chore: Move modules to root directory

2026-01-26 10:57:01 +01:00 · 2026-01-26 10:57:01 +01:00 · c8c4c8355b
commit c8c4c8355b
parent 649f1ba598
9 changed files with 3 additions and 3 deletions
--- a/pve01.wheatley.in/k8s-wheatley/main.tf
+++ b/pve01.wheatley.in/k8s-wheatley/main.tf
@ -94,7 +94,7 @@ locals {
 }

 module "controlplanes" {
-  source   = "./modules/talos-node"
+  source   = "../../modules/talos-node"
  for_each = { for node in local.controlplanes.nodes : node.name => node }

  node = {
@ -116,7 +116,7 @@ module "controlplanes" {
 }

 module "workers" {
-  source   = "./modules/talos-node"
+  source   = "../../modules/talos-node"
  for_each = { for node in local.workers.nodes : node.name => node }

  node = {
@ -145,7 +145,7 @@ module "talos-bootstrap" {
    module.workers
  ]

-  source = "./modules/talos-bootstrap"
+  source = "../../modules/talos-bootstrap"

  node_config = {
    ipv4_gateway           = local.ipv4_gateway
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/main.tf
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/main.tf
@ -1,103 +0,0 @@
-terraform {
-  required_providers {
-    talos = {
-      source  = "siderolabs/talos"
-      version = "0.9.0"
-    }
-  }
-}
-locals {
-  cluster_endpoint_full = format("https://%s:6443", var.node_config.cluster_endpoint)
-}
-
-resource "talos_machine_secrets" "machine_secrets" {}
-
-data "talos_machine_configuration" "machineconfig-cp" {
-  cluster_name       = var.node_config.cluster_name
-  machine_type       = "controlplane"
-  cluster_endpoint   = local.cluster_endpoint_full
-  kubernetes_version = var.node_config.kubernetes_version
-  talos_version      = talos_machine_secrets.machine_secrets.talos_version
-  machine_secrets    = talos_machine_secrets.machine_secrets.machine_secrets
-}
-
-data "talos_machine_configuration" "machineconfig-worker" {
-  cluster_name       = var.node_config.cluster_name
-  machine_type       = "worker"
-  cluster_endpoint   = local.cluster_endpoint_full
-  kubernetes_version = var.node_config.kubernetes_version
-  talos_version      = talos_machine_secrets.machine_secrets.talos_version
-  machine_secrets    = talos_machine_secrets.machine_secrets.machine_secrets
-}
-
-data "talos_client_configuration" "talosconfig" {
-  cluster_name         = var.node_config.cluster_name
-  endpoints            = var.node_config.controlplane_addresses
-  client_configuration = talos_machine_secrets.machine_secrets.client_configuration
-  nodes                = concat(var.node_config.controlplane_addresses, var.node_config.worker_addresses)
-}
-
-resource "talos_machine_configuration_apply" "config_apply_cp" {
-  for_each = {
-    for talos_node in var.talos_nodes : talos_node.name => talos_node
-    if talos_node.type == "controlplane"
-  }
-
-  client_configuration        = talos_machine_secrets.machine_secrets.client_configuration
-  machine_configuration_input = data.talos_machine_configuration.machineconfig-cp.machine_configuration
-  endpoint                    = each.value.ipv4_address
-  node                        = each.value.ipv4_address
-  config_patches = [
-    templatefile("${path.module}/templates/machineconfig-cp.yaml.tmpl", {
-      hostname            = each.value.name
-      cluster_name        = var.node_config.cluster_name
-      vip_address         = var.node_config.cluster_endpoint
-      node_name           = format("%s.wheatley.in", var.node_config.proxmox_node)
-      machine_type        = each.value.type
-      gateway-api_version = var.node_config.gateway_api_version
-      cilium_version      = var.node_config.cilium_version
-      cilium_install_file = file("${path.module}/templates/cilium-install.yaml.tmpl")
-    })
-  ]
-}
-
-resource "talos_machine_configuration_apply" "config_apply_worker" {
-  for_each = {
-    for talos_node in var.talos_nodes : talos_node.name => talos_node
