Merge pull request #7 from efigueroa/claude/karakeep-ollama-configs-011CUqEzDETA2BqAzYUcXtjt

feat: Add GPU passthrough and NFS mount support to Terraform
2025-11-10 21:43:33 -08:00 · 2025-11-10 21:43:33 -08:00 · ac62e022da
commit ac62e022da
parent c6132361c7 21d373a513
4 changed files with 570 additions and 63 deletions
--- a/terraform/proxmox-examples/docker-host/README.md
+++ b/terraform/proxmox-examples/docker-host/README.md
@ -1,15 +1,17 @@
 # Docker Host VM with OpenTofu

-This configuration creates a VM optimized for running Docker containers in your homelab.
+This configuration creates a VM optimized for running Docker containers in your homelab with support for GPU passthrough and NFS media mounts.

 ## What This Creates

- ✅ Ubuntu VM (from cloud template)
+- ✅ Ubuntu or AlmaLinux VM (from cloud template)
 - ✅ Docker & Docker Compose installed
 - ✅ Homelab network created
 - ✅ /media directories structure
 - ✅ SSH key authentication
 - ✅ Automatic updates enabled
+- ✅ Optional GPU passthrough (NVIDIA GTX 1070)
+- ✅ Optional NFS mounts from Proxmox host

 ## Prerequisites

@ -49,7 +51,125 @@ qm template 9000
 rm jammy-server-cloudimg-amd64.img
 ```

-### 2. Create API Token
+**Or create AlmaLinux 9.6 Cloud Template:**
+
+```bash
+# SSH to Proxmox server
+ssh root@proxmox.local
+
+# Download AlmaLinux cloud image
+wget https://repo.almalinux.org/almalinux/9/cloud/x86_64/images/AlmaLinux-9-GenericCloud-latest.x86_64.qcow2
+
+# Create VM
+qm create 9001 --name almalinux-cloud-template --memory 2048 --net0 virtio,bridge=vmbr0
+
+# Import disk
+qm importdisk 9001 AlmaLinux-9-GenericCloud-latest.x86_64.qcow2 local-lvm
+
+# Attach disk
+qm set 9001 --scsihw virtio-scsi-pci --scsi0 local-lvm:vm-9001-disk-0
+
+# Add cloud-init drive
+qm set 9001 --ide2 local-lvm:cloudinit
+
+# Set boot disk
+qm set 9001 --boot c --bootdisk scsi0
+
+# Add serial console
+qm set 9001 --serial0 socket --vga serial0
+
+# Convert to template
+qm template 9001
+
+# Cleanup
+rm AlmaLinux-9-GenericCloud-latest.x86_64.qcow2
+```
+
+### 2. (Optional) Enable GPU Passthrough
+
+**For NVIDIA GTX 1070 on AMD Ryzen CPU:**
+
+```bash
+# On Proxmox host, edit GRUB config
+nano /etc/default/grub
+
+# Add to GRUB_CMDLINE_LINUX_DEFAULT:
+GRUB_CMDLINE_LINUX_DEFAULT="quiet amd_iommu=on iommu=pt"
+
+# Update GRUB
+update-grub
+
+# Load required kernel modules
+nano /etc/modules
+
+# Add these lines:
+vfio
+vfio_iommu_type1
+vfio_pci
+vfio_virqfd
+
+# Blacklist NVIDIA drivers on host
+nano /etc/modprobe.d/blacklist.conf
+
+# Add:
+blacklist nouveau
+blacklist nvidia
+blacklist nvidiafb
+blacklist nvidia_drm
+
+# Update initramfs
+update-initramfs -u -k all
+
+# Reboot Proxmox host
+reboot
+
+# After reboot, verify IOMMU is enabled:
+dmesg | grep -e DMAR -e IOMMU
+
+# Find GPU PCI ID:
+lspci | grep -i nvidia
+# Output example: 01:00.0 VGA compatible controller: NVIDIA Corporation GP104 [GeForce GTX 1070]
+# Use: 0000:01:00 (note the format)
+```
+
+### 3. (Optional) Configure NFS Server on Proxmox
+
+**Export media directories from Proxmox host:**
+
+```bash
+# On Proxmox host
+# Install NFS server
+apt update
+apt install nfs-kernel-server -y
+
+# Create /etc/exports entry
+nano /etc/exports
+
+# Add (replace 192.168.1.0/24 with your network):
+/data/media/audiobooks 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/books 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/comics 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/complete 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/downloads 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/homemovies 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/incomplete 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/movies 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/music 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/photos 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+/data/media/tv 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
+
+# Export NFS shares
+exportfs -ra
+
+# Enable and start NFS server
+systemctl enable nfs-server
+systemctl start nfs-server
+
+# Verify exports
+showmount -e localhost
+```
+
+### 4. Create API Token

 In Proxmox UI:
 1. Datacenter → Permissions → API Tokens
@ -57,7 +177,7 @@ In Proxmox UI:
 3. Uncheck "Privilege Separation"
 4. Save the secret!

-### 3. Install OpenTofu
+### 5. Install OpenTofu

