✨ Add initial Terraform configuration for Azure and Proxmox resources

2026-03-01 14:16:44 +02:00
parent 44d658745e
commit b11172504d
17 changed files with 869 additions and 0 deletions
--- a/modules/foundry/main.tf
+++ b/modules/foundry/main.tf
@@ -0,0 +1,78 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source = "bpg/proxmox"
+    }
+  }
+}
+
+resource "proxmox_virtual_environment_container" "foundry" {
+  node_name   = var.node_name
+  vm_id       = var.container_id > 0 ? var.container_id : null
+
+  description = "Foundry VTT - managed by OpenTofu"
+  tags        = var.tags
+
+  unprivileged  = var.unprivileged
+  start_on_boot = var.start_on_boot
+  started       = var.start_on_create
+
+  # ── OS Template ────────────────────────────────────────────
+  operating_system {
+    template_file_id = var.template
+    type             = "ubuntu"
+  }
+
+  # ── Features ───────────────────────────────────────────────
+  # nesting is required for systemd >= 257 (Ubuntu 25.04+)
+  features {
+    nesting = true
+  }
+
+  # ── Resources ──────────────────────────────────────────────
+  cpu {
+    cores = var.cores
+  }
+
+  memory {
+    dedicated = var.memory
+    swap      = var.swap
+  }
+
+  disk {
+    datastore_id = var.datastore_id
+    size         = var.disk_size
+  }
+
+  # ── Networking ─────────────────────────────────────────────
+  network_interface {
+    name     = "eth0"
+    bridge   = var.bridge
+    vlan_id  = var.vlan_tag
+  }
+
+  initialization {
+    hostname = var.hostname
+
+    ip_config {
+      ipv4 {
+        address = var.ip_address
+        gateway = var.gateway != "" ? var.gateway : null
+      }
+    }
+
+    dns {
+      domain  = var.dns_domain
+      servers = [var.dns_server]
+    }
+
+    user_account {
+      keys = [var.ssh_pubkey]
+    }
+  }
+
+  # Ignore template changes so we don't recreate on minor template updates
+  lifecycle {
+    ignore_changes = [operating_system]
+  }
+}
--- a/modules/foundry/outputs.tf
+++ b/modules/foundry/outputs.tf
@@ -0,0 +1,14 @@
+output "container_id" {
+  description = "The VMID of the Foundry LXC container."
+  value       = proxmox_virtual_environment_container.foundry.vm_id
+}
+
+output "hostname" {
+  description = "The hostname of the container."
+  value       = var.hostname
+}
+
+output "ip_address" {
+  description = "The configured IP address (or 'dhcp')."
+  value       = var.ip_address
+}
--- a/modules/foundry/variables.tf
+++ b/modules/foundry/variables.tf
@@ -0,0 +1,116 @@
+variable "node_name" {
+  description = "Proxmox node to create the container on."
+  type        = string
+}
+
+variable "datastore_id" {
+  description = "Proxmox datastore for the container root filesystem."
+  type        = string
+}
+
+variable "bridge" {
+  description = "Network bridge for the container NIC."
+  type        = string
+  default     = "vmbr0"
+}
+
+variable "vlan_tag" {
+  description = "VLAN tag for the container NIC. null = untagged."
+  type        = number
+  default     = null
+}
+
+variable "container_id" {
+  description = "VMID to assign to the LXC container. 0 = auto-assign."
+  type        = number
+  default     = 0
+}
+
+variable "hostname" {
+  description = "Hostname for the container."
+  type        = string
+  default     = "foundry"
+}
+
+variable "cores" {
+  description = "Number of CPU cores."
+  type        = number
+  default     = 2
+}
+
+variable "memory" {
+  description = "Memory in MB."
+  type        = number
+  default     = 2048
+}
+
+variable "swap" {
+  description = "Swap in MB."
+  type        = number
+  default     = 512
+}
+
+variable "disk_size" {
+  description = "Root filesystem size in GB."
+  type        = number
+  default     = 16
+}
+
+variable "ssh_pubkey" {
+  description = "SSH public key for root access."
+  type        = string
+}
+
+variable "ip_address" {
+  description = "Static IPv4 address in CIDR notation, or 'dhcp'."
+  type        = string
+  default     = "dhcp"
+}
+
+variable "gateway" {
+  description = "Default gateway IPv4. Leave empty when using DHCP."
+  type        = string
+  default     = ""
+}
+
+variable "dns_domain" {
+  description = "DNS search domain."
+  type        = string
+  default     = "ad.kritikos.io"
+}
+
+variable "dns_server" {
+  description = "DNS server address."
+  type        = string
+  default     = "10.10.10.1"
+}
+
+variable "template" {
+  description = "LXC template to use (download or local path)."
+  type        = string
+  default     = "persephone:vztmpl/ubuntu-25.04-standard_25.04-1.1_amd64.tar.zst"
+}
+
+variable "start_on_create" {
+  description = "Start the container immediately after creation."
+  type        = bool
+  default     = true
+}
+
+variable "start_on_boot" {
+  description = "Start the container when the Proxmox node boots."
+  type        = bool
+  default     = true
+}
+
+variable "tags" {
+  description = "Tags to apply to the container."
+  type        = list(string)
+  default     = ["foundry", "managed-by-tofu"]
+}
+
+variable "unprivileged" {
+  description = "Run as unprivileged container (recommended)."
+  type        = bool
+  default     = true
+}