diff --git a/modules/hetzner/networks.tf b/modules/hetzner/networks.tf
index 9aa4c42..86e0570 100644
--- a/modules/hetzner/networks.tf
+++ b/modules/hetzner/networks.tf
@@ -58,6 +58,22 @@ resource "hcloud_firewall" "firewall" {
]
protocol = "udp"
},
+ {
+ description = "Allow TCP access to port 80"
+ source_ips = [
+ local.global_ipv4_cidr,
+ local.global_ipv6_cidr,
+ ]
+ port = 80
+ },
+ {
+ description = "Allow TCP access to port 443"
+ source_ips = [
+ local.global_ipv4_cidr,
+ local.global_ipv6_cidr,
+ ]
+ port = 443
+ },
# Direct public access only allowed if single manager node
{
description = "Allow access to Kubernetes API"
diff --git a/modules/hetzner/variables.tf b/modules/hetzner/variables.tf
index 3627fe8..ef4cfb4 100644
--- a/modules/hetzner/variables.tf
+++ b/modules/hetzner/variables.tf
@@ -12,7 +12,6 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-
variable "firewall_allow_api_access" {
type = list(string)
description = "CIDR range to allow access to the Kubernetes API"
diff --git a/modules/kubernetes/.terraform.lock.hcl b/modules/kubernetes/.terraform.lock.hcl
index c2733d9..53199ac 100644
--- a/modules/kubernetes/.terraform.lock.hcl
+++ b/modules/kubernetes/.terraform.lock.hcl
@@ -40,23 +40,3 @@ provider "registry.terraform.io/hashicorp/kubernetes" {
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.6.2"
- constraints = ">= 3.6.2, < 4.0.0"
- hashes = [
- "h1:wmG0QFjQ2OfyPy6BB7mQ57WtoZZGGV07uAPQeDmIrAE=",
- "zh:0ef01a4f81147b32c1bea3429974d4d104bbc4be2ba3cfa667031a8183ef88ec",
- "zh:1bcd2d8161e89e39886119965ef0f37fcce2da9c1aca34263dd3002ba05fcb53",
- "zh:37c75d15e9514556a5f4ed02e1548aaa95c0ecd6ff9af1119ac905144c70c114",
- "zh:4210550a767226976bc7e57d988b9ce48f4411fa8a60cd74a6b246baf7589dad",
- "zh:562007382520cd4baa7320f35e1370ffe84e46ed4e2071fdc7e4b1a9b1f8ae9b",
- "zh:5efb9da90f665e43f22c2e13e0ce48e86cae2d960aaf1abf721b497f32025916",
- "zh:6f71257a6b1218d02a573fc9bff0657410404fb2ef23bc66ae8cd968f98d5ff6",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:9647e18f221380a85f2f0ab387c68fdafd58af6193a932417299cdcae4710150",
- "zh:bb6297ce412c3c2fa9fec726114e5e0508dd2638cad6a0cb433194930c97a544",
- "zh:f83e925ed73ff8a5ef6e3608ad9225baa5376446349572c2449c0c0b3cf184b7",
- "zh:fbef0781cb64de76b1df1ca11078aecba7800d82fd4a956302734999cfd9a4af",
- ]
-}
diff --git a/modules/kubernetes/README.md b/modules/kubernetes/README.md
index b4bd9c5..04e77f8 100644
--- a/modules/kubernetes/README.md
+++ b/modules/kubernetes/README.md
@@ -8,7 +8,6 @@
| [terraform](#requirement\_terraform) | >= 1.0.0 |
| [helm](#requirement\_helm) | >= 2.14.0, < 3.0.0 |
| [kubernetes](#requirement\_kubernetes) | >= 2.31.0, < 3.0.0 |
-| [random](#requirement\_random) | >= 3.6.2, < 4.0.0 |
## Providers
@@ -16,7 +15,6 @@
|------|---------|
| [helm](#provider\_helm) | 2.14.1 |
| [kubernetes](#provider\_kubernetes) | 2.31.0 |
-| [random](#provider\_random) | 3.6.2 |
## Modules
@@ -29,13 +27,14 @@ No modules.