 ```bash
 # Linux/macOS
@ -90,6 +210,13 @@ nano terraform.tfvars
 - `vm_name` - Change VM name
 - `vm_cores` / `vm_memory` - Adjust resources
 - `vm_ip_address` - Set static IP (or keep DHCP)
+- `vm_os_type` - Choose "ubuntu", "almalinux", or "debian"
+- `template_vm_id` - Use 9001 for AlmaLinux template
+- `enable_gpu_passthrough` - Set to true for GPU support
+- `gpu_pci_id` - Your GPU PCI ID (find with `lspci`)
+- `mount_media_directories` - Set to true for NFS mounts
+- `proxmox_host_ip` - IP for NFS server (Proxmox host)
+- `media_source_path` - Path on Proxmox host (default: /data/media)

 ### 2. Initialize

@ -176,6 +303,96 @@ vm_ssh_keys = [
 ]
 ```

+### GPU Passthrough Configuration
+
+**Enable NVIDIA GTX 1070 for Jellyfin, Ollama, Immich:**
+
+```hcl
+# Must complete Proxmox host GPU passthrough setup first
+enable_gpu_passthrough = true
+gpu_pci_id = "0000:01:00"  # Find with: lspci | grep -i nvidia
+
+# Use AlmaLinux for better GPU support
+vm_os_type = "almalinux"
+template_vm_id = 9001
+
+# Allocate sufficient resources
+vm_cores = 8
+vm_memory = 24576  # 24GB
+```
+
+**Verify GPU in VM after deployment:**
+
+```bash
+ssh ubuntu@<VM-IP>
+
+# Install NVIDIA drivers (AlmaLinux)
+sudo dnf install -y epel-release
+sudo dnf config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/cuda-rhel9.repo
+sudo dnf install -y nvidia-driver nvidia-container-toolkit
+
+# Verify
+nvidia-smi
+docker run --rm --gpus all nvidia/cuda:12.3.0-base-ubuntu22.04 nvidia-smi
+```
+
+### NFS Media Mounts Configuration
+
+**Mount Proxmox host media directories to VM:**
+
+```hcl
+# Enable NFS mounts from Proxmox host
+mount_media_directories = true
+
+# Proxmox host IP (not API URL)
+proxmox_host_ip = "192.168.1.100"
+
+# Source path on Proxmox host
+media_source_path = "/data/media"
+
+# Mount point in VM
+media_mount_path = "/media"
+```
+
+**After deployment, verify mounts:**
+
+```bash
+ssh ubuntu@<VM-IP>
+
+# Check mounts
+df -h | grep /media
+ls -la /media
+
+# Expected directories:
+# /media/audiobooks, /media/books, /media/comics,
+# /media/complete, /media/downloads, /media/homemovies,
+# /media/incomplete, /media/movies, /media/music,
+# /media/photos, /media/tv
+```
+
+### Operating System Selection
+
+**AlmaLinux 9.6 (Recommended for GPU):**
+
+```hcl
+vm_os_type = "almalinux"
+template_vm_id = 9001
+vm_username = "almalinux"  # Default AlmaLinux user
+```
+
+**Ubuntu 22.04 LTS:**
+
+```hcl
+vm_os_type = "ubuntu"
+template_vm_id = 9000
+vm_username = "ubuntu"
+```
+
+**Key differences:**
+- AlmaLinux: Better RHEL ecosystem, SELinux, dnf package manager
+- Ubuntu: Wider community support, apt package manager
+- Both support Docker, GPU passthrough, and NFS mounts
+
 ## Post-Deployment

 ### Deploy Homelab Services
@ -208,8 +425,13 @@ docker compose version
 # Check network
 docker network ls | grep homelab

-# Check media directories
+# Check media directories and NFS mounts
 ls -la /media
+df -h | grep /media
+
+# If GPU passthrough is enabled
+nvidia-smi
+lspci | grep -i nvidia

 # Check system resources
 htop
@ -294,6 +516,76 @@ qm status <VM-ID>
 tail -f /var/log/pve/tasks/active
 ```

