terraform { required_providers { proxmox = { source = "bpg/proxmox" version = "= 0.76.1" } } } # locals { # dump_name = "vzdump-qemu-nixos-fediversity-${var.category}.vma.zst" # } provider "proxmox" { endpoint = "https://${var.host}:8006/" insecure = true ssh { agent = true } # # Choose one authentication method: # api_token = var.virtual_environment_api_token # # OR username = var.proxmox_user password = var.proxmox_password # # OR # auth_ticket = var.virtual_environment_auth_ticket # csrf_prevention_token = var.virtual_environment_csrf_prevention_token } # # FIXME move to host # # FIXME add proxmox # data "external" "base-hash" { # program = ["sh", "-c", "echo \"{\\\"hash\\\":\\\"$(nix-hash ${path.module}/../common/nixos/base.nix)\\\"}\""] # } # # hash of our code directory, used to trigger re-deploy # # FIXME calculate separately to reduce false positives # data "external" "hash" { # program = ["sh", "-c", "echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""] # } # # FIXME move to host # resource "terraform_data" "template" { # # triggers_replace = [ # # data.external.base-hash.result, # # ] # provisioner "local-exec" { # working_dir = path.root # # FIXME configure to use actual base image # command = <<-EOF # set -xeuo pipefail # # XXX nixos-generate needs NIX_PATH to have `nixpkgs` set! # nixos-generate -f proxmox -o /tmp/nixos-image # # the above makes /tmp/nixos-image read-only, so our stable file name needs a different directory # mkdir -p /tmp/proxmox-image # ln -sf /tmp/nixos-image/vzdump-qemu-nixos-*.vma.zst /tmp/proxmox-image/${local.dump_name} # EOF # } # } # # FIXME move to host # resource "proxmox_virtual_environment_file" "upload" { # lifecycle { # replace_triggered_by = [ # terraform_data.template, # ] # } # content_type = "images" # datastore_id = "local" # node_name = var.node_name # overwrite = true # source_file { # path = "/tmp/proxmox-image/${local.dump_name}" # file_name = local.dump_name # } # } # FIXME distinguish var.category data "proxmox_virtual_environment_vms" "nixos_base" { node_name = var.node_name filter { name = "template" values = [true] } # filter { # name = "node_name" # values = ["nixos-base"] # } } # resource "proxmox_virtual_environment_vm" "nix_vm" { # lifecycle { # replace_triggered_by = [ # proxmox_virtual_environment_file.upload, # ] # } # node_name = var.node_name # pool_id = var.pool_id # description = var.description # started = true # agent { # enabled = true # } # cpu { # type = "x86-64-v2-AES" # cores = var.cores # sockets = var.sockets # numa = true # } # memory { # dedicated = var.memory # } # efi_disk { # datastore_id = "linstor_storage" # type = "4m" # } # disk { # datastore_id = "linstor_storage" # interface = "scsi0" # discard = "on" # iothread = true # size = var.disk_size # ssd = true # } # clone { # datastore_id = "local" # node_name = data.proxmox_virtual_environment_vms.nixos_base.vms[0].node_name # invalid index: empty list # vm_id = data.proxmox_virtual_environment_vms.nixos_base.vms[0].vm_id # full = true # } # network_device { # model = "virtio" # bridge = "vnet1306" # } # operating_system { # type = "l26" # } # scsi_hardware = "virtio-scsi-single" # bios = "ovmf" # } # module "nixos-rebuild" { # depends_on = [ # proxmox_virtual_environment_vm.nix_vm # ] # source = "../tf-single-host" # system = var.system # username = var.ssh_user # host = proxmox_virtual_environment_vm.nix_vm.ipv4_addresses[0] # needs guest agent installed # module = var.module # args = var.args # key_file = var.key_file # deployment_name = var.deployment_name # root_path = var.root_path # ssh_opts = var.ssh_opts # deployment_type = var.deployment_type # }