From f19679529cb2805ae0faf4bb7b6aba8560242223 Mon Sep 17 00:00:00 2001 From: Victor Roest Date: Tue, 23 Nov 2021 22:33:05 +0100 Subject: [PATCH] terraform: import proxmox state --- terraform/.terraform.lock.hcl | 32 +++--- terraform/lxc.tf | 193 ++++++++++++++++++++++++++++++++++ terraform/main.tf | 111 +++---------------- terraform/version.tf | 2 +- terraform/vms.tf | 76 +++++++++++++ 5 files changed, 298 insertions(+), 116 deletions(-) create mode 100644 terraform/lxc.tf create mode 100644 terraform/vms.tf diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl index 52d100b..516a623 100644 --- a/terraform/.terraform.lock.hcl +++ b/terraform/.terraform.lock.hcl @@ -21,22 +21,22 @@ provider "registry.terraform.io/hashicorp/vault" { } provider "registry.terraform.io/telmate/proxmox" { - version = "2.9.1" - constraints = "2.9.1" + version = "2.9.0" + constraints = "2.9.0" hashes = [ - "h1:91quPBtAGz3lgEROnowk4dSJiqKEBClbhbw8Xv42Oaw=", - "zh:07a621cc6e9a55892137b42a41e73a4108e067fb534b71b06b65a0022ddde8aa", - "zh:16e031c63f5fda44b61b12c742c9886842774dc3bc88b62fc92ea0e0286d1ec1", - "zh:17b2d78ed14266a581815713bb81d796fb3367728860e774e1e56bc5f888f601", - "zh:37f6a506810d93eaa80f0428ea5409ce210d209006883d9d9a0e513d2818e3be", - "zh:5f439991b9441ebe19f8fe902cdfd0593d546930e47b7d62a7e04d9a7bcb8364", - "zh:707da4a88509bbde66c1ad6b6084633be74943bdf5108c13d9ff4c21b6c88638", - "zh:7d7664c01c0c15f67f1fad9aab3f0a064f8a3f8071b679bb3f8a8a3de7aecf2c", - "zh:7f1231b723d326b9d4e46eb03b5c0011303c4add8a54628ac674fe2669690431", - "zh:85d32d9777972fa08eeec5e5d480bb90f5877442f9740412b132c394de295702", - "zh:bbb9f52948d25a937838a809c9cc0e4e412e0f7c7df559d7c24fb3a9abfd720e", - "zh:bfe2d40f7195ed145655601054af78648493890e33e83aff30e7a21a2f1e765b", - "zh:de46e5597ca86aec52b3e569ca36f42fff5717c01d8274b9c580a98e0899b24d", - "zh:f251a74241c4eec1f2ceaed14151a0ff091c9f1d9856fe501935e7eab85ce822", + "h1:2emsswGg3BBrWiYV9GhR1MfR7r6sREVvC3qGX56UOv8=", + "zh:05b3556ffd47f7791e51c600bc281562c35d54fcb2768fe19c5faf08fd10d8f3", + "zh:0ae37a5adb0f9f6409c5363b5ac9f0eb3ed95698b82bb6827a86469a2d103edd", + "zh:0d0487486fd9cb3b064d7495082fb6fb75705dfadf43262a2abb18bc2a76da29", + "zh:12b66f4616bbd011533c5d4254abfa782ebc33619fb439619646283d831a6b3c", + "zh:3c0f9396c75230746f824fe65e5ffb27b277504be23f2771392019e89700c3a9", + "zh:5410169fc01ac9358f766d155e3b199541c25caf3a74ecada84202ecdf68cf75", + "zh:582cd15439da18358f24214addc90085860237a5bc8bb41d57c8e6115032c0c2", + "zh:97ef5e28d4863b52868dd436392b4bbba6dc12e3927ba4d33702538adfbe83c0", + "zh:a1631929b77ac97d38b2a340f598d10005ff75745546f04ea171a4042f98a894", + "zh:ae5116c32ad7b0e0573522c9158583a77a98ec52bbce14dc3ce00c03328c0b4f", + "zh:c164cedfef4ab70dc25fb2c0c25a091c5d8a6b09d58725fc4296b37cb9b133a2", + "zh:c6aed31aceaf6a923859e9e2af26a8e45559d0680bc3524207886ee0556968c2", + "zh:cffbee36856bac5ec527a8f83d52edbead3ac73e0ffbe77a958c175a78929ad6", ] } diff --git a/terraform/lxc.tf b/terraform/lxc.tf new file mode 100644 index 0000000..a1293c6 --- /dev/null +++ b/terraform/lxc.tf @@ -0,0 +1,193 @@ +resource "proxmox_lxc" "vault" { + target_node = "nuc" + description = "Vault Secrets Management" + hostname = "vault" + unprivileged = false # needed for mlock + vmid = 102 + clone = "101" + memory = 1024 + onboot = true + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "16:2B:87:55:0C:0C" + } +} + +resource "proxmox_lxc" "mosquitto" { + target_node = "nuc" + description = "mosquitto mqtt broker" + hostname = "mosquitto" + vmid = 104 + clone = 101 + unprivileged = true + onboot = true + + memory = 1024 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "C6:F9:8B:3D:9E:37" + } +} + +resource "proxmox_lxc" "nginx" { + target_node = "nuc" + description = "nginx reverse proxy" + hostname = "nginx" + vmid = 106 + clone = 101 + unprivileged = true + onboot = true + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "6A:C2:89:85:CF:A6" + } +} + +resource "proxmox_lxc" "consul" { + target_node = "nuc" + description = "consul service mesh" + hostname = "consul" + vmid = 107 + unprivileged = true + onboot = true + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "D6:DE:07:41:73:81" + } +} + +resource "proxmox_lxc" "dns-1" { + target_node = "nuc" + hostname = "dns" + vmid = 109 + unprivileged = true + onboot = true + startup = "order=1" + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "D6:DE:07:41:73:81" + } +} + +resource "proxmox_lxc" "dns-2" { + target_node = "nuc" + hostname = "dns" + vmid = 110 + unprivileged = true + onboot = true + startup = "order=1" + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "B6:04:0B:CD:0F:9F" + } +} + +resource "proxmox_lxc" "minio" { + target_node = "nuc" + hostname = "minio" + vmid = 111 + unprivileged = true + onboot = true + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + ip = "dhcp" + ip6 = "auto" + hwaddr = "0A:06:5E:E7:9A:0C" + } +} + +resource "proxmox_lxc" "dhcp" { + target_node = "nuc" + hostname = "dhcp" + vmid = 112 + unprivileged = true + onboot = true + cores = 1 + + memory = 512 + + rootfs { + storage = "local-zfs" + size = "8G" + } + + network { + name = "eth0" + bridge = "vmbr0" + hwaddr = "3E:2D:E8:AA:E2:81" + } +} diff --git a/terraform/main.tf b/terraform/main.tf index 8c7acd0..7082b59 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -31,62 +31,20 @@ resource "proxmox_lxc" "nixos-template" { name = "eth0" bridge = "vmbr0" ip = "dhcp" + ip6 = "auto" hwaddr = "22:D7:C1:FF:9D:5F" } } -resource "proxmox_lxc" "vault" { +resource "proxmox_lxc" "nixos-template-2" { target_node = "nuc" - description = "Vault Secrets Management" - hostname = "vault" - unprivileged = false # needed for mlock - vmid = 102 - clone = "101" - memory = 1024 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - hwaddr = "16:2B:87:55:0C:0C" - } -} - -resource "proxmox_lxc" "mosquitto" { - target_node = "nuc" - description = "mosquitto mqtt broker" - hostname = "mosquitto" - vmid = 104 - clone = 101 - unprivileged = true - - memory = 