworks/kured/releases/download/1.9.2/kured-1.9.2-dockerhub.yaml\"\n- \"https://raw.githubusercontent.com/rancher/system-upgrade-controller/master/manifests/system-upgrade-controller.yaml\"\n- \"https://raw.githubusercontent.com/hetznercloud/csi-driver/v1.6.0/deploy/kubernetes/hcloud-csi.yml\"\n- \"traefik_config.yaml\"\n- \"cert-manager.yaml\"\n", + "content_base64": null, + "directory_permission": "0777", + "file_permission": "600", + "filename": "kustomization_backup.yaml", + "id": "dbde5be8a5091a964a3247a6c23b5ab4f8e9eb26", + "sensitive_content": null, + "source": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.github_release.hetzner_ccm", + "module.kube-hetzner.data.github_release.hetzner_csi", + "module.kube-hetzner.data.github_release.kured", + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.data.remote_file.kustomization_backup", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.local_sensitive_file.kubeconfig", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.null_resource.kustomization", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "local_sensitive_file", + "name": "kubeconfig", + "provider": "provider[\"registry.terraform.io/hashicorp/local\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "content": "apiVersion: v1\nclusters:\n- cluster:\n certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJlRENDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdGMyVnkKZG1WeUxXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRjMlZ5ZG1WeUxXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReW45YTd2ZW1MUzZheE1sbjlvaHRTUENtZTRMaDJZYnJlY0ZHbk1pRmUKeWtKMEllSElEQjBZb3htMzM1NVFjMm5DOW1QODhQUTNlZ2lya2Zkc0pXZFdvMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWd4aDhLMDVNeklhbHoxb0k3a0lQCjZleVZCVVl3Q2dZSUtvWkl6ajBFQXdJRFNRQXdSZ0loQUpwNDJiR1JSK0R5dG8xcFh5SHk1dDZDYS9RNjdoNCsKYWRIVjBsQ2RkRlBWQWlFQXQ2RkpZUXZXcUg2LzlqNkY2K3JFZ0NTZFRwbUM5VDNDd1ZpZm1hNXo4K3M9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n server: https://167.235.247.244:6443\n name: default\ncontexts:\n- context:\n cluster: default\n user: default\n name: default\ncurrent-context: default\nkind: Config\npreferences: {}\nusers:\n- name: default\n user:\n client-certificate-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJrRENDQVRlZ0F3SUJBZ0lJWHF3azVwR1ZNRG93Q2dZSUtvWkl6ajBFQXdJd0l6RWhNQjhHQTFVRUF3d1kKYXpOekxXTnNhV1Z1ZEMxallVQXhOalV5TURFMU1UZ3lNQjRYRFRJeU1EVXdPREV6TURZeU1sb1hEVEl6TURVdwpPREV6TURZeU1sb3dNREVYTUJVR0ExVUVDaE1PYzNsemRHVnRPbTFoYzNSbGNuTXhGVEFUQmdOVkJBTVRESE41CmMzUmxiVHBoWkcxcGJqQlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VIQTBJQUJFOEszZ0tKNkswK2lsYXIKbVVyaXlmN09jSjdaWlpoSHExNk1zbnZKSzVCUHRtQmttU0NxYUVEbFFCT2Y3NXR1MG9hSDdLMGREc0JSV2xtdApVMUF5NXV1alNEQkdNQTRHQTFVZER3RUIvd1FFQXdJRm9EQVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmCkJnTlZIU01FR0RBV2dCUjVicDBabGRLd0U0MWdMeFNXT2IxV1ZTRUxqekFLQmdncWhrak9QUVFEQWdOSEFEQkUKQWlBM2piaW0wVEp4bXdQd2dtUGpLQ3BKWHl4SUVVZ0UxOG0wcW16OXlTTFhRUUlnVUduYjh2RnFOZmpUNmpULwphaXRTUVBjTTQ0RVY5TUFSRGFKUmJFZG0xc1k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0KLS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUJkekNDQVIyZ0F3SUJBZ0lCQURBS0JnZ3Foa2pPUFFRREFqQWpNU0V3SHdZRFZRUUREQmhyTTNNdFkyeHAKWlc1MExXTmhRREUyTlRJd01UVXhPREl3SGhjTk1qSXdOVEE0TVRNd05qSXlXaGNOTXpJd05UQTFNVE13TmpJeQpXakFqTVNFd0h3WURWUVFEREJock0zTXRZMnhwWlc1MExXTmhRREUyTlRJd01UVXhPREl3V1RBVEJnY3Foa2pPClBRSUJCZ2dxaGtqT1BRTUJCd05DQUFReFVCbE0rZjlZRVdaL2toN1BMSmZKeU1IenJscFlqd25udVNINE1GTmUKMlhzb1JGb3ltdlVhWDEvWFBIVnpSaVNTZkp6S0tJU0xLM095Y1lnTWhHR29vMEl3UURBT0JnTlZIUThCQWY4RQpCQU1DQXFRd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZEJnTlZIUTRFRmdRVWVXNmRHWlhTc0JPTllDOFVsam05ClZsVWhDNDh3Q2dZSUtvWkl6ajBFQXdJRFNBQXdSUUlnWFVsZlJZTVdjMVVhSkcwYXFYME1PRDcvL2VOTG9yVXIKU291NDNuNWlmK0lDSVFDdXNJNmNBcnI2Y2t5cWNHZ1NGRlJwMmxROE40MnIyK2EwN2RPMEFtVWg3dz09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K\n