configure vault provider
This commit is contained in:
parent
18ec1212b3
commit
f9d1498a3c
|
@ -8,6 +8,25 @@ provider "registry.example.com/telmate/proxmox" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
provider "registry.terraform.io/hashicorp/vault" {
|
||||||
|
version = "2.24.1"
|
||||||
|
constraints = "2.24.1"
|
||||||
|
hashes = [
|
||||||
|
"h1:MUzJ+jOOPBoyGNWGjESE+t2rIjTobw08Y73jgU+d+EU=",
|
||||||
|
"zh:1968be03bbc83c9f512a60f0a018cb0cf4c9a4a0f9e606f9a7436ae06108200f",
|
||||||
|
"zh:23ef25b530dcf2f60692e261d2a56c112138d79a739f2c720bee818cf040a20f",
|
||||||
|
"zh:2b80879cf8110254eeeb55b36ce542e9cdaefc047d450368ff0ca631b29d41d6",
|
||||||
|
"zh:3d803047407a4e7ccb51cd88b38648e50517e70b97842ae1262b5c5a92eb8ede",
|
||||||
|
"zh:7edfd0323a839903e7fc5f45acce8dd61c43b356c09016e1bd43d6880bd82be6",
|
||||||
|
"zh:7efa2c6d1d0bac9478adb27fc68035ca9dc2107dae55d921a760a8ad237eb691",
|
||||||
|
"zh:a1f9d34e2ac8b3a3d177faef4f11690068919ef7d73256def6685cfd9282f83d",
|
||||||
|
"zh:a6c34746e0085ae49e3845fc58597d2d5778fcb2136fedb413b3e30ba77dd2bd",
|
||||||
|
"zh:a73eb4bc061b5babd7ea4d5f3f85f4b4c6d379982098411a29a7d7459fc37ab2",
|
||||||
|
"zh:aadecf464ead4ae30821495d8181e842c18a2537c018245509a96532eeaf7678",
|
||||||
|
"zh:e3ae8c48804065fa4f85095002f945adbd5cd3966c0b1afced7d839007586105",
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
provider "registry.terraform.io/telmate/proxmox" {
|
provider "registry.terraform.io/telmate/proxmox" {
|
||||||
version = "2.8.0"
|
version = "2.8.0"
|
||||||
hashes = [
|
hashes = [
|
||||||
|
|
12
main.tf
12
main.tf
|
@ -1,13 +1,7 @@
|
||||||
terraform {
|
|
||||||
required_providers {
|
|
||||||
proxmox = {
|
|
||||||
source = "registry.example.com/telmate/proxmox"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
provider "proxmox" {
|
provider "proxmox" {
|
||||||
pm_api_url = "https://10.42.42.42:8006/api2/json"
|
pm_api_url = "https://10.42.42.42:8006/api2/json"
|
||||||
|
pm_user = data.vault_generic_secret.proxmox_auth.data["user"]
|
||||||
|
pm_password = data.vault_generic_secret.proxmox_auth.data["pass"]
|
||||||
pm_tls_insecure = true
|
pm_tls_insecure = true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -45,7 +39,7 @@ resource "proxmox_lxc" "vault" {
|
||||||
target_node = "nuc"
|
target_node = "nuc"
|
||||||
description = "Vault Secrets Management"
|
description = "Vault Secrets Management"
|
||||||
hostname = "vault"
|
hostname = "vault"
|
||||||
unprivileged = true
|
unprivileged = false # needed for mlock
|
||||||
vmid = "102"
|
vmid = "102"
|
||||||
clone = "101"
|
clone = "101"
|
||||||
|
|
||||||
|
|
9
vault.tf
Normal file
9
vault.tf
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
provider "vault" {
|
||||||
|
address = "http://10.42.42.6:8200"
|
||||||
|
skip_tls_verify = true
|
||||||
|
}
|
||||||
|
|
||||||
|
# Proxmox authentication for terraform
|
||||||
|
data "vault_generic_secret" "proxmox_auth" {
|
||||||
|
path = "secrets/proxmox/terraform_auth"
|
||||||
|
}
|
12
version.tf
Normal file
12
version.tf
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
terraform {
|
||||||
|
required_providers {
|
||||||
|
proxmox = {
|
||||||
|
# Locally installed from git repo for LXC cloning support
|
||||||
|
source = "registry.example.com/telmate/proxmox"
|
||||||
|
}
|
||||||
|
vault = {
|
||||||
|
source = "hashicorp/vault"
|
||||||
|
version = "2.24.1"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue