diff --git a/infrastructure/hcloud-csi/kustomization.yaml b/infrastructure/hcloud-csi/kustomization.yaml
deleted file mode 100644
index 5b22c7424696fba7073e24bfd0eb44c3caac63ea..0000000000000000000000000000000000000000
--- a/infrastructure/hcloud-csi/kustomization.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-resources:
-- https://git.shivering-isles.com/github-mirror/hetznercloud/csi-driver/-/raw/v1.6.0/deploy/kubernetes/hcloud-csi.yml
-#patchesJson6902:
-#- target:
-# group: "storage.k8s.io"
-# version: v1
-# kind: StorageClass
-# name: hcloud-volumes
-# path: remove-default-annotation.yaml
diff --git a/infrastructure/hcloud-csi/remove-default-annotation.yaml b/infrastructure/hcloud-csi/remove-default-annotation.yaml
deleted file mode 100644
index 1122e8e5ebd693e296fecfc922a67669329093ad..0000000000000000000000000000000000000000
--- a/infrastructure/hcloud-csi/remove-default-annotation.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-- op: remove
- path: metadata/annotations
diff --git a/infrastructure/rook/kustomization.yaml b/infrastructure/rook/kustomization.yaml
deleted file mode 100644
index 5f6a24dee756b5ab9bc9d0797deb893e076ce5e1..0000000000000000000000000000000000000000
--- a/infrastructure/rook/kustomization.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: kustomize.config.k8s.io/v1beta1
-kind: Kustomization
-namespace: rook-ceph
-resources:
- - namespace.yaml
- - repository.yaml
- - release.yaml
diff --git a/infrastructure/rook/namespace.yaml b/infrastructure/rook/namespace.yaml
deleted file mode 100644
index c4ddccc6ba4aeba61a2a67421c60664b535d2a92..0000000000000000000000000000000000000000
--- a/infrastructure/rook/namespace.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
- name: rook-ceph
- labels:
- name: rook-ceph
- kyverno.shivering-isles.com/class: "system"
diff --git a/infrastructure/rook/release.yaml b/infrastructure/rook/release.yaml
deleted file mode 100644
index ecefcc4d0a0bcbae1753fa59f324f7a51649d3e5..0000000000000000000000000000000000000000
--- a/infrastructure/rook/release.yaml
+++ /dev/null
@@ -1,198 +0,0 @@
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
- name: rook-operator
- namespace: rook-ceph
-spec:
- releaseName: rook-ceph
- chart:
- spec:
- chart: rook-ceph
- sourceRef:
- kind: HelmRepository
- name: rook-release
- version: v1.7.1
- interval: 5m
- values:
- hostpathRequiresPrivileged: true
----
-apiVersion: helm.toolkit.fluxcd.io/v2beta1
-kind: HelmRelease
-metadata:
- name: rook-ceph-cluster
- namespace: rook-ceph
-spec:
- releaseName: rook-ceph-cluster
- chart:
- spec:
- chart: rook-ceph-cluster
- sourceRef:
- kind: HelmRepository
- name: rook-release
- version: v1.7.1
- dependsOn:
- - name: rook-operator
- interval: 5m
- values:
- cephClusterSpec:
- dataDirHostPath: /var/lib/rook
- mon:
- # Set the number of mons to be started. Must be an odd number, and is generally recommended to be 3.
- count: 3
- # The mons should be on unique nodes. For production, at least 3 nodes are recommended for this reason.
- # Mons should only be allowed on the same node for test environments where data loss is acceptable.
- allowMultiplePerNode: false
- # A volume claim template can be specified in which case new monitors (and
- # monitors created during fail over) will construct a PVC based on the
- # template for the monitor's primary storage. Changes to the template do not
- # affect existing monitors. Log data is stored on the HostPath under
- # dataDirHostPath. If no storage requirement is specified, a default storage
- # size appropriate for monitor data will be used.
- volumeClaimTemplate:
- spec:
- storageClassName: hcloud-volumes
- resources:
- requests:
- storage: 10Gi
- skipUpgradeChecks: false
- continueUpgradeAfterChecksEvenIfNotHealthy: false
- mgr:
- count: 1
- modules:
- - name: pg_autoscaler
- enabled: true
- dashboard:
- enabled: false
- crashCollector:
- disable: true
- storage:
- storageClassDeviceSets:
- - name: set1
- # The number of OSDs to create from this device set
- count: 3
- # IMPORTANT: If volumes specified by the storageClassName are not portable across nodes
- # this needs to be set to false. For example, if using the local storage provisioner
- # this should be false.
- portable: true
- # Certain storage class in the Cloud are slow
- # Rook can configure the OSD running on PVC to accommodate that by tuning some of the Ceph internal
- # Currently, "gp2" has been identified as such
- tuneDeviceClass: true
- # Certain storage class in the Cloud are fast
- # Rook can configure the OSD running on PVC to accommodate that by tuning some of the Ceph internal
- # Currently, "managed-premium" has been identified as such
- tuneFastDeviceClass: false
- # whether to encrypt the deviceSet or not
- encrypted: true
- # Since the OSDs could end up on any node, an effort needs to be made to spread the OSDs
- # across nodes as much as possible. Unfortunately the pod anti-affinity breaks down
- # as soon as you have more than one OSD per node. The topology spread constraints will
- # give us an even spread on K8s 1.18 or newer.
