user-data.tftpl

ansible-hosts.tftpl

[dns]
%{ for node_host, node_hostname in node_map_pdns ~}
${node_hostname} ansible_host=${node_host}
%{endfor}

[netbox]
%{ for node_host, node_hostname in node_map_netbox ~}
${node_hostname} ansible_host=${node_host}
%{endfor}

[vault]
%{ for node_host, node_hostname in node_map_vault ~}
${node_hostname} ansible_host=${node_host}
%{endfor}

[all:vars]
ansible_ssh_user=${ansible_user}
ansible_ssh_private_key_file=${ansible_ssh_private_key_file}

gistfile1.txt

#cloud-config
preserve_hostname: false
hostname: ${hostname}
fqdn: ${fqdn}
prefer_fqdn_over_hostname: true
manage_etc_hosts: true

package_update: true
package_upgrade: true
packages:
  - vim
  - tmux
  - git
  - curl
  - wget
  - sudo
%{ if serial_added ~}
runcmd:
  - [ systemctl, enable, [email protected] ]
  - [ systemctl, start, --no-block, [email protected] ]
%{ endif ~}
users:
  - name: ${ansible_user}
    passwd: ${ansible_password}
    ssh-authorized-keys:
      - ${ansible_public_key}
    sudo: ['ALL=(ALL) NOPASSWD:ALL']
    groups: sudo, admin
    shell: /bin/bash
power_state:
  mode: reboot
  message: Restarting after setup

main.tf

# main.tf
module "netbox" {
  source                  = "./modules/vm"
  count                   = var.netbox_count
  vm_name                 = "${var.netbox_name}${count.index + 1}"
  [extra vars]
}
  
module "powerdns" {
  source                  = "./modules/vm"
  count                   = var.powerdns_count  
  [extra vars]
}

module "vault" {
  source                  = "./modules/vm"
  count                   = var.vault_count  
  [extra vars]
}
resource "local_file" "ansible_hosts" {

  depends_on = [
    module.netbox,
    module.powerdns,
    module.vault
  ]

  content = templatefile("${path.module}/../shared/templates/ansible-hosts.tftpl",
    {
      node_map_pdns = zipmap(
        tolist(module.powerdns.*.ssh_host), tolist(module.powerdns.*.name)
      ),
      node_map_netbox = zipmap(
        tolist(module.netbox.*.ssh_host), tolist(module.netbox.*.name)
      ),
      node_map_vault = zipmap(
        tolist(module.vault.*.ssh_host), tolist(module.vault.*.name)
      ),
      "ansible_user" = "ansible"
      "ansible_ssh_private_key_file" = "${path.module}/../generated/keys/ansible_id_ed25519"
    }
  )
  filename = "${path.module}/../shared/ansible-hosts"
}

output "ansible_inventory" {
  depends_on = [
    local_file.ansible_hosts
  ]
  value = local_file.ansible_hosts.content
}

modules-vm-main.tf

# modules/vm/main.tf

# Generates the user-data from the template locally
resource "local_sensitive_file" "cloud_init" {
  #content   = data.template_file.cloud_init.rendered
  content   = templatefile("${path.root}/../shared/templates/cloud-init/user-data.tftpl", {
    hostname            = var.vm_name,
    fqdn                = "${var.vm_name}.${var.vm_domain_name}",
    ansible_user        = var.ansible_user,
    ansible_password    = var.ansible_password,
    ansible_public_key  = var.ansible_public_key,
    serial_added        = local.serial_added
  })
  filename  = "${path.root}/../generated/cloud-init/${var.project_name}-${var.vm_name}-cloud_init.yml"
  file_permission = "0644"
}

# Uploads the user-data to proxmox server and puts it in the nfs/snippets folder since there is no api to upload it
resource "null_resource" "cloud_init" {
  connection {
    type    = "ssh"
    user    = "root"
    private_key = file("~/.ssh/id_ed25519")
    host    = "10.10.110.41"
  }

  provisioner "file" {
    source       = local_sensitive_file.cloud_init.filename
    destination  = "/mnt/pve/proxmox-nfs/snippets/${var.project_name}-${var.vm_name}-cloud_init.yml"
  }
  
  triggers = {
    cloud_init_sh1 = resource.local_sensitive_file.cloud_init.content_sha1
  }
}



resource "proxmox_vm_qemu" "vm" {
  depends_on = [ 
    null_resource.cloud_init
   ]
  name          = var.vm_name
  target_node   = var.vm_target_node
  clone         = var.vm_clone
  full_clone    = var.vm_full_clone
  hastate       = var.vm_hastate
  hagroup       = var.vm_hagroup
  agent         = var.vm_agent
  desc          = var.vm_description
  qemu_os       = var.vm_qemu_os
  balloon       = var.vm_memory_minimum
  memory        = var.vm_memory_maximum
  numa          = var.vm_numa
  sockets       = var.vm_sockets
  cores         = var.vm_cores
  cpu           = var.vm_cpu
  hotplug       = var.vm_hotplug
  scsihw        = var.vm_scsi_controller
  pool          = var.vm_pool

  disk {
    slot             = 0
    type             = var.vm_disk_type
    storage          = var.vm_disk_storage
    size             = var.vm_disk_size
    format           = var.vm_disk_format
    iothread         = var.vm_disk_iothread
    ssd              = var.vm_disk_ssd
    cache            = var.vm_disk_cache
  }

  serial {
    id          = var.vm_serial_id
    type        = var.vm_serial_type
  }

  os_type                 = "cloud-init"
  ipconfig0               = "ip=dhcp"
  cicustom                = "user=proxmox-nfs:snippets/${var.project_name}-${var.vm_name}-cloud_init.yml"
  cloudinit_cdrom_storage = var.vm_cloudinit_cdrom_storage 

  network {
    model     = var.vm_network_model
    bridge    = var.vm_network_bridge
    tag       = var.vm_network_vlan_tag
    firewall  = var.vm_network_firewall
  }

  force_recreate_on_change_of = resource.local_sensitive_file.cloud_init.content_sha1
  #tags	= ""
}

modules-vm-output.tf

# modules/vm/output.tf
output "ssh_host" {
    value = proxmox_vm_qemu.vm.ssh_host
}

output "name" {
    value = proxmox_vm_qemu.vm.name
}