| [helm_release.argocd](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [helm_release.hcloud_ccm](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
| [helm_release.hcloud_csi](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
-| [helm_release.ingress_nginx](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |
+| [kubernetes_config_map_v1.metallb](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/config_map_v1) | resource |
| [kubernetes_namespace_v1.argocd](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource |
| [kubernetes_namespace_v1.external_secrets](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource |
+| [kubernetes_namespace_v1.metallb](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/namespace_v1) | resource |
| [kubernetes_secret_v1.github_secret](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret_v1) | resource |
| [kubernetes_secret_v1.hcloud](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret_v1) | resource |
| [kubernetes_secret_v1.infisical](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/resources/secret_v1) | resource |
-| [random_integer.ingress_load_balancer_id](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/integer) | resource |
+| [kubernetes_nodes.cluster](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs/data-sources/nodes) | data source |
## Inputs
@@ -54,12 +53,9 @@ No modules.
| [hetzner\_csi\_driver\_version](#input\_hetzner\_csi\_driver\_version) | Tag of the CSI driver to use - defaults to latest | `string` | `null` | no |
| [infisical\_client\_id](#input\_infisical\_client\_id) | Infisical client ID | `string` | n/a | yes |
| [infisical\_client\_secret](#input\_infisical\_client\_secret) | Infisical client secret | `string` | n/a | yes |
-| [ingress\_nginx\_version](#input\_ingress\_nginx\_version) | Version of Ingress Nginx to install - defaults to latest | `string` | `null` | no |
| [k3s\_cluster\_cidr](#input\_k3s\_cluster\_cidr) | CIDR used for the k3s cluster | `string` | `"10.244.0.0/16"` | no |
| [kube\_context](#input\_kube\_context) | Kubernetes context to use | `string` | `"default"` | no |
| [kubeconfig](#input\_kubeconfig) | Kubeconfig for the cluster | `string` | n/a | yes |
-| [load\_balancer\_location](#input\_load\_balancer\_location) | Location to use for the load balancer | `string` | n/a | yes |
-| [load\_balancer\_type](#input\_load\_balancer\_type) | Type of load balancer to use | `string` | `"lb11"` | no |
## Outputs
diff --git a/modules/kubernetes/files/ingress-nginx.yaml b/modules/kubernetes/files/ingress-nginx.yaml
deleted file mode 100644
index 1cfa077..0000000
--- a/modules/kubernetes/files/ingress-nginx.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-# The proxy protocol settings conflict with cert-manager
-# @link https://github.com/kube-hetzner/terraform-hcloud-kube-hetzner/issues/354
-controller:
- kind: DaemonSet
- config:
- use-proxy-protocol: false
- extraArgs:
- enable-ssl-passthrough: true
- service:
- annotations:
- load-balancer.hetzner.cloud/name: "${name}"
- load-balancer.hetzner.cloud/location: "${location}"
- load-balancer.hetzner.cloud/type: "${type}"
- load-balancer.hetzner.cloud/disable-private-ingress: true
- load-balancer.hetzner.cloud/use-private-ip: true
- load-balancer.hetzner.cloud/uses-proxyprotocol: false
diff --git a/modules/kubernetes/ingress-nginx.tf b/modules/kubernetes/ingress-nginx.tf
deleted file mode 100644
index 6de3a8e..0000000
--- a/modules/kubernetes/ingress-nginx.tf
+++ /dev/null
@@ -1,47 +0,0 @@
-# Copyright 2024 Simon Emms
