diff --git a/.justfile b/.justfile index 93d7c2b..b3aba5d 100644 --- a/.justfile +++ b/.justfile @@ -30,3 +30,7 @@ decrypt-var FILE NAME: [no-cd] decrypt +ARGS: uv run ansible-vault edit {{ ARGS }} + +[no-cd] +decrypt-store +ARGS: + uv run ansible-vault decrypt {{ ARGS }} diff --git a/opentofu/vms/.terraform.lock.hcl b/opentofu/vms/.terraform.lock.hcl new file mode 100644 index 0000000..690a74a --- /dev/null +++ b/opentofu/vms/.terraform.lock.hcl @@ -0,0 +1,24 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/bpg/proxmox" { + version = "0.43.2" + constraints = "0.43.2" + hashes = [ + "h1:5+YNvUbtMlus6GJJktc9/7o68tYgQIQxhjTqqt2WCpk=", + "zh:07c9357e80cc52c020bd3728e5a00e21b9c06b20ee91d13d0c8ea034c1de4b6f", + "zh:41208bfd4d69f04142a69e9eabd79d4cba99f4fcacd59318aad0265c7b4bfe9e", + "zh:420623a0ae35bee21c00da444c0fbc63d3d6008d71516d90e11512651f25210f", + "zh:4cf21c0245a4fcbfec9edc1c65a5a0f0d83180607d870229ce3761fa25652ac7", + "zh:6f07cab62a60d7adc7a2c3f6fb27057dd70883c02c8ee762aec683743aee16c0", + "zh:75c4c97b110373ee48ad87774d9becbb1e21d55e0a4324f594a3b3cc8d25d73e", + "zh:79b3ab36e5276a1172c661eb60574a330cb502f2de40410f2540a50061a777f7", + "zh:96a8cda572ac540aa6c616eabd2e8dc9399809e8558f6d53a883da2a9fbdede8", + "zh:99a78347944868062bac87e93372672aa0f12422cf82d5a7f13a00805f18d5bd", + "zh:a6d2ff27558114277a9e2db874f5c9c9ee65d0dc5e918f2d9994e3ec9ef0e2b5", + "zh:c220049b7b3890e8b882873f0a4320d5b6ca28cf4b3ff9128a130e86ffbc3209", + "zh:da586199b595f278d4ecfc64e60afa52b15b9183323edde00d74a7ede5abad27", + "zh:f2caa3eefc03dd03f05ce466e98ba6fb9f0b87ece3a7fc35eb73d63f816c13d4", + "zh:f99012369fff51af76557d5616a24ae48d12ef662c6d132aa74db7f6b9d4144b", + ] +} diff --git a/opentofu/vms/providers.tf b/opentofu/vms/providers.tf new file mode 100644 index 0000000..25d07d3 --- /dev/null +++ b/opentofu/vms/providers.tf @@ -0,0 +1,21 @@ +# docs: https://registry.terraform.io/providers/bpg/proxmox/latest/docs + +terraform { + required_providers { + proxmox = { + source = "bpg/proxmox" + version = "0.43.2" + } + } +} + +provider "proxmox" { + endpoint = var.proxmox_api_endpoint + api_token = var.proxmox_api_token + insecure = true + tmp_dir = "/var/tmp" + ssh { + agent = true + username = "robo" + } +} diff --git a/opentofu/vms/s3.tf b/opentofu/vms/s3.tf new file mode 100644 index 0000000..52ec9ed --- /dev/null +++ b/opentofu/vms/s3.tf @@ -0,0 +1,49 @@ +resource "proxmox_virtual_environment_container" "banana-hoard" { + vm_id = 160 + node_name = "pve" + description = "S3 data storage manager" + unprivileged = true + + start_on_boot = "true" + + disk { + datastore_id = "local-lvm" + size = 8 + } + + initialization { + hostname = "banana-hoard" + + ip_config { + ipv4 { + address = "10.0.10.60/24" + gateway = "10.0.0.10" + } + } + + user_account { + # keys = [data.localfile.aleidk_key_pub.filename."/home/aleidk/Repos/Private/homelab/"] + password = var.root_password + } + } + + network_interface { + name = "eth0" + firewall = true + bridge = "vnet10" + } + + operating_system { + template_file_id = "local:vztmpl/alpine-latest-base-2024-12-30.tar.gz" + type = "alpine" + } + + tags = [ + "storage", + "s3", + ] + + features { + nesting = true + } +} diff --git a/opentofu/vms/variables.tf b/opentofu/vms/variables.tf new file mode 100644 index 0000000..68a8dd4 --- /dev/null +++ b/opentofu/vms/variables.tf @@ -0,0 +1,14 @@ +variable "proxmox_api_endpoint" { + type = string + description = "Proxmox cluster API endpoint https://proxmox-01.my-domain.net:8006" +} + +variable "proxmox_api_token" { + type = string + description = "Proxmox API token bpg proxmox provider with ID and token" +} + +variable "root_password" { + type = string + description = "Password used for the root user" +}