working and a bit modular
This commit is contained in:
jdn
86
.gitignore
vendored
Normal file
86
.gitignore
vendored
Normal file
@@ -0,0 +1,86 @@
|
||||
####################
|
||||
# ---> Terraform
|
||||
# Local .terraform directories
|
||||
**/.terraform/*
|
||||
|
||||
# .tfstate files
|
||||
*.tfstate
|
||||
*.tfstate.*
|
||||
|
||||
# Crash log files
|
||||
crash.log
|
||||
crash.*.log
|
||||
|
||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# to change depending on the environment.
|
||||
*.tfvars
|
||||
*.tfvars.json
|
||||
|
||||
# Ignore override files as they are usually used to override resources locally and so
|
||||
# are not checked in
|
||||
override.tf
|
||||
override.tf.json
|
||||
*_override.tf
|
||||
*_override.tf.json
|
||||
|
||||
# Ignore transient lock info files created by terraform apply
|
||||
.terraform.tfstate.lock.info
|
||||
|
||||
# Include override files you do wish to add to version control using negated pattern
|
||||
# !example_override.tf
|
||||
|
||||
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
|
||||
# example: *tfplan*
|
||||
|
||||
# Ignore CLI configuration files
|
||||
.terraformrc
|
||||
terraform.rc
|
||||
|
||||
# ---> OpenTofu
|
||||
# Local .terraform directories
|
||||
**/.terraform/*
|
||||
|
||||
# .tfstate files
|
||||
*.tfstate
|
||||
*.tfstate.*
|
||||
|
||||
# Crash log files
|
||||
crash.log
|
||||
crash.*.log
|
||||
|
||||
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
|
||||
# password, private keys, and other secrets. These should not be part of version
|
||||
# control as they are data points which are potentially sensitive and subject
|
||||
# to change depending on the environment.
|
||||
*.tfvars
|
||||
*.tfvars.json
|
||||
|
||||
# Ignore override files as they are usually used to override resources locally and so
|
||||
# are not checked in
|
||||
override.tf
|
||||
override.tofu
|
||||
override.tf.json
|
||||
override.tofu.json
|
||||
*_override.tf
|
||||
*_override.tofu
|
||||
*_override.tf.json
|
||||
*_override.tofu.json
|
||||
|
||||
# Ignore transient lock info files created by tofu apply
|
||||
.terraform.tfstate.lock.info
|
||||
|
||||
# Include override files you do wish to add to version control using negated pattern
|
||||
# !example_override.tf
|
||||
# !example_override.tofu
|
||||
|
||||
# Include tfplan files to ignore the plan output of command: tofu plan -out=tfplan
|
||||
# example: *tfplan*
|
||||
|
||||
# Ignore CLI configuration files
|
||||
.terraformrc
|
||||
terraform.rc
|
||||
|
||||
# ---> Ansible
|
||||
*.retry
|
||||
25
tf_code/.terraform.lock.hcl
generated
Normal file
25
tf_code/.terraform.lock.hcl
generated
Normal file
@@ -0,0 +1,25 @@
|
||||
# This file is maintained automatically by "tofu init".
|
||||
# Manual edits may be lost in future updates.
|
||||
|
||||
provider "registry.opentofu.org/bpg/proxmox" {
|
||||
version = "0.73.1"
|
||||
constraints = "0.73.1"
|
||||
hashes = [
|
||||
"h1:mJqYDYee5WnL6Nejrzk4xRWB5ozbgLtGIDBagldpoj8=",
|
||||
"zh:094ee6bcd664890918e30ff602d9042a94d6c9e7e687ecd76ccaf39f6019d32f",
|
||||
"zh:09fd81a2088e280a4947ce7aa6de97612129befccedcbe12ba74ffb8f77c547b",
|
||||
"zh:488c284e1aed1ef9ed6587956b84ad96433cbecb6c373998a594febac206df5f",
|
||||
"zh:52668ff9af14662f06fc0bdaeb633fe76d6c4bfbe0024b447d32ca3424b2c136",
|
||||
"zh:548e7889b0d32d11a4c18aa4c5444291086010eef62d952f84740669788d8bc8",
|
||||
"zh:5fcaf8ea3e2f0657947394993a5e1f41f4e21f0676a408624c9fc44489e5d59f",
|
||||
"zh:67949764ca14d110aa94ea92d54e9e337f382932454e28d0ded389bd65d8d0fd",
|
||||
"zh:7d8263ecdd98f558e88afa95628b3c4e0b8480aa77b470bbc5695fd8e5206109",
|
||||
"zh:95d9615af70eb73eeb0f1d895baf8c8d9f9c71e7f40143dcb0bf1aa4c792fde4",
|
||||
