diff --git a/.forgejo/workflows/tofu.yml b/.forgejo/workflows/tofu.yml
index 6527aeb..cd2ff0c 100644
--- a/.forgejo/workflows/tofu.yml
+++ b/.forgejo/workflows/tofu.yml
@@ -23,54 +23,33 @@ jobs:
access_token: ${{ secrets.BW_ACCESS_TOKEN }}
base_url: https://vault.bitwarden.com
secrets: |
- c65f8886-f6fb-4c17-bc79-b208000604bf > arrbuntu_ip_address
2dae51bd-bd65-474c-971c-b20800f22afa > aws_access_key_id
287c852d-f2b5-467d-bfc4-b20800f25f52 > aws_secret_access_key
- a54974b8-c6b3-4df7-9042-b20800064050 > downloaders_ip_address
3b222376-ccd9-4f44-a4b4-b222001af68a > grafana_auth
030fbb6a-3b6d-40dc-9c26-b222001b0fb6 > grafana_url
- dacbeafa-c671-4b9c-9334-b2080006f75b > init_password
- 9ceabbd0-6492-4674-9bab-b2080006e333 > init_username
- 0bc3c1a3-fc48-48ce-85c5-b2080007136a > kasm_ip
- 63ca1819-5090-4e30-9dba-b20800072718 > kasm_ssh_ip
- 47ef68aa-32a9-45b0-835d-b2080006ce38 > npm_ip_address
- d0c7f3ec-8277-4b1b-9a1b-b2080006b842 > prox_ip_address
- 17ab7869-c7a1-4ece-8c64-b20800075213 > pve2_ip_address
f8f85ab2-5f6d-46a7-9e06-b20800076d26 > s3_endpoint
- 68f1d77d-4e96-498a-9464-b208000679a4 > ssh_password
- d0762ced-73de-4f30-aa1c-b20800069536 > ssh_username
- d8017351-7a11-42e6-9e8d-b208000739b8 > ubu_ip_address
- 1d250f4a-ae18-4e19-934c-b2080005e132 > virtual_environment_api
- a4ed343a-bb92-4beb-a421-b2080005bf98 > virtual_environment_endpoint
- af0ed579-05f8-405f-b0f3-b208000620ca > vlan_gateway
+ b6dac092-df23-4e28-8449-b2770059096d > kube_config
- name: Create tfvars file
working-directory: ./terraform
run: |
cat <<EOF > terraform.tfvars
- arrbuntu_ip_address = "${{ steps.bitwarden-secrets.outputs.arrbuntu_ip_address }}"
aws_access_key_id = "${{ steps.bitwarden-secrets.outputs.aws_access_key_id }}"
aws_secret_access_key = "${{ steps.bitwarden-secrets.outputs.aws_secret_access_key }}"
- downloaders_ip_address = "${{ steps.bitwarden-secrets.outputs.downloaders_ip_address }}"
grafana_auth = "${{ steps.bitwarden-secrets.outputs.grafana_auth }}"
grafana_url = "${{ steps.bitwarden-secrets.outputs.grafana_url }}"
- init_password = "${{ steps.bitwarden-secrets.outputs.init_password }}"
- init_username = "${{ steps.bitwarden-secrets.outputs.init_username }}"
- kasm_ip = "${{ steps.bitwarden-secrets.outputs.kasm_ip }}"
- kasm_ssh_ip = "${{ steps.bitwarden-secrets.outputs.kasm_ssh_ip }}"
- npm_ip_address = "${{ steps.bitwarden-secrets.outputs.npm_ip_address }}"
- prox_ip_address = "${{ steps.bitwarden-secrets.outputs.prox_ip_address }}"
- pve2_ip_address = "${{ steps.bitwarden-secrets.outputs.pve2_ip_address }}"
s3_endpoint = "${{ steps.bitwarden-secrets.outputs.s3_endpoint }}"
- ssh_password = "${{ steps.bitwarden-secrets.outputs.ssh_password }}"
- ssh_username = "${{ steps.bitwarden-secrets.outputs.ssh_username }}"
- ubu_ip_address = "${{ steps.bitwarden-secrets.outputs.ubu_ip_address }}"
- virtual_environment_api = "${{ steps.bitwarden-secrets.outputs.virtual_environment_api }}"
- virtual_environment_endpoint = "${{ steps.bitwarden-secrets.outputs.virtual_environment_endpoint }}"
- vlan_gateway = "${{ steps.bitwarden-secrets.outputs.vlan_gateway }}"
EOF
+ - name: Make Kube directory
+ run: |
+ mkdir ~/.kube
+
+ - name: Create Kube Config
+ run: |
+ printf "%s" "${{ steps.bitwarden-secrets.outputs.kube_config }}" > ~/.kube/config
+
- name: Setup OpenTofu
uses: https://github.com/opentofu/setup-opentofu@v1.0.5
diff --git a/automations/README.md b/automations/README.md
deleted file mode 100644
index e69de29..0000000
diff --git a/docker/README.md b/docker/README.md
index da76423..0519ecb 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -1,301 +1 @@
-[](https://git.mafyuh.dev/mafyuh/iac/actions)
-[](https://git.mafyuh.dev/mafyuh/iac/actions)
-[](https://git.mafyuh.dev/renovatebot/renovate/actions)
-[](https://git.mafyuh.dev/mafyuh/iac/pulls)
-
-<div align="center">
-
-Homelab docker-compose environment defined in code. Using Forgejo Actions and Renovate bot for CI, AWX Tower and Forgejo Actions for CD. This is how I keep my Homelab UTD.
