Hetzner has changed it's API and removed the field `datacenter` from the
primary IPs in favor of `location`. This change reflex this and adjusts
the configuration accordingly. Note, that this change didn't require any
manual state changes. Instead I applied the former plan with the newest
provider once. Hence the provider already treated the fields correctly I
only had to adjust the configuration.
Chapeau Hetzner for this good transition!
See-also: 14da745f Update tofu-resources to their latest versions
Reference: https://docs.hetzner.cloud/changelog#2025-12-16-phasing-out-datacenters
After I removed the automatic IP addition to the firewalls for SSH and
Kubernetes I ran into a problem only a few days later. My ISP changed
my IPs and I was to stupid to realize that immediately. So, this change
reintroduces the automatic addition of my current IPs to the whitelists
for Kubernetes and SSH. Though, I adjusted the algorithm, so it will not
change every day or so, but instead really only when my ISP changes my
IPs.
The definition was split into multiple settings, that made it
unnecessary complicated to setup the definition for my kubernetes
cluster. This new approach allows for granular definitions of servers
and agents and is also simpler to use for me.
I liked the idea to have these IPs dynamically detected at runtime,
though some research showed that my current provider only renews these
every 180 days, nowadays. So, no need for such a hyper-dynamic solution.
Instead I use a variable now, which brings some other benefits, like
adding arbitrary IPs as well. This might become handy in cases of CI/CD.
This change makes it a bit easier for me to manage specific domains.
Note, that in the long-run these settings should _not_ belong to this
repository. Instead I'm going to maintain these in projects where the
domain is more meaningful.
Since I don't have multiple terraform steps anymore it simply doesn't
make sense to me anymore to split all tasks into separate folders.
Instead I try to be as clear as possible in the README to make it easy
to follow the structure in the future without too much headache.
This changes makes it easier to differentiate and understand the
different parts of the kubernetes setup. On one hand we have the bare
infrastructure (servers, network, etc), on the other hand we have the
software (k3s in this case).
In the future we'll have a few more parts, like the minimal
configuration of the kubernetes cluster, e.g. with a cert-manager. This
is easier to manage with helm or terraform than with ansible. Therefore
it makes even more sense to split the responsibilities into dedicated
directories.
This change makes all the settings configurable. The only part which
still lacks some flexibility is the location, though I really don't need
to run a k8s-cluster over multiple datacenters and regions! - At least
right now ;-)