- placement:
- topologySpreadConstraints:
- - maxSkew: 1
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: ScheduleAnyway
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - rook-ceph-osd
- preparePlacement:
- podAntiAffinity:
- preferredDuringSchedulingIgnoredDuringExecution:
- - weight: 100
- podAffinityTerm:
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - rook-ceph-osd
- - key: app
- operator: In
- values:
- - rook-ceph-osd-prepare
- topologyKey: kubernetes.io/hostname
- topologySpreadConstraints:
- - maxSkew: 1
- # IMPORTANT: If you don't have zone labels, change this to another key such as kubernetes.io/hostname
- topologyKey: kubernetes.io/hostname
- whenUnsatisfiable: DoNotSchedule
- labelSelector:
- matchExpressions:
- - key: app
- operator: In
- values:
- - rook-ceph-osd-prepare
- resources:
- # These are the OSD daemon limits. For OSD prepare limits, see the separate section below for "prepareosd" resources
- # limits:
- # cpu: "500m"
- # memory: "4Gi"
- # requests:
- # cpu: "500m"
- # memory: "4Gi"
- volumeClaimTemplates:
- - metadata:
- name: data
- spec:
- resources:
- requests:
- storage: 14Gi
- # IMPORTANT: Change the storage class depending on your environment (e.g. local-storage, gp2)
- storageClassName: hcloud-volumes
- volumeMode: Block
- accessModes:
- - ReadWriteOnce
- disruptionManagement:
- managePodBudgets: true
- osdMaintenanceTimeout: 30
- pgHealthCheckTimeout: 0
- cephBlockPools:
- - name: ceph-blockpool
- # see https://github.com/rook/rook/blob/master/Documentation/ceph-pool-crd.md#spec for available configuration
- spec:
- failureDomain: host
- replicated:
- size: 2
- storageClass:
- enabled: true
- name: ceph-block
- isDefault: true
- reclaimPolicy: Delete
- allowVolumeExpansion: true
- # see https://github.com/rook/rook/blob/master/Documentation/ceph-block.md#provision-storage for available configuration
- parameters:
- # (optional) mapOptions is a comma-separated list of map options.
- # For krbd options refer
- # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
- # For nbd options refer
- # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
- # mapOptions: lock_on_read,queue_depth=1024
-
- # (optional) unmapOptions is a comma-separated list of unmap options.
- # For krbd options refer
- # https://docs.ceph.com/docs/master/man/8/rbd/#kernel-rbd-krbd-options
- # For nbd options refer
- # https://docs.ceph.com/docs/master/man/8/rbd-nbd/#options
- # unmapOptions: force
-
- # RBD image format. Defaults to "2".
- imageFormat: "2"
- # RBD image features. Available for imageFormat: "2". CSI RBD currently supports only `layering` feature.
- imageFeatures: layering
- # The secrets contain Ceph admin credentials.
- csi.storage.k8s.io/provisioner-secret-name: rook-csi-rbd-provisioner
- csi.storage.k8s.io/provisioner-secret-namespace: rook-ceph
- csi.storage.k8s.io/controller-expand-secret-name: rook-csi-rbd-provisioner
- csi.storage.k8s.io/controller-expand-secret-namespace: rook-ceph
- csi.storage.k8s.io/node-stage-secret-name: rook-csi-rbd-node
- csi.storage.k8s.io/node-stage-secret-namespace: rook-ceph
- # Specify the filesystem type of the volume. If not specified, csi-provisioner
- # will set default as `ext4`. Note that `xfs` is not recommended due to potential deadlock
- # in hyperconverged settings where the volume is mounted on the same node as the osds.
- csi.storage.k8s.io/fstype: ext4
- cephObjectStores: []
- cephFileSystems: []
diff --git a/infrastructure/rook/repository.yaml b/infrastructure/rook/repository.yaml
deleted file mode 100644
index 81b7e3ee7cfe7fadbdc2f477b858626dce7c15d3..0000000000000000000000000000000000000000
--- a/infrastructure/rook/repository.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: source.toolkit.fluxcd.io/v1beta1
-kind: HelmRepository
-metadata:
- name: rook-release
-spec:
- interval: 30m
- url: https://charts.rook.io/release
diff --git a/terraform/.gitignore b/terraform/.gitignore
deleted file mode 100644
index 248419ce0fd6d013d5bd38cc2fb2ff56071fcb96..0000000000000000000000000000000000000000
--- a/terraform/.gitignore
+++ /dev/null
@@ -1,76 +0,0 @@
-
-# Created by https://www.toptal.com/developers/gitignore/api/terraform,vim,git
-# Edit at https://www.toptal.com/developers/gitignore?templates=terraform,vim,git
-
-### Git ###
-# Created by git for backups. To disable backups in Git:
-# $ git config --global mergetool.keepBackup false
-*.orig
-
-# Created by git when using merge tools for conflicts
-*.BACKUP.*
-*.BASE.*
-*.LOCAL.*
-*.REMOTE.*
-*_BACKUP_*.txt
-*_BASE_*.txt
-*_LOCAL_*.txt
-*_REMOTE_*.txt
-
-### Terraform ###
-# Local .terraform directories
-**/.terraform/*
-
-# .tfstate files
-*.tfstate
-*.tfstate.*
-
-# Crash log files
-crash.log
-
-# Exclude all .tfvars files, which are likely to contain sentitive data, such as
-# password, private keys, and other secrets. These should not be part of version
-# control as they are data points which are potentially sensitive and subject
-# to change depending on the environment.
-#
-*.tfvars
-
-# Ignore override files as they are usually used to override resources locally and so
-# are not checked in
-override.tf
-override.tf.json
-*_override.tf
-*_override.tf.json
-
-# Include override files you do wish to add to version control using negated pattern
-# !example_override.tf
-
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
-
-# Ignore CLI configuration files
-.terraformrc
-terraform.rc
-
-### Vim ###
-# Swap
-[._]*.s[a-v][a-z]
-!*.svg # comment out if you don't need vector files
-[._]*.sw[a-p]
-[._]s[a-rt-v][a-z]
-[._]ss[a-gi-z]
-[._]sw[a-p]
-
-# Session
-Session.vim
-Sessionx.vim
-
-# Temporary
-.netrwhist
-*~
-# Auto-generated tag files
-tags
-# Persistent undo
-[._]*.un~
-
-# End of https://www.toptal.com/developers/gitignore/api/terraform,vim,git
diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl
deleted file mode 100644
index 52777e74f8b1a1540abab21c552c25c5ef63e360..0000000000000000000000000000000000000000
--- a/terraform/.terraform.lock.hcl
+++ /dev/null
@@ -1,121 +0,0 @@
-# This file is maintained automatically by "terraform init".
