stage #17
@ -16,9 +16,9 @@ jobs:
|
||||
pull-requests: write
|
||||
|
||||
env:
|
||||
TF_VAR_SSH_KEY: ${{ secrets.SSH_KEY }}
|
||||
TF_VAR_TS_AUTHKEY: ${{ secrets.TAILSCALE_KEY }}
|
||||
TF_VAR_ssh_key: ${{ secrets.SSH_PUBLIC_KEY }}
|
||||
TF_VAR_SSH_KEY_PUBLIC: ${{ secrets.SSH_KEY_PUBLIC }}
|
||||
TF_VAR_TS_AUTHKEY: ${{ secrets.TS_AUTHKEY }}
|
||||
TF_VAR_proxmox_password: ${{ secrets.PROXMOX_PASSWORD }}
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
@ -29,11 +29,6 @@ jobs:
|
||||
with:
|
||||
terraform_version: 1.6.6
|
||||
|
||||
- name: Inject sensitive secrets
|
||||
working-directory: terraform
|
||||
run: |
|
||||
echo 'proxmox_password = "${{ secrets.PROXMOX_PASSWORD }}"' >> terraform.tfvars
|
||||
|
||||
- name: Terraform Init
|
||||
working-directory: terraform
|
||||
run: terraform init
|
||||
|
||||
@ -14,9 +14,9 @@ jobs:
|
||||
pull-requests: write
|
||||
|
||||
env:
|
||||
TF_VAR_SSH_KEY: ${{ secrets.SSH_KEY }}
|
||||
TF_VAR_TS_AUTHKEY: ${{ secrets.TAILSCALE_KEY }}
|
||||
TF_VAR_ssh_key: ${{ secrets.SSH_PUBLIC_KEY }}
|
||||
TF_VAR_SSH_KEY: ${{ secrets.TF_VAR_SSH_KEY_PUBLIC }}
|
||||
TF_VAR_TS_AUTHKEY: ${{ secrets.TF_VAR_TS_AUTHKEY }}
|
||||
TF_VAR_PROXMOX_PASSWORD: ${{ secrets.TF_VAR_PROXMOX_PASSWORD }}
|
||||
|
||||
|
||||
steps:
|
||||
@ -28,11 +28,6 @@ jobs:
|
||||
with:
|
||||
terraform_version: 1.6.6
|
||||
|
||||
- name: Inject sensitive secrets
|
||||
working-directory: terraform
|
||||
run: |
|
||||
echo 'proxmox_password = "${{ secrets.PROXMOX_PASSWORD }}"' >> terraform.tfvars
|
||||
|
||||
- name: Terraform Init
|
||||
working-directory: terraform
|
||||
run: terraform init
|
||||
|
||||
@ -17,9 +17,9 @@ jobs:
|
||||
pull-requests: write
|
||||
|
||||
env:
|
||||
TF_VAR_SSH_KEY: ${{ secrets.SSH_KEY }}
|
||||
TF_VAR_TS_AUTHKEY: ${{ secrets.TAILSCALE_KEY }}
|
||||
# TF_VAR_ssh_key: ${{ secrets.SSH_PUBLIC_KEY }}
|
||||
TF_VAR_SSH_KEY_PUBLIC: ${{ secrets.SSH_KEY_PUBLIC }}
|
||||
TF_VAR_TS_AUTHKEY: ${{ secrets.TS_AUTHKEY }}
|
||||
TF_VAR_proxmox_password: ${{ secrets.PROXMOX_PASSWORD }}
|
||||
|
||||
steps:
|
||||
- name: Checkout repository
|
||||
@ -30,11 +30,6 @@ jobs:
|
||||
with:
|
||||
terraform_version: 1.6.6
|
||||
|
||||
- name: Inject sensitive secrets
|
||||
working-directory: terraform
|
||||
run: |
|
||||
echo 'proxmox_password = "${{ secrets.PROXMOX_PASSWORD }}"' >> terraform.tfvars
|
||||
|
||||
- name: Terraform Init
|
||||
working-directory: terraform
|
||||
run: terraform init
|
||||
|
||||
4
.gitignore
vendored
4
.gitignore
vendored
@ -1,2 +1,6 @@
|
||||
./terraform/.terraform
|
||||
terraform/.terraform/
|
||||
terraform/test-apply.sh
|
||||
terraform/test-plan.sh
|
||||
terraform/test-destroy.sh
|
||||
terraform/tfplan
|
||||
|
||||
19
terraform/.terraform.lock.hcl
generated
19
terraform/.terraform.lock.hcl
generated
@ -20,25 +20,6 @@ provider "registry.terraform.io/hashicorp/local" {
|
||||
]
|
||||
}
|
||||
|
||||
provider "registry.terraform.io/hashicorp/null" {
|
||||
version = "3.2.3"
|
||||
hashes = [
|
||||
"h1:+AnORRgFbRO6qqcfaQyeX80W0eX3VmjadjnUFUJTiXo=",
|
||||
"zh:22d062e5278d872fe7aed834f5577ba0a5afe34a3bdac2b81f828d8d3e6706d2",
|
||||
"zh:23dead00493ad863729495dc212fd6c29b8293e707b055ce5ba21ee453ce552d",
|
||||
"zh:28299accf21763ca1ca144d8f660688d7c2ad0b105b7202554ca60b02a3856d3",
|
||||
"zh:55c9e8a9ac25a7652df8c51a8a9a422bd67d784061b1de2dc9fe6c3cb4e77f2f",
|
||||
"zh:756586535d11698a216291c06b9ed8a5cc6a4ec43eee1ee09ecd5c6a9e297ac1",
|
||||
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
|
||||
"zh:9d5eea62fdb587eeb96a8c4d782459f4e6b73baeece4d04b4a40e44faaee9301",
