feat: removed lb, added managed cert

terraform/ingress.tf

@@ -1,21 +0,0 @@
-// Create load balancer for ingress.
-resource "hcloud_load_balancer" "lb" {
-  name               = "lb"
-  load_balancer_type = "lb11"
-  network_zone       = "eu-central"
-}
-
-# The Route53 DNS zone.
-data "aws_route53_zone" "main" {
-  name = local.domain
-}
-
-# Push all domain traffic through the reverse proxy.
-resource "aws_route53_record" "domain" {
-  for_each = toset(["*.${local.domain}", "${local.domain}"])
-  zone_id  = data.aws_route53_zone.main.zone_id
-  name     = each.value
-  type     = "A"
-  ttl      = "60"
-  records  = [hcloud_load_balancer.lb.ipv4]
-}

terraform/network.tf

@@ -26,3 +26,9 @@ resource "hcloud_network_route" "gateway" {
   destination = "0.0.0.0/0"
   gateway     = local.nat-private-ip
 }
+
+// A managed certificate for the domain, to be used by the load balancer.
+resource "hcloud_managed_certificate" "managed_cert" {
+  name         = "managed_cert"
+  domain_names = ["*.${local.domain}", "${local.domain}"]
+}

terraform/providers.tf

@@ -16,10 +16,3 @@ terraform {
 provider "hcloud" {
   token = var.hcloud_token
 }
-
-provider "aws" {
-  region     = var.aws_region
-  access_key = var.aws_access_key
-  secret_key = var.aws_secret_key
-}
-

terraform/variables.tf

@@ -22,21 +22,3 @@ variable "hcloud_token" {
   type      = string
   sensitive = true
 }
-
-variable "aws_region" {
-  description = "The region of the AWS account."
-  type        = string
-  sensitive   = true
-}
-
-variable "aws_access_key" {
-  description = "The access key of the account."
-  type        = string
-  sensitive   = true
-}
-
-variable "aws_secret_key" {
-  description = "The secret key of the account."
-  type        = string
-  sensitive   = true
-}