client-key-data: LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUNnME5kRWRSRjRacDBLNzA5R1NHWDhWNXAyZXJ0ZktrN2dHelFnTk1HN1FvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFVHdyZUFvbm9yVDZLVnF1WlN1TEovczV3bnRsbG1FZXJYb3l5ZThrcmtFKzJZR1NaSUtwbwpRT1ZBRTUvdm0yN1Nob2ZzclIwT3dGRmFXYTFUVURMbTZ3PT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=\n", + "content_base64": null, + "directory_permission": "0700", + "file_permission": "600", + "filename": "kubeconfig.yaml", + "id": "51b0f8e4bb7ae75ae8aed2aa818d47ff02cfdd0e", + "source": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "agents", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "index_key": "0-0-agent-small1", + "schema_version": 0, + "attributes": { + "id": "2176505815644718391", + "triggers": { + "agent_id": "20285807" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.hcloud_server_network.server", + "module.kube-hetzner.module.agents.random_string.server", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "1-0-agent-small2", + "schema_version": 0, + "attributes": { + "id": "2844766948829955151", + "triggers": { + "agent_id": "20285811" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.hcloud_server_network.server", + "module.kube-hetzner.module.agents.random_string.server", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "2-0-storage1", + "schema_version": 0, + "attributes": { + "id": "6929446356437947923", + "triggers": { + "agent_id": "20285809" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.hcloud_server_network.server", + "module.kube-hetzner.module.agents.random_string.server", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "control_planes", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "index_key": "0-0-control-plane-fsn1", + "schema_version": 0, + "attributes": { + "id": "2906291804049488022", + "triggers": { + "control_plane_id": "20285806" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "1-0-control-plane-nbg1", + "schema_version": 0, + "attributes": { + "id": "7519334347044594476", + "triggers": { + "control_plane_id": "20285810" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + }, + { + "index_key": "2-0-control-plane-hel1", + "schema_version": 0, + "attributes": { + "id": "7465071128357046031", + "triggers": { + "control_plane_id": "20285808" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "destroy_traefik_loadbalancer", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "5718072141935869582", + "triggers": { + "kustomization_id": "6932703477613162485" + } + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.github_release.hetzner_ccm", + "module.kube-hetzner.data.github_release.hetzner_csi", + "module.kube-hetzner.data.github_release.kured", + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.local_sensitive_file.kubeconfig", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.null_resource.kustomization", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "first_control_plane", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "8493463504988894518", + "triggers": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "null_resource", + "name": "kustomization", + "provider": "provider[\"registry.terraform.io/hashicorp/null\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "6932703477613162485", + "triggers": null + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.data.github_release.hetzner_ccm", + "module.kube-hetzner.data.github_release.hetzner_csi", + "module.kube-hetzner.data.github_release.kured", + "module.kube-hetzner.data.remote_file.kubeconfig", + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.local_sensitive_file.kubeconfig", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.hcloud_server_network.server", + "module.kube-hetzner.module.control_planes.random_string.server", + "module.kube-hetzner.null_resource.control_planes", + "module.kube-hetzner.null_resource.first_control_plane", + "module.kube-hetzner.random_password.k3s_token" + ] + } + ] + }, + { + "module": "module.kube-hetzner", + "mode": "managed", + "type": "random_password", + "name": "k3s_token", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "none", + "keepers": null, + "length": 48, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": true, + "override_special": null, + "result": "5udRUWWljozBPauxJF4pbyDKc9aljYVyLITb5KN692dFczeK", + "special": false, + "upper": true + }, + "sensitive_attributes": [], + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "3259911983", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-agent-small1-mdr\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zHjOUwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3zBdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6bovkUhs7BsA1aDRApVJITdF4d5k+0IKITUDscxXokhRFLyiZ8iqFGtUVLu6RRtXoeaoWtGRuZcUayFJeYRfKZ2XtTS2V8QL4rpF1oRPwThc6OpqOs2E6/TA5W0wn88V8nI3SJJ5Mp3EyHvgNav/XCCH9aN3pPrfR2uPlvuzo4/DzZDzNLN/iYzrPdgSfyb0gZdeuc/8rOpuHdtGvCqIQRtM5OB+V7sJK2hWGDJYNnEm5LtBOAIEloZu6+pVBo+l8Mc/ibDJczMezL+PZfOD7L+R7ofvY1094FPbgbeg+/8k07xBO7Yu3HUxSyloYkCso5LodWaBE2IZf8SsEKRxMN9pguX+Nw7lLJOT6QuMgenA6OXtQjsGSRT9krQQpmNuKTzTwMCHXM7SrkEsxRzqIHgd6W8TNi8TuoWQ1xfaWDFekLgyIulyisrfVglQ6l0bDSskSjoPe0V224CU3XTASXgERrAW8egwAXlZSGSJa6PETLb5ITsezxedJMskGvlXwH8Ve7TZMkKpCddsmHSkpzRMG7RIsJsl5OsviqaXao9/NnrwodP/PQEMtBCJD5qbb7iFXhjOamqILrAXaqgIht7aw9iVarlV4+5vO5d5/tiA48P4NAAD//zWzz/kSCgAA" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "fsn1-dc14", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285807", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "142.132.182.232", + "ipv6_address": "2a01:4f8:c012:d1c0::1", + "ipv6_network": "2a01:4f8:c012:d1c0::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "fsn1", + "name": "clank-agent-small1-mdr", + "network": [], + "placement_group_id": 41238, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "D7VXcW+8XFUt2rIoXtjcDwVNF9U=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285807-1628275", + "ip": "10.0.0.101", + "mac_address": "86:00:00:0f:24:bf", + "network_id": null, + "server_id": 20285807, + "subnet_id": "1628275-10.0.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"0-0-agent-small1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "mdr", + "keepers": { + "name": "clank-agent-small1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "mdr", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "2042315058", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-agent-small2-tqu\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xWYW/ayhL9bin/YeR84D09bIekVVsqpOcATVFrnAtO23urCC27A95i77q76xBH98df7TppSEiaK8SHnTmcM3tmPGYohUFhgqypsA9lXRheEWWikl8jew9LWQtGVDPwk0kyPk0vpqN49qfv2VPwBZXmUvShFx4deAdeEOyCDrw77hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvv3v8oUEXqFKhgLKhkX6z68WXKzA3AlG7w2ES1kzQIqxYqvD7yEl7hX3OEuxvO2ihtc2AJ03/MOYejitUIwOUKl+BUxCALNVqoNcGFQrQhFLwDayvfhbw8A4DRNs/NZmqWDDstp1XHBeRbPsiQdjQcdUhtpgxUxeR8iNDTSjW7LiG75I76iq3WAJu/ZWkZck2WBoHUOFdF6KxUDUpscheGUWB/36zi/BcYPcCCky37r9T5ItSXKGnkXTMi1RWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8VvkH3CRn/gBUKodR6RX/HFBhv9yAWd2y9btF6ELNrUSwxyNDcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2kNFdquz4igOSpQWEm4HZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrO6ZPJxqGDgP/aUH/daAl0VirYpAbU+l+FKmqDG95Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6P9gqLX7GjO8gGm+c0q3pZcBpusHlo3E1TVZGl0yGL9u8e2pT1MGbMDe5978H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSHDXvHXaNKbZuPXNjZJy6KZjsZn139ci2/p57NEvD0abX+cm/8Nfw6b3psL8vVdMj+t8rRxjSLU/H/zo66LPOSurBlqfoMQXRHVBSENRF07SCYnpqPdM18QbcDuPreogAtIrNnpHHhJ1hh6ayW3Nt93LjK84hR1H777ltS/tCoJ2SDouy2SS23sGADXoNEAlUohNUXj3WX6QAsiNgGxz1WgS1IUx4H5WXuVQo3qChf3SKNq9DxVC1oyt7JiDWQpr7AL5bOy9qaWyngBfNfIutAJeKcLHR1Nx9kwnX6YnC2mk/liPs5GaRJPptM4GQ/8BrX/e4SQfrTudJ/baO3xcl929HH4eTKeZpZv8TGdZzuCz+RekLJr17n/FZ3NQ7voVwVRCKPpHJyPSndhJe0KQwbLBs6kXBdoJ4DAktBNXf3OoNF0vphncTYZLubj2ZfxbD7w/RfyvdB97OsnPAp78DZ0n39lmncIp/bF2w4mKWUtDMgVFHLdjixQImzDr/gVghQOphttsNy/xuHcJRJyfaFxED04nZw9KMdgyaIfslaCFMxtxScaeJiQ6xnaVcilmCMdRI8DvS3i5kVi91CymmJ7S4YrUhcGRF0uUdnbakEqnUujYaVkCcdB7+guW/CSmy4YCa+ACNYCXj0GAC8rqQwRLfT4iRZfJKfj2eLzJJlkA98q+I9ir3YbJkhVobptk46UlOYJg3YJFpPkPJ1l8dRS7dHvZk9eFLr/Z6ChFgKRIXPTbfeQK8MZTU3RBdYCbVWBkFtbWPsSLdcqvP1N53LvP1sQHHj/BAAA//8z9yJHEgoAAA==" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "nbg1-dc3", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285811", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "116.203.85.75", + "ipv6_address": "2a01:4f8:1c1e:c5b5::1", + "ipv6_network": "2a01:4f8:1c1e:c5b5::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "nbg1", + "name": "clank-agent-small2-tqu", + "network": [], + "placement_group_id": 41238, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "2WwhfGNbb8PWIa5HwzRkeftEW60=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285811-1628275", + "ip": "10.1.0.101", + "mac_address": "86:00:00:0f:24:c4", + "network_id": null, + "server_id": 20285811, + "subnet_id": "1628275-10.1.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"1-0-agent-small2\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "tqu", + "keepers": { + "name": "clank-agent-small2" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "tqu", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "264943894", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-storage1-dsi\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zjD2UwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3ny+INmB3n1tUwAUk1ux0Drwkawy9tZJbm+87FxlecYq6D999S+pfWpWEbBD03RbJpTZ2DIBr0GiASqWQmqLx7jJ9oAURm0AbqcgaewHT3KsUalRXuLhHGVWj56la0JK5dRVrIEt5hV0on5W0t7RUxgvgu0bWhU7AO13o6Gg6zobp9MPkbDGdzBfzcTZKk3gyncbJeOA3qP1fI4T0o3Wn+9w2a4+X+7Kjj8PPk/E0s3yLj+k82xF8JveClF25zvmv6Cwe2iW/KohCGE3n4HxUugsradcXMlg2cCblukDbfQJLQjd19SuDRtP5Yp7F2WS4mI9nX8az+cD3X8j3Qvexj57wKOzB29B9/pNp3iGc2oduO5SklLUwIFdQyHU7rkCJsA2/4lcIUjiYbrTBcv8ah3OXSMj1hcZB9OB0cvagHIMli37IWglSMLcRn2jgYUKuZ2jXIJdijnQQPQ70toibF4ndH5LVFNtbMlyRujAg6nKJyt5WC1LpXBoNKyVLOA56R3fZgpfcdMFIeAVEsBbw6jEAeFlJZYhoocdPtPgiOR3PFp8nySQb+FbBfxR7tdswQaoK1W2bdKSkNE8YtEuwmCTn6SyLp5Zqj343e/Ki0P1bgYZaCESGzE233UGuDGc0NUUXWAu0VQVCbm1h7QO0XKvw9jedy733tSA48P4NAAD//3Tq5JEOCgAA" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "fsn1-dc14", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285809", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "142.132.189.194", + "ipv6_address": "2a01:4f8:c012:d1c2::1", + "ipv6_network": "2a01:4f8:c012:d1c2::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "fsn1", + "name": "clank-storage1-dsi", + "network": [], + "placement_group_id": 41238, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "Nr7zQ070fY606hamZAdNr8bKW6M=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285809-1628275", + "ip": "10.2.0.101", + "mac_address": "86:00:00:0f:24:be", + "network_id": null, + "server_id": 20285809, + "subnet_id": "1628275-10.2.