+25

infra/prod/.terraform.lock.hcl

reviewed

··· 1 1 + # This file is maintained automatically by "tofu init". 2 2 + # Manual edits may be lost in future updates. 3 3 + 4 4 + provider "registry.opentofu.org/renemontilva/clouding" { 5 5 + version = "1.0.1" 6 6 + constraints = ">= 1.0.0" 7 7 + hashes = [ 8 8 + "h1:YlLCHWZ0KDPYLw6VPBict8KKsHZVcm0pvWW/kNGjIno=", 9 9 + "zh:187eb96cd2a0768727d735a1a2d0795e46fd783405c133376251d9f24c8effe4", 10 10 + "zh:5ac07c6342f45dccedb7fdb2ab8f62ab008b13c0d9b0290b7ae8af59bae55613", 11 11 + "zh:700f9e08c12ac505307ca08a5516b546a0e5c3f392aae5909fde9f2fa3992000", 12 12 + "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f", 13 13 + "zh:9189d1869e76cf376bca9cc29568a75074d7783035f181e1951daca002cf016f", 14 14 + "zh:9381dc7d860f76688a0aaf390b2e9fa74cdb6a2e75cf1d7b98d9abe6896be316", 15 15 + "zh:9e151d6ae3e105d9d09147e6e340e863489b7e4f5cdb03bb7bc891ba61976a35", 16 16 + "zh:a43a7350787cd2f58753b41b7c1f9164b8c921590be7f45b9ebb96bff5f93363", 17 17 + "zh:a8736ca52ff81e74d820aaea8cb881432bb12d7d9576968f97dc887ac871d048", 18 18 + "zh:d9eaf212086176c75fd954f76c62628b59456913033b5bc1c733335af1bf5f57", 19 19 + "zh:de283437e2d335cf9249c527c77f56a888d870125d3623f7b51c56fc2f5a7281", 20 20 + "zh:dfdad92f93b603f1863b2d66c72acdf5d044e37488fe2d45c83e3ba512412862", 21 21 + "zh:e2c5446a7705d34f3e44037c88eec213fc291d11d810315ca9942fd0cfda8071", 22 22 + "zh:ebb9bc6639d8bfa9edfb3927f31ab012b76f158c95f96055af3dbfbfbb99e10d", 23 23 + "zh:ec431afc740d6b1c1c29f37f3de3a751c55ce18cae2bbd215e435ec79a64ce65", 24 24 + ] 25 25 + }

+88

infra/prod/main.tf

reviewed

··· 1 1 + terraform { 2 2 + required_providers { 3 3 + clouding = { 4 4 + source = "astrojuanlu/clouding" 5 5 + version = "1.0.1" 6 6 + } 7 7 + } 8 8 + } 9 9 + 10 10 + provider "clouding" {} 11 11 + 12 12 + data "clouding_sshkey" "main" { 13 13 + id = "LQbN5nv9krK9JaeZ" 14 14 + } 15 15 + 16 16 + data "clouding_image" "ubuntu_24_04" { 17 17 + id = "p06Wq42PGkneDVEb" 18 18 + } 19 19 + 20 20 + resource "clouding_firewall" "knot" { 21 21 + name = "Knot Firewall" 22 22 + description = "Firewall rules for Knot server (SSH, Git SSH, Web)" 23 23 + } 24 24 + 25 25 + # Allow SSH (port 22) 26 26 + resource "clouding_firewall_rule" "ssh" { 27 27 + firewall_id = clouding_firewall.knot.id 28 28 + description = "Allow SSH" 29 29 + protocol = "tcp" 30 30 + port_range_min = 22 31 31 + port_range_max = 22 32 32 + source_ip = "0.0.0.0/0" 33 33 + } 34 34 + 35 35 + # Allow Git SSH (port 2222) 36 36 + resource "clouding_firewall_rule" "git_ssh" { 37 37 + firewall_id = clouding_firewall.knot.id 38 38 + description = "Allow Git SSH" 39 39 + protocol = "tcp" 40 40 + port_range_min = 2222 41 41 + port_range_max = 2222 42 42 + source_ip = "0.0.0.0/0" 43 43 + } 44 44 + 45 45 + # Allow Knot server (port 5555) 46 46 + resource "clouding_firewall_rule" "knot_server" { 47 47 + firewall_id = clouding_firewall.knot.id 48 48 + description = "Allow Knot server" 49 49 + protocol = "tcp" 50 50 + port_range_min = 5555 51 51 + port_range_max = 5555 52 52 + source_ip = "0.0.0.0/0" 53 53 + } 54 54 + 55 55 + # Create a server for Knot 56 56 + resource "clouding_server" "knot0" { 57 57 + name = "nudo0" 58 58 + hostname = "nudo0" 59 59 + flavor_id = "0.5x1" 60 60 + firewall_id = clouding_firewall.knot.id 61 61 + 62 62 + volume = { 63 63 + source = "image" 64 64 + id = data.clouding_image.ubuntu_24_04.id 65 65 + ssd_gb = 20 66 66 + } 67 67 + 68 68 + access_configuration = { 69 69 + ssh_key_id = data.clouding_sshkey.main.id 70 70 + } 71 71 + 72 72 + enable_strict_antiddos_filtering = false 73 73 + 74 74 + # backup_preference = { 75 75 + # frequency = "OneWeek" 76 76 + # slots = 4 77 77 + # } 78 78 + 79 79 + # user_data = file("${path.module}/cloud-init.yaml") 80 80 + 81 81 + timeouts = { 82 82 + create = "10m" 83 83 + } 84 84 + } 85 85 + 86 86 + output "knot0_ipv4" { 87 87 + value = try(clouding_server.knot0.hostname, "Not yet assigned") 88 88 + }