-
-</div>
-<p align="center">
- <a href="https://git.mafyuh.dev/mafyuh/iac/wiki">Wiki</a> |
- <a href="https://loganmarchione.com/2022/10/how-to-run-renovate-on-a-self-hosted-gitea-and-drone-instance/">How to Setup</a> |
- <a href="https://mafyuh.com">Blog</a> |
- <a href="https://www.youtube.com/watch?v=5CkCr9U_Q1Y">Inspiration</a> |
- <a href="https://git.mafyuh.dev/mafyuh/IaC-Homelab">Infrastructure</a>
-</p>
-
-<div align="center">
-
-| Hypervisor | OS | Tools | VPS (arm) | Firewall |
-|---|---|---|---|---|
-| [](https://www.proxmox.com) | [](https://releases.ubuntu.com/jammy/) [](https://releases.ubuntu.com/noble/) | [](https://forgejo.org/) [](https://www.docker.com/) | [](https://www.oracle.com/cloud/) | [](https://www.pfsense.org/) |
-
-</div>
-
-<div align="center">
-
-## Apps in Repo:
-<table>
- <tr>
- <th>Logo</th>
- <th>Name</th>
- <th>Description</th>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/adguardhome.svg"></td>
- <td><a href="https://adguard.com/en/adguard-home/overview.html">AdGuard Home</a></td>
- <td>Network Wide DNS adblock as well as my DNS server (2/2)</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/adguardhomesync-icon.png"></td>
- <td><a href="https://docs.linuxserver.io/images/docker-adguardhome-sync/">AdGuard Home Sync</a></td>
- <td>Syncs my instances of Adguard</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/authentik.svg"></td>
- <td><a href="https://goauthentik.io/">authentik</a></td>
- <td>Open Source Identity Provider </td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/bazarr.svg"></td>
- <td><a href="https://www.bazarr.media/">Bazarr</a></td>
- <td>Downloads subtitles for Radarr/Sonarr</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/cloudflare.svg"></td>
- <td><a href="https://www.cloudflare.com/products/tunnel/">Cloudflare Tunnels</a></td>
- <td>How I expose some of these services</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/kiranshila/Doplarr/main/logos/logo.svg"></td>
- <td><a href="https://github.com/kiranshila/Doplarr">Doplarr</a></td>
- <td>Allows my users to request content through Discord if they choose</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/FlareSolverr/FlareSolverr/master/resources/flaresolverr_logo.svg"></td>
- <td><a href="https://github.com/FlareSolverr/FlareSolverr">FlareSolverr</a></td>
- <td>Proxy server to bypass Cloudflare and DDoS-GUARD protection</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/forgejo.svg"></td>
- <td><a href="https://forgejo.org/">Forgejo</a></td>
- <td>This site</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/forgejo.svg"></td>
- <td><a href="https://code.forgejo.org/forgejo/runner">Forgejo Runner</a></td>
- <td>Runs CI/CD tasks Yamllint and Renovatebot and CD through AWX</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/gotify.svg"></td>
- <td><a href="https://gotify.net/">Gotfiy</a></td>
- <td>Self hosted notification service</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/homarr.svg"></td>
- <td><a href="https://homarr.dev/docs/getting-started/installation/">Homarr</a></td>
- <td>Homelab dashboard that integrates with the arr's so I see data in 1 place</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/jellyfin.svg"></td>
- <td><a href="https://github.com/jellyfin/jellyfin">Jellyfin</a></td>
- <td>Open Source Streaming Service for home media like Plex</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/jellyseerr.svg"></td>
- <td><a href="https://github.com/Fallenbagel/jellyseerr">Jellyseerr</a></td>
- <td>Request platform for my Jellyfin user's to request content</a></td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/docker.svg"></td>
- <td><a href="https://github.com/hrfee/jfa-go">jfa-go</a></td>
- <td>Used for some PPV/Live TV automations to create users for certain periods of time</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/kasm.svg"></td>
- <td><a href="https://docs.linuxserver.io/images/docker-kasm/">Kasm</a></td>
