{"id":24147474,"url":"https://github.com/masterbpro/mbrc","last_synced_at":"2025-09-19T15:32:32.554Z","repository":{"id":225671483,"uuid":"760694156","full_name":"masterbpro/mbrc","owner":"masterbpro","description":"This project leverages Terraform to automate the deployment of a Kubernetes cluster in HA mode on the Hetzner using the Talos OS ","archived":false,"fork":false,"pushed_at":"2025-01-03T14:18:36.000Z","size":178,"stargazers_count":35,"open_issues_count":2,"forks_count":3,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-01-03T15:28:30.419Z","etag":null,"topics":["hetzner","hetzner-cloud","k8s","talos","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/masterbpro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-02-20T19:05:15.000Z","updated_at":"2025-01-03T14:18:41.000Z","dependencies_parsed_at":"2024-04-02T20:48:40.966Z","dependency_job_id":"495bfa78-ae33-4320-abcd-819b9cec5efa","html_url":"https://github.com/masterbpro/mbrc","commit_stats":null,"previous_names":["masterbpro/mbrc"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterbpro%2Fmbrc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterbpro%2Fmbrc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterbpro%2Fmbrc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/masterbpro%2Fmbrc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/masterbpro","download_url":"https://codeload.github.com/masterbpro/mbrc/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":233575086,"owners_count":18696539,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hetzner","hetzner-cloud","k8s","talos","terraform"],"created_at":"2025-01-12T07:14:57.445Z","updated_at":"2025-09-19T15:32:32.542Z","avatar_url":"https://github.com/masterbpro.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# mbrc\n\n![terraform](https://img.shields.io/badge/Hetzner-D50C2D?style=for-the-badge\u0026logo=hetzner\u0026logoColor=white)\n![k8s](https://img.shields.io/badge/kubernetes%20-%23326ce5.svg?\u0026style=for-the-badge\u0026logo=kubernetes\u0026logoColor=white)\n![terraform](https://img.shields.io/badge/terraform%20-%235835CC.svg?\u0026style=for-the-badge\u0026logo=terraform\u0026logoColor=white)\n![helm](https://img.shields.io/badge/Helm-0F1689?style=for-the-badge\u0026logo=Helm\u0026labelColor=0F1689)\n![cloudflare](https://img.shields.io/badge/Cloudflare-F38020?style=for-the-badge\u0026logo=Cloudflare\u0026logoColor=white)\n\nThis repository enable easy deployment of Kubernetes clusters on Hetzner Cloud using Talos OS and Terraform. Benefit\nfrom\nscalable, and automated setup, leveraging infrastructure as core principles for efficient management. Simplify\nKubernetes deployment and focus on your applications with confidence.\n\n### Terminology\n\n| Terminology | Meaning                |\n| ----------- | ---------------------- |\n| CPN         | Control Plane Node     |\n| WKN         | Worker Kubernetes Node |\n\n### 0. Install tools\n\n```shell\nbrew install age\nbrew install terraform\ncurl -sL https://talos.dev/install | sh\nbrew install kubectl\n```\n\n### 1. Prepare environments variables\n\n```shell\n# you need change values before execute command\ncat \u003c\u003c EOF \u003e terraform/terraform.tfvars\nhcloud_token = \"YOUR_TOKEN_FROM_HETZNER\"\nhcloud_image = 1234567890\nwkn_count    = 0\nEOF\n```\n\n### 2. Create private and public key for SOPS\n\n```shell\nage-keygen -o age.agekey \u0026\u0026\nage_pubkey=$(awk '/^# public key:/{print $NF}' age.agekey) \u0026\u0026\necho \"\ncreation_rules:\n  - path_regex: .*.ya?ml\n    encrypted_regex: ^(data|stringData)$\n    age: $age_pubkey\" \u003e .sops.yaml\n```\n\nNext, you'll need to include `.sops.yaml` in your repository. This step is crucial to allow other project contributors\nto encrypt their secrets using the public key. Remember, keep the `age.agekey` private key secure.\n\n### 3. Create k8s cluster\n\nBefore enter command below you need prepare Talos snapshot in Hetzner Cloud. For this, you can use\nofficial [instruction](https://www.talos.dev/v1.9/talos-guides/install/cloud-platforms/hetzner/#rescue-mode).\nYour snapshot of talos image will be specified as the value of variable \"hcloud_image\" \n\n\u003cdetails\u003e\n\u003csummary\u003eCreate Talos OS snapshot\u003c/summary\u003e\n\nPrerequisites:\n- Create x86 instance with any linux distro\n- Enable \"Rescue\" mode from hetzner (Go to the instance, then move to \"Rescue\" tab)\n- Manually reboot the instance (only once)\n- On the connection via ssh, you can see the instance is booted in rescue mode\n- Execute commands below\n\n```shell\n# fulfill the prerequisites, then run:\ncd /tmp\nwget -O /tmp/talos.raw.xz https://factory.talos.dev/image/1c924f0d41b37542e63612149946f0a62094ea88e1e0e3ae93a15246625e6775/v1.9.3/hcloud-amd64.raw.xz\nxz -d -c /tmp/talos.raw.xz | dd of=/dev/sda \u0026\u0026 sync\nshutdown -h now\n```\n\n\u003c/details\u003e\n\n```shell\nterraform init\nterraform apply\n```\n\n### 4. Save kubeconfig \u0026 talosconfig to local machine\n\n```bash\n# Warning! This command remove yours old configurations (if their exists)\n\nterraform output -raw talosconfig \u003e ~/.talos/config\nterraform output -raw kubeconfig \u003e ~/.kube/config\n```\n\n### 5. Done 🎉\n\n```shell\n# you can check cluster status via `kubectl get nodes`.\n# Output will be something like this:\n\n(base) user@host terraform % kubectl get nodes\nNAME     STATUS   ROLES           AGE   VERSION\ncpn-00   Ready    control-plane   25m   v1.28.1\ncpn-01   Ready    control-plane   25m   v1.28.1\ncpn-02   Ready    control-plane   25m   v1.28.1\n```\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eSOPS Example\u003c/summary\u003e\n\n```yaml\n# db-auth.yaml\napiVersion: v1\nkind: Secret\nmetadata:\n  name: db-auth\n  namespace: default\ntype: Opaque\ndata:\n  DB_NAME: cG9zdGdyZXM=\n  DB_HOST: MTI3LjAuMC4x\n  DB_PORT: NTQzMg==\n  DB_USERNAME: cG9zdGdyZXM=\n  DB_PASSWORD: c3VwZXJTZWNyZXRQYXNzb3dyZA==\n```\n\n```shell\n# You can encrypt any files by using the .sops.yaml file.\nsops -e -i db-auth.yaml\n\n# You can decrypt it only if you have the age.agekey file.\nexport SOPS_AGE_KEY_FILE=age.agekey\nsops -i -d db-auth.yaml.yaml\n```\n\n\u003c/details\u003e\n\n\u003cdetails\u003e\n\u003csummary\u003eFluxCD Example\u003c/summary\u003e\n\n```shell\n\nexport GITHUB_TOKEN=ghp-xyz\nflux bootstrap github --owner=ownerName --repository=mbrc --path=kubernetes/flux\n```\n\n```shell\nexport GITLAB_TOKEN=glpat-xyz\nflux bootstrap gitlab --owner=groupName --repository=mbrc --path=kubernetes/flux\n```\n\n\u003c/details\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmasterbpro%2Fmbrc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmasterbpro%2Fmbrc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmasterbpro%2Fmbrc/lists"}