feat: add opentofu basic setup

2025-01-16 11:36:36 -03:00 · 2025-01-16 11:36:36 -03:00 · 65a98c6f57
commit 65a98c6f57
parent 467de17183
5 changed files with 112 additions and 0 deletions
--- a/.justfile
+++ b/.justfile
@ -30,3 +30,7 @@ decrypt-var FILE NAME:
 [no-cd]
 decrypt +ARGS:
  uv run ansible-vault edit {{ ARGS }}
 [no-cd]
 decrypt-store +ARGS:
  uv run ansible-vault decrypt {{ ARGS }}
--- a/opentofu/vms/.terraform.lock.hcl
+++ b/opentofu/vms/.terraform.lock.hcl
@ -0,0 +1,24 @@
 # This file is maintained automatically by "tofu init".
 # Manual edits may be lost in future updates.
 provider "registry.opentofu.org/bpg/proxmox" {
  version     = "0.43.2"
  constraints = "0.43.2"
  hashes = [
    "h1:5+YNvUbtMlus6GJJktc9/7o68tYgQIQxhjTqqt2WCpk=",
    "zh:07c9357e80cc52c020bd3728e5a00e21b9c06b20ee91d13d0c8ea034c1de4b6f",
    "zh:41208bfd4d69f04142a69e9eabd79d4cba99f4fcacd59318aad0265c7b4bfe9e",
    "zh:420623a0ae35bee21c00da444c0fbc63d3d6008d71516d90e11512651f25210f",
    "zh:4cf21c0245a4fcbfec9edc1c65a5a0f0d83180607d870229ce3761fa25652ac7",
    "zh:6f07cab62a60d7adc7a2c3f6fb27057dd70883c02c8ee762aec683743aee16c0",
    "zh:75c4c97b110373ee48ad87774d9becbb1e21d55e0a4324f594a3b3cc8d25d73e",
    "zh:79b3ab36e5276a1172c661eb60574a330cb502f2de40410f2540a50061a777f7",
    "zh:96a8cda572ac540aa6c616eabd2e8dc9399809e8558f6d53a883da2a9fbdede8",
    "zh:99a78347944868062bac87e93372672aa0f12422cf82d5a7f13a00805f18d5bd",
    "zh:a6d2ff27558114277a9e2db874f5c9c9ee65d0dc5e918f2d9994e3ec9ef0e2b5",
    "zh:c220049b7b3890e8b882873f0a4320d5b6ca28cf4b3ff9128a130e86ffbc3209",
    "zh:da586199b595f278d4ecfc64e60afa52b15b9183323edde00d74a7ede5abad27",
    "zh:f2caa3eefc03dd03f05ce466e98ba6fb9f0b87ece3a7fc35eb73d63f816c13d4",
    "zh:f99012369fff51af76557d5616a24ae48d12ef662c6d132aa74db7f6b9d4144b",
  ]
 }
--- a/opentofu/vms/providers.tf
+++ b/opentofu/vms/providers.tf
@ -0,0 +1,21 @@
 # docs: https://registry.terraform.io/providers/bpg/proxmox/latest/docs
 terraform {
  required_providers {
    proxmox = {
      source = "bpg/proxmox"
      version = "0.43.2"
    }
  }
 }
 provider "proxmox" {
  endpoint  = var.proxmox_api_endpoint
  api_token = var.proxmox_api_token
  insecure  = true
  tmp_dir  = "/var/tmp"
  ssh {
    agent    = true
    username = "robo"
  }
 }
--- a/opentofu/vms/s3.tf
+++ b/opentofu/vms/s3.tf
@ -0,0 +1,49 @@
 resource "proxmox_virtual_environment_container" "banana-hoard" {
  vm_id = 160
  node_name = "pve"
  description = "S3 data storage manager"
  unprivileged = true
  start_on_boot = "true"
  disk {
    datastore_id = "local-lvm"
    size         = 8
  }
  initialization {
    hostname = "banana-hoard"
    ip_config {
      ipv4 {
        address = "10.0.10.60/24"
        gateway = "10.0.0.10"
      }
    }
    user_account {
      # keys     = [data.localfile.aleidk_key_pub.filename."/home/aleidk/Repos/Private/homelab/"]
      password = var.root_password
    }
  }
  network_interface {
    name = "eth0"
    firewall = true
    bridge = "vnet10"
  }
  operating_system {
    template_file_id = "local:vztmpl/alpine-latest-base-2024-12-30.tar.gz"
    type             = "alpine"
  }
  tags = [
    "storage",
    "s3",
  ]
  features {
    nesting = true
  }
 }
--- a/opentofu/vms/variables.tf
+++ b/opentofu/vms/variables.tf
@ -0,0 +1,14 @@
 variable "proxmox_api_endpoint" {
  type = string
  description = "Proxmox cluster API endpoint https://proxmox-01.my-domain.net:8006"
 }
 variable "proxmox_api_token" {
  type = string
  description = "Proxmox API token bpg proxmox provider with ID and token"
 }
 variable "root_password" {
  type = string
  description = "Password used for the root user"
 }