1024 - - rootfs { - storage = "local-zfs" - size = "8G" - } - - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - hwaddr = "C6:F9:8B:3D:9E:37" - } -} - -resource "proxmox_lxc" "nginx" { - target_node = "nuc" - description = "nginx reverse proxy" - hostname = "nginx" - vmid = 106 - clone = 101 + description = "NixOS LXC Template" + hostname = "nixos-template" + ostype = "unmanaged" unprivileged = true + vmid = 108 + template = true + cores = 1 memory = 512 @@ -95,60 +53,15 @@ resource "proxmox_lxc" "nginx" { size = "8G" } - network { - name = "eth0" - bridge = "vmbr0" - ip = "dhcp" - hwaddr = "6A:C2:89:85:CF:A6" - } -} - -resource "proxmox_vm_qemu" "k3s-node1" { - name = "k3s-node1" - target_node = "nuc" - vmid = 103 - clone = "bastion" - tablet = false - - memory = 8192 - cores = 4 - - agent = 1 - boot = "order=scsi0;ide2;net0" - - network { - model = "virtio" - macaddr = "2E:F8:55:23:D9:9B" - bridge = "vmbr0" - } - - disk { - type = "scsi" - storage = "local-zfs" - size = "64G" - ssd = 1 - } -} - -resource "proxmox_lxc" "consul" { - target_node = "nuc" - description = "consul service mesh" - hostname = "consul" - vmid = 107 - clone = 101 - unprivileged = true - - memory = 512 - - rootfs { - storage = "local-zfs" - size = "8G" + features { + nesting = true } network { name = "eth0" bridge = "vmbr0" ip = "dhcp" - hwaddr = "D6:DE:07:41:73:81" + ip6 = "auto" + hwaddr = "FA:71:3F:31:34:41" } } diff --git a/terraform/version.tf b/terraform/version.tf index f762c5a..5beb9d4 100644 --- a/terraform/version.tf +++ b/terraform/version.tf @@ -2,7 +2,7 @@ terraform { required_providers { proxmox = { source = "telmate/proxmox" - version = "2.9.1" + version = "2.9.0" } vault = { source = "hashicorp/vault" diff --git a/terraform/vms.tf b/terraform/vms.tf new file mode 100644 index 0000000..fbb73ac --- /dev/null +++ b/terraform/vms.tf @@ -0,0 +1,76 @@ +resource "proxmox_vm_qemu" "bastion" { + name = "bastion" + vmid = 100 + target_node = "nuc" + onboot = true + tablet = false + full_clone = false + + memory = 4096 + cores = 4 + + agent = 1 + boot = "order=scsi0;ide2;net0" + + disk { + size = "64G" + storage = "local-zfs" + type = "scsi" + ssd = 1 + } + + network { + model = "virtio" + macaddr = "82:F0:7C:CB:BD:6D" + bridge = "vmbr0" + } +} + +resource "proxmox_vm_qemu" "k3s-node1" { + name = "k3s-node1" + target_node = "nuc" + vmid = 103 + clone = "bastion" + tablet = false + + memory = 8192 + cores = 4 + + agent = 1 + boot = "order=scsi0;ide2;net0" + + network { + model = "virtio" + macaddr = "2E:F8:55:23:D9:9B" + bridge = "vmbr0" + } + + disk { + type = "scsi" + storage = "local-zfs" + size = "64G" + ssd = 1 + } +} + +resource "proxmox_vm_qemu" "home-assistant" { + name = "home-assistant" + vmid = 105 + target_node = "nuc" + onboot = true + tablet = false + full_clone = false + bios = "ovmf" + + memory = 2048 + cores = 4 + + agent = 1 + boot = "order=sata0" + + network { + model = "virtio" + macaddr = "9E:60:78:ED:81:B4" + bridge = "vmbr0" + } +}