Remove floating IP

2025-12-25 05:36:59 +01:00 · 2022-10-30 01:42:32 +02:00 · 2022-10-30 01:42:32 +02:00 · 832b9cb918
commit 832b9cb918
parent a4e1399331
4 changed files with 10 additions and 32 deletions
--- a/dns.tf
+++ b/dns.tf
@ -11,7 +11,7 @@ data "hetznerdns_zone" "banditlair_zone" {
 resource "hetznerdns_record" "banditlair_hcloud_a" {
  zone_id = data.hetznerdns_zone.banditlair_zone.id
  name    = "@"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -99,7 +99,7 @@ resource "hetznerdns_record" "elefan-test_a" {
 resource "hetznerdns_record" "wikijs-test_a" {
  zone_id = data.hetznerdns_zone.froidmont_zone.id
  name    = "wikijs-test"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -155,7 +155,7 @@ resource "hetznerdns_record" "monero_a" {
 resource "hetznerdns_record" "anderia_a" {
  zone_id = data.hetznerdns_zone.banditlair_zone.id
  name    = "anderia"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -163,7 +163,7 @@ resource "hetznerdns_record" "anderia_a" {
 resource "hetznerdns_record" "arkadia_a" {
  zone_id = data.hetznerdns_zone.banditlair_zone.id
  name    = "arkadia"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -186,7 +186,7 @@ resource "hetznerdns_record" "banditlair_dedicated_a" {
 resource "hetznerdns_record" "nextcloud_a" {
  zone_id = data.hetznerdns_zone.banditlair_zone.id
  name    = "cloud"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -195,7 +195,7 @@ resource "hetznerdns_record" "nextcloud_a" {
 resource "hetznerdns_record" "matrix_a" {
  zone_id = data.hetznerdns_zone.banditlair_zone.id
  name    = "matrix"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -211,7 +211,7 @@ resource "hetznerdns_record" "matrix_srv" {
 resource "hetznerdns_record" "coturn_a" {
  zone_id = data.hetznerdns_zone.banditlair_zone.id
  name    = "turn"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
@ -332,7 +332,7 @@ resource "hetznerdns_record" "froidmont_a" {
 resource "hetznerdns_record" "website_marie_a" {
  zone_id = data.hetznerdns_zone.froidmont_zone.id
  name    = "osteopathie"
-  value   = data.hcloud_floating_ip.main_ip.ip_address
+  value   = hcloud_server.backend1.ipv4_address
  type    = "A"
  ttl     = 600
 }
--- a/instances.tf
+++ b/instances.tf
@ -2,10 +2,6 @@ data "hcloud_image" "nixos_stable" {
  with_selector = "nixos=21.05"
 }
 data "hcloud_floating_ip" "main_ip" {
  with_selector = "external=main"
 }
 resource "hcloud_network" "private_network" {
  name     = "private"
  ip_range = "10.0.0.0/16"
@ -73,9 +69,3 @@ resource "hcloud_server" "backend1" {
    hcloud_network_subnet.db_network_subnet
  ]
 }
 resource "hcloud_floating_ip_assignment" "main" {
  floating_ip_id = data.hcloud_floating_ip.main_ip.id
  server_id      = hcloud_server.backend1.id
 }
--- a/profiles/backend.nix
+++ b/profiles/backend.nix
@ -91,20 +91,8 @@
    };
  };
  networking.interfaces.eth1 = {
    useDHCP = true;
    ipv4 = {
      addresses = [
        {
          address = "95.216.177.3";
          prefixLength = 32;
        }
      ];
    };
  };
  networking.firewall.allowedTCPPorts = [ 80 443 64738 ];
  networking.firewall.allowedUDPPorts = [ 64738 ];
-  networking.firewall.interfaces."eth2".allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
+  networking.firewall.interfaces."eth1".allowedTCPPorts = [ config.services.prometheus.exporters.node.port ];
 }
--- a/profiles/db.nix
+++ b/profiles/db.nix
@ -8,7 +8,7 @@
    ../modules/monitoring-exporters.nix
  ];
-  networking.firewall.interfaces."eth2".allowedTCPPorts = [ config.services.prometheus.exporters.node.port config.services.postgresql.port ];
+  networking.firewall.interfaces."eth1".allowedTCPPorts = [ config.services.prometheus.exporters.node.port config.services.postgresql.port ];
  sops.secrets = {
    borgSshKey = {