tofu/proxmox_lxc_container/main.tf

# Add a record to a sub-domain
resource "ovh_domain_zone_record" "record_v4" {
	zone = local.infra_related_domain
	subdomain = "${var.server_name}.dmz"
	fieldtype = "A"
	target = local.public_ipv4_addr
}

resource "ovh_domain_zone_record" "record_v6" {
	zone = local.infra_related_domain
	subdomain = "${var.server_name}.dmz"
	fieldtype = "AAAA"
	target = "${local.public_ipv6_prefix}::${var.ip_suffix}"
}

resource "proxmox_virtual_environment_container" "container" {
	node_name = "serenor"
	description = var.server_desc

	tags = var.tags

	unprivileged = var.unprivileged
	start_on_boot = var.start_on_boot

	features {
		nesting = var.features.nesting
		fuse = var.features.fuse
		keyctl = var.features.keyctl
		mount = var.features.mount
	}

	cpu {
		cores = "${var.cpu_cores}"
	}

	memory {
		dedicated = "${var.memory_dedicated}"
		swap = "512"
	}

	initialization {
		hostname = var.server_name
		ip_config {
			ipv4 {
				address = "${local.private_ipv4_prefix}.${var.ip_suffix}/26"
				gateway = "${local.private_ipv4_prefix}.1"
			}
			ipv6 {
				address = "${local.public_ipv6_prefix}::${var.ip_suffix}/64"
				gateway = "${local.public_ipv6_prefix}::1"
			}
    	}

		user_account {
			keys = local.ssh_key
			password = random_password.container_password.result
		}
	}

	disk {
		datastore_id = "local-zfs"
		size = 8
	}

	network_interface {
		name = "eth0"
		firewall = true
	}

	operating_system {
		template_file_id = var.debian_tmpl
		type = "debian"
	}

	dynamic "mount_point" {
		for_each = var.disk
		iterator = mydisk
		content {
			volume = "local-zfs"
			size = mydisk.value.size
			path = mydisk.value.path
		}
	}
}

resource "random_password" "container_password" {
	length           = 16
	override_special = "_%@"
	special          = true
}