|
||||
"zh:a6355f596a3fb8fc85c2fb054ab14e722991533f87f928e7169a486462c74670",
|
||||
"zh:b5a65a789cff4ada58a5baffc76cb9767dc26ec6b45c00d2ec8b1b027f6db4ed",
|
||||
"zh:db5ab669cf11d0e9f81dc380a6fdfcac437aea3d69109c7aef1a5426639d2d65",
|
||||
"zh:de655d251c470197bcbb5ac45d289595295acb8f829f6c781d4a75c8c8b7c7dd",
|
||||
"zh:f5c68199f2e6076bce92a12230434782bf768103a427e9bb9abee99b116af7b5",
|
||||
]
|
||||
}
|
||||
|
||||
provider "registry.terraform.io/hashicorp/template" {
|
||||
version = "2.2.0"
|
||||
hashes = [
|
||||
|
||||
@ -4,9 +4,10 @@ data "template_file" "cloud_init_global" {
|
||||
template = file("${path.module}/files/cloud_init_global.yaml")
|
||||
|
||||
vars = {
|
||||
hostname = "generic"
|
||||
domain = "home.arpa"
|
||||
TS_AUTHKEY = var.TS_AUTHKEY
|
||||
hostname = "generic"
|
||||
domain = "home.arpa"
|
||||
TS_AUTHKEY = var.TS_AUTHKEY
|
||||
SSH_KEY_PUBLIC = var.SSH_KEY_PUBLIC
|
||||
}
|
||||
}
|
||||
|
||||
@ -14,4 +15,3 @@ resource "local_file" "cloud_init_global" {
|
||||
content = data.template_file.cloud_init_global.rendered
|
||||
filename = "${path.module}/files/cloud_init_global.yaml"
|
||||
}
|
||||
|
||||
|
||||
@ -1,5 +1,30 @@
|
||||
#cloud-config
|
||||
hostname: ${hostname}
|
||||
|
||||
package_update: true
|
||||
package_upgrade: true
|
||||
|
||||
# APT fails to acquire GPG keys if package dirmngr is missing
|
||||
bootcmd:
|
||||
- [ cloud-init-per, once, dirmngr-aptupdate, apt-get, update ]
|
||||
- [ cloud-init-per, once, dirmngr-aptinstall, apt-get, install, dirmngr, -y ]
|
||||
- [ cloud-init-per, once, dirmngr-aptinstall, apt-get, install, gnupg2, -y ]
|
||||
|
||||
packages:
|
||||
- jq
|
||||
- curl
|
||||
- qemu-guest-agent
|
||||
- salt-minion
|
||||
|
||||
users:
|
||||
- name: stuart
|
||||
groups: sudo
|
||||
shell: /bin/bash
|
||||
sudo: ['ALL=(ALL) NOPASSWD:ALL']
|
||||
ssh_authorized_keys:
|
||||
- ${SSH_KEY_PUBLIC}
|
||||
|
||||
preserve_hostname: false
|
||||
manage_etc_hosts: false
|
||||
fqdn: ${hostname}.${domain}
|
||||
|
||||
#cloud-config
|
||||
|
||||
@ -21,6 +21,7 @@ resource "proxmox_vm_qemu" "alpacas" {
|
||||
target_node = var.target_node
|
||||
clone = var.clone_template
|
||||
full_clone = true
|
||||
os_type = "cloud-init"
|
||||
agent = 1
|
||||
|
||||
sockets = var.sockets
|
||||
@ -63,6 +64,7 @@ resource "proxmox_vm_qemu" "llamas" {
|
||||
target_node = var.target_node
|
||||
clone = var.clone_template
|
||||
full_clone = true
|
||||
os_type = "cloud-init"
|
||||
agent = 1
|
||||
|
||||
sockets = var.sockets
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
{
|
||||
"version": 4,
|
||||
"terraform_version": "1.8.3",
|
||||
"terraform_version": "1.11.4",
|
||||
"serial": 31,
|
||||
"lineage": "7a39dd41-1655-172c-950b-b8c5398caf69",
|
||||
"outputs": {},
|
||||
|
||||
@ -1,13 +1,12 @@
|
||||
target_node = "flex"
|
||||
clone_template = "Alpine-TemplateV2"
|
||||
clone_template = "ubuntu-cloudinit"
|
||||
vm_name = "alpine-vm"
|
||||
cores = 2
|
||||
memory = 2048
|
||||
cores = 1
|
||||
memory = 1024
|
||||
disk_size = "15G"
|
||||
sockets = 1
|
||||
bridge = "vmbr0"
|
||||
disk_type = "scsi"
|
||||
storage = "Flash"
|
||||
pm_api_url = "https://100.105.0.115:8006/api2/json"
|
||||
pm_user = "terraform-prov@pve"
|
||||
|
||||
pm_user = "terraform-prov@pve"
|
||||
@ -79,3 +79,7 @@ variable "TS_AUTHKEY" {
|
||||
description = "Tailscale auth key used in cloud-init"
|
||||
}
|
||||
|
||||
variable "SSH_KEY_PUBLIC" {
|
||||
type = string
|
||||
description = "My Public SSH key fo ssh auth list"
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user