2024-08-20 19:03:23 +00:00
|
|
|
locals {
|
2024-08-25 15:47:41 +00:00
|
|
|
domain = "ingress.tjo.cloud"
|
|
|
|
|
2024-08-20 19:03:23 +00:00
|
|
|
nodes = {
|
2024-08-24 22:15:57 +00:00
|
|
|
for k, v in var.nodes : k => merge(v, {
|
2024-11-08 21:11:27 +00:00
|
|
|
domain = local.domain
|
2024-09-19 18:42:30 +00:00
|
|
|
meta = {
|
2024-11-04 20:32:57 +00:00
|
|
|
name = v.host
|
2024-09-20 19:32:17 +00:00
|
|
|
domain = local.domain
|
2024-09-19 18:42:30 +00:00
|
|
|
service_account = {
|
2024-09-20 19:32:17 +00:00
|
|
|
username = authentik_user.service_account[k].username
|
|
|
|
password = authentik_token.service_account[k].key
|
2024-09-19 18:42:30 +00:00
|
|
|
}
|
2024-11-11 20:31:32 +00:00
|
|
|
tailscale = {
|
|
|
|
auth_key = tailscale_tailnet_key.key.key
|
|
|
|
}
|
2024-09-19 18:42:30 +00:00
|
|
|
}
|
2024-08-20 19:03:23 +00:00
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-11-11 20:31:32 +00:00
|
|
|
resource "tailscale_tailnet_key" "key" {
|
|
|
|
reusable = true
|
|
|
|
ephemeral = false
|
|
|
|
preauthorized = true
|
|
|
|
description = "ingress-tjo-cloud terraform key"
|
|
|
|
tags = ["tag:ingress-tjo-cloud"]
|
|
|
|
}
|
|
|
|
|
2024-09-17 19:22:50 +00:00
|
|
|
resource "proxmox_virtual_environment_download_file" "ubuntu" {
|
2024-11-04 20:32:57 +00:00
|
|
|
for_each = local.nodes
|
|
|
|
|
2024-09-17 19:22:50 +00:00
|
|
|
content_type = "iso"
|
2024-11-04 20:32:57 +00:00
|
|
|
datastore_id = each.value.iso_storage
|
|
|
|
node_name = each.value.host
|
2024-09-17 19:22:50 +00:00
|
|
|
url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
|
|
|
|
overwrite = false
|
2024-08-23 20:03:47 +00:00
|
|
|
}
|
|
|
|
|
2024-08-24 17:42:11 +00:00
|
|
|
resource "proxmox_virtual_environment_file" "userdata" {
|
2024-08-20 19:03:23 +00:00
|
|
|
for_each = local.nodes
|
|
|
|
|
|
|
|
node_name = each.value.host
|
|
|
|
content_type = "snippets"
|
2024-11-04 20:32:57 +00:00
|
|
|
datastore_id = each.value.iso_storage
|
2024-08-20 19:03:23 +00:00
|
|
|
|
|
|
|
source_raw {
|
|
|
|
data = <<-EOF
|
2024-08-23 20:03:47 +00:00
|
|
|
#cloud-config
|
2024-11-11 20:31:32 +00:00
|
|
|
hostname: ${each.value.host}
|
|
|
|
fqdn: ${each.value.host}.${each.value.domain}
|
|
|
|
prefer_fqdn_over_hostname: true
|
2024-08-24 22:15:57 +00:00
|
|
|
write_files:
|
2024-08-31 18:30:08 +00:00
|
|
|
- path: /etc/tjo.cloud/meta.json
|
2024-08-25 15:47:41 +00:00
|
|
|
encoding: base64
|
2024-09-19 18:42:30 +00:00
|
|
|
content: ${base64encode(jsonencode(each.value.meta))}
|
2024-09-17 19:22:50 +00:00
|
|
|
ssh_authorized_keys: ${jsonencode(var.ssh_keys)}
|
|
|
|
packages:
|
|
|
|
- qemu-guest-agent
|
2024-09-17 20:01:55 +00:00
|
|
|
power_state:
|
|
|
|
mode: reboot
|
2024-11-25 17:45:02 +00:00
|
|
|
runcmd:
|
|
|
|
- git clone https://code.tjo.space/tjo-cloud/ingress.git /srv
|
|
|
|
- /srv/install.sh
|
2024-08-20 19:03:23 +00:00
|
|
|
EOF
|
2024-11-04 20:32:57 +00:00
|
|
|
file_name = "${each.value.host}.ingress.tjo.cloud.userconfig.yaml"
|
2024-08-20 19:03:23 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "proxmox_virtual_environment_vm" "nodes" {
|
|
|
|
for_each = local.nodes
|
|
|
|
|
|
|
|
vm_id = each.value.id
|
2024-11-04 20:32:57 +00:00
|
|
|
name = "${each.value.host}.${each.value.domain}"
|
2024-08-20 19:03:23 +00:00
|
|
|
node_name = each.value.host
|
|
|
|
|
2024-11-04 20:32:57 +00:00
|
|
|
description = <<EOT
|
|
|
|
An ingress.tjo.cloud instance for ${each.value.host}.
