Add healthchecksio provider and refactor ip-for-host collection

modules/infrastructure/healthchecksio.tf

@@ -0,0 +1,32 @@
+data "healthchecksio_channel" "email" {
+  kind = "email"
+}
+
+data "healthchecksio_channel" "signal" {
+  kind = "signal"
+}
+
+data "healthchecksio_channel" "ntfy" {
+  kind = "ntfy"
+}
+
+resource "healthchecksio_check" "backup" {
+  for_each = var.hosts
+
+  name = "backup@${each.value.hostname}"
+  desc = "A check for the backup on ${each.value.hostname}"
+
+  tags = [
+    "backup",
+    each.value.hostname,
+  ]
+
+  channels = [
+    data.healthchecksio_channel.email.id,
+    data.healthchecksio_channel.signal.id,
+    data.healthchecksio_channel.ntfy.id,
+  ]
+
+  timeout = 86400
+  grace = 1800
+}

modules/infrastructure/main.tf

@@ -8,6 +8,10 @@ terraform {
       source = "hetznercloud/hcloud"
       version = "~> 1.45.0"
     }
+    healthchecksio = {
+      source = "kristofferahl/healthchecksio"
+      version = "~> 1.6.0"
+    }
     ovh = {
       source = "ovh/ovh"
       version = "~> 0.48.0"
@@ -34,6 +38,10 @@ provider "hcloud" {
   token = var.hcloud_token
 }
 
+provider "healthchecksio" {
+  api_key = var.healthchecksio_api_key
+}
+
 provider "ovh" {
   endpoint = "ovh-eu"
   application_key = var.ovh_application_key

modules/infrastructure/output.tf

@@ -1,17 +1,38 @@
 output "hosts" {
   value = {
-    for subdomain in distinct([for record in ovh_domain_zone_record.server_records : record.subdomain]) : 
-    subdomain => {
-      "hostname" = subdomain
-      "fqdn" = "${subdomain}.${ovh_domain_zone_record.server_records["${subdomain}:ipv4"].zone}"
+    for key, host in var.hosts :
+    key => {
+      "hostname" = host.hostname
+      "fqdn" = "${host.hostname}.serguzim.net"
+      "fqdn_vpn" = "${host.hostname}.vpn.serguzim.net"
       "ipv4_address" = try(
-        ovh_domain_zone_record.server_records["${subdomain}:ipv4"].target, 
+        local.server_addresses_separated["${key}:ipv4"].address,
         null
       )
       "ipv6_address" = try(
-        ovh_domain_zone_record.server_records["${subdomain}:ipv6"].target, 
+        local.server_addresses_separated["${key}:ipv6"].address,
         null
       )
+
+      ipv4_address_vpn = try(
+        local.tailscale_host_addresses_separated["${key}:ipv4"].address,
+        null
+      )
+      ipv6_address_vpn = try(
+        local.tailscale_host_addresses_separated["${key}:ipv6"].address,
+        null
+      )
+    }
+  }
+}
+
+output "healthchecksio" {
+  value = {
+    backup = {
+      for key, check in healthchecksio_check.backup : key => {
+        "id" = check.id
+        "ping_url" = check.ping_url
+      }
     }
   }
 }

modules/infrastructure/ovh.tf

@@ -1,8 +1,9 @@
 locals {
   server_addresses = flatten([
     [
-      for host in contabo_instance.nodes : [
+      for key, host in contabo_instance.nodes : [
         {
+          key = key
           hostname = host.display_name
           ipv4_address = host.ip_config[0].v4[0].ip
           ipv6_address = host.ip_config[0].v6[0].ip
@@ -10,8 +11,9 @@ locals {
       ]
     ],
     [
-      for host in hcloud_server.nodes : [
+      for key, host in hcloud_server.nodes : [
         {
+          key = key
           hostname = host.name
           ipv4_address = host.ipv4_address
           ipv6_address = host.ipv6_address
@@ -20,34 +22,32 @@ locals {
     ]
   ])
 
-  server_addresses_separated = flatten([
-    for host in local.server_addresses : [
-      {
+  server_addresses_separated = merge([
+    for host in local.server_addresses : {
+      "${host.key}:ipv4" = {
         hostname = host.hostname
-        key      = "${host.hostname}:ipv4"
         address  = host.ipv4_address
       },
-      {
+      "${host.key}:ipv6" = {
         hostname = host.hostname
-        key      = "${host.hostname}:ipv6"
         address  = host.ipv6_address
       },
-    ]
-  ])
+    }
+  ]...)
 
-  tailscale_host_addresses = flatten([
-    for host in data.tailscale_devices.nodes.devices : [
-      for index, address in host.addresses : {
-        hostname = host.hostname
-        key      = "${host.hostname}:${index}"
-        address  = address
-      }
-    ]
-  ])
+  tailscale_host_addresses_separated = merge([
+    for host in data.tailscale_devices.nodes.devices : {
+      for address in host.addresses :
+        "${host.hostname}:${strcontains(address, ":") ? "ipv6" : "ipv4"}" => {
+          hostname = host.hostname
+          address  = address
+        }
+    }
+  ]...)
 }
 
 resource "ovh_domain_zone_record" "server_records" {
-  for_each  = { for entry in local.server_addresses_separated: entry.key => entry }
+  for_each  = local.server_addresses_separated
   zone      = "serguzim.net"
   subdomain = each.value.hostname
   fieldtype = strcontains(each.value.address, ":") ? "AAAA" : "A"
@@ -56,7 +56,7 @@ resource "ovh_domain_zone_record" "server_records" {
 }
 
 resource "ovh_domain_zone_record" "tailscale_vpn" {
-  for_each  = { for entry in local.tailscale_host_addresses: entry.key => entry }
+  for_each  = local.tailscale_host_addresses_separated
   zone      = "serguzim.net"
   subdomain = "${each.value.hostname}.vpn"
   fieldtype = strcontains(each.value.address, ":") ? "AAAA" : "A"

modules/infrastructure/tailscale.tf

@@ -9,3 +9,9 @@ resource "tailscale_tailnet_key" "cloud_init_key" {
 data "tailscale_devices" "nodes" {
   name_prefix = "node"
 }
+
+locals {
+  tailscale_devices = {
+    for host in data.tailscale_devices.nodes.devices : host.hostname => host
+  }
+}

modules/infrastructure/variables.tf

@@ -20,6 +20,11 @@ variable "hcloud_token" {
 }
 
 
+variable "healthchecksio_api_key" {
+  sensitive = true
+}
+
+
 variable "ovh_application_key" {
   sensitive = true
 }