Initial Commit

.gitignore

@@ -0,0 +1,39 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude override files as they are usually for local changes
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negation
+# !example_override.tf
+
+# Exclude Terraform variable files that may contain sensitive data
+*.tfvars
+*.tfvars.json
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
+# Ignore lock files (optional: keep if you want dependency locking in VCS)
+.terraform.lock.hcl
+
+# IDE and OS specific files
+.DS_Store
+Thumbs.db
+*.swp
+*.bak
+*.tmp
+*.idea/
+.vscode/

docker.tf

@@ -0,0 +1,93 @@
+resource "proxmox_vm_qemu" "dev-docker" {
+
+  # VM General Settings
+  target_node = "pve"
+  vmid        = "400"
+  name        = "dev-docker"
+  tags        = null
+
+  # VM Advanced General Settings
+  onboot = true
+  scsihw = "virtio-scsi-single"
+
+  # VM OS Settings
+  clone      = "debian-12-generic-amd64"
+  clone_wait = 120
+  timeouts {
+    create = "1h"
+    delete = "1h"
+  }
+
+  # VM System Settings
+  agent   = 0
+  machine = "q35"
+  qemu_os = "l26"
+
+  # VM CPU Settings
+  cpu {
+    cores    = 1
+    sockets  = 4
+    type = "x86-64-v2-AES"
+  }
+  bios     = "ovmf"
+
+
+  startup = "order=2"
+
+
+  # VM Memory Settings
+  memory = 16384
+
+  # VM Network Settings
+  network {
+    id     = 0 
+    bridge = "vmbr0"
+    model  = "virtio"
+    tag    = "10"
+  }
+
+  efidisk {
+    efitype = "4m"
+    storage = "local"
+  }
+
+  disks {
+    ide {
+      ide2 {
+        cdrom {
+          passthrough = false
+        }
+      }
+      ide3 {
+        cloudinit {
+          storage = "local"
+        }
+      }
+    }
+    scsi {
+      scsi0 {
+        disk {
+          size    = 80
+          storage = "local"
+        }
+      }
+    }
+  }
+
+  # VM Cloud-Init Settings
+  os_type = "cloud-init"
+
+  # (Optional) IP Address and Gateway
+  ipconfig0  = "ip=10.10.10.20/24,gw=10.10.10.1"
+  nameserver = "10.10.10.1"
+
+  # (Optional) Default User
+  ciuser     = var.ci_user     # Updated
+  cipassword = var.ci_password # Updated
+
+  # (Optional) Add your SSH Public KEY
+  sshkeys = <<EOF
+    ${var.ssh_key}
+    EOF
+
+}

github.tf

@@ -0,0 +1,44 @@
+resource "proxmox_lxc" "ghshr" {
+  
+  depends_on = [
+    proxmox_vm_qemu.dev-docker
+  ]
+  
+  target_node  = "pve"
+  vmid         = "201"
+  hostname     = "ghshr"
+  ostemplate   = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst"
+  password     = var.ci_password
+  unprivileged = false
+  ostype       = "debian"
+  onboot       = true
+  start        = true
+  startup      = "order=1000"
+
+
+  ssh_public_keys = <<EOF
+    ${var.ssh_key}
+    EOF
+
+  memory = "4096"
+  swap   = "512"
+
+  rootfs {
+    storage = "local"
+    size    = "8G"
+  }
+
+  features {
+    fuse    = true
+    nesting = true
+    mount   = "nfs;cifs"
+  }
+
+  network {
+    name   = "eth0"
+    bridge = "vmbr0"
+    ip     = "10.10.10.8/24"
+    gw     = "10.10.10.1"
+    tag    = 10
+  }
+}

omada.tf

@@ -0,0 +1,42 @@
+resource "proxmox_lxc" "omada" {
+  depends_on = [
+    proxmox_vm_qemu.dev-docker
+  ]
+  target_node  = "pve"
+  vmid         = "200"
+  hostname     = "omada"
+  ostemplate   = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst"
+  password     = var.ci_password
+  unprivileged = false
+  ostype       = "debian"
+  onboot       = true
+  start        = true
+  startup      = "order=1000"
+
+
+  ssh_public_keys = <<EOF
+    ${var.ssh_key}
+    EOF
+
+  memory = "4096"
+  swap   = "512"
+
+  rootfs {
+    storage = "local"
+    size    = "8G"
+  }
+
+  features {
+    fuse    = true
+    nesting = true
+    mount   = "nfs;cifs"
+  }
+
+  network {
+    name   = "eth0"
+    bridge = "vmbr0"
+    ip     = "10.10.40.2/24"
+    gw     = "10.10.40.1"
+    tag    = 40
+  }
+}

provider.tf

@@ -0,0 +1,78 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "telmate/proxmox"
+      version = "3.0.2-rc04"
+    }
+
+    bitwarden = {
+      source  = "maxlaverse/bitwarden"
+      version = ">= 0.13.6"
+    }
+  }
+
+  backend "pg" {}
+  encryption {
+    key_provider "pbkdf2" "mykey" {
+      passphrase    = var.passphrase
+      key_length    = 32
+      salt_length   = 16
+      hash_function = "sha256"
+    }
+    method "aes_gcm" "secure_method" {
+      keys = key_provider.pbkdf2.mykey
+    }
+    state {
+      method   = method.aes_gcm.secure_method
+      enforced = true
+    }
+  }
+}
+
+variable "ci_user" {
+  type      = string
+  sensitive = true
+}
+
+variable "ci_password" {
+  type      = string
+  sensitive = true
+}
+
+variable "proxmox_api_url" {
+  type      = string
+  sensitive = true
+}
+
+variable "proxmox_api_token_id" {
+  type      = string
+  sensitive = true
+}
+
+variable "proxmox_api_token_secret" {
+  type      = string
+  sensitive = true
+}
+
+variable "ssh_key" {
+  type      = string
+  sensitive = true
+}
+
+variable "passphrase" {
+  type      = string
+  sensitive = true
+}
+
+provider "proxmox" {
+  pm_api_url  = var.proxmox_api_url
+  pm_user     = "root@pam"
+  pm_password = var.proxmox_api_token_secret
+  pm_timeout  = 3600
+  pm_parallel = 2 # Fix VM HDD lock timeout
+  # Optional: Skip TLS Verification
+  pm_tls_insecure = true
+
+}
+
+