-# Manual edits may be lost in future updates.
-
-provider "registry.terraform.io/cloudflare/cloudflare" {
- version = "3.1.0"
- constraints = "3.1.0"
- hashes = [
- "h1:H4eHyKAZuMizn1mY9HiJ2fFMHvLw0n64ZwtxoereZOI=",
- "zh:03b1e385aa7f5aa85cd002d688ec7ebf0a58862de5c7b5a9969e2669b1ba5071",
- "zh:043becbf9b37bf1616cd20c541b9a6a3e869a2c160c4a33b1ed0118a0847a1c5",
- "zh:0497eaff64e8598d1545e0efed5b1e8eb1a6418326d949fb60428ffd1b0bd05f",
- "zh:41f3fe35c8562ca2120d51c0a10932c1c85fae8084c447fc0fd7318674f0d36c",
- "zh:4c0794756d0bb194959f33ffb378fc795db1ccd2d4526fad0f00aae3f4cef4ec",
- "zh:5c94814960afd9f7c93f5396655255b7503bd5497c6fe6be759832b73225c7b3",
- "zh:71d6d24afb7015914e0bbfb94ef256f8bb9d60a0f9152577692fcfb8627c1ed0",
- "zh:780ec8088f3c385f3d673f28f8f0782cff2eec7a4e2cf21c676e5dcb6016b899",
- "zh:7bac9a9ec4f8db40f8d398fb6c9a9a2c2ccc83c46649d1b82133bf632d9de9ae",
- "zh:a2d7e593d6b03fda80f77ac89fe10c7403f8b52b352c43f044ca23910b43d49a",
- "zh:b6ac0c6720efa08bd4ece19096771f7676ae1194f1e7929ce33566146d3b6f6e",
- "zh:c6466acf245b6d816a1502eebf6f781ad779d13390aa8f14404c7fdb2dfe18d3",
- "zh:d6a1c7d4633975a8fbbf45775104824eeb04965eb8e7172fd0515ced6bc4e67b",
- "zh:f5d25cd665ecd24099bde35d2f5070593beae8a421cfa5044a38e1d8d5593644",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/http" {
- version = "2.1.0"
- constraints = "2.1.0"
- hashes = [
- "h1:HmUcHqc59VeHReHD2SEhnLVQPUKHKTipJ8Jxq67GiDU=",
- "zh:03d82dc0887d755b8406697b1d27506bc9f86f93b3e9b4d26e0679d96b802826",
- "zh:0704d02926393ddc0cfad0b87c3d51eafeeae5f9e27cc71e193c141079244a22",
- "zh:095ea350ea94973e043dad2394f10bca4a4bf41be775ba59d19961d39141d150",
- "zh:0b71ac44e87d6964ace82979fc3cbb09eb876ed8f954449481bcaa969ba29cb7",
- "zh:0e255a170db598bd1142c396cefc59712ad6d4e1b0e08a840356a371e7b73bc4",
- "zh:67c8091cfad226218c472c04881edf236db8f2dc149dc5ada878a1cd3c1de171",
- "zh:75df05e25d14b5101d4bc6624ac4a01bb17af0263c9e8a740e739f8938b86ee3",
- "zh:b4e36b2c4f33fdc44bf55fa1c9bb6864b5b77822f444bd56f0be7e9476674d0e",
- "zh:b9b36b01d2ec4771838743517bc5f24ea27976634987c6d5529ac4223e44365d",
- "zh:ca264a916e42e221fddb98d640148b12e42116046454b39ede99a77fc52f59f4",
- "zh:fe373b2fb2cc94777a91ecd7ac5372e699748c455f44f6ea27e494de9e5e6f92",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/local" {
- version = "1.4.0"
- constraints = "1.4.0"
- hashes = [
- "h1:P3mtBQSRp/KhVLJgwdHZRTWaYsT6A9nSwrmKrRZwsW8=",
- "zh:1b265fcfdce8cc3ccb51969c6d7a61531bf8a6e1218d95c1a74c40f25595c74b",
- "zh:2ea6d8c503a1119b80a273eacd187516347c00a54990c47d130235e2ad53d163",
- "zh:38bcc4a224d2c0745015564b0803a368b2bd08d1a3e349783bc4c09c68fde24b",
- "zh:3fada9c646bf57bcdd6844d7c30153407a2a8100811daa69fc0d674fb39a9d18",
- "zh:74ccb372e752188ba4ff1b1280222d6fd61bdf29dcf474edb8ea63178897912c",
- "zh:7a323f05ccd7caa1450301af1bb7cac25e2d6ac799eb581219c2c663e5d9ae3f",
- "zh:7ef13da7e8ae7129fae8a9c72845d52d4586db496359228ed435aeab2f44aea8",
- "zh:9df7edb284f5548918b839b18204c6a78ac33b4df070d4e4a5c264bb11152e9c",
- "zh:b062919beaca2e06fd3b333b700dae664828fe734479e51c2c28b8219286e0fc",
- "zh:ca9fe963f261236b3f3308f8b4979cdd95dd68281b00c1c18a6d17db07519ac8",
- "zh:e125e4a7d838e231a88e0efc1e727f5a1807db5c0cad5e1cbaf1b52c560b47c7",
- "zh:f3c3bbab3785f00433135538bdb697d516bc43f102c1b128a0c1419b172e88f6",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/random" {
- version = "3.1.0"
- hashes = [
- "h1:BZMEPucF+pbu9gsPk0G0BHx7YP04+tKdq2MrRDF1EDM=",
- "zh:2bbb3339f0643b5daa07480ef4397bd23a79963cc364cdfbb4e86354cb7725bc",
- "zh:3cd456047805bf639fbf2c761b1848880ea703a054f76db51852008b11008626",
- "zh:4f251b0eda5bb5e3dc26ea4400dba200018213654b69b4a5f96abee815b4f5ff",
- "zh:7011332745ea061e517fe1319bd6c75054a314155cb2c1199a5b01fe1889a7e2",
- "zh:738ed82858317ccc246691c8b85995bc125ac3b4143043219bd0437adc56c992",
- "zh:7dbe52fac7bb21227acd7529b487511c91f4107db9cc4414f50d04ffc3cab427",
- "zh:a3a9251fb15f93e4cfc1789800fc2d7414bbc18944ad4c5c98f466e6477c42bc",
- "zh:a543ec1a3a8c20635cf374110bd2f87c07374cf2c50617eee2c669b3ceeeaa9f",
- "zh:d9ab41d556a48bd7059f0810cf020500635bfc696c9fc3adab5ea8915c1d886b",
