Skip to content

Commit

Permalink
Make private hetzner network /24 instead of /16
Browse files Browse the repository at this point in the history 
It seems not possible (or at least easy) to connect other hosts to the
hetzner hosts via wireguard within 10.83.0.0/16 when the subnet
controlled by hetzner owns that whole range. Reducing it so that e.g.
10.83.1.0/24 can be a wireguard network
  • Loading branch information
@foodelevator
foodelevator committed Dec 19, 2024
1 parent efeeead commit 418dd02
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 21 deletions.
34 changes: 17 additions & 17 deletions .terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions main.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ terraform {
}
hcloud = {
source = "hetznercloud/hcloud"
version = "1.45.0"
version = "1.49.1"
}
nomad = {
source = "hashicorp/nomad"
Expand Down Expand Up @@ -77,13 +77,13 @@ data "cloudflare_zone" "datasektionen" {

resource "hcloud_network" "cluster" {
name = "nomad-cluster-network"
ip_range = "10.83.0.0/16"
ip_range = "10.83.0.0/24"
}

resource "hcloud_network_subnet" "cluster-main" {
network_id = hcloud_network.cluster.id
type = "cloud"
ip_range = "10.83.0.0/16"
ip_range = "10.83.0.0/24"
network_zone = "eu-central"
}

Expand Down
2 changes: 1 addition & 1 deletion modules/addresses.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,6 @@ in
];

# Must be kept in sync with `hcloud_network_subnet.cluster-main.ip_range` in tf
subnet = "10.83.0.0/16";
subnet = "10.83.0.0/24";
};
}

0 comments on commit 418dd02

Please sign in to comment.