From a00abcd884641f478feb15f2a884a4b95befeaf2 Mon Sep 17 00:00:00 2001
From: Johannes Rothe <mail@johannes-rothe.de>
Date: Wed, 16 Aug 2023 22:47:25 +0200
Subject: [PATCH] Add terraform root module and server group module

The server group module deploys a number of hetzner cloud servers which
are part of a private network.
---
 README.md                                     |  1 -
 terraform/.terraform.lock.hcl                 | 24 ++++++++++
 terraform/main.tf                             |  6 +++
 .../modules/private-server-group/main.tf      | 35 +++++++++++++++
 .../modules/private-server-group/outputs.tf   | 15 +++++++
 .../modules/private-server-group/variables.tf | 44 +++++++++++++++++++
 .../modules/private-server-group/versions.tf  |  8 ++++
 terraform/variables.tf                        | 20 +++++++++
 terraform/versions.tf                         |  9 ++++
 9 files changed, 161 insertions(+), 1 deletion(-)
 create mode 100644 terraform/.terraform.lock.hcl
 create mode 100644 terraform/main.tf
 create mode 100644 terraform/modules/private-server-group/main.tf
 create mode 100644 terraform/modules/private-server-group/outputs.tf
 create mode 100644 terraform/modules/private-server-group/variables.tf
 create mode 100644 terraform/modules/private-server-group/versions.tf
 create mode 100644 terraform/variables.tf
 create mode 100644 terraform/versions.tf

diff --git a/README.md b/README.md
index fc52407..2e22b79 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1 @@
 # hetzner-ha-wordpress
-
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
new file mode 100644
index 0000000..0724c3f
--- /dev/null
+++ b/terraform/.terraform.lock.hcl
@@ -0,0 +1,24 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hetznercloud/hcloud" {
+  version     = "1.42.1"
+  constraints = "1.42.1"
+  hashes = [
+    "h1:1AGk4CAeqdyF1D4vNyjarKSBoN2z+Y6ubUxzqiyc7qI=",
+    "zh:002e2e57c1425bb4cf620c6a80732ee071726d0d82d0523c5258dde3222113df",
+    "zh:03213d79fc2bcd94ac812ca22c1d1d6678132ab957d26a65c84ee52853059c02",
+    "zh:0785429efdb084cb4e5a0d899112764c21d2260391e82897d7e67c9e5deccc31",
+    "zh:12a5653b7a00f458b65b89b15d4517f785322ebb65b5a689fa8766042a09184c",
+    "zh:2dc7464290a623eb599cfbf731d13554448a7a824c2b1db16275f482d9059670",
+    "zh:35a7e19868a304d77ab192871ccaa45418c13a3aac301df8d9f57c1259913051",
+    "zh:368202d94a1104895c1d566e3f16edd55e05a09881fd4a20cd4854ca3593fee9",
+    "zh:431503e5055979aabf520675bb465496d934979c7a687e1cd3c8d2ae27bfa649",
+    "zh:45cede3c2147cfdc76d53853e07395c05b1feff8dca16a2f8f7f1fd151e2449f",
+    "zh:8b57869af18982af21f6f816e65e6057ec5055481b220147fdbe0959917ae112",
+    "zh:be9ba4813dcf640c0df04543a3c74b0db117fbd3dcc26140e252cf5157734945",
+    "zh:d3fb9ca398a153dc894caa94f95ef2e989350cf2bbfa29bc93ff2608cab44c1f",
+    "zh:fc690be8cbada1e99063ed1c6148f9a70ab341100a97ad2886f4826a951780d3",
+    "zh:ffa9470e41fa04ac667d4d830987aeed2070767d57f2414692c2dd395a405fba",
+  ]
+}
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 0000000..49d05c9
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,6 @@
+module "private_server_group" {
+  source       = "./modules/private-server-group"
+  location     = var.location
+  network_zone = var.network_zone
+  server_count = var.server_count
+}
diff --git a/terraform/modules/private-server-group/main.tf b/terraform/modules/private-server-group/main.tf
new file mode 100644
index 0000000..c11756a
--- /dev/null
+++ b/terraform/modules/private-server-group/main.tf
@@ -0,0 +1,35 @@
+resource "hcloud_server" "private_node" {
+  count       = var.server_count
+  name        = "web${count.index + 1}"
+  image       = var.server_image
+  server_type = var.server_type
+  location    = var.location
+  labels = {
+    app = "web"
+  }
+
+  public_net {
+    ipv4_enabled = false
+    ipv6_enabled = false
+  }
+
+  network {
+    network_id = hcloud_network.main.id