- "zh:d9e13427a7d011dbd654e591b0337e6074eef8c3b9bb11b2e39eaaf257044fd7",
- "zh:f7605bd1437752114baf601bdf6931debe6dc6bfe3006eb7e9bb9080931dca8a",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/template" {
- version = "2.2.0"
- constraints = "2.2.0"
- hashes = [
- "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
- "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
- "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
- "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
- "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
- "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
- "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
- "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
- "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
- "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
- "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
- ]
-}
-
-provider "registry.terraform.io/hetznercloud/hcloud" {
- version = "1.32.0"
- constraints = "1.32.0"
- hashes = [
- "h1:idi73hJM5FTNXAKoAyr1+oVcqNk5Jqmq0GM+sGU7FiM=",
- "zh:1957fda0a92ffe52bbfeb58aa21a2318eb63f4e1d312d86ebaf251e5a16f0c47",
- "zh:206ddebfed83cc6c6c8300d008ceca0312f73baf621c8fa50c043d758dbf3c8d",
- "zh:39aa1ff81a5e7f1e0b7e3283b7f8d3212f9ea03222d4835881537163f006d4a6",
- "zh:57db72b5b70a34340896c5cdc036d694b248ccfc561e44b47aa1902559f91023",
- "zh:610dd439f53c1825189ea999f606c989d88e4f60ce29a9466138cf3b321a105b",
- "zh:72c019addc1a899604d3f9b281d402cde8f7a0f69ce207f298ddf7576c15dccb",
- "zh:795b38ca4d54a1880a17dda45895861bb8780a257c1fa3a0d3b1ba5bbfbf1faa",
- "zh:7e53a1596a7872d2258f65554d89f3c38395b102810a3c8276de46a9ce79ad69",
- "zh:7ef56a5a4c8ad042f6a459b07a489049ec8a71de433a68f519599c2b4c1dc447",
- "zh:93a0755435536eeec2bf7ea00dc03642e64374b925ed118fbd0313c899c67878",
- "zh:955b83167abfcc0c7893b6e4554ace53583360ea5ffebb3ba61ece599ba9fb67",
- "zh:9dccc7e73718c9aa5a47ea85d21f137b8136eed1a42846d0a803cc134cca1ae0",
- "zh:b1007f8778997e2e2da78f074b96134eebb1c311ad287b9f6448d762d7ed2371",
- "zh:d04421aeadeab1ea9b6870cf93aad2c1be5796f1b7545a9e115c31045f0704cd",
- ]
-}
diff --git a/terraform/LICENSE b/terraform/LICENSE
deleted file mode 100644
index 18d3c977d57af2447a4d8793333f55102e8a10b1..0000000000000000000000000000000000000000
--- a/terraform/LICENSE
+++ /dev/null
@@ -1,10 +0,0 @@
-The MIT License (MIT)
-
-Copyright 2021 Christoph (Sheogorath) Kern
-Copyright 2021 Simon Lauger
-
-Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
diff --git a/terraform/Makefile b/terraform/Makefile
deleted file mode 100644
index 57ddf14f1afff872addc3262fa5dd44b98445b8f..0000000000000000000000000000000000000000
--- a/terraform/Makefile
+++ /dev/null
@@ -1,37 +0,0 @@
-.DEFAULT_GOAL := help
-
-TERRAFORM_PARAMETERS?=
-
-include ../utils/help.mk
-
-.PHONY: preflight
-preflight:
- # Checking tooling
- command -v terraform > /dev/null
- # Checking for required variables
- env | grep -Pe '^HCLOUD_TOKEN' > /dev/null
- env | grep -Pe '^CLOUDFLARE_EMAIL' > /dev/null
- env | grep -Pe '^CLOUDFLARE_API_KEY' > /dev/null
-
-.PHONY: init
-init: ## Initalize terraform
- terraform init
-
-.PHONY: test
-test:
- terraform fmt -check -recursive
- terraform validate
-
-.PHONY: plan
-plan: preflight init ## Run terraform plan (dry-run)
- terraform plan ${TERRAFORM_PARAMETERS}
-
-.PHONY: apply
-apply: preflight init ## Deploy the base infrastructure using terraform
- terraform apply ${TERRAFORM_PARAMETERS}
-
-.PHONY: destroy
-destroy: preflight init ## Tear down deployed the infrastructure
- terraform destroy ${TERRAFORM_PARAMETERS}
- # Cleanup remaining files
- rm -rf .terraform .terraform terraform.tfstate terraform.tfstate.backup terraform.tfstate.*.backup
diff --git a/terraform/README.md b/terraform/README.md
deleted file mode 100644
index 7054e9bd1f45d3b1af8753383d331015c76441ca..0000000000000000000000000000000000000000
--- a/terraform/README.md
+++ /dev/null
@@ -1,42 +0,0 @@
-SI-GitOps Terraform
-===
-
-This terraform definition is used to do the base deployment of cloud infrastructure for the future Kubernetes clusters.
