From 1da97ad8673f387fdaab8f25ba8d05ba8abcffc7 Mon Sep 17 00:00:00 2001 From: Bernd Worsch Date: Sun, 14 Sep 2025 01:20:54 +0000 Subject: [PATCH] build: first successfull plan, apply, destroy of server --- Makefile | 17 +++++++++-------- inventory/servers.yaml | 9 --------- scripts/new_host.py | 4 ++-- 3 files changed, 11 insertions(+), 19 deletions(-) diff --git a/Makefile b/Makefile index a16b3d5..afcfae0 100644 --- a/Makefile +++ b/Makefile @@ -8,14 +8,14 @@ OWNER ?= coulomb REPO ?= railiance-hosts # New-host defaults (can be overridden: make new-host NAME=... TYPE=...) -TYPE ?= cpx21 +TYPE ?= cpx11 REGION ?= nbg1 -ROLE ?= generic +ROLE ?= core IMG ?= ubuntu-24.04 USER ?= admin # Decrypt Hetzner token at runtime (requires SOPS_AGE_KEY or keys.txt locally) -HCLOUD_TOKEN := $(shell sops -d --extract '["hetzner"]["token"]' secrets/hetzner-token.sops.yaml 2>/dev/null) +HCLOUD_TOKEN := $(shell sops -d --extract '["hetzner"]["token"]' secrets/hetzner-token.yaml 2>/dev/null) # ---- Help ---- help: ## Show this help @@ -77,19 +77,20 @@ tf-fmt: ## Terraform fmt tf-init: ## Terraform init @[ -n "$(HCLOUD_TOKEN)" ] || (echo "HCLOUD_TOKEN empty; export SOPS_AGE_KEY or set keys.txt & fill secrets.sops.yaml" && exit 1) - @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); @terraform -chdir=terraform/hetzner init + @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner init tf-plan: tf-init ## Terraform plan (requires decrypted HCLOUD_TOKEN) + @echo "🔍 Running terraform plan..." @[ -n "$(HCLOUD_TOKEN)" ] || (echo "HCLOUD_TOKEN empty; export SOPS_AGE_KEY or set keys.txt & fill secrets.sops.yaml" && exit 1) - @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner plan + @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner plan -var="hcloud_token=$(HCLOUD_TOKEN)" tf-apply: tf-init ## Terraform apply (provision) @[ -n "$(HCLOUD_TOKEN)" ] || (echo "HCLOUD_TOKEN empty; export SOPS_AGE_KEY or set keys.txt & fill secrets.sops.yaml" && exit 1) - @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner apply -auto-approve + @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner apply -auto-approve -var="hcloud_token=$(HCLOUD_TOKEN)" tf-destroy: tf-init ## Terraform destroy (tear down) @[ -n "$(HCLOUD_TOKEN)" ] || (echo "HCLOUD_TOKEN empty; export SOPS_AGE_KEY or set keys.txt & fill secrets.sops.yaml" && exit 1) - @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner destroy -auto-approve + @export HCLOUD_TOKEN=$(HCLOUD_TOKEN); terraform -chdir=terraform/hetzner destroy -auto-approve -var="hcloud_token=$(HCLOUD_TOKEN)" # ---- Ansible ---- ansible-bootstrap: ## Run base bootstrap play (users, ssh, ufw, sops-agent) @@ -117,7 +118,7 @@ doctor: ## Check tools and basic repo setup ' # ---- Inventory convenience ---- -new-host: ## Add a new host quickly: make new-host NAME=web-01 TYPE=cpx21 REGION=nbg1 ROLE=web +new-host: ## Add a new host quickly: make new-host NAME=core1 TYPE=cpx11 REGION=nbg1 ROLE=core @[ -n "$(NAME)" ] || (echo "Usage: make new-host NAME=... [TYPE=...] [REGION=...] [ROLE=...] [IMG=...] [USER=...]" && exit 1) @python3 scripts/new_host.py --name "$(NAME)" --type "$(TYPE)" --region "$(REGION)" --role "$(ROLE)" --image "$(IMG)" --user "$(USER)" @echo "✔ Added host $(NAME) to inventory/servers.yaml" diff --git a/inventory/servers.yaml b/inventory/servers.yaml index c13bac8..e69de29 100644 --- a/inventory/servers.yaml +++ b/inventory/servers.yaml @@ -1,9 +0,0 @@ -# Minimal server registry: add your desired hosts here. -servers: - - name: core-01 - labels: [core, wireguard, git] - role: "core" - region: "nbg1" - type: "cpx21" - image: "ubuntu-24.04" - ssh_user: "admin" diff --git a/scripts/new_host.py b/scripts/new_host.py index 5cf9b72..f0a7bfd 100644 --- a/scripts/new_host.py +++ b/scripts/new_host.py @@ -9,9 +9,9 @@ except Exception as e: def main(): p = argparse.ArgumentParser(description="Add a host to inventory/servers.yaml") p.add_argument("--name", required=True) - p.add_argument("--type", default="cpx21") + p.add_argument("--type", default="cpx11") p.add_argument("--region", default="nbg1") - p.add_argument("--role", default="generic") + p.add_argument("--role", default="test") p.add_argument("--image", default="ubuntu-24.04") p.add_argument("--user", default="admin") args = p.parse_args()