counterweight/personal_infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
personal_infra/tofu/nodito
History
counterweight 4d8e641466
tf defined vms
2025-10-31 08:54:18 +01:00
..
main.tf tf defined vms 2025-10-31 08:54:18 +01:00
provider.tf tf defined vms 2025-10-31 08:54:18 +01:00
README.md tf defined vms 2025-10-31 08:54:18 +01:00
terraform.tfvars.example tf defined vms 2025-10-31 08:54:18 +01:00
variables.tf tf defined vms 2025-10-31 08:54:18 +01:00
versions.tf tf defined vms 2025-10-31 08:54:18 +01:00

README.md

Nodito VMs with OpenTofu (Proxmox)

This directory lets you declare VMs on the nodito Proxmox node and apply with OpenTofu. It clones the Ansible-built template debian-13-cloud-init and places disks on the ZFS pool proxmox-tank-1.

Prereqs

  • Proxmox API token with VM privileges. Example: user root@pam, token name tofu.
  • OpenTofu installed. 
    sudo apt-get update
sudo apt-get install -y apt-transport-https ca-certificates curl gnupg

sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://get.opentofu.org/opentofu.gpg | sudo tee /etc/apt/keyrings/opentofu.gpg >/dev/null
curl -fsSL https://packages.opentofu.org/opentofu/tofu/gpgkey | sudo gpg --no-tty --batch --dearmor -o /etc/apt/keyrings/opentofu-repo.gpg >/dev/null
sudo chmod a+r /etc/apt/keyrings/opentofu.gpg /etc/apt/keyrings/opentofu-repo.gpg

echo \
  "deb [signed-by=/etc/apt/keyrings/opentofu.gpg,/etc/apt/keyrings/opentofu-repo.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main
deb-src [signed-by=/etc/apt/keyrings/opentofu.gpg,/etc/apt/keyrings/opentofu-repo.gpg] https://packages.opentofu.org/opentofu/tofu/any/ any main" | \
  sudo tee /etc/apt/sources.list.d/opentofu.list > /dev/null
sudo chmod a+r /etc/apt/sources.list.d/opentofu.list

sudo apt-get update
sudo apt-get install -y tofu
tofu version
  • The Ansible template exists: debian-13-cloud-init (VMID 9001 by default).

Provider Auth

Create a terraform.tfvars (copy from terraform.tfvars.example) and set:

  • proxmox_api_url (e.g. https://nodito:8006/api2/json)
  • proxmox_api_token_id (e.g. root@pam!tofu)
  • proxmox_api_token_secret
  • ssh_authorized_keys (your public key content)

Alternatively, you can export env vars and reference them in a tfvars file.

Declare VMs

Edit terraform.tfvars and fill the vms map. Example entry:

vms = {
  web1 = {
    name         = "web1"
    cores        = 2
    memory_mb    = 2048
    disk_size_gb = 20
    ipconfig0    = "ip=dhcp" # or "ip=192.168.1.50/24,gw=192.168.1.1"
  }
}

All VM disks are created on zfs_storage_name (defaults to proxmox-tank-1). Network attaches to vmbr0. VLAN can be set per-VM with vlan_tag.

Usage

tofu init
tofu plan -var-file=terraform.tfvars
tofu apply -var-file=terraform.tfvars

Notes

  • Clones are full clones by default (full_clone = true).
  • Cloud-init injects cloud_init_user and ssh_authorized_keys.
  • Disks use scsi0 on ZFS with discard enabled.