+### GPU Not Detected in VM
+
+**Verify IOMMU is enabled:**
+```bash
+# On Proxmox host
+dmesg | grep -e DMAR -e IOMMU
+# Should show: "IOMMU enabled"
+```
+
+**Check GPU is available:**
+```bash
+# On Proxmox host
+lspci | grep -i nvidia
+lspci -n -s 01:00
+
+# Verify it's not being used by host
+lsmod | grep nvidia
+# Should be empty (blacklisted)
+```
+
+**In VM, install drivers:**
+```bash
+# AlmaLinux
+sudo dnf install -y epel-release
+sudo dnf config-manager --add-repo https://developer.download.nvidia.com/compute/cuda/repos/rhel9/x86_64/cuda-rhel9.repo
+sudo dnf install -y nvidia-driver
+
+# Ubuntu
+sudo apt install -y nvidia-driver-535
+sudo reboot
+
+# Verify
+nvidia-smi
+```
+
+### NFS Mounts Not Working
+
+**On Proxmox host, verify NFS server:**
+```bash
+systemctl status nfs-server
+showmount -e localhost
+# Should list all /data/media/* exports
+```
+
+**In VM, test manual mount:**
+```bash
+# Install NFS client if missing
+sudo apt install nfs-common  # Ubuntu
+sudo dnf install nfs-utils   # AlmaLinux
+
+# Test mount
+sudo mount -t nfs 192.168.1.100:/data/media/movies /mnt
+ls /mnt
+sudo umount /mnt
+```
+
+**Check /etc/fstab in VM:**
+```bash
+cat /etc/fstab | grep nfs
+# Should show all media directory mounts
+```
+
+**Firewall issues:**
+```bash
+# On Proxmox host, allow NFS
+ufw allow from 192.168.1.0/24 to any port nfs
+# Or disable firewall temporarily to test:
+systemctl stop ufw
+```
+
 ## Advanced Usage

 ### Multiple VMs
--- a/terraform/proxmox-examples/docker-host/main.tf
+++ b/terraform/proxmox-examples/docker-host/main.tf
@ -33,6 +33,12 @@ resource "proxmox_virtual_environment_vm" "docker_host" {
    full  = true
  }

+  # BIOS type - OVMF required for GPU passthrough
+  bios = var.enable_gpu_passthrough ? "ovmf" : "seabios"
+
+  # Machine type - q35 required for GPU passthrough
+  machine = var.enable_gpu_passthrough ? "q35" : "pc"
+
  # CPU configuration
  cpu {
    cores = var.vm_cores
@ -44,6 +50,27 @@ resource "proxmox_virtual_environment_vm" "docker_host" {
    dedicated = var.vm_memory
  }

