app/main.tf

terraform {
  required_providers {
    digitalocean = {
      source  = "digitalocean/digitalocean"
      version = "2.62.0"
    }
    ct = {
      source  = "poseidon/ct"
      version = "0.13.0"
    }
    null = {
      source  = "hashicorp/null"
      version = "3.2.4"
    }
    time = {
      source  = "hashicorp/time"
      version = "0.13.1"
    }
    cloudflare = {
      source = "cloudflare/cloudflare"
      version = "5.8.2"
    }
  }
}

variable "do_token" {
  description = "DigitalOcean token"
  type        = string
}

variable "cluster_name" {
  type        = string
  description = "Cluster name used as prefix for the machine names"
}

variable "ssh_keys" {
  type        = list(string)
  description = "SSH public keys for user 'core' (and to register on Digital Ocean for the first)"
}

variable "server_type" {
  type        = string
  default     = "s-1vcpu-1gb"
  description = "The server type to rent"
}

variable "datacenter" {
  type        = string
  description = "The region to deploy in"
}

variable "flatcar_stable_version" {
  type        = string
  description = "The Flatcar Stable release you want to use for the initial installation, e.g., 2605.12.0"
}

variable "cloudflare_zone_id" {
  type = string
  description = "Cloudflare zone ID"
}

variable "cloudflare_account_id" {
  type = string
  description = "Cloudflare account id"
}

variable "cloudflare_api_token" {
  type = string
  description = "Cloudflare api token"
}

variable "domain" {
  type = string
  description = "Root domain to use"
}

variable "subdomains" {
  type = list
  description = "Subdomains to setup"
}

provider "digitalocean" {
  token = var.do_token
}

provider "cloudflare" {
  api_token = var.cloudflare_api_token
}

resource "digitalocean_ssh_key" "first" {
  name       = var.cluster_name
  public_key = var.ssh_keys.0
}

resource "digitalocean_custom_image" "flatcar" {
  name    = "flatcar-stable-${var.flatcar_stable_version}"
  url     = "https://stable.release.flatcar-linux.net/amd64-usr/${var.flatcar_stable_version}/flatcar_production_digitalocean_image.bin.bz2"
  regions = [var.datacenter]
}

resource "digitalocean_reserved_ip" "machine" {
  region     = digitalocean_droplet.machine.region
}

resource "cloudflare_dns_record" "root" {
  zone_id = var.cloudflare_zone_id
  name    = "@"
  content   = digitalocean_reserved_ip.machine.ip_address
  type    = "A"
  proxied = false
  ttl = 300
}

resource "cloudflare_dns_record" "subdomains" {
  for_each  = toset(var.subdomains)
  zone_id = var.cloudflare_zone_id
  name    = each.key
  content   = var.domain
  type    = "CNAME"
  proxied = false
  ttl = 300
}

resource "digitalocean_volume" "machine" {
  region    = var.datacenter
  name      = "${var.cluster_name}"
  size                    = 60
  initial_filesystem_type = "ext4"
  initial_filesystem_label = "appstorage"
  description             = "persistent storage for docker apps"
}

resource "digitalocean_droplet" "machine" {
  name      = "${var.cluster_name}"
  image     = digitalocean_custom_image.flatcar.id
  region    = var.datacenter
  size      = var.server_type
  ssh_keys  = [digitalocean_ssh_key.first.fingerprint]
  user_data = file("flatcar/ignition.json")
  lifecycle {
    create_before_destroy = true
  }
}

resource "time_sleep" "wait_10_seconds" {
  create_duration = "10s"
}

resource "digitalocean_reserved_ip_assignment" "machine" {
  ip_address = digitalocean_reserved_ip.machine.ip_address
  droplet_id = digitalocean_droplet.machine.id
  # sometimes digital ocean throws an error for this resource
  # saying the droplet has a pending event so we delay a few seconds
  depends_on = [time_sleep.wait_10_seconds]
}

resource "digitalocean_volume_attachment" "machine" {
  droplet_id = digitalocean_droplet.machine.id
  volume_id  = digitalocean_volume.machine.id
}

output "domain-mappings" {
  value = {
    "${var.domain}" = digitalocean_reserved_ip.machine.ip_address
  }
}