autonomic-bot
e37a7df496
Some checks failed
continuous-integration/drone/push Build is failing
The cc-ci server already runs on Hetzner (migration done; nix/hosts/cc-ci-hetzner landed directly on main 2026-05-31). PR#2's host config was superseded by newer main commits, but its terraform/ provisioning scaffolding (cpx32 + nixos-infect) was never preserved. Add it here as the infrastructure-of-record so the box is reproducible. .gitignore keeps tfstate + secret tfvars out; HCLOUD_TOKEN is an env var at apply time (no secrets committed). PR#2 closed as superseded. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
33 lines
728 B
HCL
33 lines
728 B
HCL
resource "hcloud_ssh_key" "cc_ci" {
|
|
name = "cc-ci-deploy"
|
|
public_key = var.ssh_public_key
|
|
|
|
labels = {
|
|
project = "cc-ci"
|
|
managed = "terraform"
|
|
}
|
|
}
|
|
|
|
resource "hcloud_server" "cc_ci" {
|
|
name = var.server_name
|
|
server_type = var.server_type
|
|
image = var.image
|
|
location = var.location
|
|
ssh_keys = [hcloud_ssh_key.cc_ci.id]
|
|
|
|
# Stage 1: cloud-init runs nixos-infect on first boot, converting Ubuntu to NixOS,
|
|
# then reboots. See user-data.sh for the pinned infect revision.
|
|
user_data = file("${path.module}/user-data.sh")
|
|
|
|
public_net {
|
|
ipv4_enabled = true
|
|
ipv6_enabled = false
|
|
}
|
|
|
|
labels = {
|
|
project = "cc-ci"
|
|
managed = "terraform"
|
|
stage = "infect"
|
|
}
|
|
}
|