-    if talos_node.type == "worker"
-  }
-
-  client_configuration        = talos_machine_secrets.machine_secrets.client_configuration
-  machine_configuration_input = data.talos_machine_configuration.machineconfig-worker.machine_configuration
-  endpoint                    = each.value.ipv4_address
-  node                        = each.value.ipv4_address
-  config_patches = [
-    templatefile("${path.module}/templates/machineconfig-worker.yaml.tmpl", {
-      hostname            = each.value.name
-      cluster_name        = var.node_config.cluster_name
-      node_name           = format("%s.wheatley.in", var.node_config.proxmox_node)
-      storage_address     = each.value.storage_address
-      machine_type        = each.value.type
-      talos_version       = var.node_config.talos_version
-      gateway-api_version = var.node_config.gateway_api_version
-      cilium_version      = var.node_config.cilium_version
-      cilium_install_file = file("${path.module}/templates/cilium-install.yaml.tmpl")
-      pvc_disks           = each.value.pvc_disks
-      gpu_enabled         = each.value.gpu_enabled
-    })
-  ]
-}
-
-resource "talos_machine_bootstrap" "talos_machine_bootstrap" {
-  depends_on = [
-    talos_machine_configuration_apply.config_apply_cp,
-    talos_machine_configuration_apply.config_apply_worker
-  ]
-  client_configuration = talos_machine_secrets.machine_secrets.client_configuration
-  node                 = var.talos_nodes[0].ipv4_address
-}
-
-resource "talos_cluster_kubeconfig" "kubeconfig" {
-  client_configuration = talos_machine_secrets.machine_secrets.client_configuration
-  node                 = var.node_config.cluster_endpoint
-}
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/outputs.tf
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/outputs.tf
@ -1,9 +0,0 @@
-output "talosconfig" {
-  value     = data.talos_client_configuration.talosconfig.talos_config
-  sensitive = true
-}
-
-output "kubeconfig" {
-  value     = talos_cluster_kubeconfig.kubeconfig
-  sensitive = true
-}
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/cilium-install.yaml.tmpl
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/cilium-install.yaml.tmpl
@ -1,100 +0,0 @@
---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
-  name: cilium-install
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: cluster-admin
-subjects:
- kind: ServiceAccount
-  name: cilium-install
-  namespace: kube-system
---
-apiVersion: v1
-kind: ServiceAccount
-metadata:
-  name: cilium-install
-  namespace: kube-system
---
-apiVersion: batch/v1
-kind: Job
-metadata:
-  name: cilium-install
-  namespace: kube-system
-spec:
-  backoffLimit: 10
-  template:
-    metadata:
-      labels:
-        app: cilium-install
-    spec:
-      restartPolicy: OnFailure
-      tolerations:
-        - operator: Exists
-        - effect: NoSchedule
-          operator: Exists
-        - effect: NoExecute
-          operator: Exists
-        - effect: PreferNoSchedule
-          operator: Exists
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: NoSchedule
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: NoExecute
-        - key: node-role.kubernetes.io/control-plane
-          operator: Exists
-          effect: PreferNoSchedule
-      affinity:
-        nodeAffinity:
-          requiredDuringSchedulingIgnoredDuringExecution:
-            nodeSelectorTerms:
-              - matchExpressions:
-                  - key: node-role.kubernetes.io/control-plane
-                    operator: Exists
-      serviceAccount: cilium-install
-      serviceAccountName: cilium-install
-      hostNetwork: true
-      containers:
-      - name: cilium-install
-        image: quay.io/cilium/cilium-cli:latest
-        env:
-        - name: KUBERNETES_SERVICE_HOST
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: status.podIP