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Deploy via Terraform to ensure load balancer is stopped when destroying infra
-
-resource "random_integer" "ingress_load_balancer_id" {
- min = 1000
- max = 9999
-}
-
-resource "helm_release" "ingress_nginx" {
- chart = "ingress-nginx"
- name = "ingress-nginx"
- atomic = true
- cleanup_on_fail = true
- create_namespace = true
- namespace = "ingress-nginx"
- repository = "https://kubernetes.github.io/ingress-nginx"
- reset_values = true
- version = var.ingress_nginx_version
- wait = true
-
- values = [
- templatefile("${path.module}/files/ingress-nginx.yaml", {
- location = var.load_balancer_location
- name = "k3s-${random_integer.ingress_load_balancer_id.result}"
- type = var.load_balancer_type
- })
- ]
-
- # Depend upon the HCloud CCM to allow the load balancer to be deleted on-destroy
- depends_on = [
- helm_release.hcloud_ccm,
- helm_release.hcloud_csi,
- ]
-}
diff --git a/modules/kubernetes/metallb.tf b/modules/kubernetes/metallb.tf
new file mode 100644
index 0000000..3f022fb
--- /dev/null
+++ b/modules/kubernetes/metallb.tf
@@ -0,0 +1,51 @@
+# Copyright 2024 Simon Emms
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+data "kubernetes_nodes" "cluster" {
+ depends_on = [
+ helm_release.hcloud_ccm,
+ helm_release.hcloud_csi,
+ ]
+}
+
+resource "kubernetes_namespace_v1" "metallb" {
+ metadata {
+ name = "metallb-system"
+ }
+}
+
+resource "kubernetes_config_map_v1" "metallb" {
+ metadata {
+ name = "nodes"
+ namespace = kubernetes_namespace_v1.metallb.metadata[0].name
+ }
+
+ data = {
+ resource = yamlencode({
+ apiVersion = "metallb.io/v1beta1"
+ kind = "IPAddressPool"
+ metadata = {
+ name = "nodes"
+ namespace = kubernetes_namespace_v1.metallb.metadata[0].name
+ }
+ spec = {
+ addresses = [
+ for n in flatten(data.kubernetes_nodes.cluster.nodes[*].status[*].addresses) : "${n.address}/32" if n.type == "ExternalIP"
+ ]
+ }
+ })
+ }
+
+ immutable = false
+}
diff --git a/modules/kubernetes/terraform.tf b/modules/kubernetes/terraform.tf
index b7df0cc..e617aec 100644
--- a/modules/kubernetes/terraform.tf
+++ b/modules/kubernetes/terraform.tf
@@ -23,10 +23,6 @@ terraform {
source = "hashicorp/kubernetes"
version = ">= 2.31.0, < 3.0.0"
}
- random = {
- source = "hashicorp/random"
- version = ">= 3.6.2, < 4.0.0"
- }
}
}
diff --git a/modules/kubernetes/variables.tf b/modules/kubernetes/variables.tf
index 0b00621..d47b8ae 100644
--- a/modules/kubernetes/variables.tf
+++ b/modules/kubernetes/variables.tf
@@ -94,12 +94,6 @@ variable "kube_context" {
default = "default"
}
-variable "ingress_nginx_version" {
- type = string
- description = "Version of Ingress Nginx to install - defaults to latest"
- default = null
-}
-
variable "infisical_client_id" {
type = string
description = "Infisical client ID"
@@ -111,14 +105,3 @@ variable "infisical_client_secret" {
description = "Infisical client secret"
sensitive = true
}
-
-variable "load_balancer_location" {
- type = string
- description = "Location to use for the load balancer"
-}
-
-variable "load_balancer_type" {
- type = string
- description = "Type of load balancer to use"
- default = "lb11"
-}
diff --git a/registry/clusters/dev/components/ingress-nginx.yaml b/registry/clusters/dev/components/ingress-nginx.yaml
new file mode 100644
index 0000000..856bf41
--- /dev/null
+++ b/registry/clusters/dev/components/ingress-nginx.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: ingress-nginx-components
+ namespace: argocd
+ annotations:
+ argocd.argoproj.io/sync-wave: "20"
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://github.com/mrsimonemms/infrastructure
+ path: registry/components/ingress-nginx
+ targetRevision: HEAD