- <td>Docker container streaming platform for browser-based access to desktops, applications, and web services</a></td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/lidarr.svg"></td>
- <td><a href="https://wiki.servarr.com/en/lidarr">Lidarr</a></td>
- <td>Music Collection Manager</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/LinkStackOrg/branding/main/logo/svg/logo_animated.svg"></td>
- <td><a href="https://github.com/LinkStackOrg/linkstack-docker">LinkStack</a></td>
- <td>Creating a static links page for my Jellyfin users</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,w_60,h_60/https://dashboard.snapcraft.io/site_media/appmedia/2020/03/makemkv.png"></td>
- <td><a href="https://github.com/jlesage/docker-makemkv">MakeMKV</a></td>
- <td>Used to rip Bluray's with my LG BU40N drive </td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://avatars.githubusercontent.com/u/31035808?s=200&v=4"></td>
- <td><a href="https://docs.mindsdb.com/what-is-mindsdb">mindsdb</a></td>
- <td>Connects Ollama models to 100+ different databases, easy to use.</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/nbxyz-logo.svg"></td>
- <td><a href="https://netboot.xyz/">Netboot.xyz</a></td>
- <td>Network boot instead of using my ventoy USB</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/nginxproxymanager.svg"></td>
- <td><a href="https://nginxproxymanager.com/">Nginx Proxy Manager</a></td>
- <td>Reverse Proxy used for its simplicity (1/3)</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/n8n.svg"></td>
- <td><a href="https://n8n.io">n8n</a></td>
- <td>Self hosted automation platform, Zapier alternative, switched from ActivePieces</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://ollama.com/public/ollama.png"></td>
- <td><a href="https://ollama.com/">Ollama</a></td>
- <td>Easiest way to run LLM's on your own hardware</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://github.com/open-webui/open-webui/blob/main/static/favicon.png?raw=true"></td>
- <td><a href="https://github.com/open-webui/open-webui">open-webui</a></td>
- <td>Creates a ChatGPT like web interface for talking to Ollama models</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/portainer.svg"></td>
- <td><a href="https://github.com/portainer/portainer">Portainer</a></td>
- <td>Web-based management for learning Kubernetes, I learned Docker this way and will Kub as well</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/prowlarr.svg"></td>
- <td><a href="https://prowlarr.com/">Prowlarr</a></td>
- <td>Searches indexers for Radarr/Sonarr</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/qbittorrent.svg"></td>
- <td><a href="https://github.com/binhex/arch-qbittorrentvpn">qBittorrent VPN</a></td>
- <td>Modified qBittorrent with VPN killswitch enabled</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/radarr.svg"></td>
- <td><a href="https://radarr.video/">Radarr</a></td>
- <td>Movie Collection Manager</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/sabnzbd.svg"></td>
- <td><a href="https://sabnzbd.org/">Sabnzbd</a></td>
- <td>Usenet downloader to download content</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/sonarr.svg"></td>
- <td><a href="https://wiki.servarr.com/sonarr">Sonarr</a></td>
- <td>Radarr, but for TV Shows</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://www.gravatar.com/avatar/614e0f6491dbb293e540190b02b3024e?s=120&r=g&d=404"></td>
- <td><a href="https://hub.docker.com/r/sonatype/nexus3/">Sonatype Nexus</a></td>
- <td>Self-hosted Docker registry to help lower Docker pulls</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/syncthing.svg"></td>
- <td><a href="https://syncthing.net/">Syncthing</a></td>
- <td>How I backup all config files, following 3-2-1 backup procedure</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://play-lh.googleusercontent.com/GBhNhKgjfy6i6Ucc0hyB-79WmcV7LvKSfGSy8iStFdZSaLioKQp5rPWjqsh2YFRRZsE1"></td>
