60 lines
1.2 KiB
HCL
60 lines
1.2 KiB
HCL
provider "proxmox" {
|
|
pm_api_url = "https://10.42.42.42:8006/api2/json"
|
|
pm_user = data.vault_generic_secret.proxmox_auth.data["user"]
|
|
pm_password = data.vault_generic_secret.proxmox_auth.data["pass"]
|
|
pm_tls_insecure = true
|
|
}
|
|
|
|
# For full info see: https://blog.xirion.net/posts/nixos-proxmox-lxc/
|
|
resource "proxmox_lxc" "nixos-template" {
|
|
target_node = "nuc"
|
|
description = "NixOS LXC Template"
|
|
hostname = "nixos-template"
|
|
ostemplate = "local:vztmpl/nixos-unstable-default_156198829_amd64.tar.xz"
|
|
ostype = "unmanaged"
|
|
unprivileged = true
|
|
vmid = "101"
|
|
template = true
|
|
|
|
memory = 1024
|
|
|
|
features {
|
|
nesting = true
|
|
}
|
|
|
|
rootfs {
|
|
storage = "local-zfs"
|
|
size = "8G"
|
|
}
|
|
|
|
network {
|
|
name = "eth0"
|
|
bridge = "vmbr0"
|
|
ip = "dhcp"
|
|
hwaddr = "22:D7:C1:FF:9D:5F"
|
|
}
|
|
}
|
|
|
|
resource "proxmox_lxc" "vault" {
|
|
target_node = "nuc"
|
|
description = "Vault Secrets Management"
|
|
hostname = "vault"
|
|
unprivileged = false # needed for mlock
|
|
vmid = "102"
|
|
clone = "101"
|
|
|
|
memory = 1024
|
|
|
|
rootfs {
|
|
storage = "local-zfs"
|
|
size = "8G"
|
|
}
|
|
|
|
network {
|
|
name = "eth0"
|
|
bridge = "vmbr0"
|
|
ip = "dhcp"
|
|
hwaddr = "16:2B:87:55:0C:0C"
|
|
}
|
|
}
|