+  # EFI disk (required for OVMF BIOS when GPU passthrough is enabled)
+  dynamic "efi_disk" {
+    for_each = var.enable_gpu_passthrough ? [1] : []
+    content {
+      datastore_id = var.storage
+      type         = "4m"
+    }
+  }
+
+  # GPU passthrough configuration
+  dynamic "hostpci" {
+    for_each = var.enable_gpu_passthrough ? [1] : []
+    content {
+      device  = "hostpci0"
+      mapping = var.gpu_pci_id
+      pcie    = true
+      rombar  = true
+      xvga    = false
+    }
+  }
+
  # Network interface
  network_device {
    bridge = var.network_bridge
@ -91,7 +118,15 @@ resource "proxmox_virtual_environment_file" "cloud_init_user_data" {
  node_name    = var.proxmox_node

  source_raw {
-    data = <<-EOF
+    data = var.vm_os_type == "almalinux" ? local.cloud_init_almalinux : local.cloud_init_ubuntu
+
+    file_name = "cloud-init-docker-${var.vm_name}.yaml"
+  }
+}
+
+# Cloud-init configuration for Ubuntu
+locals {
+  cloud_init_ubuntu = <<-EOF
    #cloud-config
    hostname: ${var.vm_name}
    manage_etc_hosts: true
@ -110,9 +145,11 @@ resource "proxmox_virtual_environment_file" "cloud_init_user_data" {
      - vim
      - htop
      - net-tools
+      ${var.mount_media_directories ? "- nfs-common" : ""}

-      # Add Docker's official GPG key and repository
+    # Docker installation and NFS mount setup
    runcmd:
+      # Install Docker
      - mkdir -p /etc/apt/keyrings
      - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
      - chmod a+r /etc/apt/keyrings/docker.gpg
@ -125,21 +162,44 @@ resource "proxmox_virtual_environment_file" "cloud_init_user_data" {
      - docker network create homelab || true

      # Create media directories
-      write_files:
-        - path: /usr/local/bin/setup-media-dirs
-          permissions: '0755'
-          content: |
-            #!/bin/bash
-            mkdir -p /media/{audiobooks,books,comics,complete,downloads,homemovies,incomplete,movies,music,photos,tv}
-            chown -R ${var.vm_username}:${var.vm_username} /media
-            chmod -R 755 /media
+      - mkdir -p ${var.media_mount_path}/{audiobooks,books,comics,complete,downloads,homemovies,incomplete,movies,music,photos,tv}

-      # Run setup script
-      runcmd:
-        - /usr/local/bin/setup-media-dirs
+      ${var.mount_media_directories ? "# Mount NFS shares from Proxmox host" : ""}
+      ${var.mount_media_directories ? "- systemctl enable nfs-client.target" : ""}
+      ${var.mount_media_directories ? "- systemctl start nfs-client.target" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/audiobooks ${var.media_mount_path}/audiobooks" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/books ${var.media_mount_path}/books" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/comics ${var.media_mount_path}/comics" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/complete ${var.media_mount_path}/complete" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/downloads ${var.media_mount_path}/downloads" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/homemovies ${var.media_mount_path}/homemovies" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/incomplete ${var.media_mount_path}/incomplete" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/movies ${var.media_mount_path}/movies" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/music ${var.media_mount_path}/music" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/photos ${var.media_mount_path}/photos" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/tv ${var.media_mount_path}/tv" : ""}

