locals { domain = "ingress.tjo.cloud" nodes = { for k, v in var.nodes : k => merge(v, { domain = local.domain meta = { name = v.host domain = local.domain service_account = { username = authentik_user.service_account[k].username password = authentik_token.service_account[k].key } tailscale = { auth_key = tailscale_tailnet_key.key.key } digitalocean = { token = var.digitalocean_token } } }) } } resource "tailscale_tailnet_key" "key" { reusable = true ephemeral = false preauthorized = true description = "ingress-tjo-cloud terraform key" tags = ["tag:ingress-tjo-cloud"] } resource "proxmox_virtual_environment_download_file" "ubuntu" { for_each = local.nodes content_type = "iso" datastore_id = each.value.iso_storage node_name = each.value.host url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img" overwrite = false } resource "proxmox_virtual_environment_file" "userdata" { for_each = local.nodes node_name = each.value.host content_type = "snippets" datastore_id = each.value.iso_storage source_raw { data = <<-EOF #cloud-config hostname: ${each.value.host} fqdn: ${each.value.host}.${each.value.domain} prefer_fqdn_over_hostname: true write_files: - path: /etc/tjo.cloud/meta.json encoding: base64 content: ${base64encode(jsonencode(each.value.meta))} ssh_authorized_keys: ${jsonencode(var.ssh_keys)} packages: - qemu-guest-agent power_state: mode: reboot runcmd: - git clone --depth 1 --no-checkout --filter=tree:0 https://github.com/tjo-space/tjo-cloud-infrastructure.git /srv - cd /srv && git sparse-checkout set --no-cone /ingress.tjo.cloud && git checkout - /srv/ingress.tjo.cloud/install.sh EOF file_name = "${each.value.host}.ingress.tjo.cloud.userconfig.yaml" } } resource "proxmox_virtual_environment_vm" "nodes" { for_each = local.nodes vm_id = each.value.id name = "${each.value.host}.${each.value.domain}" node_name = each.value.host description = <