9f7aa97f4e
- Escape $uri/$host in heredocs so nginx sees them, not bash - Rename heredoc markers (NGINXEOF, PROXYEOF, SVCEOF) to avoid conflicts - Add contact-api nginx snippet WITHOUT proxy_set_header Origin (CORS fix) - Fix contact-api clone URL to Forgejo - Simplify .env template |
||
|---|---|---|
| .. | ||
| .gitignore | ||
| .terraform.lock.hcl | ||
| cloud-init.yaml.tpl | ||
| main.tf | ||
| README.md | ||
| terraform.tfvars.example | ||
| variables.tf | ||
KrustyPlanet Terraform
Terraform configuration for the KrustyPlanet VPS on Hetzner Cloud.
What's Managed
- Hetzner server (CPX22, Ubuntu 24.04)
- Floating IP (87.99.133.81)
- Firewall rules (80, 443, 22)
- Persistent volume (40GB)
- nginx reverse proxy
- contact-api (Node.js email backend)
- SSL certificates (Let's Encrypt)
Usage
# Initialize
terraform init
# Validate
terraform validate
# Plan
terraform plan
# Apply
terraform apply
Variables
See variables.tf for all configurable variables.
Sensitive variables are stored in terraform.tfvars.
Files
main.tf— Main Terraform configurationvariables.tf— Variable definitionsprovider.tf— Provider configurationterraform.tfvars— Sensitive variable values (gitignored)cloud-init.yaml.tpl— Server bootstrap scriptnginx.conf.tpl— nginx configuration templatecontact-api.conf.tpl— contact-api proxy configurationcontact-api.service.tpl— contact-api systemd service
Notes
- Do NOT run
terraform applyunless you want to recreate the server - Existing VPS configuration is preserved; this Terraform config will be used for future provisioning
- SSL certificates are provisioned via Let's Encrypt
- The floating IP is attached to the server and will survive rebuilds