🎉: import tofu project

proxmox_lxc_container/locals.tf

@@ -0,0 +1,10 @@
+locals {
+	ssh_key = [
+		"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILxJNQPyVqQG1C5xEMuyUF9AzZd8s5J7k0kZ7qzn9a0P cveret@HLD5CD4424T4V",
+		"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDjHhcQS8S9k/GX9TyD2F6/jOWwSvoYDIXetLOi0Nm2t mortal@baybay-ponay.mateu.be"
+	]
+	public_ipv4_addr = "82.66.135.228"
+	private_ipv4_prefix = "10.233.212"
+	public_ipv6_prefix = "2a01:e0a:9bd:2811"
+	infra_related_domain = "mateu.be"
+}

proxmox_lxc_container/main.tf

@@ -0,0 +1,88 @@
+# Add a record to a sub-domain
+resource "ovh_domain_zone_record" "record_v4" {
+	zone = local.infra_related_domain
+	subdomain = "${var.server_name}.dmz"
+	fieldtype = "A"
+	target = local.public_ipv4_addr
+}
+
+resource "ovh_domain_zone_record" "record_v6" {
+	zone = local.infra_related_domain
+	subdomain = "${var.server_name}.dmz"
+	fieldtype = "AAAA"
+	target = "${local.public_ipv6_prefix}::${var.ip_suffix}"
+}
+
+resource "proxmox_virtual_environment_container" "container" {
+	node_name = "serenor"
+	description = var.server_desc
+
+	unprivileged = var.unprivileged
+	start_on_boot = var.start_on_boot
+
+	features {
+		nesting = var.features.nesting
+		fuse = var.features.fuse
+		keyctl = var.features.keyctl
+		mount = var.features.mount
+	}
+
+	cpu {
+		cores = "${var.cpu_cores}"
+	}
+
+	memory {
+		dedicated = "${var.memory_dedicated}"
+		swap = "512"
+	}
+
+	initialization {
+		hostname = var.server_name
+		ip_config {
+			ipv4 {
+				address = "${local.private_ipv4_prefix}.${var.ip_suffix}/26"
+				gateway = "${local.private_ipv4_prefix}.1"
+			}
+			ipv6 {
+				address = "${local.public_ipv6_prefix}::${var.ip_suffix}/64"
+				gateway = "${local.public_ipv6_prefix}::1"
+			}
+    	}
+
+		user_account {
+			keys = local.ssh_key
+			password = random_password.container_password.result
+		}
+	}
+
+	disk {
+		datastore_id = "local-zfs"
+		size = 8
+	}
+
+	network_interface {
+		name = "eth0"
+		firewall = true
+	}
+
+	operating_system {
+		template_file_id = var.debian_tmpl
+		type = "debian"
+	}
+
+	dynamic "mount_point" {
+		for_each = var.disk
+		iterator = mydisk
+		content {
+			volume = "local-zfs"
+			size = mydisk.value.size
+			path = mydisk.value.path
+		}
+	}
+}
+
+resource "random_password" "container_password" {
+	length           = 16
+	override_special = "_%@"
+	special          = true
+}

proxmox_lxc_container/outputs.tf

@@ -0,0 +1,4 @@
+output "container_password" {
+	value = random_password.container_password.result
+	sensitive = true
+}

proxmox_lxc_container/providers.tf

@@ -0,0 +1,12 @@
+terraform {
+	required_providers {
+		ovh = {
+			source  = "ovh/ovh"
+			version = "1.6.0"
+		}
+		proxmox = {
+			source  = "bpg/proxmox"
+			version = "0.71.0"
+		}
+	}
+}

proxmox_lxc_container/variables.tf

@@ -0,0 +1,71 @@
+variable "cpu_cores" {
+	description = "Number of CPUs for the server"
+	type = number
+	default = 1
+}
+
+variable "start_on_boot" {
+	description = "Shall the VM start at boot?"
+	type= bool
+	default = false
+}
+
+variable "memory_dedicated" {
+	description = "RAM quantity"
+	type = number
+	default = 256
+}
+
+variable "server_name" {
+	description = "Name of the server"
+	type = string
+}
+
+variable "server_desc" {
+	description = "Description of the server"
+	type = string
+}
+
+variable "features" {
+	description = "Proxmox Container Features"
+	type = object({
+		nesting = bool
+		fuse = bool
+		keyctl = bool
+		mount = list(string)
+	})
+	default = {
+		nesting = true
+		fuse = null
+		keyctl = null
+		mount = null
+	}
+}
+
+variable "unprivileged" {
+	description = "Unprivileged LXC container"
+	type = bool
+	default = true
+}
+
+variable "ip_suffix" {
+	description = "IP suffix"
+	type = number
+}
+
+variable "disk" {
+	description = "Size and type of disk"
+	type = list(object({
+		path = string
+		size = string
+	}))
+	default = []
+}
+
+variable "debian_tmpl" {
+	description = "Debian template to use"
+	type = string
+	default = "local:vztmpl/debian-12-standard_12.7-1_amd64.tar.zst"
+	## other possible value
+	# "local:vztmpl/debian-11-standard_11.7-1_amd64.tar.zst"
+}