micqdf
9ce06671c9
Merge pull request 'fix: align VM boot disk and add Terraform safety workflows' ( #21 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#21
2026-02-28 01:26:59 +00:00
micqdf
a7f68c0c4b
fix: tolerate extra output in destroy guard parser
...
Parse the first JSON object from terraform show output to avoid failures when extra non-JSON lines are present.
2026-02-28 01:23:07 +00:00
micqdf
d1a7ccc98c
chore: serialize Terraform workflows to prevent races
...
Add global workflow concurrency group with queueing enabled so plan/apply/destroy runs do not overlap and contend for shared remote state.
2026-02-28 01:17:51 +00:00
micqdf
afe19041d9
fix: make destroy guard parse tfplan JSON robustly
...
Use terraform show with no-color and resilient JSON extraction to avoid parser failures when workflow output includes non-JSON noise.
2026-02-28 01:16:19 +00:00
micqdf
c9be2a2fc8
fix: align VM boot disk and add Terraform safety workflows
...
Switch VM boot order/disks to scsi0 to match cloned NixOS template boot layout, add destroy guards to plan/apply workflows, and replace destroy workflow with a confirmed manual dispatch nuke flow that uses remote B2 state.
2026-02-28 01:10:31 +00:00
micqdf
5fc58dfc98
Merge pull request 'stage' ( #20 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#20
2026-02-28 01:01:31 +00:00
micqdf
1c4a27bca3
Merge branch 'master' into stage
2026-02-28 01:00:47 +00:00
micqdf
47f950d667
fix: update S3 backend config for Terraform init
...
Use non-deprecated s3 endpoint settings, switch to use_path_style, and trim newline characters from B2 credentials when generating backend.hcl in CI.
2026-02-28 00:56:12 +00:00
micqdf
b0768db7a7
feat: store Terraform state in Backblaze B2
...
Configure an s3 backend and initialize Terraform in CI with backend config from Gitea secrets so state persists across runs and apply operations stay consistent.
2026-02-28 00:52:40 +00:00
micqdf
c0dd091b51
chore: align template base with live VM config
...
Set NixOS stateVersion to 25.05 and include neovim in the default utility package set.
2026-02-28 00:44:08 +00:00
micqdf
595df12b3e
update: automate tailscale enrollment from Gitea secrets
...
Add a first-boot tailscale enrollment service to the NixOS template and wire terraform-apply to inject TS auth key at runtime from secrets, so keys are not baked into templates or repo files.
2026-02-28 00:33:14 +00:00
micqdf
735e9df9f1
Merge pull request 'stage' ( #19 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#19
2026-02-28 00:13:24 +00:00
micqdf
e714a56980
update: switch Terraform to NixOS template workflow
...
- Point clone_template to nixos-template and trim cloud-init to Nix-safe hostname/DNS only
- Remove SSH/Tailscale cloud-init variables and workflow secret dependencies
- Add reusable NixOS template-base config with bootloader, Tailscale, fish, and utility packages
2026-02-28 00:06:25 +00:00
micqdf
4247d16c24
fix: upgrade proxmox provider for Proxmox 9 permissions
...
Move Telmate provider to 3.0.2-rc07, which includes Proxmox 9 permission compatibility and avoids requiring deprecated VM.Monitor.
2026-02-27 21:04:44 +00:00
micqdf
59fbbb07df
fix: load static token id and validate token secret
...
- Store non-sensitive Proxmox token id in terraform.tfvars
- Inject only token secret via workflow-generated secrets.auto.tfvars
- Add variable validations for token id format and non-empty token secret
- Add workflow debug output for token secret length and selected token id
2026-02-27 21:00:44 +00:00
micqdf
c3a0ef251c
debug: show secret lengths to verify they are set
2026-02-27 20:56:41 +00:00
micqdf
841abb8fe3
fix: create secrets.auto.tfvars dynamically in workflow
...
- Generate secrets.auto.tfvars file during workflow run
- Terraform automatically loads *.auto.tfvars files
- This bypasses any issues with TF_VAR_ environment variables
2026-02-27 20:48:41 +00:00
micqdf
364dc6b35b
fix: use TF_VAR_ prefix for token credentials
...