-      # Optional: Clone homelab repo
-      ${var.clone_homelab_repo ? "- su - ${var.vm_username} -c 'cd ~ && git clone https://github.com/${var.github_username}/homelab.git'" : "# Homelab repo cloning disabled"}
+      - chown -R ${var.vm_username}:${var.vm_username} ${var.media_mount_path}
+      - chmod -R 755 ${var.media_mount_path}
+
+      ${var.clone_homelab_repo ? "- su - ${var.vm_username} -c 'cd ~ && git clone https://github.com/${var.github_username}/homelab.git'" : ""}
+
+    ${var.mount_media_directories ? "# Make NFS mounts persistent" : ""}
+    ${var.mount_media_directories ? "write_files:" : ""}
+    ${var.mount_media_directories ? "  - path: /etc/fstab" : ""}
+    ${var.mount_media_directories ? "    append: true" : ""}
+    ${var.mount_media_directories ? "    content: |" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/audiobooks ${var.media_mount_path}/audiobooks nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/books ${var.media_mount_path}/books nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/comics ${var.media_mount_path}/comics nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/complete ${var.media_mount_path}/complete nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/downloads ${var.media_mount_path}/downloads nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/homemovies ${var.media_mount_path}/homemovies nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/incomplete ${var.media_mount_path}/incomplete nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/movies ${var.media_mount_path}/movies nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/music ${var.media_mount_path}/music nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/photos ${var.media_mount_path}/photos nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/tv ${var.media_mount_path}/tv nfs defaults 0 0" : ""}

    # Set timezone
    timezone: ${var.vm_timezone}
@ -150,6 +210,80 @@ resource "proxmox_virtual_environment_file" "cloud_init_user_data" {
      condition: true
  EOF