-
-Preparation
----
-
-1. Create a Hetzner Cloud account
-2. Create a Project on Hetzner Cloud
-3. Upload your SSH key(s) to Hetzner Cloud
-4. Create an API key for Hetzner Cloud and export it to your shell environment using `export HCLOUD_TOKEN=<your token>`
-5. Create and API key for Cloudflare and export your email address used for Cloudflare using `export CLOUDFLARE_EMAIL=<your cloudflare email>` and the API token using `export CLOUDFLARE_API_TOKEN=<your cloudflare token>`
-6. Install terraform
-
-What does it do?
----
-
-It'll deploy:
-
-- 3 control plane nodes on Hetzner Cloud with respective DNS entries on Cloudflare
-- 1 load balancer on Hetzner Cloud with a respective DNS entry on Cloudflare for the API
-- Firewall rules for all nodes as well as specific ones for the control plane and ingress nodes
-- A placement group that should prevent all nodes from ending up on the same machine
-- All nodes will get the required tools installed and configurations prepared for the Kubernetes bootstrapping
-
-Why?
----
-
-Because.
-
-Deployment
----
-
-To deploy the infrastructure you can just use the `make`-CLI this project provides by running `make plan` to preview the project and `make apply` to deploy the project.
-
-Additional options
----
-
-In order to customise the terraform commands, one is able to pass `TERRAFORM_PARAMETERS` as variable to the make command, which will pass them to the terraform commands. This can be used like `TERRAFORM_PARAMETERS="-auto-approve"` in order to run the commands in a CI environment.
-
-You can also always run `make help` to get a help dialogue for all commands.
diff --git a/terraform/dns.tf b/terraform/dns.tf
deleted file mode 100644
index b12e03b15438b9ff9003611054258b0d2e0ed33c..0000000000000000000000000000000000000000
--- a/terraform/dns.tf
+++ /dev/null
@@ -1,49 +0,0 @@
-resource "cloudflare_record" "dns_a_api" {
- zone_id = var.dns_zone_id
- name = "api.${var.dns_domain}"
- value = hcloud_load_balancer.lb.ipv4
- type = "A"
- ttl = 300
-}
-
-resource "cloudflare_record" "dns_a_apps" {
- zone_id = var.dns_zone_id
- name = "apps.${var.dns_domain}"
- value = hcloud_load_balancer.lb.ipv4
- type = "A"
- ttl = 300
-}
-
-
-resource "cloudflare_record" "dns_a_apps_wildcard" {
- zone_id = var.dns_zone_id
- name = "*.apps.${var.dns_domain}"
- value = hcloud_load_balancer.lb.ipv4
- type = "A"
- ttl = 300
-}
-
-resource "cloudflare_record" "dns_aaaa_api" {
- zone_id = var.dns_zone_id
- name = "api.${var.dns_domain}"
- value = hcloud_load_balancer.lb.ipv6
- type = "AAAA"
- ttl = 300
-}
-
-resource "cloudflare_record" "dns_aaaa_apps" {
- zone_id = var.dns_zone_id
- name = "apps.${var.dns_domain}"
- value = hcloud_load_balancer.lb.ipv6
- type = "AAAA"
- ttl = 300
-}
-
-
-resource "cloudflare_record" "dns_aaaa_apps_wildcard" {
- zone_id = var.dns_zone_id
- name = "*.apps.${var.dns_domain}"
- value = hcloud_load_balancer.lb.ipv6
- type = "AAAA"
- ttl = 300
-}
diff --git a/terraform/firewall.tf b/terraform/firewall.tf
deleted file mode 100644
index ec4916515ca094f56b42e749c4b9d8a0d01b2ca2..0000000000000000000000000000000000000000
--- a/terraform/firewall.tf
+++ /dev/null
@@ -1,188 +0,0 @@
-resource "hcloud_firewall" "k8s-node" {
- name = "k8s-node"
- apply_to {
- label_selector = "k8s.io/node"
- }
-
- # ICMP is always a good idea
- #
- # Network reachability tests
- rule {
- description = "ICMP"
- direction = "in"
- protocol = "icmp"
- source_ips = [
- "0.0.0.0/0",
- "::/0"
- ]
- }
- rule {
- description = "cAdvisor"
- direction = "in"
- protocol = "tcp"
- port = "4194"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Kublet"
- direction = "in"
- protocol = "tcp"
- port = "10250"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "kube-proxy-metrics"
- direction = "in"
- protocol = "tcp"
- port = "10249"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Kubernetes NodePort"
- direction = "in"
- protocol = "tcp"
- port = "30000-32767"
- source_ips = [for s in concat([hcloud_load_balancer.lb.ipv4], module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Kubernetes NodePort"
- direction = "in"
- protocol = "udp"
- port = "30000-32767"
- source_ips = [for s in concat([hcloud_load_balancer.lb.ipv4], module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Calico BGP"
- direction = "in"
- protocol = "tcp"
- port = "179"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Calico VXLAN"
- direction = "in"
- protocol = "udp"
- port = "4789"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Calico Typha"
- direction = "in"
- protocol = "tcp"
- port = "5473"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Calico Wireguard"
- direction = "in"
- protocol = "udp"
- port = "51820"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- # Host level services, including the node exporter on ports 9100-9101.
- rule {
- description = "Host level services"
- direction = "in"
- protocol = "tcp"
- port = "9000-9999"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- # Host level services, including the node exporter on ports 9100-9101.