"zh:af8c3d8289cfd02ba7e2fcf73e325d7950cba113775139b3123d2cdd806c3cdd",
|
||||
"zh:ba5b81aeab7a9e84bcbffea4b372252088add1ad6af0a34f0702c0fc0abdf04b",
|
||||
"zh:d94842ce37447c2cf8981ad602ab4d2f410ee5e724a78611472c87f791f4458d",
|
||||
"zh:da2d5adc66d7b305ca114ceeecf5133f32211640c9870c4b5e7c7782982a40e3",
|
||||
"zh:f26e0763dbe6a6b2195c94b44696f2110f7f55433dc142839be16b9697fa5597",
|
||||
"zh:fb762b9c687fb143116bda5f8a29ca8d61d65a2fcf1bed772828d1b3ff91db5e",
|
||||
]
|
||||
}
|
||||
5
tf_code/conteneurs.auto.tfvars
Normal file
5
tf_code/conteneurs.auto.tfvars
Normal file
@@ -0,0 +1,5 @@
|
||||
unciel_eu = {
|
||||
"ct01" = { vm_id = 1, memory = 256, tags = ["lxc01", "ram256"], mount_points = { "/tmp" = {}, "/zfs-usb" = { volume = "ZFS-USB" } } }
|
||||
"ct02" = { vm_id = 2, memory = 128, tags = ["lxc02", "ram128"], mount_points = { "/tmp" = {} } }
|
||||
}
|
||||
|
||||
18
tf_code/main.tf
Normal file
18
tf_code/main.tf
Normal file
@@ -0,0 +1,18 @@
|
||||
terraform {
|
||||
required_providers {
|
||||
proxmox = {
|
||||
source = "bpg/proxmox"
|
||||
version = "0.73.1"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
provider "proxmox" {
|
||||
# Configuration options
|
||||
endpoint = var.PROXMOX_VE_ENDPOINT
|
||||
api_token = var.PROXMOX_VE_API_TOKEN
|
||||
}
|
||||
|
||||
output "unciel_eu_value" {
|
||||
value = {for k,v in var.unciel_eu: k => v...}
|
||||
}
|
||||
58
tf_code/provisionning.tf
Normal file
58
tf_code/provisionning.tf
Normal file
@@ -0,0 +1,58 @@
|
||||
resource "proxmox_virtual_environment_container" "container" {
|
||||
|
||||
for_each = var.unciel_eu
|
||||
|
||||
console {
|
||||
enabled = true
|
||||
type = "shell"
|
||||
}
|
||||
disk {
|
||||
datastore_id = "local-lvm"
|
||||
size = 4
|
||||
}
|
||||
initialization {
|
||||
hostname = each.key
|
||||
ip_config {
|
||||
ipv4 {
|
||||
address = "dhcp"
|
||||
}
|
||||
}
|
||||
user_account {
|
||||
keys = ["ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBACQkZ+kKXD4f/wSySiQMVEG9PwX0CBdPry8x3ilv35sjf81awhVaErcTJm+ZGTZ0ucunVjLlXKEf442d0HvNGkrMwB2ci+OCPQgyjKtN0KoItPFuRBEwo/V6PDjY6KOjUmw93ekOove3lp7LRn1bShmyya7blxZHJP0cIP4m4IDzvuzsA=="]
|
||||
}
|
||||
}
|
||||
memory {
|
||||
dedicated = each.value["memory"]
|
||||
swap = each.value["memory"]
|
||||
}
|
||||
|
||||
dynamic "mount_point" {
|
||||
for_each = each.value["mount_points"]
|
||||
content {
|
||||
path = each.key
|
||||
size = mount_point.value["size"]
|
||||
volume = mount_point.value["volume"]
|
||||
backup = true
|
||||
}
|
||||
}
|
||||
|
||||
network_interface {
|
||||
name = "eth0"
|
||||
}
|
||||
|
||||
node_name = "pxmx"
|
||||
|
||||
operating_system {
|
||||
template_file_id = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst"
|
||||
}
|
||||
|
||||
started = true
|
||||
|
||||
start_on_boot = true
|
||||
|
||||
tags = each.value.tags
|
||||
|
||||
unprivileged = true
|
||||
|
||||
vm_id = each.value.vm_id + 1000
|
||||
}
|
||||
22
tf_code/variables.tf
Normal file
22
tf_code/variables.tf
Normal file
@@ -0,0 +1,22 @@
|
||||
variable "PROXMOX_VE_ENDPOINT" {
|
||||
type = string
|
||||
default = "https://FQDN/api2/json"
|
||||
}
|
||||
|
||||
variable "PROXMOX_VE_API_TOKEN" {
|
||||
type = string
|
||||
default = "user@pam!token-name=xxx-xxx-xxx-xxx"
|
||||
}
|
||||
|
||||
variable "unciel_eu" {
|
||||
description = "Parent map key is container hostname. mount_points map key is container's path mount_point."
|
||||
type = map(object({
|
||||
vm_id = number
|
||||
memory = optional(number, 512)
|
||||
tags = optional(set(string))
|
||||
mount_points = map(object({
|
||||
size = optional(string, "2G")
|
||||
volume = optional(string, "local-lvm")
|
||||
}))
|
||||
}))
|
||||
}
|
||||
Reference in New Issue
Block a user