-    file_name = "cloud-init-docker-${var.vm_name}.yaml"
-  }
+  cloud_init_almalinux = <<-EOF
+    #cloud-config
+    hostname: ${var.vm_name}
+    manage_etc_hosts: true
+
+    # Install Docker and dependencies
+    package_update: true
+    package_upgrade: true
+
+    packages:
+      - curl
+      - ca-certificates
+      - git
+      - vim
+      - htop
+      - net-tools
+      ${var.mount_media_directories ? "- nfs-utils" : ""}
+
+    # Docker installation and NFS mount setup
+    runcmd:
+      # Install Docker
+      - dnf config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
+      - dnf install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+      - systemctl enable docker
+      - systemctl start docker
+      - usermod -aG docker ${var.vm_username}
+      - docker network create homelab || true
+
+      # Create media directories
+      - mkdir -p ${var.media_mount_path}/{audiobooks,books,comics,complete,downloads,homemovies,incomplete,movies,music,photos,tv}
+
+      ${var.mount_media_directories ? "# Mount NFS shares from Proxmox host" : ""}
+      ${var.mount_media_directories ? "- systemctl enable nfs-client.target" : ""}
+      ${var.mount_media_directories ? "- systemctl start nfs-client.target" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/audiobooks ${var.media_mount_path}/audiobooks" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/books ${var.media_mount_path}/books" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/comics ${var.media_mount_path}/comics" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/complete ${var.media_mount_path}/complete" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/downloads ${var.media_mount_path}/downloads" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/homemovies ${var.media_mount_path}/homemovies" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/incomplete ${var.media_mount_path}/incomplete" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/movies ${var.media_mount_path}/movies" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/music ${var.media_mount_path}/music" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/photos ${var.media_mount_path}/photos" : ""}
+      ${var.mount_media_directories ? "- mount -t nfs ${var.proxmox_host_ip}:${var.media_source_path}/tv ${var.media_mount_path}/tv" : ""}
+
+      - chown -R ${var.vm_username}:${var.vm_username} ${var.media_mount_path}
+      - chmod -R 755 ${var.media_mount_path}
+
+      ${var.clone_homelab_repo ? "- su - ${var.vm_username} -c 'cd ~ && git clone https://github.com/${var.github_username}/homelab.git'" : ""}
+
+    ${var.mount_media_directories ? "# Make NFS mounts persistent" : ""}
+    ${var.mount_media_directories ? "write_files:" : ""}
+    ${var.mount_media_directories ? "  - path: /etc/fstab" : ""}
+    ${var.mount_media_directories ? "    append: true" : ""}
+    ${var.mount_media_directories ? "    content: |" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/audiobooks ${var.media_mount_path}/audiobooks nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/books ${var.media_mount_path}/books nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/comics ${var.media_mount_path}/comics nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/complete ${var.media_mount_path}/complete nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/downloads ${var.media_mount_path}/downloads nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/homemovies ${var.media_mount_path}/homemovies nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/incomplete ${var.media_mount_path}/incomplete nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/movies ${var.media_mount_path}/movies nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/music ${var.media_mount_path}/music nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/photos ${var.media_mount_path}/photos nfs defaults 0 0" : ""}
+    ${var.mount_media_directories ? "      ${var.proxmox_host_ip}:${var.media_source_path}/tv ${var.media_mount_path}/tv nfs defaults 0 0" : ""}
+
+    # Set timezone
+    timezone: ${var.vm_timezone}
+
+    # Reboot after setup
+    power_state:
+      mode: reboot
+      condition: true
+  EOF
 }
--- a/terraform/proxmox-examples/docker-host/terraform.tfvars.example
+++ b/terraform/proxmox-examples/docker-host/terraform.tfvars.example
@ -32,3 +32,34 @@ vm_ssh_keys = [
 vm_timezone = "America/Los_Angeles"
 clone_homelab_repo = true
 github_username = "efigueroa"
+
+# Operating System
+# Options: "ubuntu", "almalinux", "debian"
+vm_os_type = "almalinux"
+
+# GPU Passthrough (NVIDIA GTX 1070)
+# Enable GPU passthrough for services like Jellyfin, Ollama, Immich
+# Requires: AMD IOMMU enabled in Proxmox host GRUB
+# Set to true to enable GPU passthrough
+enable_gpu_passthrough = false
+
+# GPU PCI ID - Find with: lspci | grep -i nvidia
+# Example: 0000:01:00 (use .0 for GPU, .1 for audio)
+gpu_pci_id = "0000:01:00"
+
+# Media Directory Mounts via NFS
+# Mount media directories from Proxmox host to VM
+# Requires NFS server configured on Proxmox host
+mount_media_directories = true
+
+# Proxmox host IP for NFS mounts (not the API URL)
+# This is the IP address the VM will use to connect to NFS
+proxmox_host_ip = "192.168.1.1"
+
+# Source path on Proxmox host for media directories
+# Subdirectories: audiobooks, books, comics, complete, downloads,
+#                 homemovies, incomplete, movies, music, photos, tv
+media_source_path = "/data/media"
+
+# Mount path in VM (where media directories will be accessible)
+media_mount_path = "/media"
--- a/terraform/proxmox-examples/docker-host/variables.tf
+++ b/terraform/proxmox-examples/docker-host/variables.tf
@ -123,3 +123,53 @@ variable "github_username" {
  type        = string
  default     = "efigueroa"
 }
+
+# GPU Passthrough Configuration
+variable "enable_gpu_passthrough" {
+  description = "Enable GPU passthrough (NVIDIA GTX 1070)"
+  type        = bool
+  default     = false
+}
+
+variable "gpu_pci_id" {
+  description = "GPU PCI ID (e.g., 0000:01:00)"
+  type        = string
+  default     = "0000:01:00"
+}
+
+# Media Directory Mount Configuration
+variable "mount_media_directories" {
+  description = "Mount media directories from Proxmox host via NFS"
+  type        = bool
+  default     = true
+}
+
+variable "proxmox_host_ip" {
+  description = "Proxmox host IP address for NFS mounts"
+  type        = string
+  default     = "192.168.1.1"
+}
+
+variable "media_source_path" {
+  description = "Source path on Proxmox host for media directories"
+  type        = string
+  default     = "/data/media"
+}
+
+variable "media_mount_path" {
+  description = "Mount path in VM for media directories"
+  type        = string
+  default     = "/media"
+}
+
+# Operating System
+variable "vm_os_type" {
+  description = "VM OS type (ubuntu, almalinux, debian)"
+  type        = string
+  default     = "almalinux"
+
+  validation {
+    condition     = contains(["ubuntu", "almalinux", "debian"], var.vm_os_type)
+    error_message = "OS type must be ubuntu, almalinux, or debian"
+  }
+}