2022-01-06 07:16:18 +01:00
# You need to replace these
hcloud_token = "xxxxxxxxxxxxxxxxxxYYYYYYYYYYYYYYYYYYYzzzzzzzzzzzzzzzzzzzzz"
public_key = "/home/username/.ssh/id_ed25519.pub"
2022-01-25 21:41:01 +01:00
# Must be "private_key = null" when you want to use ssh-agent, for a Yubikey like device auth or an SSH key-pair with passphrase
2022-01-06 07:16:18 +01:00
private_key = "/home/username/.ssh/id_ed25519"
# These can be customized, or left with the default values
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
# For Hetzner server types see https://www.hetzner.com/cloud
2022-02-25 19:16:38 +01:00
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
network_region = "eu-central" # change to `us-east` if location is ash
2022-02-27 10:51:41 +01:00
# It's best to leave the network range as is, unless you know what you are doing. The default is "10.0.0.0/8".
# network_ipv4_range = "10.0.0.0/8"
# You can have up to as many subnets as you want (preferably if the form of 10.X.0.0/16), their primary use is to logically separate the nodes. As for the agent nodepools, below is just an example, if you do not want nodepools, just use one, and change the name to what you want, it need not be "big" or "small", also give them the subnet you want, or keep the default.
2022-02-26 12:26:14 +01:00
network_ipv4_subnets = {
2022-02-25 19:16:38 +01:00
control_plane = "10.1.0.0/16"
subnet1 = "10.2.0.0/16"
subnet2 = "10.3.0.0/16"
2022-02-27 21:48:33 +01:00
}
agent_nodepools = {
big = {
server_type = "cpx21",
count = 1,
subnet = "subnet1",
}
small = {
server_type = "cpx11",
count = 2,
subnet = "subnet2",
2022-02-23 16:46:46 +01:00
}
}
2022-01-13 22:41:36 +01:00
# If you want to use a specific Hetzner CCM and CSI version, set them below, otherwise leave as is for the latest versions
# hetzner_ccm_version = ""
2022-01-15 09:04:21 +01:00
# hetzner_csi_version = ""
2022-02-01 23:32:10 +01:00
# If you want to use letsencrypt with tls Challenge, the email address is used to send you certificates expiration notices
# traefik_acme_tls = true
# traefik_acme_email = "mail@example.com"
2022-02-07 16:09:46 +01:00
# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
# allow_scheduling_on_control_plane = true
2022-02-16 03:18:40 +01:00
2022-02-23 21:35:42 +01:00
# If you want to disable automatic upgrade of k3s, you can set this to false, default is "true".
2022-02-16 03:18:40 +01:00
# automatically_upgrade_k3s = false
2022-02-23 21:35:42 +01:00
# Allows you to specify either stable, latest, or testing (defaults to stable), see https://rancher.com/docs/k3s/latest/en/upgrades/basic/
# initial_k3s_channel = "latest"