use jsonencode, not template for config.ign

This commit is contained in:
phaer 2022-02-19 15:07:39 +01:00
parent 2a47ad6b89
commit 406ba988bf
5 changed files with 32 additions and 43 deletions

View File

@ -24,10 +24,7 @@ resource "hcloud_server" "agents" {
} }
provisioner "file" { provisioner "file" {
content = templatefile("${path.module}/templates/config.ign.tpl", { content = local.ignition_config
name = self.name
ssh_public_key = local.ssh_public_key
})
destination = "/root/config.ign" destination = "/root/config.ign"
} }

View File

@ -38,6 +38,34 @@ locals {
"umount /mnt" "umount /mnt"
] ]
ignition_config = jsonencode({
ignition = {
version = "3.0.0"
}
passwd = {
users = [{
name = "root"
sshAuthorizedKeys = [local.ssh_public_key]
}]
}
storage = {
files = [
{
path = "/etc/sysconfig/network/ifcfg-eth1"
mode = 420
overwrite = true
contents = { "source" = "data:,BOOTPROTO%3D%27dhcp%27%0ASTARTMODE%3D%27auto%27" }
},
{
path = "/etc/ssh/sshd_config.d/kube-hetzner.conf"
mode = 420
overwrite = true
contents = { "source" = "data:,PasswordAuthentication%20no%0AX11Forwarding%20no%0AMaxAuthTries%202%0AAllowTcpForwarding%20no%0AAllowAgentForwarding%20no%0AAuthorizedKeysFile%20.ssh%2Fauthorized_keys" }
}
]
}
})
combustion_script = <<EOF combustion_script = <<EOF
#!/bin/bash #!/bin/bash
# combustion: network # combustion: network
@ -60,4 +88,5 @@ udevadm settle
install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=server sh -"]) install_k3s_server = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_SKIP_START=true INSTALL_K3S_EXEC=server sh -"])
install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_EXEC=agent sh -"]) install_k3s_agent = concat(local.common_commands_install_k3s, ["curl -sfL https://get.k3s.io | INSTALL_K3S_SKIP_SELINUX_RPM=true INSTALL_K3S_EXEC=agent sh -"])
} }

View File

@ -22,10 +22,7 @@ resource "hcloud_server" "first_control_plane" {
} }
provisioner "file" { provisioner "file" {
content = templatefile("${path.module}/templates/config.ign.tpl", { content = local.ignition_config
name = self.name
ssh_public_key = local.ssh_public_key
})
destination = "/root/config.ign" destination = "/root/config.ign"
} }

View File

@ -23,10 +23,7 @@ resource "hcloud_server" "control_planes" {
} }
provisioner "file" { provisioner "file" {
content = templatefile("${path.module}/templates/config.ign.tpl", { content = local.ignition_config
name = self.name
ssh_public_key = local.ssh_public_key
})
destination = "/root/config.ign" destination = "/root/config.ign"
} }

View File

@ -1,31 +0,0 @@
{
"ignition": {
"version": "3.0.0"
},
"passwd": {
"users": [
{
"name": "root",
"sshAuthorizedKeys": [
"${ssh_public_key}"
]
}
]
},
"storage": {
"files": [
{
"path": "/etc/sysconfig/network/ifcfg-eth1",
"mode": 420,
"overwrite": true,
"contents": { "source": "data:,BOOTPROTO%3D%27dhcp%27%0ASTARTMODE%3D%27auto%27" }
},
{
"path": "/etc/ssh/sshd_config.d/kube-hetzner.conf",
"mode": 420,
"overwrite": true,
"contents": { "source": "data:,PasswordAuthentication%20no%0AX11Forwarding%20no%0AMaxAuthTries%202%0AAllowTcpForwarding%20no%0AAllowAgentForwarding%20no%0AAuthorizedKeysFile%20.ssh%2Fauthorized_keys" }
}
]
}
}