diff --git a/terraform/hetzner/network.tf b/terraform/hetzner/network.tf index 8e3ce66..eff848a 100644 --- a/terraform/hetzner/network.tf +++ b/terraform/hetzner/network.tf @@ -1,24 +1,34 @@ -resource "hcloud_network" "us_east" { - name = "us-east" - ip_range = "10.128.0.0/10" +resource "hcloud_network" "us_east_lan" { + name = "us-east-lan" + ip_range = "10.128.1.0/24" } resource "hcloud_network_subnet" "lan" { - network_id = hcloud_network.us_east.id + network_id = hcloud_network.us_east_lan.id type = "cloud" network_zone = "us-east" ip_range = "10.128.1.0/24" } +resource "hcloud_network" "us_east_sync" { + name = "us-east-sync" + ip_range = "10.128.2.0/24" +} + resource "hcloud_network_subnet" "sync" { - network_id = hcloud_network.us_east.id + network_id = hcloud_network.us_east_sync.id type = "cloud" network_zone = "us-east" ip_range = "10.128.2.0/24" } +resource "hcloud_network" "us_east_cluster" { + name = "us-east-cluster" + ip_range = "10.128.3.0/24" +} + resource "hcloud_network_subnet" "cluster" { - network_id = hcloud_network.us_east.id + network_id = hcloud_network.us_east_cluster.id type = "cloud" network_zone = "us-east" ip_range = "10.128.3.0/24" @@ -72,4 +82,24 @@ resource "hcloud_floating_ip" "opnsense_float_v6" { type = "ipv6" home_location = "ash" delete_protection = true -} \ No newline at end of file +} + +resource "hcloud_floating_ip_assignment" "opnsense-a-v4" { + floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id + server_id = hcloud_server.opnsense_a.id +} + +resource "hcloud_floating_ip_assignment" "opnsense-a-v6" { + floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id + server_id = hcloud_server.opnsense_a.id +} + +# resource "hcloud_floating_ip_assignment" "opnsense-b-v4" { +# floating_ip_id = hcloud_floating_ip.opnsense_float_v4.id +# server_id = hcloud_server.opnsense_b.id +# } + +# resource "hcloud_floating_ip_assignment" "opnsense-b-v6" { +# floating_ip_id = hcloud_floating_ip.opnsense_float_v6.id +# server_id = hcloud_server.opnsense_b.id +# } diff --git a/terraform/hetzner/servers.tf b/terraform/hetzner/servers.tf index f0a8be8..0c1e556 100644 --- a/terraform/hetzner/servers.tf +++ b/terraform/hetzner/servers.tf @@ -8,32 +8,39 @@ resource "hcloud_placement_group" "nodes" { type = "spread" } -# resource "hcloud_server" "opnsense_b" { -# name = "opnsense-b" -# server_type = "cpx11" -# image = "ubuntu-22.04" -# location = "ash" -# datacenter = "ash-dc1" -# keep_disk = true -# backups = false +resource "hcloud_server" "opnsense_a" { + name = "opnsense-a" + server_type = "cpx11" + image = "ubuntu-22.04" + location = "ash" + datacenter = "ash-dc1" + keep_disk = true + backups = false # ssh_keys = [ # hcloud_ssh_key.default.id # ] -# public_net { -# ipv4_enabled = true -# ipv4 = hcloud_primary_ip.opnsense_b_v4.id -# ipv6_enabled = true -# ipv6 = hcloud_primary_ip.opnsense_b_v6.id -# } -# network { -# network_id = hcloud_network_subnet.lan.id -# ip = "10.128.1.240" -# } -# network { -# network_id = hcloud_network_subnet.sync.id -# ip = "10.128.2.20" -# } -# delete_protection = true -# rebuild_protection = true -# placement_group_id = hcloud_placement_group.firewalls.id -# } \ No newline at end of file + public_net { + ipv4_enabled = true + ipv4 = hcloud_primary_ip.opnsense_a_v4.id + ipv6_enabled = true + ipv6 = hcloud_primary_ip.opnsense_a_v6.id + } + firewall_ids = [ + hcloud_firewall.opnsense.id + ] + network { + network_id = hcloud_network.us_east_lan.id + ip = "10.128.1.250" + } + network { + network_id = hcloud_network.us_east_sync.id + ip = "10.128.2.10" + } + depends_on = [ + hcloud_network_subnet.lan, + hcloud_network_subnet.sync + ] + delete_protection = true + rebuild_protection = true + placement_group_id = hcloud_placement_group.firewalls.id +} \ No newline at end of file