-        - name: KUBERNETES_SERVICE_PORT
-          value: "6443"
-        command:
-          - cilium
-          - install
-          - --set
-          - ipam.mode=kubernetes
-          - --set
-          - kubeProxyReplacement=true
-          - --set
-          - securityContext.capabilities.ciliumAgent={CHOWN,KILL,NET_ADMIN,NET_RAW,IPC_LOCK,SYS_ADMIN,SYS_RESOURCE,DAC_OVERRIDE,FOWNER,SETGID,SETUID}
-          - --set
-          - securityContext.capabilities.cleanCiliumState={NET_ADMIN,SYS_ADMIN,SYS_RESOURCE}
-          - --set
-          - cgroup.autoMount.enabled=false
-          - --set
-          - cgroup.hostRoot=/sys/fs/cgroup
-          - --set
-          - k8sServiceHost=$(KUBERNETES_SERVICE_HOST)
-          - --set
-          - k8sServicePort=$(KUBERNETES_SERVICE_PORT)
-          - --set
-          - gatewayAPI.enabled=true
-          - --set
-          - gatewayAPI.enableAlpn=true 
-          - --set
-          - gatewayAPI.enableAppProtocol=true
-          - --set
-          - hubble.relay.enabled=true
-          - --set 
-          - hubble.ui.enabled=true
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/machineconfig-cp.yaml.tmpl
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/machineconfig-cp.yaml.tmpl
@ -1,42 +0,0 @@
-debug: false
-machine:
-  type: ${machine_type}
-  install:
-    disk: /dev/vda
-  network:
-    hostname: ${hostname}
-    nameservers:
-      - 9.9.9.9
-    interfaces:
-      - interface: eth0
-        dhcp: false
-        vip:
-          ip: ${vip_address}
-  kubelet:
-    extraArgs:
-      pod-max-pids: 1000
-    extraConfig:
-      imageGCHighThresholdPercent: 75
-      imageGCLowThresholdPercent: 70
-  nodeLabels:
-    topology.kubernetes.io/region: ${cluster_name}
-    topology.kubernetes.io/zone: ${node_name}
-
-cluster:
-  apiServer:
-    auditPolicy:
-      apiVersion: audit.k8s.io/v1
-      kind: Policy
-      rules:
-        - level: Metadata
-  network:
-    cni:
-      name: none
-  proxy:
-    disabled: true
-  extraManifests:
-  - https://github.com/kubernetes-sigs/gateway-api/releases/download/v${gateway-api_version}/standard-install.yaml
-  inlineManifests:
-  - name: cilium-bootstrap
-    contents: |
-      ${indent(6, cilium_install_file)}
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/machineconfig-worker.yaml.tmpl
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/machineconfig-worker.yaml.tmpl
@ -1,61 +0,0 @@
-debug: false
-machine:
-  type: ${machine_type}
-  install:
-    disk: /dev/vda
-%{ if gpu_enabled != false ~}
-    image: factory.talos.dev/nocloud-installer-secureboot/29d29d87bf3b88fe13caf73c20c7a8b6a4355d8177d0d690d5c9f85d4ddb67b7:v${talos_version}
-%{ endif ~}
-  network:
-    hostname: ${hostname}
-    nameservers:
-      - 9.9.9.9
-%{ if storage_address != false ~}
-    interfaces:
-      - interface: eth1
-        mtu: 9000
-        dhcp: false
-        addresses:
-          - ${storage_address}/24
-%{ endif ~}
-  kubelet:
-    extraArgs:
-      pod-max-pids: 1000
-    extraConfig:
-      imageGCHighThresholdPercent: 75
-      imageGCLowThresholdPercent: 70
-    nodeIP:
-      validSubnets:
-        - 10.13.37.0/24
-  kernel:
-    modules:
-      - name: drbd
-        parameters:
-          - usermode_helper=disabled
-      - name: drbd_transport_tcp
-      - name: dm_thin_pool
-%{ if gpu_enabled != false ~}
-      - name: i915
-%{ endif ~}
-  nodeLabels:
-    topology.kubernetes.io/region: ${cluster_name}
-    topology.kubernetes.io/zone: ${node_name}
-
-cluster:
-  apiServer:
-    auditPolicy:
-      apiVersion: audit.k8s.io/v1
-      kind: Policy
-      rules:
-        - level: Metadata
-  network:
-    cni:
-      name: none
-  proxy:
-    disabled: true
-  extraManifests:
-  - https://github.com/kubernetes-sigs/gateway-api/releases/download/v${gateway-api_version}/standard-install.yaml
-  inlineManifests:
