Moved domain, persist docker volumes.

flatcar/app/lb/Caddyfile

@@ -1,5 +1,7 @@
-nassella.thintz.com {
+mycluster-mynode.nassella.cc {
   reverse_proxy http://wg-easy:80
+
   # tls internal
+  # x
   log
 }

flatcar/cl.yaml

@@ -7,12 +7,12 @@ passwd:
         - ""
 systemd:
   units:
-    - name: appstorage.mount
+    - name: var-lib-docker-volumes.mount
       enabled: true
       contents: |
         [Mount]
         What=/dev/disk/by-label/appstorage
-        Where=/appstorage
+        Where=/var/lib/docker/volumes
         Type=ext4
 
         [Install]

main.tf

@@ -12,6 +12,14 @@ terraform {
       source  = "hashicorp/null"
       version = "3.2.4"
     }
+    time = {
+      source  = "hashicorp/time"
+      version = "0.13.1"
+    }
+    cloudflare = {
+      source = "cloudflare/cloudflare"
+      version = "5.8.2"
+    }
   }
 }
 
@@ -51,10 +59,34 @@ variable "flatcar_stable_version" {
   description = "The Flatcar Stable release you want to use for the initial installation, e.g., 2605.12.0"
 }
 
+variable "cloudflare_zone_id" {
+  type = string
+  description = "Cloudflare zone ID"
+}
+
+variable "cloudflare_account_id" {
+  type = string
+  description = "Cloudflare account id"
+}
+
+variable "cloudflare_api_token" {
+  type = string
+  description = "Cloudflare api token"
+}
+
+variable "domain" {
+  type = string
+  description = "Root domain to use"
+}
+
 provider "digitalocean" {
   token = var.do_token
 }
 
+provider "cloudflare" {
+  api_token = var.cloudflare_api_token
+}
+
 resource "digitalocean_ssh_key" "first" {
   name       = var.cluster_name
   public_key = var.ssh_keys.0
@@ -71,6 +103,16 @@ resource "digitalocean_reserved_ip" "machine" {
   region     = digitalocean_droplet.machine[each.key].region
 }
 
+resource "cloudflare_dns_record" "machine" {
+  for_each  = toset(var.machines)
+  zone_id = var.cloudflare_zone_id
+  name    = "${var.cluster_name}-${each.key}"
+  content   = digitalocean_reserved_ip.machine[each.key].ip_address
+  type    = "A"
+  proxied = false
+  ttl = 300
+}
+
 resource "digitalocean_volume" "machine" {
   for_each  = toset(var.machines)
   region    = var.datacenter
@@ -95,10 +137,17 @@ resource "digitalocean_droplet" "machine" {
   }
 }
 
+resource "time_sleep" "wait_5_seconds" {
+  create_duration = "5s"
+}
+
 resource "digitalocean_reserved_ip_assignment" "machine" {
   for_each  = toset(var.machines)
   ip_address = digitalocean_reserved_ip.machine[each.key].ip_address
   droplet_id = digitalocean_droplet.machine[each.key].id
+  # sometimes digital ocean throws an error for this resource
+  # saying the droplet has a pending event so we delay a few seconds
+  depends_on = [time_sleep.wait_5_seconds]
 }
 
 resource "digitalocean_volume_attachment" "machine" {
@@ -116,16 +165,16 @@ resource "digitalocean_volume_attachment" "machine" {
 #   strict = true
 # }
 
-output "ip-addresses" {
+# output "ip-addresses" {
-  value = {
+#   value = {
-    for key in var.machines :
+#     for key in var.machines :
-    "${var.cluster_name}-${key}" => digitalocean_droplet.machine[key].ipv4_address
+#     "${var.cluster_name}-${key}" => digitalocean_droplet.machine[key].ipv4_address
-  }
+#   }
-}
+# }
 
-output "reserved-ip-addresses" {
+output "domain-mappings" {
   value = {
     for key in var.machines :
-    "${var.cluster_name}-${key}" => digitalocean_reserved_ip.machine[key].ip_address
+    "${var.cluster_name}-${key}.${var.domain}" => digitalocean_reserved_ip.machine[key].ip_address
   }
 }

template.tfvars

@@ -1,5 +1,11 @@
+domain = ""
+
 do_token = "" # token from "API" settings on DigitalOcean
 
+cloudflare_api_token = ""
+cloudflare_zone_id = ""
+cloudflare_account_id = ""
+
 cluster_name           = "mycluster"
 machines               = ["mynode"]
 datacenter             = "sfo3"