Claude
|
9109712b59
|
feat: Add SOPS state management and fix Terraform deployment issues
SOPS State Management:
- Implemented Git + SOPS + age encryption for Terraform state files
- Added .gitignore files to prevent committing unencrypted secrets
- Created .sops.yaml.example template for age encryption configuration
- Created helper scripts for automated encryption/decryption workflow:
- scripts/tf: Wrapper script with auto-encrypt/decrypt
- scripts/tf-encrypt: Manual encryption of state files
- scripts/tf-decrypt: Manual decryption of state files
- Added comprehensive STATE_MANAGEMENT.md documentation covering:
- Installation of age and SOPS
- Initial setup and key generation
- Daily workflow examples
- Security best practices
- Troubleshooting common issues
- Multi-user key management
- Backup strategies
Terraform Deployment Fixes:
- Added snippets_storage variable for cloud-init snippet storage
- Fixed datastore error: "local" does not support snippets
- Updated README with solutions for datastore and SSH issues
- Added troubleshooting for:
- Enabling snippets on existing storage (pvesm set)
- Creating dedicated directory storage for snippets
- SSH authentication setup with ssh-agent
- Manual cloud-init snippet creation workaround
Files modified:
- terraform/proxmox-examples/docker-host/main.tf
- terraform/proxmox-examples/docker-host/variables.tf
- terraform/proxmox-examples/docker-host/terraform.tfvars.example
- terraform/proxmox-examples/docker-host/README.md
Files added:
- .gitignore (root level)
- terraform/proxmox-examples/docker-host/.gitignore
- terraform/proxmox-examples/docker-host/.sops.yaml.example
- terraform/proxmox-examples/docker-host/STATE_MANAGEMENT.md
- terraform/proxmox-examples/docker-host/scripts/tf
- terraform/proxmox-examples/docker-host/scripts/tf-encrypt
- terraform/proxmox-examples/docker-host/scripts/tf-decrypt
|
2025-11-11 05:55:07 +00:00 |
|