2022-01-06 07:16:18 +01:00
|
|
|
# You need to replace these
|
|
|
|
hcloud_token = "xxxxxxxxxxxxxxxxxxYYYYYYYYYYYYYYYYYYYzzzzzzzzzzzzzzzzzzzzz"
|
|
|
|
public_key = "/home/username/.ssh/id_ed25519.pub"
|
2022-01-25 21:41:01 +01:00
|
|
|
# Must be "private_key = null" when you want to use ssh-agent, for a Yubikey like device auth or an SSH key-pair with passphrase
|
2022-01-06 07:16:18 +01:00
|
|
|
private_key = "/home/username/.ssh/id_ed25519"
|
|
|
|
|
|
|
|
# These can be customized, or left with the default values
|
|
|
|
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
|
|
|
|
# For Hetzner server types see https://www.hetzner.com/cloud
|
2022-02-25 19:16:38 +01:00
|
|
|
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
|
|
|
|
network_region = "eu-central" # change to `us-east` if location is ash
|
2022-02-27 10:51:41 +01:00
|
|
|
|
|
|
|
# It's best to leave the network range as is, unless you know what you are doing. The default is "10.0.0.0/8".
|
|
|
|
# network_ipv4_range = "10.0.0.0/8"
|
|
|
|
|
2022-02-28 00:17:52 +01:00
|
|
|
# You can have up to as many subnets as you want (preferably if the form of 10.X.0.0/16),
|
|
|
|
# their primary use is to logically separate the nodes.
|
2022-02-26 12:26:14 +01:00
|
|
|
network_ipv4_subnets = {
|
2022-02-25 19:16:38 +01:00
|
|
|
control_plane = "10.1.0.0/16"
|
2022-02-28 00:17:52 +01:00
|
|
|
agent_big = "10.2.0.0/16"
|
|
|
|
agent_small = "10.3.0.0/16"
|
2022-02-27 21:48:33 +01:00
|
|
|
}
|
2022-02-27 21:51:21 +01:00
|
|
|
|
2022-02-28 00:17:52 +01:00
|
|
|
# As for the agent nodepools, below is just an example, if you do not want nodepools, just use one,
|
|
|
|
# and change the name to what you want, it need not be "agent-big" or "agent-small", also give them the subnet prefer.
|
2022-02-27 21:48:33 +01:00
|
|
|
agent_nodepools = {
|
2022-02-28 00:17:52 +01:00
|
|
|
agent-big = {
|
2022-02-27 21:48:33 +01:00
|
|
|
server_type = "cpx21",
|
|
|
|
count = 1,
|
2022-02-28 00:17:52 +01:00
|
|
|
subnet = "agent_big",
|
2022-02-27 21:48:33 +01:00
|
|
|
}
|
2022-02-28 00:17:52 +01:00
|
|
|
agent-small = {
|
2022-02-27 21:48:33 +01:00
|
|
|
server_type = "cpx11",
|
|
|
|
count = 2,
|
2022-02-28 00:17:52 +01:00
|
|
|
subnet = "agent_small",
|
2022-02-23 16:46:46 +01:00
|
|
|
}
|
|
|
|
}
|
2022-01-13 22:41:36 +01:00
|
|
|
|
|
|
|
# If you want to use a specific Hetzner CCM and CSI version, set them below, otherwise leave as is for the latest versions
|
|
|
|
# hetzner_ccm_version = ""
|
2022-01-15 09:04:21 +01:00
|
|
|
# hetzner_csi_version = ""
|
|
|
|
|
2022-02-01 23:32:10 +01:00
|
|
|
# If you want to use letsencrypt with tls Challenge, the email address is used to send you certificates expiration notices
|
|
|
|
# traefik_acme_tls = true
|
|
|
|
# traefik_acme_email = "mail@example.com"
|
2022-02-07 16:09:46 +01:00
|
|
|
|
|
|
|
# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
|
|
|
|
# allow_scheduling_on_control_plane = true
|
2022-02-16 03:18:40 +01:00
|
|
|
|
2022-02-23 21:35:42 +01:00
|
|
|
# If you want to disable automatic upgrade of k3s, you can set this to false, default is "true".
|
2022-02-16 03:18:40 +01:00
|
|
|
# automatically_upgrade_k3s = false
|
|
|
|
|
2022-02-23 21:35:42 +01:00
|
|
|
# Allows you to specify either stable, latest, or testing (defaults to stable), see https://rancher.com/docs/k3s/latest/en/upgrades/basic/
|
|
|
|
# initial_k3s_channel = "latest"
|
2022-02-27 23:15:46 +01:00
|
|
|
|
|
|
|
# Adding extra firewall rules, like opening a port
|
|
|
|
# In this example with allow port TCP 5432 for a Postgres service we will open via a nodeport
|
|
|
|
# More info on the format here https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall
|
2022-02-27 23:30:56 +01:00
|
|
|
# extra_firewall_rules = [
|
|
|
|
# {
|
|
|
|
# direction = "in"
|
|
|
|
# protocol = "tcp"
|
|
|
|
# port = "5432"
|
|
|
|
# source_ips = [
|
|
|
|
# "0.0.0.0/0"
|
|
|
|
# ]
|
|
|
|
# },
|
|
|
|
# ]
|