ingress/terraform/node.tf

145 lines
3.3 KiB
Terraform
Raw Normal View History

locals {
2024-08-25 15:47:41 +00:00
domain = "ingress.tjo.cloud"
nodes = {
2024-08-24 22:15:57 +00:00
for k, v in var.nodes : k => merge(v, {
2024-11-08 21:11:27 +00:00
domain = local.domain
2024-09-19 18:42:30 +00:00
meta = {
name = v.host
2024-09-20 19:32:17 +00:00
domain = local.domain
2024-09-19 18:42:30 +00:00
service_account = {
2024-09-20 19:32:17 +00:00
username = authentik_user.service_account[k].username
password = authentik_token.service_account[k].key
2024-09-19 18:42:30 +00:00
}
tailscale = {
auth_key = tailscale_tailnet_key.key.key
}
2024-09-19 18:42:30 +00:00
}
})
}
}
resource "tailscale_tailnet_key" "key" {
reusable = true
ephemeral = false
preauthorized = true
description = "ingress-tjo-cloud terraform key"
tags = ["tag:ingress-tjo-cloud"]
}
2024-09-17 19:22:50 +00:00
resource "proxmox_virtual_environment_download_file" "ubuntu" {
for_each = local.nodes
2024-09-17 19:22:50 +00:00
content_type = "iso"
datastore_id = each.value.iso_storage
node_name = each.value.host
2024-09-17 19:22:50 +00:00
url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
overwrite = false
2024-08-23 20:03:47 +00:00
}
2024-08-24 17:42:11 +00:00
resource "proxmox_virtual_environment_file" "userdata" {
for_each = local.nodes
node_name = each.value.host
content_type = "snippets"
datastore_id = each.value.iso_storage
source_raw {
data = <<-EOF
2024-08-23 20:03:47 +00:00
#cloud-config
hostname: ${each.value.host}
fqdn: ${each.value.host}.${each.value.domain}
prefer_fqdn_over_hostname: true
2024-08-24 22:15:57 +00:00
write_files:
2024-08-31 18:30:08 +00:00
- path: /etc/tjo.cloud/meta.json
2024-08-25 15:47:41 +00:00
encoding: base64
2024-09-19 18:42:30 +00:00
content: ${base64encode(jsonencode(each.value.meta))}
2024-09-17 19:22:50 +00:00
ssh_authorized_keys: ${jsonencode(var.ssh_keys)}
packages:
- qemu-guest-agent
2024-09-17 20:01:55 +00:00
power_state:
mode: reboot
2024-11-25 17:45:02 +00:00
runcmd:
- git clone https://code.tjo.space/tjo-cloud/ingress.git /srv
- /srv/install.sh
EOF
file_name = "${each.value.host}.ingress.tjo.cloud.userconfig.yaml"
}
}
resource "proxmox_virtual_environment_vm" "nodes" {
for_each = local.nodes
vm_id = each.value.id
name = "${each.value.host}.${each.value.domain}"
node_name = each.value.host
description = <<EOT
An ingress.tjo.cloud instance for ${each.value.host}.
Repo: https://code.tjo.space/tjo-cloud/ingress
EOT
tags = [each.value.domain]
stop_on_destroy = true
timeout_start_vm = 60
timeout_stop_vm = 60
timeout_shutdown_vm = 60
timeout_reboot = 60
2024-08-24 22:15:57 +00:00
timeout_create = 600
cpu {
cores = each.value.cores
type = "host"
}
memory {
dedicated = each.value.memory
}
2024-08-21 21:00:23 +00:00
bios = "ovmf"
efi_disk {
datastore_id = each.value.boot_storage
}
2024-08-21 21:00:23 +00:00
operating_system {
type = "l26"
}
2024-09-17 20:01:55 +00:00
agent {
enabled = true
}
network_device {
2024-11-08 21:11:27 +00:00
bridge = "vmbr1"
}
scsi_hardware = "virtio-scsi-single"
disk {
file_id = proxmox_virtual_environment_download_file.ubuntu[each.key].id
interface = "virtio0"
datastore_id = each.value.boot_storage
size = each.value.boot_size
backup = true
cache = "none"
iothread = true
}
initialization {
2024-09-17 19:22:50 +00:00
interface = "scsi0"
datastore_id = each.value.boot_storage
2024-08-24 17:42:11 +00:00
user_data_file_id = proxmox_virtual_environment_file.userdata[each.key].id
2024-09-17 19:22:50 +00:00
ip_config {
ipv4 {
2024-11-08 21:11:27 +00:00
address = each.value.ipv4_address
gateway = each.value.ipv4_gateway
2024-09-17 19:22:50 +00:00
}
ipv6 {
2024-11-08 21:11:27 +00:00
address = each.value.ipv6_address
gateway = each.value.ipv6_gateway
2024-09-17 19:22:50 +00:00
}
}
}
}