|
|
|
|
|
|
|
|
Repo: https://code.tjo.space/tjo-cloud/ingress
|
|
|
|
EOT
|
|
|
|
|
|
|
|
tags = [each.value.domain]
|
2024-08-20 19:03:23 +00:00
|
|
|
|
|
|
|
stop_on_destroy = true
|
|
|
|
timeout_start_vm = 60
|
|
|
|
timeout_stop_vm = 60
|
|
|
|
timeout_shutdown_vm = 60
|
|
|
|
timeout_reboot = 60
|
2024-08-24 22:15:57 +00:00
|
|
|
timeout_create = 600
|
2024-08-20 19:03:23 +00:00
|
|
|
|
|
|
|
cpu {
|
|
|
|
cores = each.value.cores
|
|
|
|
type = "host"
|
|
|
|
}
|
|
|
|
memory {
|
|
|
|
dedicated = each.value.memory
|
|
|
|
}
|
|
|
|
|
2024-08-21 21:00:23 +00:00
|
|
|
bios = "ovmf"
|
2024-08-22 16:16:39 +00:00
|
|
|
efi_disk {
|
2024-11-04 20:32:57 +00:00
|
|
|
datastore_id = each.value.boot_storage
|
2024-08-22 16:16:39 +00:00
|
|
|
}
|
2024-08-21 21:00:23 +00:00
|
|
|
|
2024-08-20 19:03:23 +00:00
|
|
|
operating_system {
|
|
|
|
type = "l26"
|
|
|
|
}
|
|
|
|
|
2024-09-17 20:01:55 +00:00
|
|
|
agent {
|
|
|
|
enabled = true
|
|
|
|
}
|
|
|
|
|
2024-08-20 19:03:23 +00:00
|
|
|
network_device {
|
2024-11-08 21:11:27 +00:00
|
|
|
bridge = "vmbr1"
|
2024-08-20 19:03:23 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
scsi_hardware = "virtio-scsi-single"
|
|
|
|
disk {
|
2024-11-04 20:32:57 +00:00
|
|
|
file_id = proxmox_virtual_environment_download_file.ubuntu[each.key].id
|
2024-08-20 19:03:23 +00:00
|
|
|
interface = "virtio0"
|
2024-11-04 20:32:57 +00:00
|
|
|
datastore_id = each.value.boot_storage
|
2024-08-20 19:03:23 +00:00
|
|
|
size = each.value.boot_size
|
|
|
|
backup = true
|
|
|
|
cache = "none"
|
|
|
|
iothread = true
|
|
|
|
}
|
|
|
|
|
|
|
|
initialization {
|
2024-09-17 19:22:50 +00:00
|
|
|
interface = "scsi0"
|
2024-11-04 20:32:57 +00:00
|
|
|
datastore_id = each.value.boot_storage
|
2024-08-24 17:42:11 +00:00
|
|
|
user_data_file_id = proxmox_virtual_environment_file.userdata[each.key].id
|
2024-09-17 19:22:50 +00:00
|
|
|
|
|
|
|
ip_config {
|
|
|
|
ipv4 {
|
2024-11-08 21:11:27 +00:00
|
|
|
address = each.value.ipv4_address
|
|
|
|
gateway = each.value.ipv4_gateway
|
2024-09-17 19:22:50 +00:00
|
|
|
}
|
|
|
|
ipv6 {
|
2024-11-08 21:11:27 +00:00
|
|
|
address = each.value.ipv6_address
|
|
|
|
gateway = each.value.ipv6_gateway
|
2024-09-17 19:22:50 +00:00
|
|
|
}
|
|
|
|
}
|
2024-08-20 19:03:23 +00:00
|
|
|
}
|
|
|
|
}
|