2023-02-26 12:52:08 +00:00
|
|
|
from app.models.cloud import CloudProvider
|
2022-03-10 14:26:22 +00:00
|
|
|
from app.terraform.bridge import BridgeAutomation
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class BridgeHcloudAutomation(BridgeAutomation):
|
|
|
|
|
short_name = "bridge_hcloud"
|
2022-05-08 17:20:04 +01:00
|
|
|
description = "Deploy Tor bridges on Hetzner Cloud"
|
2023-02-26 12:52:08 +00:00
|
|
|
provider = CloudProvider.HCLOUD
|
2022-03-10 14:26:22 +00:00
|
|
|
|
|
|
|
|
template_parameters = [
|
2023-02-26 12:52:08 +00:00
|
|
|
"ssh_private_key_path",
|
|
|
|
|
"ssh_public_key_path"
|
2022-03-10 14:26:22 +00:00
|
|
|
]
|
|
|
|
|
|
|
|
|
|
template = """
|
|
|
|
|
terraform {
|
2022-08-30 10:05:12 +01:00
|
|
|
{{ backend_config }}
|
2022-03-10 14:26:22 +00:00
|
|
|
required_providers {
|
|
|
|
|
random = {
|
|
|
|
|
source = "hashicorp/random"
|
|
|
|
|
version = "3.1.0"
|
|
|
|
|
}
|
|
|
|
|
hcloud = {
|
|
|
|
|
source = "hetznercloud/hcloud"
|
|
|
|
|
version = "1.31.1"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-26 12:52:08 +00:00
|
|
|
locals {
|
|
|
|
|
ssh_private_key = "{{ ssh_private_key_path }}"
|
2022-03-10 14:26:22 +00:00
|
|
|
}
|
|
|
|
|
|
2023-02-26 12:52:08 +00:00
|
|
|
{% for resource in destroyed_resources %}
|
|
|
|
|
{% set bridge, bridgeconf, account = resource %}
|
|
|
|
|
provider "hcloud" {
|
|
|
|
|
token = "{{ account.credentials["hcloud_token"] }}"
|
|
|
|
|
alias = "account_{{ bridge.id }}"
|
2022-05-14 14:43:30 +01:00
|
|
|
}
|
2023-02-26 12:52:08 +00:00
|
|
|
{% endfor %}
|
2022-05-14 14:43:30 +01:00
|
|
|
|
2023-02-26 12:52:08 +00:00
|
|
|
{% for resource in active_resources %}
|
|
|
|
|
{% set bridge, bridgeconf, account = resource %}
|
|
|
|
|
provider "hcloud" {
|
|
|
|
|
token = "{{ account.credentials["hcloud_token"] }}"
|
|
|
|
|
alias = "account_{{ bridge.id }}"
|
2022-03-10 14:26:22 +00:00
|
|
|
}
|
|
|
|
|
|
2023-02-26 12:52:08 +00:00
|
|
|
data "hcloud_datacenters" "ds_{{ bridge.id }}" {
|
|
|
|
|
provider = hcloud.account_{{ bridge.id }}
|
2022-03-10 14:26:22 +00:00
|
|
|
}
|
|
|
|
|
|
2024-11-09 13:07:08 +00:00
|
|
|
data "hcloud_server_type" "cx22_{{ bridge.id }}" {
|
2023-02-26 12:52:08 +00:00
|
|
|
provider = hcloud.account_{{ bridge.id }}
|
2024-11-09 13:07:08 +00:00
|
|
|
name = "cx22"
|
2022-03-10 14:26:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "random_shuffle" "datacenter_{{ bridge.id }}" {
|
2024-11-09 13:07:08 +00:00
|
|
|
input = [for s in data.hcloud_datacenters.ds_{{ bridge.id }}.datacenters : s.name if contains(s.available_server_type_ids, data.hcloud_server_type.cx22_{{ bridge.id }}.id)]
|
2022-03-10 14:26:22 +00:00
|
|
|
result_count = 1
|
|
|
|
|
|
|
|
|
|
lifecycle {
|
|
|
|
|
ignore_changes = [input] # don't replace all the bridges if a new DC appears
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module "bridge_{{ bridge.id }}" {
|
2023-02-26 12:52:08 +00:00
|
|
|
providers = {
|
|
|
|
|
hcloud = hcloud.account_{{ bridge.id }}
|
|
|
|
|
}
|
2022-08-30 10:24:58 +01:00
|
|
|
source = "{{ terraform_modules_path }}/terraform-hcloud-tor-bridge"
|
2022-03-10 14:26:22 +00:00
|
|
|
datacenter = one(random_shuffle.datacenter_{{ bridge.id }}.result)
|
2023-02-26 12:52:08 +00:00
|
|
|
namespace = "{{ global_namespace }}"
|
|
|
|
|
name = "bridge"
|
2022-03-10 14:26:22 +00:00
|
|
|
attributes = ["{{ bridge.id }}"]
|
2022-05-14 14:43:30 +01:00
|
|
|
ssh_private_key = local.ssh_private_key
|
2023-02-26 12:52:08 +00:00
|
|
|
contact_info = "this used to be sanitised and I did not write the code to populate it yet"
|
|
|
|
|
distribution_method = "{{ bridgeconf.method }}"
|
2022-03-10 14:26:22 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
output "bridge_hashed_fingerprint_{{ bridge.id }}" {
|
|
|
|
|
value = module.bridge_{{ bridge.id }}.hashed_fingerprint
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
output "bridge_bridgeline_{{ bridge.id }}" {
|
|
|
|
|
value = module.bridge_{{ bridge.id }}.bridgeline
|
|
|
|
|
sensitive = true
|
|
|
|
|
}
|
|
|
|
|
{% endfor %}
|
|
|
|
|
"""
|
