infrastructure/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/main.tf

terraform {
  required_providers {
    talos = {
      source  = "siderolabs/talos"
      version = "0.9.0"
    }
  }
}
locals {
  cluster_endpoint_full = format("https://%s:6443", var.node_config.cluster_endpoint)
}

resource "talos_machine_secrets" "machine_secrets" {}

data "talos_machine_configuration" "machineconfig-cp" {
  cluster_name       = var.node_config.cluster_name
  machine_type       = "controlplane"
  cluster_endpoint   = local.cluster_endpoint_full
  kubernetes_version = var.node_config.kubernetes_version
  talos_version      = talos_machine_secrets.machine_secrets.talos_version
  machine_secrets    = talos_machine_secrets.machine_secrets.machine_secrets
}

data "talos_machine_configuration" "machineconfig-worker" {
  cluster_name       = var.node_config.cluster_name
  machine_type       = "worker"
  cluster_endpoint   = local.cluster_endpoint_full
  kubernetes_version = var.node_config.kubernetes_version
  talos_version      = talos_machine_secrets.machine_secrets.talos_version
  machine_secrets    = talos_machine_secrets.machine_secrets.machine_secrets
}

data "talos_client_configuration" "talosconfig" {
  cluster_name         = var.node_config.cluster_name
  endpoints            = var.node_config.controlplane_addresses
  client_configuration = talos_machine_secrets.machine_secrets.client_configuration
  nodes                = concat(var.node_config.controlplane_addresses, var.node_config.worker_addresses)
}

resource "talos_machine_configuration_apply" "config_apply_cp" {
  for_each = {
    for talos_node in var.talos_nodes : talos_node.name => talos_node
    if talos_node.type == "controlplane"
  }

  client_configuration        = talos_machine_secrets.machine_secrets.client_configuration
  machine_configuration_input = data.talos_machine_configuration.machineconfig-cp.machine_configuration
  endpoint                    = each.value.ipv4_address
  node                        = each.value.ipv4_address
  config_patches = [
    templatefile("${path.module}/templates/machineconfig-cp.yaml.tmpl", {
      hostname            = each.value.name
      cluster_name        = var.node_config.cluster_name
      vip_address         = var.node_config.cluster_endpoint
      node_name           = format("%s.wheatley.in", var.node_config.proxmox_node)
      machine_type        = each.value.type
      talos_version       = var.node_config.talos_version
      cilium_version      = var.node_config.cilium_version
      cilium_install_file = file("${path.module}/templates/cilium-install.yaml.tmpl")
    })
  ]
}

resource "talos_machine_configuration_apply" "config_apply_worker" {
  for_each = {
    for talos_node in var.talos_nodes : talos_node.name => talos_node
    if talos_node.type == "worker"
  }

  client_configuration        = talos_machine_secrets.machine_secrets.client_configuration
  machine_configuration_input = data.talos_machine_configuration.machineconfig-worker.machine_configuration
  endpoint                    = each.value.ipv4_address
  node                        = each.value.ipv4_address
  config_patches = [
    templatefile("${path.module}/templates/machineconfig-worker.yaml.tmpl", {
      hostname            = each.value.name
      cluster_name        = var.node_config.cluster_name
      vip_address         = var.node_config.cluster_endpoint
      node_name           = format("%s.wheatley.in", var.node_config.proxmox_node)
      machine_type        = each.value.type
      talos_version       = var.node_config.talos_version
      cilium_version      = var.node_config.cilium_version
      cilium_install_file = file("${path.module}/templates/cilium-install.yaml.tmpl")
    })
  ]
}

resource "talos_machine_bootstrap" "talos_machine_bootstrap" {
  depends_on = [
    talos_machine_configuration_apply.config_apply_cp,
    talos_machine_configuration_apply.config_apply_worker
  ]
  client_configuration = talos_machine_secrets.machine_secrets.client_configuration
  node                 = var.talos_nodes[0].ipv4_address
}
feat: Bootstrap Talos k8s cluster 2025-10-28 22:46:17 +01:00			`terraform {`
			`required_providers {`
			`talos = {`
			`source = "siderolabs/talos"`
			`version = "0.9.0"`
			`}`
			`}`
			`}`
			`locals {`
			`cluster_endpoint_full = format("https://%s:6443", var.node_config.cluster_endpoint)`
			`}`