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: ingress-nginx
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=true
diff --git a/registry/clusters/dev/components/metallb.yaml b/registry/clusters/dev/components/metallb.yaml
new file mode 100644
index 0000000..2294c0e
--- /dev/null
+++ b/registry/clusters/dev/components/metallb.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: metallb-components
+ namespace: argocd
+ annotations:
+ argocd.argoproj.io/sync-wave: "10"
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://github.com/mrsimonemms/infrastructure
+ path: registry/components/metallb
+ targetRevision: HEAD
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: metallb-system
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=true
diff --git a/registry/clusters/prod/components/ingress-nginx.yaml b/registry/clusters/prod/components/ingress-nginx.yaml
new file mode 100644
index 0000000..856bf41
--- /dev/null
+++ b/registry/clusters/prod/components/ingress-nginx.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: ingress-nginx-components
+ namespace: argocd
+ annotations:
+ argocd.argoproj.io/sync-wave: "20"
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://github.com/mrsimonemms/infrastructure
+ path: registry/components/ingress-nginx
+ targetRevision: HEAD
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: ingress-nginx
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=true
diff --git a/registry/clusters/prod/components/metallb.yaml b/registry/clusters/prod/components/metallb.yaml
new file mode 100644
index 0000000..2294c0e
--- /dev/null
+++ b/registry/clusters/prod/components/metallb.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: metallb-components
+ namespace: argocd
+ annotations:
+ argocd.argoproj.io/sync-wave: "10"
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ repoURL: https://github.com/mrsimonemms/infrastructure
+ path: registry/components/metallb
+ targetRevision: HEAD
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: metallb-system
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=true
diff --git a/registry/components/ingress-nginx/application.yaml b/registry/components/ingress-nginx/application.yaml
new file mode 100644
index 0000000..ccc1939
--- /dev/null
+++ b/registry/components/ingress-nginx/application.yaml
@@ -0,0 +1,33 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: ingress-nginx
+ namespace: argocd
+ annotations:
+ argocd.argoproj.io/sync-wave: "10"
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ chart: ingress-nginx
+ repoURL: https://kubernetes.github.io/ingress-nginx
+ targetRevision: 4.11.3
+ helm:
+ valuesObject:
+ controller:
+ # Not strictly necessary, but feels safer running on all nodes
+ kind: DaemonSet
+ config:
+ use-proxy-protocol: false
+ extraArgs:
+ enable-ssl-passthrough: true
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: ingress-nginx
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=true
diff --git a/registry/components/ingress-nginx/kustomization.yaml b/registry/components/ingress-nginx/kustomization.yaml
new file mode 100644
index 0000000..0e0a709
--- /dev/null
+++ b/registry/components/ingress-nginx/kustomization.yaml
@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - application.yaml
+ - namespace.yaml
diff --git a/registry/components/ingress-nginx/namespace.yaml b/registry/components/ingress-nginx/namespace.yaml
new file mode 100644
index 0000000..94411e3
--- /dev/null
+++ b/registry/components/ingress-nginx/namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: ingress-nginx
+ annotations:
