2021-10-17 11:11:52 +02:00
|
|
|
provider "proxmox" {
|
2021-11-03 22:47:44 +01:00
|
|
|
pm_api_url = "https://10.42.42.42:8006/api2/json"
|
|
|
|
pm_user = data.vault_generic_secret.proxmox_auth.data["user"]
|
|
|
|
pm_password = data.vault_generic_secret.proxmox_auth.data["pass"]
|
2021-10-17 12:04:23 +02:00
|
|
|
pm_tls_insecure = true
|
2021-10-17 11:11:52 +02:00
|
|
|
}
|
2021-10-17 12:04:23 +02:00
|
|
|
|
|
|
|
# For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/
|
|
|
|
resource "proxmox_lxc" "nixos-template" {
|
2021-11-03 22:47:44 +01:00
|
|
|
target_node = "nuc"
|
|
|
|
description = "NixOS LXC Template"
|
|
|
|
hostname = "nixos-template"
|
|
|
|
ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz"
|
|
|
|
ostype = "unmanaged"
|
2021-10-17 12:04:23 +02:00
|
|
|
unprivileged = true
|
2021-11-21 14:05:15 +01:00
|
|
|
vmid = 101
|
2021-11-03 22:47:44 +01:00
|
|
|
template = true
|
2021-10-17 15:14:29 +02:00
|
|
|
|
|
|
|
memory = 1024
|
2021-10-17 12:04:23 +02:00
|
|
|
|
|
|
|
features {
|
|
|
|
nesting = true
|
|
|
|
}
|
|
|
|
|
|
|
|
rootfs {
|
|
|
|
storage = "local-zfs"
|
2021-11-03 22:47:44 +01:00
|
|
|
size = "8G"
|
2021-10-17 12:04:23 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
network {
|
2021-11-03 22:47:44 +01:00
|
|
|
name = "eth0"
|
2021-10-17 12:04:23 +02:00
|
|
|
bridge = "vmbr0"
|
2021-11-03 22:47:44 +01:00
|
|
|
ip = "dhcp"
|
2021-10-17 15:14:29 +02:00
|
|
|
hwaddr = "22:D7:C1:FF:9D:5F"
|
2021-10-17 12:04:23 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-10-17 15:14:29 +02:00
|
|
|
resource "proxmox_lxc" "vault" {
|
2021-11-03 22:47:44 +01:00
|
|
|
target_node = "nuc"
|
|
|
|
description = "Vault Secrets Management"
|
|
|
|
hostname = "vault"
|
2021-10-17 16:36:51 +02:00
|
|
|
unprivileged = false # needed for mlock
|
2021-11-21 14:05:15 +01:00
|
|
|
vmid = 102
|
|
|
|
clone = "101"
|
2021-10-17 15:14:29 +02:00
|
|
|
memory = 1024
|
2021-10-17 23:38:49 +02:00
|
|
|
|
2021-10-17 15:14:29 +02:00
|
|
|
rootfs {
|
|
|
|
storage = "local-zfs"
|
2021-11-03 22:47:44 +01:00
|
|
|
size = "8G"
|
2021-10-17 15:14:29 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
network {
|
2021-11-03 22:47:44 +01:00
|
|
|
name = "eth0"
|
2021-10-17 15:14:29 +02:00
|
|
|
bridge = "vmbr0"
|
2021-11-03 22:47:44 +01:00
|
|
|
ip = "dhcp"
|
2021-10-17 15:14:29 +02:00
|
|
|
hwaddr = "16:2B:87:55:0C:0C"
|
|
|
|
}
|
|
|
|
}
|
2021-10-17 21:02:10 +02:00
|
|
|
|
2021-10-18 18:53:54 +02:00
|
|
|
resource "proxmox_lxc" "mosquitto" {
|
2021-11-03 22:47:44 +01:00
|
|
|
target_node = "nuc"
|
|
|
|
description = "mosquitto mqtt broker"
|
|
|
|
hostname = "mosquitto"
|
|
|
|
vmid = 104
|
|
|
|
clone = 101
|
2021-10-23 12:54:20 +02:00
|
|
|
unprivileged = true
|
2021-10-18 18:53:54 +02:00
|
|
|
|
|
|
|
memory = 1024