- rule {
- description = "Host level services"
- direction = "in"
- protocol = "udp"
- port = "9000-9999"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
-}
-
-
-resource "hcloud_firewall" "k8s-master" {
- name = "k8s-master"
- apply_to {
- label_selector = "k8s.io/controlplane"
- }
-
- # ICMP is always a good idea
- #
- # Network reachability tests
- rule {
- description = "ICMP"
- direction = "in"
- protocol = "icmp"
- source_ips = [
- "0.0.0.0/0",
- "::/0"
- ]
- }
- rule {
- description = "Kubernetes API"
- direction = "in"
- protocol = "tcp"
- port = "6443"
- source_ips = [for s in concat([hcloud_load_balancer.lb.ipv4], module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "etcd"
- direction = "in"
- protocol = "tcp"
- port = "2380-2381"
- source_ips = [for s in module.controllers.ipv4_addresses : "${s}/32"]
- }
- rule {
- description = "etcd-metrics"
- direction = "in"
- protocol = "tcp"
- port = "2379"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "kube-scheduler-metrics"
- direction = "in"
- protocol = "tcp"
- port = "10251"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "kube-controller-manager-metrics"
- direction = "in"
- protocol = "tcp"
- port = "10252"
- source_ips = [for s in concat(module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
-}
-
-resource "hcloud_firewall" "k8s-ingress" {
- name = "k8s-ingress"
- apply_to {
- label_selector = "k8s.io/ingress"
- }
-
- # ICMP is always a good idea
- #
- # Network reachability tests
- rule {
- description = "ICMP"
- direction = "in"
- protocol = "icmp"
- source_ips = [
- "0.0.0.0/0",
- "::/0"
- ]
- }
- rule {
- description = "Public HTTP"
- direction = "in"
- protocol = "tcp"
- port = "32080"
- source_ips = [for s in concat([hcloud_load_balancer.lb.ipv4], module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
- rule {
- description = "Public HTTPS"
- direction = "in"
- protocol = "tcp"
- port = "32443"
- source_ips = [for s in concat([hcloud_load_balancer.lb.ipv4], module.controllers.ipv4_addresses, module.workers.ipv4_addresses) : "${s}/32"]
- }
-}
diff --git a/terraform/loadbalancer.tf b/terraform/loadbalancer.tf
deleted file mode 100644
index 3ff60529b48f2dea71a1f3ac193d316a5ba06ba3..0000000000000000000000000000000000000000
--- a/terraform/loadbalancer.tf
+++ /dev/null
@@ -1,64 +0,0 @@
-resource "hcloud_load_balancer" "lb" {
- name = "lb01.${var.dns_domain}"
- load_balancer_type = "lb11"
- location = var.location
-}
-
-resource "hcloud_load_balancer_target" "lb_target_master" {
- type = "label_selector"
- load_balancer_id = hcloud_load_balancer.lb.id
- label_selector = "k8s.io/controlplane"
- use_private_ip = false
-}
-
-resource "hcloud_load_balancer_target" "lb_target_ingress" {
- type = "label_selector"
- load_balancer_id = hcloud_load_balancer.lb.id
- label_selector = "k8s.io/ingress"
- use_private_ip = false
-}
-
-resource "hcloud_load_balancer_service" "lb_api" {
- load_balancer_id = hcloud_load_balancer.lb.id
- protocol = "tcp"
- listen_port = 6443
- destination_port = 6443
-
- health_check {
- protocol = "tcp"
- port = 6443
- interval = 10
- timeout = 1
- retries = 3
- }
-}
-
-resource "hcloud_load_balancer_service" "lb_ingress_http" {
- load_balancer_id = hcloud_load_balancer.lb.id
- protocol = "tcp"
- listen_port = 80
- destination_port = 32080
-
- health_check {
- protocol = "tcp"
- port = 32080
- interval = 10
- timeout = 1
- retries = 3
- }
-}
-
-resource "hcloud_load_balancer_service" "lb_ingress_https" {
- load_balancer_id = hcloud_load_balancer.lb.id
- protocol = "tcp"
- listen_port = 443
- destination_port = 32443
-
- health_check {
- protocol = "tcp"
- port = 32443
- interval = 10
- timeout = 1
- retries = 3
- }
-}
diff --git a/terraform/main.tf b/terraform/main.tf
deleted file mode 100644
index 8570e34bb5f3ec9c87fc41b7a371e329c4cc19ff..0000000000000000000000000000000000000000
--- a/terraform/main.tf
+++ /dev/null
@@ -1,46 +0,0 @@
-resource "hcloud_placement_group" "k8s" {
- name = var.dns_domain
- type = "spread"
- labels = {
- "k8s.io/node" = "true"
- }
-}
-
-module "controllers" {
- source = "./modules/hcloud_instance"
- instance_count = var.replicas_nodes
- location = var.location
- name = "cp"
- dns_domain = var.dns_domain
- dns_zone_id = var.dns_zone_id
- image = var.image
- labels = {
- "k8s.io/node" = "true",
- "k8s.io/controlplane" = "true",
- "k8s.io/ingress" = "true",
- }
- placement_group_id = hcloud_placement_group.k8s.id
- ssh_keys = data.hcloud_ssh_keys.all_keys.ssh_keys.*.name
- server_type = "cx21"
- user_data = file("templates/cloud-init.tpl")
- enable_IPv6 = false
-}
-
-module "workers" {
- source = "./modules/hcloud_instance"
- instance_count = var.replicas_worker
- location = var.location
- name = "wk"
- dns_domain = var.dns_domain
- dns_zone_id = var.dns_zone_id
- image = var.image
- labels = {
- "k8s.io/node" = "true",