			`resource "talos_machine_secrets" "machine_secrets" {}`

			`data "talos_machine_configuration" "machineconfig-cp" {`
			`cluster_name = var.node_config.cluster_name`
			`machine_type = "controlplane"`
			`cluster_endpoint = local.cluster_endpoint_full`
			`kubernetes_version = var.node_config.kubernetes_version`
			`talos_version = talos_machine_secrets.machine_secrets.talos_version`
			`machine_secrets = talos_machine_secrets.machine_secrets.machine_secrets`
			`}`

			`data "talos_machine_configuration" "machineconfig-worker" {`
			`cluster_name = var.node_config.cluster_name`
			`machine_type = "worker"`
			`cluster_endpoint = local.cluster_endpoint_full`
			`kubernetes_version = var.node_config.kubernetes_version`
			`talos_version = talos_machine_secrets.machine_secrets.talos_version`
			`machine_secrets = talos_machine_secrets.machine_secrets.machine_secrets`
			`}`

			`data "talos_client_configuration" "talosconfig" {`
			`cluster_name = var.node_config.cluster_name`
			`endpoints = var.node_config.controlplane_addresses`
			`client_configuration = talos_machine_secrets.machine_secrets.client_configuration`
			`nodes = concat(var.node_config.controlplane_addresses, var.node_config.worker_addresses)`
			`}`

			`resource "talos_machine_configuration_apply" "config_apply_cp" {`
			`for_each = {`
			`for talos_node in var.talos_nodes : talos_node.name => talos_node`
			`if talos_node.type == "controlplane"`
			`}`

			`client_configuration = talos_machine_secrets.machine_secrets.client_configuration`
			`machine_configuration_input = data.talos_machine_configuration.machineconfig-cp.machine_configuration`
			`endpoint = each.value.ipv4_address`
			`node = each.value.ipv4_address`
			`config_patches = [`
			`templatefile("${path.module}/templates/machineconfig-cp.yaml.tmpl", {`
			`hostname = each.value.name`
			`cluster_name = var.node_config.cluster_name`
			`vip_address = var.node_config.cluster_endpoint`
			`node_name = format("%s.wheatley.in", var.node_config.proxmox_node)`
			`machine_type = each.value.type`
			`talos_version = var.node_config.talos_version`
			`cilium_version = var.node_config.cilium_version`
			`cilium_install_file = file("${path.module}/templates/cilium-install.yaml.tmpl")`
			`})`
			`]`
			`}`

			`resource "talos_machine_configuration_apply" "config_apply_worker" {`
			`for_each = {`
			`for talos_node in var.talos_nodes : talos_node.name => talos_node`
			`if talos_node.type == "worker"`
			`}`

			`client_configuration = talos_machine_secrets.machine_secrets.client_configuration`
			`machine_configuration_input = data.talos_machine_configuration.machineconfig-worker.machine_configuration`
			`endpoint = each.value.ipv4_address`
			`node = each.value.ipv4_address`
			`config_patches = [`
			`templatefile("${path.module}/templates/machineconfig-worker.yaml.tmpl", {`
			`hostname = each.value.name`
			`cluster_name = var.node_config.cluster_name`
			`vip_address = var.node_config.cluster_endpoint`
			`node_name = format("%s.wheatley.in", var.node_config.proxmox_node)`
			`machine_type = each.value.type`
			`talos_version = var.node_config.talos_version`
			`cilium_version = var.node_config.cilium_version`
			`cilium_install_file = file("${path.module}/templates/cilium-install.yaml.tmpl")`
			`})`
			`]`
			`}`

			`resource "talos_machine_bootstrap" "talos_machine_bootstrap" {`
			`depends_on = [`
			`talos_machine_configuration_apply.config_apply_cp,`
			`talos_machine_configuration_apply.config_apply_worker`
			`]`
			`client_configuration = talos_machine_secrets.machine_secrets.client_configuration`
			`node = var.talos_nodes[0].ipv4_address`
			`}`