Add support for ephemeral hosts

2025-11-12 00:43:05 +01:00 · 2025-11-12 00:43:05 +01:00 · 92e16eea34
commit 92e16eea34
parent 5bfb1a167a
6 changed files with 21 additions and 2 deletions
--- a/hosts.auto.tfvars
+++ b/hosts.auto.tfvars
@ -23,4 +23,13 @@ hosts = {
    server_type = "cx32"
    datacenter = "fsn1-dc14"
  },
+  #"node004" = {
+  #  hostname = "node004"
+  #  rdns = "node004.serguzim.net"
+  #  provider = "hetzner"
+  #  ephemeral = true
+  #  image = "debian-12"
+  #  server_type = "cpx62"
+  #  datacenter = "fsn1-dc14"
+  #},
 }
--- a/modules/infrastructure/hcloud.tf
+++ b/modules/infrastructure/hcloud.tf
@ -35,8 +35,9 @@ resource "hcloud_server" "nodes" {
  server_type = each.value.server_type
  ssh_keys    = [hcloud_ssh_key.default.id]
  user_data   = templatefile("./templates/cloud-init.yaml.tpl", {
-    tailscale_authkey = tailscale_tailnet_key.cloud_init_key.key,
+    tailscale_authkey = each.value.ephemeral ? tailscale_tailnet_key.cloud_init_ephemeral_key.key : tailscale_tailnet_key.cloud_init_key.key,
    default_ssh_key   = var.default_ssh_key.public_key
+    hostname          = each.value.hostname
  })
  placement_group_id = hcloud_placement_group.default.id
  public_net {
--- a/modules/infrastructure/tailscale.tf
+++ b/modules/infrastructure/tailscale.tf
@ -5,6 +5,13 @@ resource "tailscale_tailnet_key" "cloud_init_key" {
  expiry        = 21600 # 6 hours
  description   = "Cloud-init key used by opentofu"
 }
+resource "tailscale_tailnet_key" "cloud_init_ephemeral_key" {
+  reusable      = true
+  ephemeral     = true
+  preauthorized = true
+  expiry        = 21600 # 6 hours
+  description   = "Ephemeral cloud-init key used by opentofu"
+}

 resource "time_sleep" "wait_for_hosts" {
  for_each = var.hosts
--- a/modules/infrastructure/variables.tf
+++ b/modules/infrastructure/variables.tf
@ -46,6 +46,7 @@ variable "hosts" {
    hostname = string
    rdns = string
    provider = string
+    ephemeral = optional(bool, false)
    image = optional(string)
    server_type = optional(string)
    datacenter = optional(string)
--- a/templates/cloud-init.yaml.tpl
+++ b/templates/cloud-init.yaml.tpl
@ -36,5 +36,5 @@ runcmd:
  #####################################################################
  # One-command install, from https://tailscale.com/download/
  - ['sh', '-c', 'curl -fsSL https://tailscale.com/install.sh | sh']
-  - ['tailscale', 'up', '--authkey=${tailscale_authkey}']
+  - ['tailscale', 'up', '--authkey=${tailscale_authkey}', '--hostname=${hostname}']

--- a/variables.tf
+++ b/variables.tf
@ -183,6 +183,7 @@ variable "hosts" {
    hostname = string
    rdns = string
    provider = string
+    ephemeral = optional(bool, false)
    image = optional(string)
    server_type = optional(string)
    datacenter = optional(string)