From 3ad719a4e7d2226f7a405b17991a1298e673599b Mon Sep 17 00:00:00 2001
From: Jake Howard <git@theorangeone.net>
Date: Thu, 3 Mar 2022 21:50:24 +0000
Subject: [PATCH] Init a k8s

May god have mercy on my ~soul~.

The firewall config may not be valid, due to node recycling, but here's hoping!
---
 terraform/the-ring.tf | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 terraform/the-ring.tf

diff --git a/terraform/the-ring.tf b/terraform/the-ring.tf
new file mode 100644
index 0000000..e3e4015
--- /dev/null
+++ b/terraform/the-ring.tf
@@ -0,0 +1,28 @@
+resource "linode_lke_cluster" "the-ring" {
+  label       = "the-ring"
+  k8s_version = "1.22"
+  region      = "eu-west"
+
+  pool {
+    type  = "g6-standard-1"
+    count = 1
+  }
+}
+
+resource "linode_firewall" "the-ring" {
+  label = "the-ring"
+  linodes = [
+    for node in linode_lke_cluster.the-ring.pool[0].nodes :
+    node.instance_id
+  ]
+  outbound_policy = "ACCEPT"
+  inbound_policy  = "DROP"
+
+  inbound {
+    label    = "allow-ping"
+    action   = "ACCEPT"
+    protocol = "ICMP"
+    ipv4     = ["0.0.0.0/0"]
+    ipv6     = ["::/0"]
+  }
+}