Improve first creation of servers

modules/infrastructure/output.tf

@@ -15,12 +15,12 @@ output "hosts" {
         null
       )
 
-      ipv4_address_vpn = try(
+      "ipv4_address_vpn" = try(
-        local.tailscale_host_addresses_separated["${key}:ipv4"].address,
+        local.tailscale_host_addresses_ipv4[key],
         null
       )
-      ipv6_address_vpn = try(
+      "ipv6_address_vpn" = try(
-        local.tailscale_host_addresses_separated["${key}:ipv6"].address,
+        local.tailscale_host_addresses_ipv6[key],
         null
       )
     }

modules/infrastructure/ovh.tf

@@ -23,13 +23,23 @@ locals {
     }
   ]...)
 
-  tailscale_host_addresses_separated = merge([
+  tailscale_host_addresses_ipv4 = merge([
-    for host in data.tailscale_devices.nodes.devices : {
+    for host, _ in var.hosts : {
-      for address in host.addresses :
+      "${host}" = [
-        "${host.hostname}:${strcontains(address, ":") ? "ipv6" : "ipv4"}" => {
+        for address in data.tailscale_device.nodes[host].addresses :
-          hostname = host.hostname
+          address
-          address  = address
+          if !strcontains(address, ":")
-        }
+      ][0]
+    }
+  ]...)
+
+  tailscale_host_addresses_ipv6 = merge([
+    for host, _ in var.hosts : {
+      "${host}" = [
+        for address in data.tailscale_device.nodes[host].addresses :
+          address
+          if strcontains(address, ":")
+      ][0]
     }
   ]...)
 }
@@ -43,13 +53,22 @@ resource "ovh_domain_zone_record" "server_records" {
   target    = each.value.address
 }
 
-resource "ovh_domain_zone_record" "tailscale_vpn" {
+resource "ovh_domain_zone_record" "tailscale_vpn_ipv4" {
-  for_each  = local.tailscale_host_addresses_separated
+  for_each  = local.tailscale_host_addresses_ipv4
   zone      = "serguzim.net"
-  subdomain = "${each.value.hostname}.vpn"
+  subdomain = "${each.key}.vpn"
-  fieldtype = strcontains(each.value.address, ":") ? "AAAA" : "A"
+  fieldtype = "A"
   ttl       = 600
-  target    = each.value.address
+  target    = each.value
+}
+
+resource "ovh_domain_zone_record" "tailscale_vpn_ipv6" {
+  for_each  = local.tailscale_host_addresses_ipv6
+  zone      = "serguzim.net"
+  subdomain = "${each.key}.vpn"
+  fieldtype = "AAAA"
+  ttl       = 600
+  target    = each.value
 }
 
 resource "ovh_domain_zone_record" "gpg_verify" {

modules/infrastructure/tailscale.tf

@@ -6,12 +6,15 @@ resource "tailscale_tailnet_key" "cloud_init_key" {
   description   = "Cloud-init key used by opentofu"
 }
 
-data "tailscale_devices" "nodes" {
+resource "time_sleep" "wait_for_hosts" {
-  name_prefix = "node"
+  for_each = var.hosts
+  depends_on = [hcloud_server.nodes]
+  create_duration = "60s"
 }
 
-locals {
+data "tailscale_device" "nodes" {
-  tailscale_devices = {
+  for_each = var.hosts
-    for host in data.tailscale_devices.nodes.devices : host.hostname => host
+  depends_on = [time_sleep.wait_for_hosts]
-  }
+  hostname = each.value.hostname
+  wait_for = "60s"
 }

playbooks/roles/software/tasks/docker.yml

@@ -43,6 +43,9 @@
     append: true
   become: true
 
+- name: Reset ssh connection to allow user changes to take effect
+  ansible.builtin.meta: reset_connection
+
 - name: Apply docker daemon config
   ansible.builtin.copy:
     src: docker-daemon.json
@@ -51,14 +54,14 @@
     owner: root
     group: root
   become: true
-  register: docker_config_result
+  register: software_docker_config_result
 
 - name: Restart docker service
   ansible.builtin.systemd_service:
     state: restarted
     name: docker
   become: true
-  when: docker_config_result.changed # noqa: no-handler TODO can we add a handler here?
+  when: software_docker_config_result.changed # noqa: no-handler TODO can we add a handler here?
 
 - name: Create a network
   community.docker.docker_network: