!fixup

j-kali · j-kali · commit 0e866a9462fa · 2024-11-12T12:08:50.000+02:00
diff --git a/terraform/server.tf b/terraform/server.tf
@@ -42,7 +42,7 @@ terraform {
 
 variable "instance_name" {
   # set with set-name.sh <instance_name>
-  type = string
+  type    = string
   default = "hpcs.main"
 }
 
@@ -52,27 +52,27 @@ locals {
     "cloud-config.yaml",
     {
       kind_dashboard_admin_yaml = base64encode(file("files/admin-user.yaml")),
-      setup_sha512      = base64encode(sha512(file("files/setup.sh"))),
-      ed25519_private   = indent(4, file("secrets/ssh_host_ed25519_key")),
-      ed25519_public    = file("secrets/ssh_host_ed25519_key.pub"),
-      hpcs_cluster_yaml = base64encode(file("files/hpcs-cluster.yaml")),
-      public_keys       = setsubtract(split("\n", trim(file("secrets/public_keys"), "\n")), [""] ),
-      tunnel_keys       = setsubtract(split("\n", trim(file("secrets/tunnel_keys"), "\n")), [""] ),
-      setup_sh          = base64encode(file("files/setup.sh")),
-    })
+      setup_sha512              = base64encode(sha512(file("files/setup.sh"))),
+      ed25519_private           = indent(4, file("secrets/ssh_host_ed25519_key")),
+      ed25519_public            = file("secrets/ssh_host_ed25519_key.pub"),
+      hpcs_cluster_yaml         = base64encode(file("files/hpcs-cluster.yaml")),
+      public_keys               = setsubtract(split("\n", trim(file("secrets/public_keys"), "\n")), [""]),
+      tunnel_keys               = setsubtract(split("\n", trim(file("secrets/tunnel_keys"), "\n")), [""]),
+      setup_sh                  = base64encode(file("files/setup.sh")),
+  })
 }
 
 # The actual VM is defined here
 resource "openstack_compute_instance_v2" "instance" {
-  name = "${var.instance_name}"
-  image_name = "Ubuntu-24.04"
+  name        = var.instance_name
+  image_name  = "Ubuntu-24.04"
   flavor_name = "standard.small"
-  user_data = local.cloud_init
+  user_data   = local.cloud_init
   security_groups = [
     openstack_networking_secgroup_v2.security_group.name,
   ]
   network {
-    uuid = "${openstack_networking_network_v2.instance_net.id}"
+    uuid = openstack_networking_network_v2.instance_net.id
   }
   # Pouta API refuses to create the instance unless the subnet is ready to go
   depends_on = [
@@ -86,13 +86,13 @@ resource "openstack_compute_instance_v2" "instance" {
 # Network for the VM to be in. It is not allowed in most cases to have
 # VMs directly in the public network on Pouta
 resource "openstack_networking_network_v2" "instance_net" {
-  name = "${var.instance_name}-net"
+  name           = "${var.instance_name}-net"
   admin_state_up = "true"
 }
 
 # A router to attach the network defined earlier to the public network
 resource "openstack_networking_router_v2" "router" {
-  name = "${var.instance_name}-router"
+  name           = "${var.instance_name}-router"
   admin_state_up = "true"
   # Magic UUID is the UUID of our public network, somewhat difficult
   # to refer to it by name here so we are stuck with the magic thing
@@ -102,13 +102,13 @@ resource "openstack_networking_router_v2" "router" {
 
 # Attachment of the router to the VM subnet
 resource "openstack_networking_router_interface_v2" "interface" {
-  router_id = "${openstack_networking_router_v2.router.id}"
-  subnet_id = "${openstack_networking_subnet_v2.instance_subnet.id}"
+  router_id = openstack_networking_router_v2.router.id
+  subnet_id = openstack_networking_subnet_v2.instance_subnet.id
 }
 
 # The floating ip, which will be a public IP used to access the VM
 resource "openstack_networking_floatingip_v2" "ip" {
-  pool = "public"
+  pool       = "public"
   depends_on = [openstack_networking_router_interface_v2.interface]
   lifecycle {
     # Protect the public IP
@@ -121,23 +121,23 @@ resource "openstack_networking_floatingip_v2" "ip" {
 # one can redeploy an instance and attach the IP to the new instance
 # without the need to do anything about the IP object itself.
 resource "openstack_compute_floatingip_associate_v2" "ip_attach" {
-  floating_ip = "${openstack_networking_floatingip_v2.ip.address}"
-  instance_id = "${openstack_compute_instance_v2.instance.id}"
+  floating_ip = openstack_networking_floatingip_v2.ip.address
+  instance_id = openstack_compute_instance_v2.instance.id
 }
 
 # Volume to store some data that we want to preserve during re-deployments
 resource "openstack_blockstorage_volume_v3" "data" {
-  name        = "${var.instance_name}-data"
-  size        = 10
+  name = "${var.instance_name}-data"
+  size = 10
   lifecycle {
     # Do not destroy the volume... ever...
     prevent_destroy = true
   }
 }
 
 resource "openstack_blockstorage_volume_v3" "docker" {
-  name        = "${var.instance_name}-docker"
-  size        = 20
+  name = "${var.instance_name}-docker"
+  size = 20
   lifecycle {
     # Do not destroy the volume... ever...
     prevent_destroy = true
@@ -147,20 +147,20 @@ resource "openstack_blockstorage_volume_v3" "docker" {
 # Similarly to the floating ip case, we need an attachment of the volume
 # defined above
 resource "openstack_compute_volume_attach_v2" "data" {
-  instance_id = "${openstack_compute_instance_v2.instance.id}"
-  volume_id   = "${openstack_blockstorage_volume_v3.data.id}"
+  instance_id = openstack_compute_instance_v2.instance.id
+  volume_id   = openstack_blockstorage_volume_v3.data.id
 }
 
 resource "openstack_compute_volume_attach_v2" "docker" {
-  instance_id = "${openstack_compute_instance_v2.instance.id}"
-  volume_id   = "${openstack_blockstorage_volume_v3.docker.id}"
+  instance_id = openstack_compute_instance_v2.instance.id
+  volume_id   = openstack_blockstorage_volume_v3.docker.id
 }
 
 #######################################################################
 # Security group and its rules
 #######################################################################
 resource "openstack_networking_secgroup_v2" "security_group" {
-  name        = "${var.instance_name}"
+  name = var.instance_name
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-staff-vpn" {
@@ -170,7 +170,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-staff-vpn" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "193.166.85.0/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-espoo-office-00" {
@@ -180,7 +180,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-espoo-office-00" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "193.166.1.0/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-espoo-office-01" {
@@ -190,7 +190,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-espoo-office-01" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "193.166.2.0/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-espoo-office-02" {
@@ -200,7 +200,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-espoo-office-02" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "193.166.80.0/23"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-kajaani-office-00" {
@@ -210,7 +210,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-kajaani-office-00" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "193.166.86.0/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-pa-vpn-00" {
@@ -220,7 +220,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-pa-vpn-00" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "193.166.83.0/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "ssh-in-jaroslaw-00" {
@@ -230,7 +230,7 @@ resource "openstack_networking_secgroup_rule_v2" "ssh-in-jaroslaw-00" {
   port_range_min    = 22
   port_range_max    = 22
   remote_ip_prefix  = "87.94.57.247/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "http-out" {
@@ -240,7 +240,7 @@ resource "openstack_networking_secgroup_rule_v2" "http-out" {
   port_range_min    = 80
   port_range_max    = 80
   remote_ip_prefix  = "0.0.0.0/0"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "http-in" {
@@ -260,7 +260,7 @@ resource "openstack_networking_secgroup_rule_v2" "https-out" {
   port_range_min    = 443
   port_range_max    = 443
   remote_ip_prefix  = "0.0.0.0/0"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 resource "openstack_networking_secgroup_rule_v2" "https-in" {
   direction         = "ingress"
@@ -269,7 +269,7 @@ resource "openstack_networking_secgroup_rule_v2" "https-in" {
   port_range_min    = 443
   port_range_max    = 443
   remote_ip_prefix  = "0.0.0.0/0"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 resource "openstack_networking_secgroup_rule_v2" "k8s-api-in-pa-vpn" {
   direction         = "ingress"
@@ -278,7 +278,7 @@ resource "openstack_networking_secgroup_rule_v2" "k8s-api-in-pa-vpn" {
   port_range_min    = 6444
   port_range_max    = 6444
   remote_ip_prefix  = "193.166.83.0/24"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 resource "openstack_networking_secgroup_rule_v2" "aux-k8s-portsp-in" {
   direction         = "ingress"
@@ -287,7 +287,7 @@ resource "openstack_networking_secgroup_rule_v2" "aux-k8s-portsp-in" {
   port_range_min    = 30001
   port_range_max    = 30004
   remote_ip_prefix  = "0.0.0.0/0"
-  security_group_id = "${openstack_networking_secgroup_v2.security_group.id}"
+  security_group_id = openstack_networking_secgroup_v2.security_group.id
 }
 
 resource "openstack_networking_secgroup_rule_v2" "icinga-api-in" {
@@ -309,9 +309,9 @@ resource "openstack_networking_secgroup_rule_v2" "icmp-in" {
 }
 # Subnet for the VM. On Pouta all VMs need to be in subnets to boot properly
 resource "openstack_networking_subnet_v2" "instance_subnet" {
-  name = "${var.instance_name}-subnet"
-  network_id = "${openstack_networking_network_v2.instance_net.id}"
-  cidr = "10.0.0.0/24"
+  name       = "${var.instance_name}-subnet"
+  network_id = openstack_networking_network_v2.instance_net.id
+  cidr       = "10.0.0.0/24"
   ip_version = 4
   dns_nameservers = [
     "1.1.1.1",
@@ -321,7 +321,7 @@ resource "openstack_networking_subnet_v2" "instance_subnet" {
 
 # Handy output to get the IP address that we've got in the output
 output "address" {
-  value = "${openstack_networking_floatingip_v2.ip.address}"
+  value = openstack_networking_floatingip_v2.ip.address
 }
 output "cloud-init" {
   value = local.cloud_init
