From 4fdbf6376905c563d275e59232631d973dffc115 Mon Sep 17 00:00:00 2001 From: Kiara Grouwstra Date: Mon, 27 Oct 2025 10:55:42 +0100 Subject: [PATCH] WIP: add netbox Signed-off-by: Kiara Grouwstra --- .../check/data-model-tf-proxmox/nixosTest.nix | 7 +++ deployment/run/netbox-store-ips/main.tf | 15 ++++++ deployment/run/netbox-store-ips/tf.nix | 49 +++++++++++++++++++ deployment/run/netbox-store-ips/variables.tf | 9 ++++ 4 files changed, 80 insertions(+) create mode 100644 deployment/run/netbox-store-ips/main.tf create mode 100644 deployment/run/netbox-store-ips/tf.nix create mode 100644 deployment/run/netbox-store-ips/variables.tf diff --git a/deployment/check/data-model-tf-proxmox/nixosTest.nix b/deployment/check/data-model-tf-proxmox/nixosTest.nix index 72f1475b..ef6be396 100644 --- a/deployment/check/data-model-tf-proxmox/nixosTest.nix +++ b/deployment/check/data-model-tf-proxmox/nixosTest.nix @@ -162,6 +162,13 @@ in KMS_KEY = "tsjxw9NjKUBUlzbTnD7orqIAdEmpGYRARvxD51jtY+o="; }; }; + services.netbox = { + enable = true; + # FIXME randomly generate this + secretKeyFile = pkgs.writeText "netbox-secret" "634da8232803a8155a58584d3186127000207e079d600fc10a890e5cd59c2f4b8f0e0654005944d2ce87f5be9c22ceebec66"; + # listenAddress = "[::1]"; + # port = 8001; + }; }; extraTestScript = '' diff --git a/deployment/run/netbox-store-ips/main.tf b/deployment/run/netbox-store-ips/main.tf new file mode 100644 index 00000000..44f703cd --- /dev/null +++ b/deployment/run/netbox-store-ips/main.tf @@ -0,0 +1,15 @@ +terraform { + required_providers { + netbox = { + source = "e-breuninger/netbox" + version = "= 5.0.0" + } + } + backend "http" { + } +} + +resource "netbox_ip_range" "ips" { + start_address = var.start_address + end_address = var.end_address +} diff --git a/deployment/run/netbox-store-ips/tf.nix b/deployment/run/netbox-store-ips/tf.nix new file mode 100644 index 00000000..39c51dee --- /dev/null +++ b/deployment/run/netbox-store-ips/tf.nix @@ -0,0 +1,49 @@ +# FIXME: use overlays so this gets imported just once? +{ + pkgs, +}: +# FIXME centralize overlays +# XXX using recent revision for https://github.com/NixOS/nixpkgs/pull/447849 +let + sources = import ../../../npins; + mkProvider = + args: + pkgs.terraform-providers.mkProvider ( + { mkProviderFetcher = { repo, ... }: sources.${repo}; } // args + ); +in +( + (pkgs.callPackage "${sources.nixpkgs-unstable}/pkgs/by-name/op/opentofu/package.nix" { }) + .overrideAttrs + (old: rec { + patches = (old.patches or [ ]) ++ [ + # TF with back-end poses a problem for nix: initialization involves both + # mutation (nix: only inside build) and a network call (nix: not inside build) + ../../check/data-model-tf/02-opentofu-sandboxed-init.patch + ]; + # versions > 1.9.0 need go 1.24+ + version = "1.9.0"; + src = pkgs.fetchFromGitHub { + owner = "opentofu"; + repo = "opentofu"; + tag = "v${version}"; + hash = "sha256-e0ZzbQdex0DD7Bj9WpcVI5roh0cMbJuNr5nsSVaOSu4="; + }; + vendorHash = "sha256-fMTbLSeW+pw6GK8/JLZzG2ER90ss2g1FSDX5+f292do="; + }) +).withPlugins + (p: [ + # p.external + # p.null + (mkProvider { + owner = "e-breuninger"; + repo = "terraform-provider-netbox"; + rev = "v5.0.0"; + spdx = "MPL-2.0"; + # hash = null; + hash = "sha256-iCaCt8ZbkxCk43QEyj3PeHYuKPCPVU2oQ78aumH/l6k="; + vendorHash = "sha256-Q3H/6mpkWn1Gw0NRMtKtkBRGHjPJZGBFdGwfalyQ4Z0="; + homepage = "https://registry.terraform.io/providers/e-breuninger/netbox"; + provider-source-address = "registry.opentofu.org/e-breuninger/netbox"; + }) + ]) diff --git a/deployment/run/netbox-store-ips/variables.tf b/deployment/run/netbox-store-ips/variables.tf new file mode 100644 index 00000000..61068fff --- /dev/null +++ b/deployment/run/netbox-store-ips/variables.tf @@ -0,0 +1,9 @@ +variable "start_address" { + description = "Start of the IP range, e.g. 10.0.0.1/24." + type = string +} + +variable "end_address" { + description = "End of the IP range, e.g. 10.0.0.50/24." + type = string +}