- Restore pm_api_token_id and pm_api_token_secret variables
- Use TF_VAR_pm_api_token_id and TF_VAR_pm_api_token_secret env vars
- This is the standard Terraform way to pass variables via environment
2026-02-27 20:43:39 +00:00
micqdf
9c1476b6bf
fix: use PM_API_TOKEN_ID/SECRET env vars directly
...
- Remove token from Terraform variables (provider reads from env)
- Update workflows to set PM_API_TOKEN_ID and PM_API_TOKEN_SECRET directly
- Provider now reads credentials from environment variables
2026-02-27 20:36:44 +00:00
micqdf
4a123e0fb6
fix: apply terraform fmt
2026-02-27 20:27:20 +00:00
micqdf
5633d18276
fix: terraform fmt alignment
2026-02-27 20:22:44 +00:00
micqdf
c6fc9edcc4
fix: terraform fmt formatting
2026-02-27 20:06:23 +00:00
micqdf
c8b86c7443
fix: switch to API token authentication for Proxmox
...
- Replace user/password auth with API token auth
- Update provider config to use pm_api_token_id and pm_api_token_secret
- Update workflow secrets to use PM_API_TOKEN_ID and PM_API_TOKEN_SECRET
- Remove unused pm_user and proxmox_password variables
2026-02-27 20:02:22 +00:00
micqdf
79b535bb59
fix: code quality improvements
...
- Remove duplicate variables (alpaca_count, llama_count)
- Remove unused variables (vm_name, disk_type)
- Fix outputs to use correct variable names
- Fix cloud-init template to not overwrite source file
- Fix hardcoded hostname in cloud-init template
- Fix typo in SSH_KEY_PUBLIC description
2026-02-27 01:25:25 +00:00
micqdf
84e45b4c61
Merge pull request 'stage' ( #18 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#18
2025-04-18 11:14:21 +00:00
080752e8a0
Worflow: changes vars
2025-04-18 12:12:52 +01:00
f063baa349
Worflow: changes vars
2025-04-18 12:12:28 +01:00
micqdf
bada1b69da
Merge pull request 'stage' ( #17 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#17
2025-04-18 10:43:01 +00:00
7d04a2c475
Worflow: changes vars
2025-04-18 11:42:05 +01:00
e04f10c5a3
Worflow: changes vars
2025-04-18 11:40:44 +01:00
0e7860bfe7
Worflow: changes vars
2025-04-18 11:35:01 +01:00
0c0cbc5def
terraform apply
2025-04-18 11:29:29 +01:00
fcdde6cf1f
terraform apply
2025-04-18 11:27:41 +01:00
524bd92da4
terraform apply
2025-04-18 11:26:17 +01:00
ba3fe8e7ff
terraform apply
2025-04-18 11:01:55 +01:00
724a433d5e
terraform fmt
2025-04-18 10:56:54 +01:00
bfbf0680e2
terraform fmt
2025-04-18 10:54:10 +01:00
8f1ee24440
terraform fmt
2025-04-18 10:52:42 +01:00
73dd2e18ff
terraform fmt
2025-04-18 10:51:00 +01:00
micqdf
8d9eea6728
Merge pull request 'terraform fmt' ( #16 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#16
2025-04-17 21:54:27 +00:00
96f6d94c3a
terraform fmt
2025-04-17 22:50:43 +01:00
micqdf
8d49e447e6
Merge pull request 'terraform fmt' ( #15 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#15
2025-04-17 21:40:34 +00:00
99f3610a84
terraform fmt
2025-04-17 22:38:09 +01:00
micqdf
d634e124a3
Merge pull request 'stage' ( #14 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#14
2025-04-17 21:29:51 +00:00
70b9b5e5b7
terraform fmt
2025-04-17 22:28:45 +01:00
93d3f94100
terraform fmt
2025-04-17 22:24:54 +01:00
micqdf
70139b2693
Merge pull request 'terraform fmt' ( #13 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#13
2025-04-17 21:18:18 +00:00
8773f5026c
terraform fmt
2025-04-17 22:15:22 +01:00
micqdf
1b6eca0f69
Merge pull request 'stage' ( #12 ) from stage into master
...
Reviewed-on: micqdf/TerraHome#12
2025-04-17 21:00:27 +00:00
9551e0ad53
terraform fmt
2025-04-17 21:59:31 +01:00
micqdf
MichaelFisher1997