|
|
|
|
|
|
|
|
rootfs {
|
|
|
|
storage = "local-zfs"
|
2021-11-03 22:47:44 +01:00
|
|
|
size = "8G"
|
2021-10-18 18:53:54 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
network {
|
2021-11-03 22:47:44 +01:00
|
|
|
name = "eth0"
|
2021-10-18 18:53:54 +02:00
|
|
|
bridge = "vmbr0"
|
2021-11-03 22:47:44 +01:00
|
|
|
ip = "dhcp"
|
2021-10-18 18:53:54 +02:00
|
|
|
hwaddr = "C6:F9:8B:3D:9E:37"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-10-19 02:02:56 +02:00
|
|
|
resource "proxmox_lxc" "nginx" {
|
2021-11-03 22:47:44 +01:00
|
|
|
target_node = "nuc"
|
|
|
|
description = "nginx reverse proxy"
|
|
|
|
hostname = "nginx"
|
|
|
|
vmid = 106
|
|
|
|
clone = 101
|
2021-10-23 12:54:20 +02:00
|
|
|
unprivileged = true
|
2021-10-19 02:02:56 +02:00
|
|
|
|
|
|
|
memory = 512
|
|
|
|
|
|
|
|
rootfs {
|
|
|
|
storage = "local-zfs"
|
2021-11-03 22:47:44 +01:00
|
|
|
size = "8G"
|
2021-10-19 02:02:56 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
network {
|
2021-11-03 22:47:44 +01:00
|
|
|
name = "eth0"
|
2021-10-19 02:02:56 +02:00
|
|
|
bridge = "vmbr0"
|
2021-11-03 22:47:44 +01:00
|
|
|
ip = "dhcp"
|
2021-10-19 02:02:56 +02:00
|
|
|
hwaddr = "6A:C2:89:85:CF:A6"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-10-17 21:02:10 +02:00
|
|
|
resource "proxmox_vm_qemu" "k3s-node1" {
|
2021-11-03 22:47:44 +01:00
|
|
|
name = "k3s-node1"
|
2021-10-17 21:02:10 +02:00
|
|
|
target_node = "nuc"
|
2021-11-03 22:47:44 +01:00
|
|
|
vmid = 103
|
|
|
|
clone = "bastion"
|
|
|
|
tablet = false
|
2021-10-17 21:02:10 +02:00
|
|
|
|
2021-10-17 23:38:49 +02:00
|
|
|
memory = 8192
|
2021-11-03 22:47:44 +01:00
|
|
|
cores = 4
|
2021-10-17 21:02:10 +02:00
|
|
|
|
|
|
|
agent = 1
|
2021-11-03 22:47:44 +01:00
|
|
|
boot = "order=scsi0;ide2;net0"
|
2021-10-17 21:02:10 +02:00
|
|
|
|
|
|
|
network {
|
2021-11-03 22:47:44 +01:00
|
|
|
model = "virtio"
|
2021-10-17 21:02:10 +02:00
|
|
|
macaddr = "2E:F8:55:23:D9:9B"
|
2021-11-03 22:47:44 +01:00
|
|
|
bridge = "vmbr0"
|
2021-10-17 21:02:10 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
disk {
|
2021-11-03 22:47:44 +01:00
|
|
|
type = "scsi"
|
|
|
|
storage = "local-zfs"
|
|
|
|
size = "64G"
|
|
|
|
ssd = 1
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "proxmox_lxc" "consul" {
|
|
|
|
target_node = "nuc"
|
|
|
|
description = "consul service mesh"
|
|
|
|
hostname = "consul"
|
|
|
|
vmid = 107
|
|
|
|
clone = 101
|
|
|
|
unprivileged = true
|
|
|
|
|
|
|
|
memory = 512
|
|
|
|
|
|
|
|
rootfs {
|
2021-10-17 21:02:10 +02:00
|
|
|
storage = "local-zfs"
|
2021-11-03 22:47:44 +01:00
|
|
|
size = "8G"
|
|
|
|
}
|
|
|
|
|
|
|
|
network {
|
|
|
|
name = "eth0"
|
|
|
|
bridge = "vmbr0"
|
|
|
|
ip = "dhcp"
|
|
|
|
hwaddr = "D6:DE:07:41:73:81"
|
2021-10-17 21:02:10 +02:00
|
|
|
}
|
|
|
|
}
|