- "k8s.io/worker" = "true",
- "k8s.io/ingress" = "true",
- }
- placement_group_id = hcloud_placement_group.k8s.id
- ssh_keys = data.hcloud_ssh_keys.all_keys.ssh_keys.*.name
- server_type = "cx21-ceph"
- user_data = file("templates/cloud-init.tpl")
-}
diff --git a/terraform/modules/hcloud_instance/main.tf b/terraform/modules/hcloud_instance/main.tf
deleted file mode 100644
index 4d8b267af33c24f88a2ed87e84b06fb69804305d..0000000000000000000000000000000000000000
--- a/terraform/modules/hcloud_instance/main.tf
+++ /dev/null
@@ -1,48 +0,0 @@
-resource "hcloud_server" "server" {
- count = var.instance_count
- name = "${format("${var.name}%02d", count.index + 1)}.${var.dns_domain}"
- image = var.image
- server_type = var.server_type
- keep_disk = var.keep_disk
- ssh_keys = var.ssh_keys
- user_data = var.user_data
- location = var.location
- labels = var.labels
- backups = var.backups
- placement_group_id = var.placement_group_id
- lifecycle {
- ignore_changes = [user_data, image, firewall_ids]
- }
-}
-
-resource "cloudflare_record" "dns-a" {
- count = var.instance_count
- zone_id = var.dns_zone_id
- name = element(hcloud_server.server.*.name, count.index)
- value = element(hcloud_server.server.*.ipv4_address, count.index)
- type = "A"
- ttl = 120
-}
-
-resource "cloudflare_record" "dns-aaaa" {
- count = var.enable_IPv6 == true ? var.instance_count : 0
- zone_id = var.dns_zone_id
- name = element(hcloud_server.server.*.name, count.index)
- value = "${element(hcloud_server.server.*.ipv6_address, count.index)}1"
- type = "AAAA"
- ttl = 120
-}
-
-resource "hcloud_rdns" "dns-ptr-ipv4" {
- count = var.instance_count
- server_id = element(hcloud_server.server.*.id, count.index)
- ip_address = element(hcloud_server.server.*.ipv4_address, count.index)
- dns_ptr = element(hcloud_server.server.*.name, count.index)
-}
-
-resource "hcloud_rdns" "dns-ptr-ipv6" {
- count = var.enable_IPv6 == true ? var.instance_count : 0
- server_id = element(hcloud_server.server.*.id, count.index)
- ip_address = "${element(hcloud_server.server.*.ipv6_address, count.index)}1"
- dns_ptr = element(hcloud_server.server.*.name, count.index)
-}
diff --git a/terraform/modules/hcloud_instance/network.tf b/terraform/modules/hcloud_instance/network.tf
deleted file mode 100644
index 660d04a3683a06e480c3fdbbe83d448697ecb89a..0000000000000000000000000000000000000000
--- a/terraform/modules/hcloud_instance/network.tf
+++ /dev/null
@@ -1,5 +0,0 @@
-resource "hcloud_server_network" "server_network" {
- server_id = element(hcloud_server.server.*.id, count.index)
- subnet_id = var.subnet
- count = var.subnet != null ? length(hcloud_server.server.*.id) : 0
-}
diff --git a/terraform/modules/hcloud_instance/output.tf b/terraform/modules/hcloud_instance/output.tf
deleted file mode 100644
index e2ec52ef86167d37f4b2bdaf9332a2c01cbe89c4..0000000000000000000000000000000000000000
--- a/terraform/modules/hcloud_instance/output.tf
+++ /dev/null
@@ -1,19 +0,0 @@
-output "server_ids" {
- value = hcloud_server.server.*.id
-}
-
-output "server_names" {
- value = hcloud_server.server.*.name
-}
-
-output "internal_ipv4_addresses" {
- value = hcloud_server_network.server_network.*.ip
-}
-
-output "ipv4_addresses" {
- value = hcloud_server.server.*.ipv4_address
-}
-
-output "ipv6_addresses" {
- value = hcloud_server.server.*.ipv6_address
-}
diff --git a/terraform/modules/hcloud_instance/variables.tf b/terraform/modules/hcloud_instance/variables.tf
deleted file mode 100644
index 635ffd7e010a09074e96d1b72e3183d80892385b..0000000000000000000000000000000000000000
--- a/terraform/modules/hcloud_instance/variables.tf
+++ /dev/null
@@ -1,102 +0,0 @@
-variable "name" {
- type = string
- description = "Instance nam"
-}
-
-variable "dns_domain" {
- type = string
- description = "DNS domain"
-}
-
-variable "dns_zone_id" {
- description = "Zone ID"
- default = null
-}
-
-variable "dns_internal_ip" {
- description = "Point DNS record to internal ip"
- default = false
-}
-
-variable "instance_count" {
- type = number
- description = "Number of instances to deploy"
- default = 1
-}
-
-variable "server_type" {
- type = string
- description = "Hetzner Cloud instance type"
- default = "cx11"
-}
-
-variable "image" {
- type = string
- description = "Hetzner Cloud system image"
- default = "fedora-34"
-}
-
-variable "user_data" {
- description = "Cloud-Init user data to use during server creation"
- default = null
-}
-
-variable "ssh_keys" {
- type = list(any)
- description = "SSH key IDs or names which should be injected into the server at creation time"
- default = []
-}
-
-variable "keep_disk" {
- type = bool
- description = "If true, do not upgrade the disk. This allows downgrading the server type later."
- default = true
-}
-
-variable "labels" {
- type = map(string)
- description = "Labels that the instance is tagged with."
