diff --git a/docs/terraform.md b/docs/terraform.md
index a58b07e9..f657c2f3 100644
--- a/docs/terraform.md
+++ b/docs/terraform.md
@@ -92,13 +92,13 @@
| [additional\_k3s\_environment](#input\_additional\_k3s\_environment) | Additional environment variables for the k3s binary. See for example https://docs.k3s.io/advanced#configuring-an-http-proxy . | `map(any)` | `{}` | no |
| [additional\_tls\_sans](#input\_additional\_tls\_sans) | Additional TLS SANs to allow connection to control-plane through it. | `list(string)` | `[]` | no |
| [address\_for\_connectivity\_test](#input\_address\_for\_connectivity\_test) | Before installing k3s, we actually verify that there is internet connectivity. By default we ping 1.1.1.1, but if you use a proxy, you may simply want to ping that proxy instead (assuming that the proxy has its own checks for internet connectivity). | `string` | `"1.1.1.1"` | no |
-| [agent\_nodepools](#input\_agent\_nodepools) | Number of agent nodes. | list(object({
name = string
server_type = string
location = string
backups = optional(bool)
floating_ip = optional(bool)
labels = list(string)
taints = list(string)
longhorn_volume_size = optional(number)
swap_size = optional(string, "")
zram_size = optional(string, "")
kubelet_args = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
selinux = optional(bool, true)
placement_group_compat_idx = optional(number, 0)
placement_group = optional(string, null)
count = optional(number, null)
nodes = optional(map(object({
server_type = optional(string)
location = optional(string)
backups = optional(bool)
floating_ip = optional(bool)
labels = optional(list(string))
taints = optional(list(string))
longhorn_volume_size = optional(number)
swap_size = optional(string, "")
zram_size = optional(string, "")
kubelet_args = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
selinux = optional(bool, true)
placement_group_compat_idx = optional(number, 0)
placement_group = optional(string, null)
append_index_to_node_name = optional(bool, true)
})))
})) | `[]` | no |
+| [agent\_nodepools](#input\_agent\_nodepools) | Number of agent nodes. | list(object({
name = string
server_type = string
location = string
backups = optional(bool)
floating_ip = optional(bool)
labels = list(string)
taints = list(string)
longhorn_volume_size = optional(number)
swap_size = optional(string, "")
zram_size = optional(string, "")
kubelet_args = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
selinux = optional(bool, true)
placement_group_compat_idx = optional(number, 0)
placement_group = optional(string, null)
count = optional(number, null)
nodes = optional(map(object({
server_type = optional(string)
location = optional(string)
backups = optional(bool)
floating_ip = optional(bool)
labels = optional(list(string))
taints = optional(list(string))
longhorn_volume_size = optional(number)
swap_size = optional(string, "")
zram_size = optional(string, "")
kubelet_args = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
selinux = optional(bool, true)
placement_group_compat_idx = optional(number, 0)
placement_group = optional(string, null)
append_index_to_node_name = optional(bool, true)
})))
})) | `[]` | no |
| [agent\_nodes\_custom\_config](#input\_agent\_nodes\_custom\_config) | Custom agent nodes configuration. | `any` | `{}` | no |
| [allow\_scheduling\_on\_control\_plane](#input\_allow\_scheduling\_on\_control\_plane) | Whether to allow non-control-plane workloads to run on the control-plane nodes. | `bool` | `false` | no |
| [automatically\_upgrade\_k3s](#input\_automatically\_upgrade\_k3s) | Whether to automatically upgrade k3s based on the selected channel. | `bool` | `true` | no |
| [automatically\_upgrade\_os](#input\_automatically\_upgrade\_os) | Whether to enable or disable automatic os updates. Defaults to true. Should be disabled for single-node clusters | `bool` | `true` | no |
| [autoscaler\_labels](#input\_autoscaler\_labels) | Labels for nodes created by the Cluster Autoscaler. | `list(string)` | `[]` | no |
-| [autoscaler\_nodepools](#input\_autoscaler\_nodepools) | Cluster autoscaler nodepools. | list(object({
name = string
server_type = string
location = string
min_nodes = number
max_nodes = number
labels = optional(map(string), {})
kubelet_args = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
taints = optional(list(object({
key = string
value = string
effect = string
})), [])
})) | `[]` | no |
+| [autoscaler\_nodepools](#input\_autoscaler\_nodepools) | Cluster autoscaler nodepools. | list(object({
name = string
server_type = string
location = string