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent", + "module.kube-hetzner.hcloud_placement_group.agent", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.agents.data.cloudinit_config.config", + "module.kube-hetzner.module.agents.hcloud_server.server", + "module.kube-hetzner.module.agents.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.agents[\"2-0-storage1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "dsi", + "keepers": { + "name": "clank-storage1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "dsi", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.agent" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "3900639102", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-fsn1-xgb\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW3W7bOBO9F5B3GCgX/j6sJcVJi7YuDKxiu6nRysraStvdIjBocmyxlkgtScVWsA+/IJU0P06aheELzhyfMzwzHmkohUFhgqypsA9lXRheEWWiku+QvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCO6DDrxb7hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvt3v8oUEXqFKhgLKhkX6z68WXJzD+BKNrgzES1kzQIqxYqvD7yEl7hX3OF9jOdtFTe4sAXovucdwtDFa4VgcoRK8StiEASarVQb4MKgWhGKXgC0le/DPx4AwGmaZuezNEsHHZbTquOC8yyeZUk6Gg86pDbSBiti8j5EaGikG92WEd3wR3xFV+sATd6ztYy4JssCQescKqL1VioGpDY5CsMpsT7u13F+A4wf4EBIl/3W632QakuUNfI2mJCdRWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8WvkX3CRn/gBUKodR6Rn/HFBhv9yAWd2y9btF6ELNrUSwxyNNcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2oNFdquz4igOSpQWEm4GZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrW6ZPJxqGDgP/a0H/d6Al0VirYpAbU+l+FKmqDG94Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6O9gqLn7GjW8gGm+c0q3pZcBpusHlo3HVTVZGl0yGL9u8e2pT1MGbMDe5d78H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSbDXvHXaNKbZuPXNjZJy6KZjsZnuz924lv6+SwRb49G2x/n5rfh38Om9+aCfH2XzE+rPG1cowg1v29+1HWRh9yVNUPNrxGiK6K6IKSBqGsHyeTEdLT7zxdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6dovkUhs7BsA1aDRApVJITdF4t5k+0IKIjd1KRskiqAoiMFhp0Qt266VXKdSornBxhzeqRs9TtaAlc4sr1kCW8gq7UD4rbu9rqYwXwHeNrAudgHe60NHRdJwN0+mHydliOpkv5uNslCbxZDqNk/HAb1D7v0YI6UfrTve5vdYeL/dlRx+HnyfjaWb5Fh/TeXZP8JncC1J2+boefEVn9tCu+1VBFMJoOgfno9JdWEm7yJDBsoEzKdcF2jkgsCR0U1e/Mmg0nS/mWZxNhov5ePZlPJsPfP+FfC90H/sQCo/CHrwN3ec/meYdwql9/LbjSUpZCwNyBYVct4MLlAjb8Ct+hSCFg+lGGyz3r3E4d4mE7C40DqIHp5OzB+UYLFn0Q9ZKkIK53fhEAw8TspuhXYhcijnSQfQ40Nsibl4kdn9NVlNsb8lwRerCgKjLJSp7Wy1IpXNpNKyULOE46B3dZgtectMFI+EVEMFawKvHAOBlJZUhooUeP9Hii+R0PFt8niSTbOBbBf9R7NX9hglSVahu2qQjJaV5wqD7BItJcp7Osnhqqfbo72dPXhS6ez/QUAuByJC56bbbyJXhjKam6AJrgbaqQMitLax9lJZrFd78pnO59+YWBAfevwEAAP//ZWbgRxgKAAA=" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "fsn1-dc14", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285806", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "167.235.247.244", + "ipv6_address": "2a01:4f8:c012:d005::1", + "ipv6_network": "2a01:4f8:c012:d005::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "fsn1", + "name": "clank-control-plane-fsn1-xgb", + "network": [], + "placement_group_id": 41239, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "q20D423pjuDyFaau0XZQMqAEBkU=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285806-1628275", + "ip": "10.255.0.101", + "mac_address": "86:00:00:0f:24:bc", + "network_id": null, + "server_id": 20285806, + "subnet_id": "1628275-10.255.