+title: infra

+begin_quote

a Flux + Terraform infrastructure repo

+end_quote

• Todo

• [x] add Flux for sharing-io repo

• [x] get talosconfig

• [ ] access Kubernetes APIServer

• [ ] verify Ceph disk allocation

• Prerequisites

Install OpenTofu

+begin_src shell

brew install opentofu

+end_src

• Usage

vars:

• rfc2136_server
• rfc2136_tsig_keyname
• rfc2136_tsig_key
• equinix_metal_project_id
• equinix_metal_auth_token (DO NOT WRITE THIS DISK)

keep in values.tfvars (as HCL); example:

+begin_src hcl :tangle ./values-example.tfvars

rfc2136_server = "123.253.176.253" rfc2136_tsig_keyname = "sharing.io." rfc2136_tsig_key = "[VALUE HERE]" equinix_metal_project_id = "82b5c425-8dd4-429e-ae0d-d32f265c63e4"

+end_src

init

+begin_src tmux

tofu init -var-file=./values.tfvars -var equinix_metal_auth_token=$METAL_AUTH_TOKEN -var github_token="$(gh auth token)" --upgrade

+end_src

plan

+begin_src tmux

tofu plan -var-file=./values.tfvars -var equinix_metal_auth_token=$METAL_AUTH_TOKEN -var github_token="$(gh auth token)"

+end_src

apply

+begin_src tmux

tofu apply -var-file=./values.tfvars -var equinix_metal_auth_token=$METAL_AUTH_TOKEN -var github_token="$(gh auth token)"

+end_src

get talosconfig

+begin_src tmux

CLUSTER_NAME=sharing-io tofu output -raw "$CLUSTER_NAME"-talosconfig > ~/.talos/config-"$CLUSTER_NAME"

+end_src

get kubeconfig

+begin_src tmux

CLUSTER_NAME=sharing-io tofu output -raw "$CLUSTER_NAME"-kubeconfig > ~/.kube/config-"$CLUSTER_NAME"

+end_src

• Flux usage

force a reconciliation

+begin_src shell :results silent

flux --kubeconfig ~/.kube/config-sharing-io reconcile source git flux-system

+end_src

• Force tear down

+begin_src tmux

tofu state list | grep -E 'talos|flux' | xargs -I{} tofu state rm {} tofu destroy -var-file=./values.tfvars -var equinix_metal_auth_token=$METAL_AUTH_TOKEN -var github_token="$(gh auth token)"

+end_src

• Notes

• Equinix Metal Cloud Provider 401 error regarding IP allocation and assigning