first commit

2025-08-01 08:43:04 +02:00
commit 48a734ed82
38 changed files with 2044 additions and 0 deletions
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -0,0 +1,28 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source = "bpg/proxmox"
+      version = "0.80.0"
+    }
+    ionoscloud = {
+      source  = "ionos-cloud/ionoscloud"
+      version = "~> 6.0"
+    }
+  }
+}
+
+provider "proxmox" {
+  endpoint   = var.proxmox_api_url
+  api_token   = var.proxmox_token
+  insecure   = true
+  ssh {
+    agent    = true
+    username = "root"
+    private_key = file("~/.ssh/sascha.koenig")
+  }
+}
+
+provider "ionoscloud" {
+  username   = var.ionos_username
+  password   = var.ionos_password
+}
--- a/terraform/terraform.tfstate
+++ b/terraform/terraform.tfstate
--- a/terraform/terraform.tfvars
+++ b/terraform/terraform.tfvars
@@ -0,0 +1,4 @@
+proxmox_api_url = "https://192.168.152.161:8006/api2/json"
+proxmox_token = "terraform-prov@pve!tf=3c758be0-da7d-41ba-b40f-e8dd46a25312"
+proxmox_node = "azpve"
+ssh_public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXX3ZtFW5sRVTb8CPDbGp0E/1uuNYnjlhnnkwF3iLVB sascha.koenig@azintec.com"
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -0,0 +1,22 @@
+variable "proxmox_api_url" {
+  description = "The URL of the Proxmox API (without /api2/json)"
+  type        = string
+  default     = "https://proxmox.local:8006"
+}
+
+variable "proxmox_token" {
+  description = "The password for the Proxmox API"
+  type        = string
+  sensitive   = true
+}
+
+variable "proxmox_node" {
+  description = "The name of the Proxmox node"
+  type        = string
+  default     = "pve"
+}
+
+variable "ionos_username" {}
+variable "ionos_password" {}
+
+variable "ssh_public_key" {}
--- a/terraform/vms.tf
+++ b/terraform/vms.tf
@@ -0,0 +1,135 @@
+resource "proxmox_virtual_environment_file" "cloud_config" {
+  content_type = "snippets"
+  datastore_id = "local"
+  node_name    = var.proxmox_node
+
+  source_raw {
+    data = <<-EOF
+    #cloud-config
+    chpasswd:
+      list: |
+        ubuntu:example
+      expire: false
+    hostname: example-hostname
+    packages:
+      - qemu-guest-agent
+    runcmd:
+      - systemctl enable qemu-guest-agent
+      - systemctl start qemu-guest-agent
+    users:
+      - default
+      - name: ubuntu
+        groups: sudo
+        shell: /bin/bash
+        lock_passwd: true
+        ssh-authorized-keys:
+          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPXX3ZtFW5sRVTb8CPDbGp0E/1uuNYnjlhnnkwF3iLVB sascha.koenig@azintec.com
+        sudo: ALL=(ALL) NOPASSWD:ALL
+    EOF
+
+    file_name = "cloud-config.yaml"
+  }
+}
+
+# Download Ubuntu Cloud Image
+resource "proxmox_virtual_environment_download_file" "ubuntu_cloud_image" {
+  content_type = "iso"
+  datastore_id = "local"
+  node_name    = var.proxmox_node
+
+  url = "https://cloud-images.ubuntu.com/jammy/current/jammy-server-cloudimg-amd64.img"
+}
+
+# Configure VM with User Data Initialization
+resource "proxmox_virtual_environment_vm" "ubuntu_template" {
+  name      = "ubuntu-template"
+  node_name = var.proxmox_node
+
+  template = true
+  started  = false
+
+  machine  = "q35"
+  bios     = "ovmf"
+  vm_id    = 9000
+cpu {
+    cores = 2
+}
+
+memory {
+    dedicated = 2048
+    }
+
+efi_disk {
+    datastore_id = "local-lvm"
+    type         = "4m"
+}
+
+disk {
+    datastore_id = "local-lvm"
+    file_id      = proxmox_virtual_environment_download_file.ubuntu_cloud_image.id
+    interface    = "virtio0"
+    iothread     = true
+    discard      = "on"
+    size         = 20
+}
+
+initialization {
+  ip_config {
+    ipv4 {
+      address = "dhcp"
+    }
+  }
+
+  user_data_file_id = proxmox_virtual_environment_file.cloud_config.id
+}
+
+  network_device {
+    bridge = "vmbr0"
+  }
+}
+
+resource "proxmox_virtual_environment_vm" "ubuntu_clone" {
+  name      = "ubuntu-clone"
+  node_name = var.proxmox_node
+
+  clone {
+    vm_id = proxmox_virtual_environment_vm.ubuntu_template.id
+  }
+
+  agent {
+    enabled = true
+  }
+
+  memory {
+    dedicated = 768
+  }
+
+  initialization {
+    datastore_id = "local-lvm"
+    user_account {
+      username = "user"
+      password = "password"
+    }
+    dns {
+      servers = ["1.1.1.1"]
+    }
+    ip_config {
+      ipv4 {
+        address = "dhcp"
+      }
+    }
+  }
+}
+
+resource "null_resource" "disable_kvm" {
+  depends_on = [proxmox_virtual_environment_vm.ubuntu_clone]
+
+  provisioner "local-exec" {
+    command = "qm set ${proxmox_virtual_environment_vm.ubuntu_clone.vm_id} --args '-no-kvm'"
+  }
+}
+
+output "nixos_anywhere_command" {
+  value = "nix run github:nix-community/nixos-anywhere -- --flake .#AZ-NIX-1 root@${proxmox_virtual_environment_vm.ubuntu_clone.ipv4_addresses[1][0]} --build-on-remote --ssh-port 2022"
+  description = "Command to deploy NixOS using nixos-anywhere"
+}