+ argocd.argoproj.io/sync-wave: "-1"
diff --git a/registry/components/metallb/application.yaml b/registry/components/metallb/application.yaml
new file mode 100644
index 0000000..30b167a
--- /dev/null
+++ b/registry/components/metallb/application.yaml
@@ -0,0 +1,24 @@
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+ name: metallb
+ namespace: argocd
+ annotations:
+ argocd.argoproj.io/sync-wave: "10"
+ finalizers:
+ - resources-finalizer.argocd.argoproj.io
+spec:
+ project: default
+ source:
+ chart: metallb
+ repoURL: https://metallb.github.io/metallb
+ targetRevision: 0.14.8
+ destination:
+ server: https://kubernetes.default.svc
+ namespace: metallb-system
+ syncPolicy:
+ automated:
+ prune: true
+ selfHeal: true
+ syncOptions:
+ - CreateNamespace=true
diff --git a/registry/components/metallb/generator.yaml b/registry/components/metallb/generator.yaml
new file mode 100644
index 0000000..cf28a57
--- /dev/null
+++ b/registry/components/metallb/generator.yaml
@@ -0,0 +1,61 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: kubectl-metallb-system
+ namespace: metallb-system
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: Role
+metadata:
+ name: kubectl-metallb-system
+ namespace: metallb-system
+rules:
+ - apiGroups:
+ - ""
+ resources:
+ - configmaps
+ verbs:
+ - get
+ - apiGroups:
+ - metallb.io
+ resources:
+ - ipaddresspools
+ verbs:
+ - get
+ - create
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+ name: kubectl-metallb-system
+ namespace: metallb-system
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: kubectl-metallb-system
+subjects:
+ - kind: ServiceAccount
+ name: kubectl-metallb-system
+ namespace: metallb-system
+---
+apiVersion: batch/v1
+kind: Job
+metadata:
+ name: generator
+ namespace: metallb-system
+ annotations:
+ argocd.argoproj.io/sync-wave: "20"
+spec:
+ backoffLimit: 5
+ ttlSecondsAfterFinished: 30
+ template:
+ spec:
+ containers:
+ - name: address-pool
+ image: bitnami/kubectl:1.30
+ command:
+ - bash
+ - -c
+ - kubectl get configmap -n metallb-system nodes -o jsonpath='{.data.resource}' | kubectl apply -f -
+ restartPolicy: OnFailure
+ serviceAccountName: kubectl-metallb-system
diff --git a/registry/components/metallb/kustomization.yaml b/registry/components/metallb/kustomization.yaml
new file mode 100644
index 0000000..9d33bce
--- /dev/null
+++ b/registry/components/metallb/kustomization.yaml
@@ -0,0 +1,6 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+ - application.yaml
+ - l2-advertisement.yaml
+ - generator.yaml
diff --git a/registry/components/metallb/l2-advertisement.yaml b/registry/components/metallb/l2-advertisement.yaml
new file mode 100644
index 0000000..407b270
--- /dev/null
+++ b/registry/components/metallb/l2-advertisement.yaml
@@ -0,0 +1,8 @@
+apiVersion: metallb.io/v1beta1
+kind: L2Advertisement
+metadata:
+ name: nodes
+ namespace: metallb-system
+ annotations:
+ argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true
+ argocd.argoproj.io/sync-wave: "20"
diff --git a/registry/components/metallb/namespace.yaml b/registry/components/metallb/namespace.yaml
new file mode 100644
index 0000000..28cd7d6
--- /dev/null
+++ b/registry/components/metallb/namespace.yaml
@@ -0,0 +1,6 @@
+apiVersion: v1
+kind: Namespace
+metadata:
+ name: metallb-system
+ annotations:
+ argocd.argoproj.io/sync-wave: "-1"
diff --git a/registry/components/monitoring/application.yaml b/registry/components/monitoring/application.yaml
index 28d7a24..a232af1 100644
--- a/registry/components/monitoring/application.yaml
+++ b/registry/components/monitoring/application.yaml
@@ -26,7 +26,7 @@ spec:
gethomepage.dev/description: Grafana Dashboards