min_nodes = number
max_nodes = number
labels = optional(map(string), {})
kubelet_args = optional(list(string), ["kube-reserved=cpu=50m,memory=300Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
taints = optional(list(object({
key = string
value = string
effect = string
})), [])
})) | `[]` | no |
| [autoscaler\_taints](#input\_autoscaler\_taints) | Taints for nodes created by the Cluster Autoscaler. | `list(string)` | `[]` | no |
| [base\_domain](#input\_base\_domain) | Base domain of the cluster, used for reserve dns. | `string` | `""` | no |
| [block\_icmp\_ping\_in](#input\_block\_icmp\_ping\_in) | Block entering ICMP ping. | `bool` | `false` | no |
@@ -127,7 +127,7 @@
| [cni\_plugin](#input\_cni\_plugin) | CNI plugin for k3s. | `string` | `"flannel"` | no |
| [control\_plane\_lb\_enable\_public\_interface](#input\_control\_plane\_lb\_enable\_public\_interface) | Enable or disable public interface for the control plane load balancer . Defaults to true. | `bool` | `true` | no |
| [control\_plane\_lb\_type](#input\_control\_plane\_lb\_type) | The type of load balancer to use for the control plane load balancer. Defaults to lb11, which is the cheapest one. | `string` | `"lb11"` | no |
-| [control\_plane\_nodepools](#input\_control\_plane\_nodepools) | Number of control plane nodes. | list(object({
name = string
server_type = string
location = string
backups = optional(bool)
labels = list(string)
taints = list(string)
count = number
swap_size = optional(string, "")
zram_size = optional(string, "")
kubelet_args = optional(list(string), ["kube-reserved=cpu=250m,memory=1500Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
selinux = optional(bool, true)
placement_group_compat_idx = optional(number, 0)
placement_group = optional(string, null)
})) | `[]` | no |
+| [control\_plane\_nodepools](#input\_control\_plane\_nodepools) | Number of control plane nodes. | list(object({
name = string
server_type = string
location = string
backups = optional(bool)
labels = list(string)
taints = list(string)
count = number
swap_size = optional(string, "")
zram_size = optional(string, "")
kubelet_args = optional(list(string), ["kube-reserved=cpu=250m,memory=1500Mi,ephemeral-storage=1Gi", "system-reserved=cpu=250m,memory=300Mi"])
selinux = optional(bool, true)
placement_group_compat_idx = optional(number, 0)
placement_group = optional(string, null)
})) | `[]` | no |
| [control\_planes\_custom\_config](#input\_control\_planes\_custom\_config) | Custom control plane configuration e.g to allow etcd monitoring. | `any` | `{}` | no |
| [create\_kubeconfig](#input\_create\_kubeconfig) | Create the kubeconfig as a local file resource. Should be disabled for automatic runs. | `bool` | `true` | no |
| [create\_kustomization](#input\_create\_kustomization) | Create the kustomization backup as a local file resource. Should be disabled for automatic runs. | `bool` | `true` | no |
@@ -138,10 +138,10 @@
| [disable\_kube\_proxy](#input\_disable\_kube\_proxy) | Disable kube-proxy in K3s (default false). | `bool` | `false` | no |
| [disable\_network\_policy](#input\_disable\_network\_policy) | Disable k3s default network policy controller (default false, automatically true for calico and cilium). | `bool` | `false` | no |
| [disable\_selinux](#input\_disable\_selinux) | Disable SELinux on all nodes. | `bool` | `false` | no |
-| [dns\_servers](#input\_dns\_servers) | IP Addresses to use for the DNS Servers, set to an empty list to use the ones provided by Hetzner. The length is limited to 3 entries, more entries is not supported by kubernetes | `list(string)` | [
"185.12.64.1",
"185.12.64.2",
"2a01:4ff:ff00::add:1"
]
| no |
+| [dns\_servers](#input\_dns\_servers) | IP Addresses to use for the DNS Servers, set to an empty list to use the ones provided by Hetzner. The length is limited to 3 entries, more entries is not supported by kubernetes | `list(string)` | [
"185.12.64.1",
"185.12.64.2",
"2a01:4ff:ff00::add:1"
]
| no |
| [enable\_cert\_manager](#input\_enable\_cert\_manager) | Enable cert manager. | `bool` | `true` | no |
| [enable\_csi\_driver\_smb](#input\_enable\_csi\_driver\_smb) | Whether or not to enable csi-driver-smb. | `bool` | `false` | no |
-| [enable\_delete\_protection](#input\_enable\_delete\_protection) | Enable or disable delete protection for resources in Hetzner Cloud. | object({
floating_ip = optional(bool, false)
load_balancer = optional(bool, false)
volume = optional(bool, false)
}) | {
"floating_ip": false,
"load_balancer": false,
"volume": false
} | no |
