Initial neko project

2022-08-28 17:55:59 +01:00 · 2022-08-28 17:55:59 +01:00 · 7dec0f8ff3
commit 7dec0f8ff3
parent 4d3c74ab70
12 changed files with 213 additions and 0 deletions
--- a/hetzner/Projects/Development/neko/.terraform.lock.hcl
+++ b/hetzner/Projects/Development/neko/.terraform.lock.hcl
@ -0,0 +1,24 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 provider "registry.terraform.io/hetznercloud/hcloud" {
  version     = "1.35.1"
  constraints = "~> 1.35.1"
  hashes = [
    "h1:FgSVN8CkqWt+iHhTYPPVQgoltoO8FGI+quB0PZucfj4=",
    "zh:055161a3bec0b09db32b2488ac9036e46e7867c3319af182329157a1ff72ca00",
    "zh:08f0d5b31dfac682df21a3f193aac93522a05e83e8eca26c547d2baa2858238b",
    "zh:16d4c4a194d056947820680a116bf23227d4ee527d33831d7a7df52c5c0c3c4b",
    "zh:46b528a76968599e1a6c45d8264b86fe9602070a42fd2d2db32899b5161e44dc",
    "zh:502b16a56bb6780b86913ad3f4f573ae3f29f7a3d99335d7fd120c1b607537e8",
    "zh:5fa5114d101e9d7c1915b1f136cc2b48a83c9ace7c994545940f11ccabf1f036",
    "zh:6ac8ff28f145ef20c595faf81ff9c478be4d469cdd5b7aeaf2feefcc80a3dd36",
    "zh:8ced6aec0546784eea6a9e56082af3af5c9917459351ef2951a9742125d4aab9",
    "zh:927b0c39de0b368e52c7491859948082aaa84d877f0fed7ef483892c844875bf",
    "zh:9d9c0fb5e862e47d24cdb007afad0215ccff9da65cf8a6cfa66030e844f5403c",
    "zh:ae5475cae11806a93bb4adb3c87007ce9c0211d16c9c7a87ae5e9d58a68fcc0b",
    "zh:d01600e67abc7ce7c59bc8567b7a650bc5ce817723a354f401a803d421610641",
    "zh:f3487f1c49145b560fd19c8c681cb9eaaa85fc3700ea9b675f649f5f5d8b1e3c",
    "zh:f5257b83287156effecb0f43fe80b6cbcc02c89f35ceda1b845d4e3dcf757dca",
  ]
 }
--- a/hetzner/Projects/Development/neko/cloud-config.tpl
+++ b/hetzner/Projects/Development/neko/cloud-config.tpl
@ -0,0 +1,13 @@
 #cloud-config
 package_update: true
 package_upgrade: true
 packages:
  - vim
 runcmd:
  - curl -L https:// | bash
 final_message: "The system is finally up, after $UPTIME seconds"
--- a/hetzner/Projects/Development/neko/firewall.tf
+++ b/hetzner/Projects/Development/neko/firewall.tf
@ -0,0 +1,52 @@
 resource "hcloud_firewall" "firewall" {
  name = "${var.project_name}-fw"
  # ICMP
  rule {
    direction = "in"
    protocol  = "icmp"
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
  }
  # SSH
  rule {
    direction = "in"
    protocol  = "tcp"
    port      = 22
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
  }
  # HTTP
  rule {
    direction = "in"
    protocol  = "tcp"
    port      = 80
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
  }
  # HTTPS
  rule {
    direction = "in"
    protocol  = "tcp"
    port      = 443
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
  }
  # NEKO UDP
  rule {
    direction = "in"
    protocol  = "udp"
    port      = "59000-59100"
    source_ips = [
      "0.0.0.0/0",
      "::/0"
    ]
  }
 }
--- a/hetzner/Projects/Development/neko/install.sh
+++ b/hetzner/Projects/Development/neko/install.sh
@ -0,0 +1,36 @@
 # Install Docker
 curl -fsSL https://get.docker.com | sh
 # Install dependencies
 apt install wget curl apache2-utils docker-compose sed -y
 # Images to download
 NEKO_IMAGES=(m1k1o/neko:firefox m1k1o/neko:vlc)
 # Set environmental variables
 {
 echo "TZ=${TZ}"
 echo "NEKO_ROOMS_EPR=${NEKO_ROOMS_EPR}"
 echo "NEKO_ROOMS_TRAEFIK_DOMAIN=${NEKO_ROOMS_TRAEFIK_DOMAIN}"
 echo "NEKO_ROOMS_TRAEFIK_ENTRYPOINT=websecure"
 echo "NEKO_ROOMS_TRAEFIK_NETWORK=neko-rooms-traefik"
 echo "NEKO_ROOMS_TRAEFIK_CERTRESOLVER=lets-encrypt"
 echo "NEKO_ROOMS_NEKO_IMAGES=${NEKO_IMAGES[*]}"
 } > /neko/.env
 mkdir -p "/neko/config"
 touch /neko/usersfile
 htpasswd -nb admin admin >> /neko/usersfile
