eddie/homelab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 2
homelab/terraform/proxmox-examples/docker-host/variables.tf
Claude 9109712b59
feat: Add SOPS state management and fix Terraform deployment issues 
SOPS State Management:
- Implemented Git + SOPS + age encryption for Terraform state files
- Added .gitignore files to prevent committing unencrypted secrets
- Created .sops.yaml.example template for age encryption configuration
- Created helper scripts for automated encryption/decryption workflow:
  - scripts/tf: Wrapper script with auto-encrypt/decrypt
  - scripts/tf-encrypt: Manual encryption of state files
  - scripts/tf-decrypt: Manual decryption of state files
- Added comprehensive STATE_MANAGEMENT.md documentation covering:
  - Installation of age and SOPS
  - Initial setup and key generation
  - Daily workflow examples
  - Security best practices
  - Troubleshooting common issues
  - Multi-user key management
  - Backup strategies

Terraform Deployment Fixes:
- Added snippets_storage variable for cloud-init snippet storage
- Fixed datastore error: "local" does not support snippets
- Updated README with solutions for datastore and SSH issues
- Added troubleshooting for:
  - Enabling snippets on existing storage (pvesm set)
  - Creating dedicated directory storage for snippets
  - SSH authentication setup with ssh-agent
  - Manual cloud-init snippet creation workaround

Files modified:
- terraform/proxmox-examples/docker-host/main.tf
- terraform/proxmox-examples/docker-host/variables.tf
- terraform/proxmox-examples/docker-host/terraform.tfvars.example
- terraform/proxmox-examples/docker-host/README.md

Files added:
- .gitignore (root level)
- terraform/proxmox-examples/docker-host/.gitignore
- terraform/proxmox-examples/docker-host/.sops.yaml.example
- terraform/proxmox-examples/docker-host/STATE_MANAGEMENT.md
- terraform/proxmox-examples/docker-host/scripts/tf
- terraform/proxmox-examples/docker-host/scripts/tf-encrypt
- terraform/proxmox-examples/docker-host/scripts/tf-decrypt
2025-11-11 05:55:07 +00:00

181 lines
3.9 KiB
HCL
Raw Blame History

variable "pm_api_url" {
description = "Proxmox API URL"
type = string
default = "https://proxmox.local:8006"
}
variable "pm_api_token_id" {
description = "Proxmox API token ID (format: user@realm!tokenid)"
type = string
default = "root@pam!terraform"
}
variable "pm_api_token_secret" {
description = "Proxmox API token secret"
type = string
sensitive = true
}
variable "pm_tls_insecure" {
description = "Disable TLS verification for self-signed certificates"
type = bool
default = true
}
variable "proxmox_node" {
description = "Proxmox node name"
type = string
default = "pve"
}
variable "vm_name" {
description = "VM name"
type = string
default = "docker-host"
}
variable "template_vm_id" {
description = "Template VM ID to clone from"
type = number
default = 9000
}
variable "vm_cores" {
description = "Number of CPU cores"
type = number
default = 4
}
variable "vm_memory" {
description = "Memory in MB"
type = number
default = 8192
}
variable "disk_size" {
description = "Disk size (e.g., 50G, 100G)"
type = string
default = "50"
}
variable "storage" {
description = "Storage pool name for VM disks"
type = string
default = "local-lvm"
}
variable "snippets_storage" {
description = "Storage pool name for cloud-init snippets (must support 'snippets' content type)"
type = string
default = "local"
}
variable "network_bridge" {
description = "Network bridge"
type = string
default = "vmbr0"
}
variable "vm_ip_address" {
description = "Static IP address or 'dhcp'"
type = string
default = "dhcp"
}
variable "vm_ip_netmask" {
description = "Network netmask (CIDR notation, e.g., 24)"
type = number
default = 24
}
variable "vm_gateway" {
description = "Network gateway"
type = string
default = "192.168.1.1"
}
variable "vm_username" {
description = "VM username"
type = string
default = "ubuntu"
}
variable "vm_password" {
description = "VM user password"
type = string
sensitive = true
}
variable "vm_ssh_keys" {
description = "List of SSH public keys"
type = list(string)
default = []
}
variable "vm_timezone" {
description = "VM timezone"
type = string
default = "America/Los_Angeles"
}
variable "clone_homelab_repo" {
description = "Clone homelab repository on first boot"
type = bool
default = false
}
variable "github_username" {
description = "GitHub username for homelab repo"
type = string
default = "efigueroa"
}
# GPU Passthrough Configuration
variable "enable_gpu_passthrough" {
description = "Enable GPU passthrough (NVIDIA GTX 1070)"
type = bool
default = false
}
variable "gpu_pci_id" {
description = "GPU PCI ID (e.g., 0000:01:00)"
type = string
default = "0000:01:00"
}
# Media Directory Mount Configuration
variable "mount_media_directories" {
description = "Mount media directories from Proxmox host via NFS"
type = bool
default = true
}
variable "proxmox_host_ip" {
description = "Proxmox host IP address for NFS mounts"
type = string
default = "192.168.1.1"
}
variable "media_source_path" {
description = "Source path on Proxmox host for media directories"
type = string
default = "/data/media"
}
variable "media_mount_path" {
description = "Mount path in VM for media directories"
type = string
default = "/media"
}
# Operating System
variable "vm_os_type" {
description = "VM OS type (ubuntu, almalinux, debian)"
type = string
default = "almalinux"
validation {
condition = contains(["ubuntu", "almalinux", "debian"], var.vm_os_type)
error_message = "OS type must be ubuntu, almalinux, or debian"
}
}
Reference in a new issue View git blame Copy permalink