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"0-0-control-plane-fsn1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "xgb", + "keepers": { + "name": "clank-control-plane-fsn1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "xgb", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "995672426", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-nbg1-qoq\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xWYW/ayhL9bin/YeR84D09bIekVVsqpOcATVFrnAtO23urCC27A95i77q76xBH98df7TppSEiaK8SHnTmcM3tmGHsohUFhgqypsA9lXRheEWWikl8jew9LWQtGVDPwk0kyPk0vpqN49qfv2VPwBZXmUvShFx4deAdeEOyCDrw77hHXldTcOCwxhtC8RGHew4oXKEiJA58LbkK6Wvv3v8oUEXqFKhgLKhkX6z68WXKzA3AlG7w2ES1kzQIqxYqvD7yEl7hX3OEuxvO2ihtc2AJ03/MOYejitUIwOUKl+BUxCALNVqoNcGFQrQhFLwDayvfhbw8A4DRNs/NZmqWDDstp1XHBeRbPsiQdjQcdUhtpgxUxeR8iNDTSjW7LiG75I76iq3WAJu/ZWkZck2WBoHUOFdF6KxUDUpscheGUWB/36zi/BcYPcCCky37r9T5ItSXKGnkXTMi1RWeKo4ZjF4qLQm4zWu2DXSZeozBP5GqTS8VvkH3CRn/gBUKodR6RX/HFBhv9yAWd2y9btF6ELNrUSwxyNDcCVWij1ow5GlC4lNJAiSaXDIgGf1MrZP6+C7Ox7cciGWcf09HAoR6qGjtVhFpvSBHUFSMGf2kNFdquz4igOSpQWEm4HZg9pe+qRQWbEx1QWZZSBNrYvl26vJvrO6ZPJxqGDgP/aUH/daAl0VirYpAbU+l+FKmqDG95Qy6jzYmOWnjUKkQlp0pKHQlJFM0dBwoLYIOeO62rNc2Rbm6P9gqLX7GjO8gGm+c0q3pZcBpusHlo3E1TVZGl0yGL9u8e2pT1MGbMDe5978H1Xut88Wge+h5AYMEBsuPXr3vvII7jeHgyvSHDXvHXaNKbZuPXNjZJy6KZjsZn139ci2/p57NEvD0abX+cm/8Nfw6b3psL8vVdMj+t8rRxjSLU/H/zo66LPOSurBlqfoMQXRHVBSENRF07SCYnpqPdf74g2oDdfW5RAReQWLPTOfCSrDH01kpubb7vXGR4xSnqPnz3Lal/aVUSskHQd1skl9rYMQCuQaMBKpVCaorGu8v0gRZEbOxWMkoWQVUQgYFYrnvBT/nTqxRqVFe4uMcbVaPnqVrQkrnFFWsgS3mFXSifFbf3tVTGC+C7RtaFTsA7XejoaDrOhun0w+RsMZ3MF/NxNkqTeDKdxsl44Deo/d8jhPSjdaf73F5rj5f7sqOPw8+T8TSzfIuP6TzbEXwm94KUXb6uB1/RmT20635VEIUwms7B+ah0F1bSLjJksGzgTMp1gXYOCCwJ3dTV7wwaTeeLeRZnk+FiPp59Gc/mA99/Id8L3cc+hMKjsAdvQ/f5V6Z5h3BqH7/teJJS1sKAXEEh1+3gAiXCNvyKXyFI4WC60QbL/Wsczl0iIdcXGgfRg9PJ2YNyDJYs+iFrJUjB3G58ooGHCbmeoV2IXIo50kH0ONDbIm5eJHZ/TVZTbG/JcEXqwoCoyyUqe1stSKVzaTSslCzhOOgd3WULXnLTBSPhFRDBWsCrxwDgZSWVIaKFHj/R4ovkdDxbfJ4kk2zgWwX/UezVbsMEqSpUt23SkZLSPGHQLsFikpynsyyeWqo9+t3syYtC9+8HGmohEBkyN912G7kynNHUFF1gLdBWFQi5tYW1j9JyrcLb33Qu997cguDA+ycAAP//VEY9HRgKAAA=" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "nbg1-dc3", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285810", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "116.203.29.245", + "ipv6_address": "2a01:4f8:1c1e:c5b4::1", + "ipv6_network": "2a01:4f8:1c1e:c5b4::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "nbg1", + "name": "clank-control-plane-nbg1-qoq", + "network": [], + "placement_group_id": 41239, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "sd58J9GBO6v2yR7ice2U4SlzYwA=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285810-1628275", + "ip": "10.254.0.101", + "mac_address": "86:00:00:0f:24:c2", + "network_id": null, + "server_id": 20285810, + "subnet_id": "1628275-10.254.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"1-0-control-plane-nbg1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "qoq", + "keepers": { + "name": "clank-control-plane-nbg1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "qoq", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "data", + "type": "cloudinit_config", + "name": "config", + "provider": "provider[\"registry.terraform.io/hashicorp/cloudinit\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "base64_encode": true, + "boundary": "MIMEBOUNDARY", + "gzip": true, + "id": "1329203202", + "part": [ + { + "content": "#cloud-config\n\nwrite_files:\n\n# Configure the private network interface\n- content: |\n BOOTPROTO='dhcp'\n STARTMODE='auto'\n path: /etc/sysconfig/network/ifcfg-eth1\n\n# Disable ssh password authentication\n- content: |\n PasswordAuthentication no\n X11Forwarding no\n MaxAuthTries 2\n AllowTcpForwarding no\n AllowAgentForwarding no\n AuthorizedKeysFile .ssh/authorized_keys\n path: /etc/ssh/sshd_config.d/kube-hetzner.conf\n\n# Set reboot method as \"kured\"\n- content: |\n REBOOT_METHOD=kured\n path: /etc/transactional-update.conf\n\n# Create Rancher repo config\n- content: |\n [rancher-k3s-common-stable]\n name=Rancher K3s Common (stable)\n baseurl=https://rpm.rancher.io/k3s/stable/common/microos/noarch\n enabled=1\n gpgcheck=1\n repo_gpgcheck=0\n gpgkey=https://rpm.rancher.io/public.key\n path: /etc/zypp/repos.d/rancher-k3s-common.repo\n\n# Add ssh authorized keys\nssh_authorized_keys:\n - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOmlyNDEGxQxnXOLGMn80DwjPt+CqCy17UaW9MSBphOy contact@kjuulh.io\n\n# Resize /var, not /, as that's the last partition in MicroOS image.\ngrowpart:\n devices: [\"/var\"]\n\n# Make sure the hostname is set correctly\nhostname: clank-control-plane-hel1-ugh\npreserve_hostname: true\n\nruncmd:\n\n# As above, make sure the hostname is not reset\n- [sed, '-i', 's/NETCONFIG_NIS_SETDOMAINNAME=\"yes\"/NETCONFIG_NIS_SETDOMAINNAME=\"no\"/g', /etc/sysconfig/network/config]\n- [sed, '-i', 's/DHCLIENT_SET_HOSTNAME=\"yes\"/DHCLIENT_SET_HOSTNAME=\"no\"/g', /etc/sysconfig/network/dhcp]\n\n# We set Cloudflare DNS servers, followed by Google as a backup\n- [sed, '-i', 's/NETCONFIG_DNS_STATIC_SERVERS=\"\"/NETCONFIG_DNS_STATIC_SERVERS=\"1.1.1.1 1.0.0.1 8.8.8.8\"/g', /etc/sysconfig/network/config]\n\n# Bounds the amount of logs that can survive on the system\n- [sed, '-i', 's/#SystemMaxUse=/SystemMaxUse=3G/g', /etc/systemd/journald.conf]\n- [sed, '-i', 's/#MaxRetentionSec=/MaxRetentionSec=1week/g', /etc/systemd/journald.conf]\n\n# Reduces the default number of snapshots from 2-10 number limit, to 4 and from 4-10 number limit important, to 2\n- [sed, '-i', 's/NUMBER_LIMIT=\"2-10\"/NUMBER_LIMIT=\"4\"/g', /etc/snapper/configs/root]\n- [sed, '-i', 's/NUMBER_LIMIT_IMPORTANT=\"4-10\"/NUMBER_LIMIT_IMPORTANT=\"3\"/g', /etc/snapper/configs/root]\n\n# Disables unneeded services\n- [systemctl, disable, '--now', 'rebootmgr.service']\n", + "content_type": "text/cloud-config", + "filename": "init.cfg", + "merge_type": "" + } + ], + "rendered": "H4sIAAAAAAAA/4xW4W/ayBP9bin/w8j5wO+nw3ZIWrWlQjoHaIpa4xw4be+qCC27A95i7/p21yGO7o8/7TppSEiaE+LDzjzem30zHjOUwqAwQdZU2IeyLgyviDJRya+RvYelrAUjqhn4ySQZn6YX01E8+9P37Cn4gkpzKfrQC48OvAMvCHZBB94d94jrSmpuHJYYQ2heojDvYcULFKTEgc8FNyFdrf37X2WKCL1CFYwFlYyLdR/eLLnZAbiSDV6biBayZgGVYsXXB17CS9wr7nAX43lbxQ0ubAG673mHMHTxWiGYHKFS/IoYBIFmK9UGuDCoVoSiFwBt5fvwjwcAcJqm2fkszdJBh+W06rjgPItnWZKOxoMOqY20wYqYvA8RGhrpRrdlRLf8EV/R1TpAk/dsLSOuybJA0DqHimi9lYoBqU2OwnBKrI/7dZzfAuMHOBDSZb/1eh+k2hJljbwLJuTaojPFUcOxC8VFIbcZrfbBLhOvUZgncrXJpeI3yD5hoz/wAiHUOo/Iz/hig41+5ILO7ZctWi9CFm3qJQY5mhuBKrRRa8YcDShcSmmgRJNLBkSDv6kVMn/fhdnY9mORjLOP6WjgUA9VjZ0qQq03pAjqihGDP7WGCm3XZ0TQHBUorCTcDsye0nfVooLNiQ6oLEspAm1s3y5d3s31HdOnEw1Dh4H/taD/O9CSaKxVMciNqXQ/ilRVhre8IZfR5kRHLTxqFaKSUyWljoQkiuaOA4UFsEHPndbVmuZIN7dHe4XFz9jRHWSDzXOaVb0sOA032Dw07qapqsjS6ZBF+3cPbcp6GDPmBve+9+B6r3W+eDQPfQ8gsOAA2fHr1713EMdxPDyZ3pBhr/hrNOlNs/FrG5ukZdFMR+Oz6z+uxbf081ki3h6Ntj/OzW/Dv4dN780F+foumZ9Wedq4RhFqft/8qOsiD7kra4aa3yBEV0R1QUgDUdcOksmJ6Wj3zBdEG7C7zy0q4AISa3Y6B16SNYbeWsmtzfediwyvOEXdh+++JfUvrUpCNgj6bovkUhs7BsA1aDRApVJITdF4d5k+0IKIjd1KRskiqAoi7CNQ9IJ6nXuVQo3qChf3eKNq9DxVC1oyt7hiDWQpr7AL5bPi9r6WyngBfNfIutAJeKcLHR1Nx9kwnX6YnC2mk/liPs5GaRJPptM4GQ/8BrX/a4SQfrTudJ/ba+3xcl929HH4eTKeZpZv8TGdZzuCz+RekLLL1/XgKzqzh3bdrwqiEEbTOTgfle7CStpFhgyWDZxJuS7QzgGBJaGbuvqVQaPpfDHP4mwyXMzHsy/j2Xzg+y/ke6H72JdQeBT24G3oPv/JNO8QTu3rtx1PUspaGJArKOS6HVygRNiGX/ErBCkcTDfaYLl/jcO5SyTk+kLjIHpwOjl7UI7BkkU/ZK0EKZjbjU808DAh1zO0C5FLMUc6iB4HelvEzYvE7tFkNcX2lgxXpC4MiLpcorK31YJUOpdGw0rJEo6D3tFdtuAlN10wEl4BEawFvHoMAF5WUhkiWujxEy2+SE7Hs8XnSTLJBr5V8B/FXu02TJCqQnXbJh0pKc0TBu0SLCbJeTrL4qml2qPfzZ68KHT//0BDLQQiQ+am224jV4YzmpqiC6wF2qoCIbe2sPZVWq5VePubzuXeP7cgOPD+DQAA//9dHkfzGAoAAA==" + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "managed", + "type": "hcloud_server", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "backup_window": "", + "backups": false, + "datacenter": "hel1-dc2", + "delete_protection": false, + "firewall_ids": [ + 385507 + ], + "id": "20285808", + "ignore_remote_firewall_ids": false, + "image": "ubuntu-20.04", + "ipv4_address": "65.108.211.112", + "ipv6_address": "2a01:4f9:c012:5e83::1", + "ipv6_network": "2a01:4f9:c012:5e83::/64", + "iso": null, + "keep_disk": false, + "labels": { + "engine": "k3s", + "provisioner": "terraform" + }, + "location": "hel1", + "name": "clank-control-plane-hel1-ugh", + "network": [], + "placement_group_id": 41239, + "rebuild_protection": false, + "rescue": "linux64", + "server_type": "cpx11", + "ssh_keys": [ + "6372775" + ], + "status": "running", + "timeouts": null, + "user_data": "F4b9NkwJcbpEFxr8BVunS+1C0zo=" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo1NDAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "managed", + "type": "hcloud_server_network", + "name": "server", + "provider": "module.kube-hetzner.provider[\"registry.terraform.io/hetznercloud/hcloud\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "alias_ips": [], + "id": "20285808-1628275", + "ip": "10.253.0.101", + "mac_address": "86:00:00:0f:24:c3", + "network_id": null, + "server_id": 20285808, + "subnet_id": "1628275-10.253.0.0/16" + }, + "sensitive_attributes": [], + "private": "bnVsbA==", + "dependencies": [ + "module.kube-hetzner.hcloud_firewall.k3s", + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane", + "module.kube-hetzner.hcloud_placement_group.control_plane", + "module.kube-hetzner.hcloud_ssh_key.k3s", + "module.kube-hetzner.module.control_planes.data.cloudinit_config.config", + "module.kube-hetzner.module.control_planes.hcloud_server.server", + "module.kube-hetzner.module.control_planes.random_string.server" + ] + } + ] + }, + { + "module": "module.kube-hetzner.module.control_planes[\"2-0-control-plane-hel1\"]", + "mode": "managed", + "type": "random_string", + "name": "server", + "provider": "provider[\"registry.terraform.io/hashicorp/random\"]", + "instances": [ + { + "schema_version": 1, + "attributes": { + "id": "ugh", + "keepers": { + "name": "clank-control-plane-hel1" + }, + "length": 3, + "lower": true, + "min_lower": 0, + "min_numeric": 0, + "min_special": 0, + "min_upper": 0, + "number": false, + "override_special": null, + "result": "ugh", + "special": false, + "upper": false + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "module.kube-hetzner.hcloud_network.k3s", + "module.kube-hetzner.hcloud_network_subnet.control_plane" + ] + } + ] + } + ] +} diff --git a/variables.tf b/variables.tf index 551d387..ecb9dba 100644 --- a/variables.tf +++ b/variables.tf @@ -1,5 +1,11 @@ variable "hcloud_token" { description = "Hetzner Cloud API Token" - type = string - sensitive = true + type = string + sensitive = true +} + +variable "cloudflare_api_token" { + description = "Hetzner Cloud API Token" + type = string + sensitive = true }