+| [enable\_delete\_protection](#input\_enable\_delete\_protection) | Enable or disable delete protection for resources in Hetzner Cloud. | object({
floating_ip = optional(bool, false)
load_balancer = optional(bool, false)
volume = optional(bool, false)
}) | {
"floating_ip": false,
"load_balancer": false,
"volume": false
} | no |
| [enable\_iscsid](#input\_enable\_iscsid) | This is always true when enable\_longhorn=true, however, you may also want this enabled if you perform your own installation of longhorn after this module runs. | `bool` | `false` | no |
| [enable\_klipper\_metal\_lb](#input\_enable\_klipper\_metal\_lb) | Use klipper load balancer. | `bool` | `false` | no |
| [enable\_local\_storage](#input\_enable\_local\_storage) | Whether to enable or disable k3s local-storage. | `bool` | `false` | no |
@@ -155,8 +155,8 @@
| [extra\_firewall\_rules](#input\_extra\_firewall\_rules) | Additional firewall rules to apply to the cluster. | `list(any)` | `[]` | no |
| [extra\_kustomize\_deployment\_commands](#input\_extra\_kustomize\_deployment\_commands) | Commands to be executed after the `kubectl apply -k ` step. | `string` | `""` | no |
| [extra\_kustomize\_parameters](#input\_extra\_kustomize\_parameters) | All values will be passed to the `kustomization.tmp.yml` template. | `map(any)` | `{}` | no |
-| [firewall\_kube\_api\_source](#input\_firewall\_kube\_api\_source) | Source networks that have Kube API access to the servers. | `list(string)` | [
"0.0.0.0/0",
"::/0"
]
| no |
-| [firewall\_ssh\_source](#input\_firewall\_ssh\_source) | Source networks that have SSH access to the servers. | `list(string)` | [
"0.0.0.0/0",
"::/0"
]
| no |
+| [firewall\_kube\_api\_source](#input\_firewall\_kube\_api\_source) | Source networks that have Kube API access to the servers. | `list(string)` | [
"0.0.0.0/0",
"::/0"
]
| no |
+| [firewall\_ssh\_source](#input\_firewall\_ssh\_source) | Source networks that have SSH access to the servers. | `list(string)` | [
"0.0.0.0/0",
"::/0"
]
| no |
| [haproxy\_additional\_proxy\_protocol\_ips](#input\_haproxy\_additional\_proxy\_protocol\_ips) | Additional trusted proxy protocol IPs to pass to haproxy. | `list(string)` | `[]` | no |
| [haproxy\_requests\_cpu](#input\_haproxy\_requests\_cpu) | Setting for HAProxy controller.resources.requests.cpu | `string` | `"250m"` | no |
| [haproxy\_requests\_memory](#input\_haproxy\_requests\_memory) | Setting for HAProxy controller.resources.requests.memory | `string` | `"400Mi"` | no |
@@ -228,7 +228,7 @@
| [system\_upgrade\_enable\_eviction](#input\_system\_upgrade\_enable\_eviction) | Whether to directly delete pods during system upgrade (k3s) or evict them. Defaults to true. Disable this on small clusters to avoid system upgrades hanging since pods resisting eviction keep node unschedulable forever. NOTE: turning this off, introduces potential downtime of services of the upgraded nodes. | `bool` | `true` | no |
| [system\_upgrade\_use\_drain](#input\_system\_upgrade\_use\_drain) | Wether using drain (true, the default), which will deletes and transfers all pods to other nodes before a node is being upgraded, or cordon (false), which just prevents schedulung new pods on the node during upgrade and keeps all pods running | `bool` | `true` | no |
| [traefik\_additional\_options](#input\_traefik\_additional\_options) | Additional options to pass to Traefik as a list of strings. These are the ones that go into the additionalArguments section of the Traefik helm values file. | `list(string)` | `[]` | no |
-| [traefik\_additional\_ports](#input\_traefik\_additional\_ports) | Additional ports to pass to Traefik. These are the ones that go into the ports section of the Traefik helm values file. | list(object({
name = string
port = number
exposedPort = number
})) | `[]` | no |
+| [traefik\_additional\_ports](#input\_traefik\_additional\_ports) | Additional ports to pass to Traefik. These are the ones that go into the ports section of the Traefik helm values file. | list(object({
name = string
port = number
exposedPort = number
})) | `[]` | no |
| [traefik\_additional\_trusted\_ips](#input\_traefik\_additional\_trusted\_ips) | Additional Trusted IPs to pass to Traefik. These are the ones that go into the trustedIPs section of the Traefik helm values file. | `list(string)` | `[]` | no |
| [traefik\_autoscaling](#input\_traefik\_autoscaling) | Should traefik enable Horizontal Pod Autoscaler. | `bool` | `true` | no |
| [traefik\_image\_tag](#input\_traefik\_image\_tag) | Traefik image tag. Useful to use the beta version for new features. Example: v3.0.0-beta5 | `string` | `""` | no |