forked from Fediversity/Fediversity
175 lines
4 KiB
HCL
175 lines
4 KiB
HCL
terraform {
|
|
required_providers {
|
|
proxmox = {
|
|
source = "bpg/proxmox"
|
|
version = "= 0.76.1"
|
|
}
|
|
}
|
|
}
|
|
|
|
locals {
|
|
dump_name = "vzdump-qemu-nixos-fediversity-${var.category}.vma.zst"
|
|
}
|
|
|
|
provider "proxmox" {
|
|
endpoint = "https://${var.host}:8006/"
|
|
insecure = true
|
|
|
|
ssh {
|
|
agent = true
|
|
}
|
|
|
|
# # Choose one authentication method:
|
|
# api_token = var.virtual_environment_api_token
|
|
# # OR
|
|
username = var.proxmox_user
|
|
password = var.proxmox_password
|
|
# # OR
|
|
# auth_ticket = var.virtual_environment_auth_ticket
|
|
# csrf_prevention_token = var.virtual_environment_csrf_prevention_token
|
|
}
|
|
|
|
# FIXME move to host
|
|
# FIXME add proxmox
|
|
data "external" "base-hash" {
|
|
program = ["sh", "-c", "echo \"{\\\"hash\\\":\\\"$(nix-hash ${path.module}/../common/nixos/base.nix)\\\"}\""]
|
|
}
|
|
|
|
# hash of our code directory, used to trigger re-deploy
|
|
# FIXME calculate separately to reduce false positives
|
|
data "external" "hash" {
|
|
program = ["sh", "-c", "echo \"{\\\"hash\\\":\\\"$(nix-hash ..)\\\"}\""]
|
|
}
|
|
|
|
# FIXME move to host
|
|
resource "terraform_data" "template" {
|
|
# triggers_replace = [
|
|
# data.external.base-hash.result,
|
|
# ]
|
|
|
|
provisioner "local-exec" {
|
|
working_dir = path.root
|
|
# FIXME configure to use actual base image
|
|
command = <<-EOF
|
|
set -xeuo pipefail
|
|
|
|
# XXX nixos-generate needs NIX_PATH to have `nixpkgs` set!
|
|
nixos-generate -f proxmox -o /tmp/nixos-image
|
|
# the above makes /tmp/nixos-image read-only, so our stable file name needs a different directory
|
|
mkdir -p /tmp/proxmox-image
|
|
ln -sf /tmp/nixos-image/vzdump-qemu-nixos-*.vma.zst /tmp/proxmox-image/${local.dump_name}
|
|
EOF
|
|
}
|
|
}
|
|
|
|
# FIXME move to host
|
|
resource "proxmox_virtual_environment_file" "upload" {
|
|
lifecycle {
|
|
replace_triggered_by = [
|
|
terraform_data.template,
|
|
]
|
|
}
|
|
|
|
content_type = "images"
|
|
datastore_id = "local"
|
|
node_name = var.node_name
|
|
overwrite = true
|
|
|
|
source_file {
|
|
path = "/tmp/proxmox-image/${local.dump_name}"
|
|
file_name = local.dump_name
|
|
}
|
|
}
|
|
|
|
# FIXME distinguish var.category
|
|
data "proxmox_virtual_environment_vms" "nixos_base" {
|
|
node_name = var.node_name
|
|
filter {
|
|
name = "template"
|
|
values = [true]
|
|
}
|
|
# filter {
|
|
# name = "node_name"
|
|
# values = ["nixos-base"]
|
|
# }
|
|
}
|
|
|
|
# resource "proxmox_virtual_environment_vm" "nix_vm" {
|
|
# lifecycle {
|
|
# replace_triggered_by = [
|
|
# proxmox_virtual_environment_file.upload,
|
|
# ]
|
|
# }
|
|
|
|
# node_name = var.node_name
|
|
# pool_id = var.pool_id
|
|
# description = var.description
|
|
# started = true
|
|
|
|
# agent {
|
|
# enabled = true
|
|
# }
|
|
|
|
# cpu {
|
|
# type = "x86-64-v2-AES"
|
|
# cores = var.cores
|
|
# sockets = var.sockets
|
|
# numa = true
|
|
# }
|
|
|
|
# memory {
|
|
# dedicated = var.memory
|
|
# }
|
|
|
|
# efi_disk {
|
|
# datastore_id = "linstor_storage"
|
|
# type = "4m"
|
|
# }
|
|
|
|
# disk {
|
|
# datastore_id = "linstor_storage"
|
|
# interface = "scsi0"
|
|
# discard = "on"
|
|
# iothread = true
|
|
# size = var.disk_size
|
|
# ssd = true
|
|
# }
|
|
|
|
# clone {
|
|
# datastore_id = "local"
|
|
# node_name = data.proxmox_virtual_environment_vms.nixos_base.vms[0].node_name # invalid index: empty list
|
|
# vm_id = data.proxmox_virtual_environment_vms.nixos_base.vms[0].vm_id
|
|
# full = true
|
|
# }
|
|
|
|
# network_device {
|
|
# model = "virtio"
|
|
# bridge = "vnet1306"
|
|
# }
|
|
|
|
# operating_system {
|
|
# type = "l26"
|
|
# }
|
|
|
|
# scsi_hardware = "virtio-scsi-single"
|
|
# bios = "ovmf"
|
|
# }
|
|
|
|
# module "nixos-rebuild" {
|
|
# depends_on = [
|
|
# proxmox_virtual_environment_vm.nix_vm
|
|
# ]
|
|
|
|
# source = "../tf-single-host"
|
|
|
|
# system = var.system
|
|
# username = var.ssh_user
|
|
# host = proxmox_virtual_environment_vm.nix_vm.ipv4_addresses[0] # needs guest agent installed
|
|
# module = var.module
|
|
# args = var.args
|
|
# key_file = var.key_file
|
|
# deployment_name = var.deployment_name
|
|
# root_path = var.root_path
|
|
# ssh_opts = var.ssh_opts
|
|
# deployment_type = var.deployment_type
|
|
# }
|