+    ip         = cidrhost(hcloud_network_subnet.main.ip_range, count.index + 2)
+  }
+  depends_on = [
+    hcloud_network_subnet.main
+  ]
+}
+
+resource "hcloud_network" "main" {
+  name     = "main"
+  ip_range = var.network_ip_range
+}
+
+resource "hcloud_network_subnet" "main" {
+  network_id   = hcloud_network.main.id
+  type         = "cloud"
+  network_zone = var.network_zone
+  ip_range     = var.server_subnetwork_ip_range
+}
diff --git a/terraform/modules/private-server-group/outputs.tf b/terraform/modules/private-server-group/outputs.tf
new file mode 100644
index 0000000..df32390
--- /dev/null
+++ b/terraform/modules/private-server-group/outputs.tf
@@ -0,0 +1,15 @@
+output "network_id" {
+  value = resource.hcloud_network.main.id
+}
+
+output "subnetwork_id" {
+  value = resource.hcloud_network_subnet.main.id
+}
+
+output "server_name" {
+  value = hcloud_server.private_node[*].name
+}
+
+output "server_network" {
+  value = hcloud_server.private_node[*].network
+}
diff --git a/terraform/modules/private-server-group/variables.tf b/terraform/modules/private-server-group/variables.tf
new file mode 100644
index 0000000..f665fb4
--- /dev/null
+++ b/terraform/modules/private-server-group/variables.tf
@@ -0,0 +1,44 @@
+variable "server_count" {
+  description = "The number of servers to create"
+  type        = number
+}
+
+variable "server_image" {
+  description = "ID or name of the Image the Server is created from"
+  type        = string
+  default     = "ubuntu-22.04"
+}
+
+variable "server_type" {
+  description = "ID or name of the Server type this Server should be created with"
+  type        = string
+  default     = "cx21"
+}
+
+variable "location" {
+  description = <<-EOT
+    Location of the infrastructure. Needs to be aligned with network zone.
+    For more information visit https://docs.hetzner.com/cloud/general/locations/
+  EOT
+  type        = string
+}
+
+variable "network_zone" {
+  description = <<-EOT
+    Name of the network zone. Needs to be aligned with server location.
+    For more information visit https://docs.hetzner.com/cloud/general/locations/
+  EOT
+  type        = string
+}
+
+variable "network_ip_range" {
+  description = "IP range of the main network"
+  type        = string
+  default     = "10.0.0.0/8"
+}
+
+variable "server_subnetwork_ip_range" {
+  description = "Subnetwork IP range of the servers"
+  type        = string
+  default     = "10.0.0.0/24"
+}
diff --git a/terraform/modules/private-server-group/versions.tf b/terraform/modules/private-server-group/versions.tf
new file mode 100644
index 0000000..991eeea
--- /dev/null
+++ b/terraform/modules/private-server-group/versions.tf
@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    hcloud = {
+      source  = "hetznercloud/hcloud"
+      version = "1.42.1"
+    }
+  }
+}
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 0000000..5cafb38
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,20 @@
+variable "location" {
+  description = <<-EOT
+    Location of the infrastructure. Needs to be aligned with network zone.
+    For more information visit https://docs.hetzner.com/cloud/general/locations/
+  EOT
+  type        = string
+}
+
+variable "network_zone" {
+  description = <<-EOT
+    Name of the network zone. Needs to be aligned with server location.
+    For more information visit https://docs.hetzner.com/cloud/general/locations/
+  EOT
+  type        = string
+}
+
+variable "server_count" {
+  description = "The number of servers to create"
+  type        = number
+}
diff --git a/terraform/versions.tf b/terraform/versions.tf
new file mode 100644
index 0000000..b1ef941
--- /dev/null
+++ b/terraform/versions.tf
@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.5"
+  required_providers {
+    hcloud = {
+      source  = "hetznercloud/hcloud"
+      version = "~> 1.42.1"
+    }
+  }
+}