39 lines
2.1 KiB
Plaintext
39 lines
2.1 KiB
Plaintext
# You need to replace these
|
|
hcloud_token = "xxxxxxxxxxxxxxxxxxYYYYYYYYYYYYYYYYYYYzzzzzzzzzzzzzzzzzzzzz"
|
|
public_key = "/home/username/.ssh/id_ed25519.pub"
|
|
# Must be "private_key = null" when you want to use ssh-agent, for a Yubikey like device auth or an SSH key-pair with passphrase
|
|
private_key = "/home/username/.ssh/id_ed25519"
|
|
|
|
# These can be customized, or left with the default values
|
|
# For Hetzner locations see https://docs.hetzner.com/general/others/data-centers-and-connection/
|
|
# For Hetzner server types see https://www.hetzner.com/cloud
|
|
location = "fsn1" # change to `ash` for us-east Ashburn, Virginia location
|
|
network_region = "eu-central" # change to `us-east` if location is ash
|
|
agent_server_type = "cpx21"
|
|
control_plane_server_type = "cpx11"
|
|
lb_server_type = "lb11"
|
|
|
|
# At least 3 server nodes is recommended for HA, otherwise you need to turn off automatic upgrade (see ReadMe).
|
|
servers_num = 3
|
|
|
|
# For agent nodes, at least 2 is recommended for HA, but you can keep automatic upgrades.
|
|
agents_num = 2
|
|
|
|
# If you want to use a specific Hetzner CCM and CSI version, set them below, otherwise leave as is for the latest versions
|
|
# hetzner_ccm_version = ""
|
|
# hetzner_csi_version = ""
|
|
|
|
# If you want to kustomize the Hetzner CCM and CSI containers with the "latest" tags and imagePullPolicy Always,
|
|
# to have them automatically update when the node themselve get updated via the rancher system upgrade controller, the default is "false".
|
|
# If you choose to keep the default of "false", you can always use ArgoCD to monitor the CSI and CCM manifest for new releases,
|
|
# that is probably the more "vanilla" option to keep these components always updated.
|
|
# hetzner_ccm_containers_latest = true
|
|
# hetzner_csi_containers_latest = true
|
|
|
|
# If you want to use letsencrypt with tls Challenge, the email address is used to send you certificates expiration notices
|
|
# traefik_acme_tls = true
|
|
# traefik_acme_email = "mail@example.com"
|
|
|
|
# If you want to allow non-control-plane workloads to run on the control-plane nodes set "true" below. The default is "false".
|
|
# allow_scheduling_on_control_plane = true
|