feat: Add HA Kubernetes cluster with Terraform + Ansible

- 3x CX23 control plane nodes (HA)
- 4x CX33 worker nodes
- k3s with embedded etcd
- Hetzner CCM for load balancers
- Gitea CI/CD workflows
- Backblaze B2 for Terraform state

terraform/servers.tf

@@ -0,0 +1,60 @@
+data "hcloud_image" "ubuntu" {
+  name        = "ubuntu-24.04"
+  with_status = ["available"]
+}
+
+resource "hcloud_server" "control_plane" {
+  count = var.control_plane_count
+
+  name        = "${var.cluster_name}-cp-${count.index + 1}"
+  server_type = var.control_plane_type
+  image       = data.hcloud_image.ubuntu.id
+  location    = var.location
+  ssh_keys    = [hcloud_ssh_key.cluster.id]
+
+  labels = {
+    cluster = var.cluster_name
+    role    = "control-plane"
+  }
+
+  network {
+    network_id = hcloud_network.cluster.id
+    ip         = cidrhost(var.subnet_cidr, 10 + count.index)
+  }
+
+  public_net {
+    ipv4_enabled = true
+    ipv6_enabled = true
+  }
+
+  firewall_ids = [hcloud_firewall.cluster.id]
+}
+
+resource "hcloud_server" "workers" {
+  count = var.worker_count
+
+  name        = "${var.cluster_name}-worker-${count.index + 1}"
+  server_type = var.worker_type
+  image       = data.hcloud_image.ubuntu.id
+  location    = var.location
+  ssh_keys    = [hcloud_ssh_key.cluster.id]
+
+  labels = {
+    cluster = var.cluster_name
+    role    = "worker"
+  }
+
+  network {
+    network_id = hcloud_network.cluster.id
+    ip         = cidrhost(var.subnet_cidr, 20 + count.index)
+  }
+
+  public_net {
+    ipv4_enabled = true
+    ipv6_enabled = true
+  }
+
+  firewall_ids = [hcloud_firewall.cluster.id]
+
+  depends_on = [hcloud_server.control_plane]
+}