Merge pull request #35 from tahoe-lafs/29.comment-users

Better comment for the definition of the users

Author: btlogy

tf/core/users.tf

@@ -1,12 +1,12 @@
-# This file only list our user's email and public keys,
-# so those can be re-used elsewhere (e.g.: hcloud, gandi, ...)
+# This file is where we define all our users and their attributes (e.g.: email, keys, ...),
+# so those can be re-used with different providers (e.g.: aws, hcloud, gandi, ...)
 locals {
   users = {
     benoit = {
       email = "benoit@leastauthority.com",
       ssh_keys = [
         {
-          id  = "000619776016",
+          id  = "000619776016", # could be anything, but unique per user
           key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIZtWY7t8HVnaz6bluYsrAlzZC3MZtb8g0nO5L5fCQKR benoit@leastauthority.com",
         },
       ],
@@ -15,14 +15,17 @@ locals {
       email = "florian@leastauthority.com",
       ssh_keys = [
         {
-          id  = "000018054987",
+          id  = "000018054987", # could be anything, but unique per user
           key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlPneIaRT/mqu13N83ctEftub4O6zAfi6qgzZKerU5o florian@leastauthority.com",
         },
       ],
     },
   }
 
-  # Flatten all the ssh keys of each users
+  # In many cases, the ssh keys from all the users above will be authorized to access some ressources
+  # (e.g.: a new server). So we better collect all the ssh keys together in a local variable,
+  # and give them a unique name (e.g.: one username with multiple keys)
+  # 
   ssh_keys = flatten([
     for username, values in local.users : [
       for v in values.ssh_keys : {
@@ -33,7 +36,8 @@ locals {
   ])
 }
 
-# Manage ssh keys
+# Now we have all the ssh keys of all our users, we can deploy and manage them
+# so Hetzner can use to provision our resources (e.g.: new VPS)
 resource "hcloud_ssh_key" "ssh_keys" {
   for_each = {
     for key in local.ssh_keys : "tf-${key.name}" => key.public_key