- default = {}
-}
-
-
-variable "location" {
- type = string
- description = "The location name to create the server in. nbg1, fsn1 or hel1"
- default = "nbg1"
-}
-
-variable "placement_group_id" {
- description = "Placement Group ID"
- default = null
-}
-
-variable "backups" {
- type = bool
- description = "Enable or disable backups"
- default = false
-}
-
-variable "volume" {
- type = bool
- description = "Enable or disable an additional volume"
- default = false
-}
-
-variable "volume_size" {
- type = number
- description = "Size of the additional data volume"
- default = 20
-}
-
-variable "subnet" {
- type = string
- description = "Id of the additional internal network"
- default = null
-}
-
-variable "enable_IPv6" {
- type = bool
- description = "Enable or disable setting up IPv6"
- default = true
-}
diff --git a/terraform/modules/hcloud_instance/versions.tf b/terraform/modules/hcloud_instance/versions.tf
deleted file mode 120000
index b7707ec81b9ec1f5743a08b56f8479195b92f036..0000000000000000000000000000000000000000
--- a/terraform/modules/hcloud_instance/versions.tf
+++ /dev/null
@@ -1 +0,0 @@
-../../versions.tf
\ No newline at end of file
diff --git a/terraform/modules/hcloud_instance/volumes.tf b/terraform/modules/hcloud_instance/volumes.tf
deleted file mode 100644
index 0a080461e1c2ca6adc03b8d94e1179079dc0cb60..0000000000000000000000000000000000000000
--- a/terraform/modules/hcloud_instance/volumes.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-resource "hcloud_volume" "volumes" {
- name = "${element(hcloud_server.server.*.name, count.index)}-data"
- size = var.volume_size
- format = "xfs"
- automount = false
- server_id = element(hcloud_server.server.*.id, count.index)
- count = var.volume == true ? var.instance_count : 0
-}
diff --git a/terraform/provider.tf b/terraform/provider.tf
deleted file mode 100644
index eac840f084bdc6ce9d8da6a04297c9d5afa3d27e..0000000000000000000000000000000000000000
--- a/terraform/provider.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-provider "cloudflare" {
-}
-
-provider "hcloud" {
-}
-
-provider "template" {
-}
-
-provider "local" {
-}
-
-provider "random" {
-}
diff --git a/terraform/ssh.tf b/terraform/ssh.tf
deleted file mode 100644
index 26f71c7d5bd056e27e73b65733ed14ea4b76149a..0000000000000000000000000000000000000000
--- a/terraform/ssh.tf
+++ /dev/null
@@ -1,36 +0,0 @@
-data "hcloud_ssh_keys" "all_keys" {
-}
-
-# Get current public IPs to configure SSH firewall
-data "http" "myipv4" {
- url = "https://api4.ipify.org"
-}
-
-resource "hcloud_firewall" "k8s-ssh" {
- name = "k8s-ssh"
- apply_to {
- label_selector = "k8s.io/node"
- }
-
- # ICMP is always a good idea
- #
- # Network reachability tests
- rule {
- description = "ICMP"
- direction = "in"
- protocol = "icmp"
- source_ips = [
- "0.0.0.0/0",
- "::/0"
- ]
- }
- rule {
- description = "SSH access"
- direction = "in"
- protocol = "tcp"
- port = "22"
- source_ips = [
- "${chomp(data.http.myipv4.body)}/32",
- ]
- }
-}
diff --git a/terraform/templates/cloud-init.tpl b/terraform/templates/cloud-init.tpl
deleted file mode 100644
index 617ddc4a4fc9d9eef05dbd05deaaf6f618c900a0..0000000000000000000000000000000000000000
--- a/terraform/templates/cloud-init.tpl
+++ /dev/null
@@ -1,44 +0,0 @@
-#!/bin/bash
-
-# System upgrade
-dnf upgrade -y
-
-# Prepare Kubernetes
-dnf install -y kubernetes kubernetes-kubeadm
-
-# Install Crio as container engine
-dnf module enable -y cri-o:1.20
-dnf install -y cri-o cri-tools
-systemctl enable --now crio
-
-# Load kernel modules for Kubernetes and Calico
-modprobe br_netfilter
-modprobe wireguard
-cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
-br_netfilter
-wireguard
-EOF
-
-# Prepare sysctls for Kubernetes
-cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
-net.bridge.bridge-nf-call-ip6tables = 1
-net.bridge.bridge-nf-call-iptables = 1
-net.ipv4.ip_forward = 1
-EOF
-sysctl --system
-
-dnf install -y iptables
-
-# Disable systemd-resolved for CoreDNS
-rm -f /etc/resolv.conf
-cp /run/systemd/resolve/resolv.conf /etc/resolv.conf
-systemctl disable --now systemd-resolved
-
-# Prepare NetworkManager for Calico
-cat <<EOF | sudo tee /etc/NetworkManager/conf.d/calico.conf
-[keyfile]
-unmanaged-devices=interface-name:cali*;interface-name:tunl*;interface-name:vxlan.calico;interface-name:wireguard.cali
-EOF
-systemctl restart NetworkManager
-
-reboot
diff --git a/terraform/variables.tf b/terraform/variables.tf
deleted file mode 100644
index c1f6b4ff248454ab40f23a824a1d0e8eed09659c..0000000000000000000000000000000000000000
--- a/terraform/variables.tf
+++ /dev/null
@@ -1,50 +0,0 @@
-variable "replicas_nodes" {
- type = number
- default = 3
- description = "Count of nodes"
-}
-
-variable "replicas_worker" {
- type = number
- default = 0
- description = "Count of nodes"
-}
-
-variable "dns_domain" {
- type = string
- description = "Name of the Cloudflare domain"
-}
-
-variable "dns_zone_id" {
- type = string
- description = "Zone ID of the Cloudflare domain"
-}
-
-variable "ip_loadbalancer_api" {
- description = "IP of an external loadbalancer for api (optional)"
- default = null
-}
-
-variable "network_cidr" {
- type = string
- description = "CIDR for the network"
- default = "172.16.0.0/12"
-}
-
-variable "subnet_cidr" {
- type = string
- description = "CIDR for the subnet"
- default = "172.16.0.0/24"
-}
-
-variable "location" {
- type = string
- description = "Region"
- default = "nbg1"
-}
-
-variable "image" {
- type = string
- description = "Image selector"
- default = "fedora-34"
-}
diff --git a/terraform/versions.tf b/terraform/versions.tf
deleted file mode 100644
index 75b41e7cdc57b2ffb3968174aab57322c8d8dc5e..0000000000000000000000000000000000000000
--- a/terraform/versions.tf
+++ /dev/null
@@ -1,25 +0,0 @@
-terraform {
- required_providers {
- cloudflare = {
- source = "cloudflare/cloudflare"
- version = "3.1.0"
- }
- hcloud = {
- source = "hetznercloud/hcloud"
- version = "1.32.0"
- }
- template = {
- source = "hashicorp/template"
- version = "2.2.0"
- }
- local = {
- source = "hashicorp/local"
- version = "1.4.0"
- }
- http = {
- source = "hashicorp/http"
- version = "2.1.0"
- }
- }
- required_version = ">= 0.14"
-}