autonomic-bot
e37a7df496
Some checks failed
continuous-integration/drone/push Build is failing
The cc-ci server already runs on Hetzner (migration done; nix/hosts/cc-ci-hetzner landed directly on main 2026-05-31). PR#2's host config was superseded by newer main commits, but its terraform/ provisioning scaffolding (cpx32 + nixos-infect) was never preserved. Add it here as the infrastructure-of-record so the box is reproducible. .gitignore keeps tfstate + secret tfvars out; HCLOUD_TOKEN is an env var at apply time (no secrets committed). PR#2 closed as superseded. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
38 lines
1.2 KiB
HCL
38 lines
1.2 KiB
HCL
variable "location" {
|
|
description = "Hetzner datacenter (nbg1=Nuremberg, fsn1=Falkenstein, hel1=Helsinki, ash=Ashburn, hil=Hillsboro)"
|
|
type = string
|
|
default = "nbg1"
|
|
}
|
|
|
|
variable "server_type" {
|
|
description = <<-EOT
|
|
Hetzner server type. Must be x86 — the flake is x86_64-linux; NEVER use cax* (ARM).
|
|
cpx32 = AMD 4 vCPU / 8 GB (default; replaces cpx31 which is retired in some DCs).
|
|
cx33 = Intel 4 vCPU / 8 GB (alternative).
|
|
EOT
|
|
type = string
|
|
default = "cpx32"
|
|
|
|
validation {
|
|
condition = !startswith(var.server_type, "cax")
|
|
error_message = "ARM server types (cax*) are not supported — the cc-ci flake is x86_64-linux only."
|
|
}
|
|
}
|
|
|
|
variable "image" {
|
|
description = "Base OS image. nixos-infect supports debian-12 and ubuntu-24.04. debian-12 preferred."
|
|
type = string
|
|
default = "debian-12"
|
|
}
|
|
|
|
variable "ssh_public_key" {
|
|
description = "SSH public key content (the full line, e.g. 'ssh-ed25519 AAAA... comment'). Registered with Hetzner for root access post-infect. Pass via TF_VAR_ssh_public_key or terraform.tfvars (gitignored)."
|
|
type = string
|
|
}
|
|
|
|
variable "server_name" {
|
|
description = "Hetzner server name and initial NixOS hostname"
|
|
type = string
|
|
default = "cc-ci"
|
|
}
|