use locals to deduplicate ssh key expressions

This commit is contained in:
phaer 2022-01-25 14:21:58 +01:00
parent 9bb945a302
commit 07ab83a09f
4 changed files with 22 additions and 14 deletions

View File

@ -28,8 +28,8 @@ resource "hcloud_server" "agents" {
connection {
user = "root"
private_key = var.private_key == null ? null : file(var.private_key)
agent_identity = var.private_key == null ? file(var.public_key) : null
private_key = local.ssh_private_key
agent_identity = local.ssh_identity
host = self.ipv4_address
}
}
@ -40,8 +40,8 @@ resource "hcloud_server" "agents" {
connection {
user = "root"
private_key = var.private_key == null ? null : file(var.private_key)
agent_identity = var.private_key == null ? file(var.public_key) : null
private_key = local.ssh_private_key
agent_identity = local.ssh_identity
host = self.ipv4_address
}
}

View File

@ -1,7 +1,15 @@
locals {
first_control_plane_network_ip = cidrhost(hcloud_network.k3s.ip_range, 2)
ssh_public_key = trimspace(file(var.public_key))
hcloud_image_name = "ubuntu-20.04"
ssh_public_key = trimspace(file(var.public_key))
# ssh_private_key is either the contents of var.private_key or null to use a ssh agent.
ssh_private_key = var.private_key == null ? null : trimspace(file(var.private_key))
# ssh_identity is not set if the private key is passed directly, but if ssh agent is used, the public key tells ssh agent which private key to use.
# For terraforms provisioner.connection.agent_identity, we need the public key as a string.
ssh_identity = var.private_key == null ? local.ssh_public_key : null
# ssh_identity_file is used for ssh "-i" flag, its the private key if that is set, or a public key file
# if an ssh agent is used.
ssh_identity_file = var.private_key == null ? var.public_key : var.private_key
k3os_install_commands = [
"apt install -y grub-efi grub-pc-bin mtools xorriso",

View File

@ -24,8 +24,8 @@ resource "hcloud_server" "first_control_plane" {
connection {
user = "root"
private_key = var.private_key == null ? null : file(var.private_key)
agent_identity = var.private_key == null ? file(var.public_key) : null
private_key = local.ssh_private_key
agent_identity = local.ssh_identity
host = self.ipv4_address
}
}
@ -36,8 +36,8 @@ resource "hcloud_server" "first_control_plane" {
connection {
user = "root"
private_key = var.private_key == null ? null : file(var.private_key)
agent_identity = var.private_key == null ? file(var.public_key) : null
private_key = local.ssh_private_key
agent_identity = local.ssh_identity
host = self.ipv4_address
}
}
@ -45,7 +45,7 @@ resource "hcloud_server" "first_control_plane" {
# Wait for k3os to be ready and fetch kubeconfig.yaml
provisioner "local-exec" {
command = <<-EOT
sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${var.private_key} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml
sleep 60 && ping ${self.ipv4_address} | grep --line-buffered "bytes from" | head -1 && sleep 100 && scp -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i ${local.ssh_identity_file} rancher@${self.ipv4_address}:/etc/rancher/k3s/k3s.yaml ${path.module}/kubeconfig.yaml
sed -i -e 's/127.0.0.1/${self.ipv4_address}/g' ${path.module}/kubeconfig.yaml
EOT
}

View File

@ -27,8 +27,8 @@ resource "hcloud_server" "control_planes" {
connection {
user = "root"
private_key = var.private_key == null ? null : file(var.private_key)
agent_identity = var.private_key == null ? file(var.public_key) : null
private_key = local.ssh_private_key
agent_identity = local.ssh_identity
host = self.ipv4_address
}
}
@ -39,8 +39,8 @@ resource "hcloud_server" "control_planes" {
connection {
user = "root"
private_key = var.private_key == null ? null : file(var.private_key)
agent_identity = var.private_key == null ? file(var.public_key) : null
private_key = local.ssh_private_key
agent_identity = local.ssh_identity
host = self.ipv4_address
}
}