readme upd

This commit is contained in:
Schamil Wackenhut 2021-01-19 09:24:36 +01:00
parent 62121e0b59
commit b7ef81288d
1 changed files with 5 additions and 6 deletions

View File

@ -43,6 +43,7 @@ To build and provision resources with Packer and Terraform, an API token is requ
This means that when you delete a load balancer, you will also lose the public IP you have been using for the services behind it.
You will probably not delete load balancers in the production environment, but for staging and testing environments, load balancers can be scaled up and down via the Hetzner Cloud web UI or their API/Terraform if you want to save some money.
There appear to be [plans]( to add support for load balancers with floating IPs.
**Certificates**: Certificates stored within the security service on Hetzner Cloud cannot be updated, only replaced.
Before a certificate can be deleted, it must be dereferenced from [services]( which were set up on load balancers.
For this creason, Certbot needs to be wrapped by a script which takes care of certificate replacement (see `infrastructure/modules/compute/`).
@ -148,17 +149,16 @@ $ make infra-destroy MODULE=compute
### Data
#### Ephemeral Data
- /opt/
- /etc/nixos
#### Persistent Data
- /mnt/data
### Setting Up a New Environment
The following sections assume the environment to be called 'production'.
#### Configure Environment in `config.json` and `secrets.json`
Set the environment name and desired NixOS image/snapshot ID in `config.json`.
Set the environment name and desired NixOS image/snapshot ID in `config.json`:
@ -175,7 +175,6 @@ Use your personal Gitlab deployment- and Hetzner Cloud tokens.
"gitlab_deploy_token_password": "",
"aws_access_key_id": "",
"aws_secret_access_key": "",
"gitlab_deploy_token_password": "",
"hcloud_token_testing": "",
"hcloud_token_production": "",
"vault_db_password_production": ""