gethomepage.dev/enabled: "true"
gethomepage.dev/group: Cluster Management
- gethomepage.dev/icon: grafana
+ gethomepage.dev/icon: gr afana
gethomepage.dev/name: Grafana
ingressClassName: nginx
hosts:
diff --git a/stacks/dev/kubernetes/.terraform.lock.hcl b/stacks/dev/kubernetes/.terraform.lock.hcl
index c2733d9..2e4c0a7 100644
--- a/stacks/dev/kubernetes/.terraform.lock.hcl
+++ b/stacks/dev/kubernetes/.terraform.lock.hcl
@@ -2,61 +2,41 @@
# Manual edits may be lost in future updates.
provider "registry.terraform.io/hashicorp/helm" {
- version = "2.14.1"
+ version = "2.16.1"
constraints = ">= 2.14.0, < 3.0.0"
hashes = [
- "h1:G9CHU8KJrKkOILDnkU38VLBrd8CQwk1SSLJiTNxssSU=",
- "zh:0b8190016b101edbec158f869e14e5bcb9708dc88040e3d0119f6bf0a0384fa6",
- "zh:0bd483d0193716ee7f30ce2e25eebb463aa51700c716842e25026bf2167e8feb",
- "zh:5c8c16640f84f952e7ed1bab43b91c65f97168dd3bc189ea368e07fd40d44037",
- "zh:67729452ff9c4f7a32d2e0008ce5deb86293929704ed3219971595db757924fa",
- "zh:72dd1bc749de240e3700623ab1ff9b490ad5bbf17338e02d30b13a04a3b3c4ef",
- "zh:7dcaec73d82c61f4bf315a5074217c6a8c1f774955a7b6f80c943a8907067a6f",
- "zh:a48e27fbd17112e4f29d67d0467a8ea1ca554f98bf1f0748f1ebbc61355c465e",
- "zh:b6283654f06d6ac5e0d67b0807c348fe5a700febf18f4990bf965705b379e29e",
- "zh:dee35c1a536364431b9a6e022a9f89e2942425ca7111edd1ea89d596d68ee4e7",
+ "h1:TerRBdq69SxIWg3ET2VE0bcP0BYRIWZOp1QxXj/14Fk=",
+ "zh:0003f6719a32aee9afaeeb001687fc0cfc8c2d5f54861298cf1dc5711f3b4e65",
+ "zh:16cd5bfee09e7bb081b8b4470f31a9af508e52220fd97fd81c6dda725d9422fe",
+ "zh:51817de8fdc2c2e36785f23fbf4ec022111bd1cf7679498c16ad0ad7471c16db",
+ "zh:51b95829b2873be40a65809294bffe349e40cfccc3ff6fee0f471d01770e0ebd",
+ "zh:56b158dde897c47e1460181fc472c3e920aa23db40579fdc2aad333c1456d2dd",
+ "zh:916641d26c386959eb982e680028aa677b787687ef7c1283241e45620bc8df50",
+ "zh:aec15ca8605babba77b283f2ca35daca53e006d567e1c3a3daf50497035b820b",
+ "zh:c2cecf710b87c8f3a4d186da2ea12cf08041f97ae0c6db82649720d6ed929d65",
+ "zh:dbdd96f17aea25c7db2d516ab8172a5e683c6686c72a1a44173d2fe96319be39",
+ "zh:de11e180368434a796b1ab6f20fde7554dc74f7800e063b8e4c8ec3a86d0be63",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
- "zh:f5dd0141145104c681620d470093bd16bf3e4833021907581317c0b4ed650f8d",
- "zh:f7fe46792e37d918e14740fb562b92a6d1594d60a43cc6b944a23a32930a2b16",
+ "zh:f827a9c1540d210c56053a2d5d5a6abda924896ffa8eeedc94054cf6d44c5f60",
]
}
provider "registry.terraform.io/hashicorp/kubernetes" {
- version = "2.31.0"
+ version = "2.33.0"
constraints = ">= 2.31.0, < 3.0.0"
hashes = [
- "h1:wGHbATbv/pBVTST1MtEn0zyVhZbzZJD2NYq2EddASHY=",
- "zh:0d16b861edb2c021b3e9d759b8911ce4cf6d531320e5dc9457e2ea64d8c54ecd",
- "zh:1bad69ed535a5f32dec70561eb481c432273b81045d788eb8b37f2e4a322cc40",
- "zh:43c58e3912fcd5bb346b5cb89f31061508a9be3ca7dd4cd8169c066203bcdfb3",
- "zh:4778123da9206918a92dfa73cc711475d2b9a8275ff25c13a30513c523ac9660",
- "zh:8bfa67d2db03b3bfae62beebe6fb961aee8d91b7a766efdfe4d337b33dfd23dd",
- "zh:9020bb5729db59a520ade5e24984b737e65f8b81751fbbd343926f6d44d22176",
- "zh:90431dbfc5b92498bfbce38f0b989978c84421a6c33245b97788a46b563fbd6e",
- "zh:b71a061dda1244f6a52500e703a9524b851e7b11bbf238c17bbd282f27d51cb2",
- "zh:d6232a7651b834b89591b94bf4446050119dcde740247e6083a4d55a2cefd28a",
- "zh:d89fba43e699e28e2b5e92fff2f75fc03dbc8de0df9dacefe1a8836f8f430753",
- "zh:ef85c0b744f5ba1b10dadc3c11e331ba4225c45bb733e024d7218c24b02b0512",
+ "h1:Z2R1cnALV1BgzldRWir/TUvg10gkWSdEGsYJHFqD3bc=",
+ "zh:255b35790b706d405e987750190658dcaefb663741b96803a9529ba5d7435329",
+ "zh:362feba1aa820a8e02869ec71d1a08e87243dbce43671dc0995fa6c5a2fafa1d",