-  - name: cilium-bootstrap
-    contents: |
-      ${indent(6, cilium_install_file)}
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/variables.tf
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/variables.tf
@ -1,27 +0,0 @@
-variable "node_config" {
-  description = "Talos node configuration"
-  type = object({
-    ipv4_gateway           = string
-    talos_version          = string
-    gateway_api_version    = string
-    cilium_version         = string
-    cluster_name           = string
-    kubernetes_version     = string
-    cluster_endpoint       = string
-    proxmox_node           = string
-    controlplane_addresses = list(string)
-    worker_addresses       = list(string)
-  })
-}
-
-variable "talos_nodes" {
-  description = "List of Talos nodes to bootstrap"
-  type = list(object({
-    name            = string
-    type            = string
-    ipv4_address    = string
-    storage_address = optional(string)
-    pvc_disks       = optional(list(number))
-    gpu_enabled     = optional(bool, false)
-  }))
-}
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-node/main.tf
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-node/main.tf
@ -1,92 +0,0 @@
-terraform {
-  required_providers {
-    proxmox = {
-      source  = "bpg/proxmox"
-      version = "0.86.0"
-    }
-  }
-}
-
-resource "proxmox_virtual_environment_vm" "talos-node" {
-  vm_id     = var.node.id
-  name      = var.node.name
-  node_name = var.node.proxmox_node
-  tags      = ["tofu"]
-  bios      = "ovmf"
-
-  clone {
-    vm_id   = 10000 + tonumber(replace(var.node.talos_version, ".", ""))
-    retries = 3
-  }
-
-  cpu {
-    cores   = var.node.cpu
-    sockets = 1
-    type    = "host"
-  }
-
-  memory {
-    dedicated = var.node.memory * 1024
-  }
-
-  disk {
-    datastore_id = var.node.storagepool
-    interface    = "virtio0"
-    size         = var.node.disk
-    file_format  = "raw"
-  }
-
-  dynamic "disk" {
-    for_each = tolist(var.pvc_disks)
-    content {
-      datastore_id = "nvme-fastpool"
-      interface    = "virtio${disk.key + 1}"
-      size         = disk.value
-      file_format  = "raw"
-    }
-  }
-
-  network_device {
-    bridge = "vmbr1"
-    model  = "virtio"
-    mtu    = 1500
-  }
-
-  dynamic "network_device" {
-    for_each = var.node.type == "worker" ? [1] : []
-    content {
-      bridge = "vmbr2"
-      model  = "virtio"
-      mtu    = 9000
-    }
-  }
-
-  dynamic "hostpci" {
-    for_each = var.node.gpu == true ? [1] : []
-    content {
-      device  = "hostpci0"
-      mapping = "A380_GPU"
-      pcie    = true
-      rombar  = true
-    }
-  }
-
-  initialization {
-    datastore_id = var.node.storagepool
-    ip_config {
-      ipv4 {
-        address = format("%s/24", var.node.ipv4_address)
-        gateway = var.node.ipv4_gateway
-      }
-    }
-    dns {
-      servers = ["9.9.9.9"]
-    }
-  }
-
-  lifecycle {
-    ignore_changes = [
-      clone,
-    ]
-  }
-}
--- a/pve01.wheatley.in/k8s-wheatley/modules/talos-node/variables.tf
+++ b/pve01.wheatley.in/k8s-wheatley/modules/talos-node/variables.tf
@ -1,25 +0,0 @@
-variable "node" {
-  description = "Basic configuration for the Talos node"
-  type = object({
-    id                 = number
-    type               = string
-    name               = string
-    ipv4_address       = string
-    ipv4_gateway       = string
-    cpu                = number
-    gpu                = optional(bool, false)
-    memory             = number
-    disk               = string
-    storagepool        = string
-    talos_version      = string
-    cluster_name       = string
-    kubernetes_version = string
-    cluster_endpoint   = string
-    proxmox_node       = string
-  })
-}
-variable "pvc_disks" {
-  description = "List of extra disks to attach to the node"
-  type        = list(number)
-  default     = []
-}