Usage
To prevent accidental data deletion it has proven useful to put the storage devices for the database (data and backup) into a separate terraform module. This also makes it easier to re-provision the instance without risking deleting valuable data.
The examples below embrace this pattern, so each example has two different modules:
/storagecontains allhcloud_volumeresources for the databasesinstancecontains the database instance itself, the storage id is retrieved using thehcloud_volumedata lookup
S3 Backed Backup
Below a minimal example of a PostgreSQL database using S3 as backup storage backend. The full example can be downloaded from the latest release.
instance/main.tf
data "aws_s3_bucket" "backup" {
bucket = "test-rds-postgresql-backup"
}
data "hcloud_volume" "data" {
name = "rds-postgresql-data"
}
resource "tls_private_key" "ssh_key" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "hcloud_ssh_key" "ssh_key" {
name = "rds-postgresql"
public_key = tls_private_key.ssh_key.public_key_openssh
}
module "rds-postgresql" {
source = "pellepelster/solidblocks-rds-postgresql/hcloud"
version = "0.2.5"
name = "rds-postgresql"
location = var.hetzner_location
ssh_keys = [hcloud_ssh_key.ssh_key.id]
data_volume = data.hcloud_volume.data.id
backup_s3_bucket = data.aws_s3_bucket.backup.id
backup_s3_access_key = var.backup_s3_access_key
backup_s3_secret_key = var.backup_s3_secret_key
databases = [
{ id : "database1", user : "user1", password : "password1" }
]
}
Local attached storage Backup
Below a minimal example of a PostgreSQL database using a local volume backup storage backend. . The full example can be downloaded from the latest release.
instance/main.tf
resource "tls_private_key" "ssh_key" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "hcloud_ssh_key" "ssh_key" {
name = "rds-postgresql"
public_key = tls_private_key.ssh_key.public_key_openssh
}
data "hcloud_volume" "data" {
name = "rds-postgresql-data"
}
data "hcloud_volume" "backup" {
name = "rds-postgresql-backup"
}
module "rds-postgresql" {
source = "pellepelster/solidblocks-rds-postgresql/hcloud"
version = "0.2.5"
name = "rds-postgresql"
location = var.hetzner_location
ssh_keys = [hcloud_ssh_key.ssh_key.id]
backup_volume = data.hcloud_volume.backup.id
data_volume = data.hcloud_volume.data.id
databases = [
{ id : "database1", user : "user1", password : "password1" }
]
}
Private Networking Only
This example places the database instance in a private so that it is not reachable from the internet.
resource "tls_private_key" "ssh_key" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "hcloud_ssh_key" "ssh_key" {
name = "rds-postgresql"
public_key = tls_private_key.ssh_key.public_key_openssh
}
data "hcloud_volume" "data" {
name = "rds-postgresql-data"
}
data "hcloud_volume" "backup" {
name = "rds-postgresql-backup"
}
resource "hcloud_network" "network" {
ip_range = "10.0.0.0/16"
name = "network"
}
resource "hcloud_network_subnet" "subnet" {
ip_range = "10.0.1.0/24"
network_id = hcloud_network.network.id
network_zone = "eu-central"
type = "cloud"
}
module "rds-postgresql" {
source = "pellepelster/solidblocks-rds-postgresql/hcloud"
version = "0.2.5"
name = "rds-postgresql"
location = var.hetzner_location
ssh_keys = [hcloud_ssh_key.ssh_key.id]
backup_volume = data.hcloud_volume.backup.id
data_volume = data.hcloud_volume.data.id
public_net_ipv4_enabled = false
public_net_ipv6_enabled = false
network_id = hcloud_network.network.id
network_ip = "10.0.1.5"
databases = [
{ id : "database1", user : "user1", password : "password1" }
]
}