Add support for ephemeral hosts

2025-11-12 00:43:05 +01:00 · 2025-11-12 00:43:05 +01:00 · 92e16eea34
commit 92e16eea34
parent 5bfb1a167a
6 changed files with 21 additions and 2 deletions
--- a/modules/infrastructure/hcloud.tf
+++ b/modules/infrastructure/hcloud.tf
@ -35,8 +35,9 @@ resource "hcloud_server" "nodes" {
  server_type = each.value.server_type
  ssh_keys    = [hcloud_ssh_key.default.id]
  user_data   = templatefile("./templates/cloud-init.yaml.tpl", {
-    tailscale_authkey = tailscale_tailnet_key.cloud_init_key.key,
+    tailscale_authkey = each.value.ephemeral ? tailscale_tailnet_key.cloud_init_ephemeral_key.key : tailscale_tailnet_key.cloud_init_key.key,
    default_ssh_key   = var.default_ssh_key.public_key
+    hostname          = each.value.hostname
  })
  placement_group_id = hcloud_placement_group.default.id
  public_net {
--- a/modules/infrastructure/tailscale.tf
+++ b/modules/infrastructure/tailscale.tf
@ -5,6 +5,13 @@ resource "tailscale_tailnet_key" "cloud_init_key" {
  expiry        = 21600 # 6 hours
  description   = "Cloud-init key used by opentofu"
 }
+resource "tailscale_tailnet_key" "cloud_init_ephemeral_key" {
+  reusable      = true
+  ephemeral     = true
+  preauthorized = true
+  expiry        = 21600 # 6 hours
+  description   = "Ephemeral cloud-init key used by opentofu"
+}

 resource "time_sleep" "wait_for_hosts" {
  for_each = var.hosts
--- a/modules/infrastructure/variables.tf
+++ b/modules/infrastructure/variables.tf
@ -46,6 +46,7 @@ variable "hosts" {
    hostname = string
    rdns = string
    provider = string
+    ephemeral = optional(bool, false)
    image = optional(string)
    server_type = optional(string)
    datacenter = optional(string)