 wget -O "/neko/traefik.yml" "https://raw.githubusercontent.com/m1k1o/neko-rooms/master/traefik/traefik.yml"
 sed -i "s/yourname@example.com/${TRAEFIK_EMAIL}/g" "/neko/traefik.yml"
 wget -O "/neko/config/middlewares.yml" "https://raw.githubusercontent.com/m1k1o/neko-rooms/master/traefik/config/middlewares.yml"
 wget -O "/neko/config/routers.yml" "https://raw.githubusercontent.com/m1k1o/neko-rooms/master/traefik/config/routers.yml"
 wget -O "/neko/config/tls.yml" "https://raw.githubusercontent.com/m1k1o/neko-rooms/master/traefik/config/tls.yml"
 touch "/neko/acme.json"
 chmod 600 "/neko/acme.json"
 wget -O "/neko/docker-compose.yml" "https://raw.githubusercontent.com/m1k1o/neko-rooms/master/traefik/docker-compose.yml"
 # Pull neko images
 for NEKO_IMAGE in "${NEKO_IMAGES[@]}"; do
  docker pull "${NEKO_IMAGE}"
 done
--- a/hetzner/Projects/Development/neko/main.tf
+++ b/hetzner/Projects/Development/neko/main.tf
@ -0,0 +1,8 @@
 terraform {
  required_providers {
    hcloud = {
      source  = "hetznercloud/hcloud"
      version = "~> 1.35.1"
    }
  }
 }
--- a/hetzner/Projects/Development/neko/network.tf
+++ b/hetzner/Projects/Development/neko/network.tf
@ -0,0 +1,4 @@
 resource "hcloud_network" "network" {
  name     = "${var.project_name}-vnet"
  ip_range = "10.0.0.0/16"
 }
--- a/hetzner/Projects/Development/neko/outputs.tf
+++ b/hetzner/Projects/Development/neko/outputs.tf
@ -0,0 +1,7 @@
 output "public_ip" {
  value = hcloud_server.server.ipv4_address
 }
 output "private_ip" {
  value = hcloud_server_network.server_network.ip
 }
--- a/hetzner/Projects/Development/neko/provider.tf
+++ b/hetzner/Projects/Development/neko/provider.tf
@ -0,0 +1,8 @@
 # Set the variable value in *.tfvars file
 # or using the -var="hcloud_token=..." CLI option
 variable "hcloud_token" {}
 # Configure the Hetzner Cloud Provider
 provider "hcloud" {
  token = var.hcloud_token
 }
--- a/hetzner/Projects/Development/neko/server.tf
+++ b/hetzner/Projects/Development/neko/server.tf
@ -0,0 +1,18 @@
 resource "hcloud_server" "server" {
  name         = "${var.project_name}-vm"
  server_type  = var.server_type
  image        = var.image
  location     = var.location
  backups      = var.backups
  firewall_ids = [hcloud_firewall.firewall.id]
  labels       = local.labels
  ssh_keys     = [data.hcloud_ssh_key.ssh_key.id]
  user_data    = file("${path.module}/cloud-config.tpl")
  depends_on = [
    hcloud_network_subnet.network-subnet
  ]
 }
 data "hcloud_ssh_key" "ssh_key" {
  name = "dev-noble@noir"
 }
--- a/hetzner/Projects/Development/neko/server_network.tf
+++ b/hetzner/Projects/Development/neko/server_network.tf
@ -0,0 +1,5 @@
 resource "hcloud_server_network" "server_network" {
  server_id  = hcloud_server.server.id
  network_id = hcloud_network.network.id
  ip         = "10.0.1.5"
 }
--- a/hetzner/Projects/Development/neko/subnet.tf
+++ b/hetzner/Projects/Development/neko/subnet.tf
@ -0,0 +1,6 @@
 resource "hcloud_network_subnet" "network-subnet" {
  type         = "cloud"
  network_id   = hcloud_network.network.id
  network_zone = "eu-central"
  ip_range     = "10.0.1.0/24"
 }
--- a/hetzner/Projects/Development/neko/variables.tf
+++ b/hetzner/Projects/Development/neko/variables.tf
@ -0,0 +1,32 @@
 variable "project_name" {
  type    = string
  default = "neko"
 }
 variable "server_type" {
  type    = string
  default = "cx11"
 }
 variable "image" {
  type    = string
  default = "debian-11"
 }
 variable "location" {
  type    = string
  default = "nbg1"
 }
 variable "backups" {
  type    = bool
  default = false
 }
 locals {
  labels = {
    "Project"     = "${var.project_name}"
    "Owner"       = "Oscar"
    "Environment" = "Development"
  }
 }