+ "zh:39332abcf75b5dd9c78c79c7c0c094f7d4ca908d1b76bbd2aae67e8e3516710c",
+ "zh:3e8e7f758bb09a9b5b613c8866e77541f8f00b521070cc86bc095ce61f010baf",
+ "zh:427883b889b9c36630c3eec4d5c07bc4ae12cc0d358fc17ea42a8049bf8d5275",
+ "zh:69bfc4ed067a5e4844db1a1809343652ff239aa0a8da089b1671524c44e8740a",
+ "zh:6b9f731062b945c5020e0930ed9a1b1b50afd2caf751f0e70a282d165c970979",
+ "zh:6faf9ec006af7ee7014a9c3251d65b701792abb823f149b0b7e4ac4433848201",
+ "zh:b706f76d695104a47682ee6ab842870f9c70a680f979fa9e7efe34278c0831bc",
+ "zh:b9bca48de2c92f57389ed58dd2fac564deaccd79a92cafd08edeed3ba6b91d4d",
+ "zh:bbd3336dbee5aed9880f98e36fb8340e0c6d8f0399a05787521af599ccb3dac4",
"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
]
}
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.6.2"
- constraints = ">= 3.6.2, < 4.0.0"
- hashes = [
- "h1:wmG0QFjQ2OfyPy6BB7mQ57WtoZZGGV07uAPQeDmIrAE=",
- "zh:0ef01a4f81147b32c1bea3429974d4d104bbc4be2ba3cfa667031a8183ef88ec",
- "zh:1bcd2d8161e89e39886119965ef0f37fcce2da9c1aca34263dd3002ba05fcb53",
- "zh:37c75d15e9514556a5f4ed02e1548aaa95c0ecd6ff9af1119ac905144c70c114",
- "zh:4210550a767226976bc7e57d988b9ce48f4411fa8a60cd74a6b246baf7589dad",
- "zh:562007382520cd4baa7320f35e1370ffe84e46ed4e2071fdc7e4b1a9b1f8ae9b",
- "zh:5efb9da90f665e43f22c2e13e0ce48e86cae2d960aaf1abf721b497f32025916",
- "zh:6f71257a6b1218d02a573fc9bff0657410404fb2ef23bc66ae8cd968f98d5ff6",
- "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
- "zh:9647e18f221380a85f2f0ab387c68fdafd58af6193a932417299cdcae4710150",
- "zh:bb6297ce412c3c2fa9fec726114e5e0508dd2638cad6a0cb433194930c97a544",
- "zh:f83e925ed73ff8a5ef6e3608ad9225baa5376446349572c2449c0c0b3cf184b7",
- "zh:fbef0781cb64de76b1df1ca11078aecba7800d82fd4a956302734999cfd9a4af",
- ]
-}
diff --git a/stacks/dev/kubernetes/terragrunt.hcl b/stacks/dev/kubernetes/terragrunt.hcl
index 54edecb..04829f0 100644
--- a/stacks/dev/kubernetes/terragrunt.hcl
+++ b/stacks/dev/kubernetes/terragrunt.hcl
@@ -27,14 +27,12 @@ dependency "hetzner" {
hcloud_network_name = "some-network-name"
k3s_cluster_cidr = "some-cluster-cidr"
kubeconfig = "some-kubeconfig"
- location = "some-location"
}
}
inputs = {
- domain = "dev.simonemms.com"
- hcloud_network_name = dependency.hetzner.outputs.hcloud_network_name
- k3s_cluster_cidr = dependency.hetzner.outputs.k3s_cluster_cidr
- kubeconfig = dependency.hetzner.outputs.kubeconfig
- load_balancer_location = dependency.hetzner.outputs.location
+ domain = "dev.simonemms.com"
+ hcloud_network_name = dependency.hetzner.outputs.hcloud_network_name
+ k3s_cluster_cidr = dependency.hetzner.outputs.k3s_cluster_cidr
+ kubeconfig = dependency.hetzner.outputs.kubeconfig
}
diff --git a/stacks/prod/kubernetes/terragrunt.hcl b/stacks/prod/kubernetes/terragrunt.hcl
index b3823c7..d818b2e 100644
--- a/stacks/prod/kubernetes/terragrunt.hcl
+++ b/stacks/prod/kubernetes/terragrunt.hcl
@@ -27,15 +27,13 @@ dependency "hetzner" {
hcloud_network_name = "some-network-name"
k3s_cluster_cidr = "some-cluster-cidr"
kubeconfig = "some-kubeconfig"
- location = "some-location"
}
}
inputs = {
- cluster_issuer = "letsencrypt"
- domain = "simonemms.com"
- hcloud_network_name = dependency.hetzner.outputs.hcloud_network_name
- k3s_cluster_cidr = dependency.hetzner.outputs.k3s_cluster_cidr
- kubeconfig = dependency.hetzner.outputs.kubeconfig
- load_balancer_location = dependency.hetzner.outputs.location
+ cluster_issuer = "letsencrypt"
+ domain = "simonemms.com"
+ hcloud_network_name = dependency.hetzner.outputs.hcloud_network_name
+ k3s_cluster_cidr = dependency.hetzner.outputs.k3s_cluster_cidr
+ kubeconfig = dependency.hetzner.outputs.kubeconfig
}