- <td><a href="https://twingate.com">Twingate Connectors</a></td>
- <td>Main VPN between homelab and cloud VPS's</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/uptimekuma.svg"></td>
- <td><a href="https://github.com/louislam/uptime-kuma">Uptime Kuma</a></td>
- <td>Self hosted service uptime tracker</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/openai-black.svg"></td>
- <td><a href="https://github.com/ahmetoner/whisper-asr-webservice">Whisper</a></td>
- <td>AI Model that I use to generate subtitles for Bazarr when they can't be found</td>
- </tr>
-</table>
-
-</div>
-
-<div align="center">
-
-## Apps not yet in repo:
-<table>
- <tr>
- <th>Logo</th>
- <th>Name</th>
- <th>Description</th>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/ansible-black.svg"></td>
- <td><a href="https://github.com/ansible/awx">AWX (Ansible Tower)</a></td>
- <td>Used to easily run Ansible playbooks on all my VM's, and now CD for this repo, installed on K3s</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/grafana.svg"></td>
- <td><a href="https://hub.docker.com/r/grafana/grafana-oss">Grafana</a></td>
- <td>Monitoring for various services</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/wordpress.svg"></td>
- <td><a href="https://wordpress.org/">Wordpress</a></td>
- <td>WooCommerce store setup for JF PPV access</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://upload.wikimedia.org/wikipedia/commons/3/31/Apache_Guacamole_logo.png"></td>
- <td><a href="https://guacamole.apache.org/">Guacamole</a></td>
- <td>Remote access in browser via SSH, RDP, VNC, etc</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/homeassistant.svg"></td>
- <td><a href="https://www.home-assistant.io/">Home Assistant</a></td>
- <td>Slowly migrating over to Home Assistant from Google Home</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/plausible.svg"></td>
- <td><a href="https://plausible.io/">Plausible</a></td>
- <td>Analytics tracker for certain websites (Blog)</td>
- </tr>
- <tr>
- <td><img vertical-align=baseline width="32" src="https://raw.githubusercontent.com/Mafyuh/homelab-svg-assets/main/assets/wazuh.svg"></td>
- <td><a href="https://wazuh.com/">wazuh</a></td>
- <td>Security platform monitoring everything with agents installed on all VM's</td>
- </tr>
-</table>
-
-</div>
-
-<div align="center">
-
-## Full Workflow Chart
-
-</div>
-
-```mermaid
-graph TD
- A1((Renovate Bot Scans for Updates)) --> A2{Updates Found?}
- A2 -- Yes --> B[Make PR]
- A2 -- No --> C(End)
-
- B --> D{PR Merged?}
- D -- No --> E(End)
-
- subgraph Handle Merged PR
- D -- Yes --> F[Extract Host]
- F --> G[SSH to Host Machine]
- G --> H[Git Pull & Docker Compose Up]
- H --> I(End)
- end
-
- subgraph Notification on PR Creation
- B --> P[Notify via Gotify]
- end
-
- subgraph Release Notes Handling
- Q((PR Webhook Received)) --> R{PR Open?}
- R -- No --> S(End)
- R -- Yes --> T[Hit GitHub API for Release Notes]
- T --> U[Extract PR Number from webhook]
- U --> W[API Call to Foregjo to leave Release Notes]
- W --> S
- end
-
- P --> Q
-
-
-```
\ No newline at end of file
+
\ No newline at end of file
diff --git a/packer/debian/debian-11-2.pkr.hcl b/packer/debian/debian-11-2.pkr.hcl
new file mode 100644
index 0000000..1c0ac0b
--- /dev/null
+++ b/packer/debian/debian-11-2.pkr.hcl
@@ -0,0 +1,116 @@
+packer {
+ required_plugins {
+ name = {
+ version = "~> 1"
+ source = "github.com/hashicorp/proxmox"
+ }
+ }
+}
+
+variable "proxmox_api_url" {
+ type = string
+}
+
+variable "proxmox_api_token_id" {
+ type = string
+}
+
+variable "proxmox_api_token_secret" {
+ type = string
+ sensitive = true
+}
+
+# Resource Definiation for the VM Template
+source "proxmox-clone" "debian2" {
+
+ # Proxmox Connection Settings
+ proxmox_url = "${var.proxmox_api_url}"
+ username = "${var.proxmox_api_token_id}"
+ token = "${var.proxmox_api_token_secret}"
+ insecure_skip_tls_verify = true
+
+ # VM General Settings
+ node = "pve2"
+
+
+ clone_vm_id = "8105"
+
+ vm_id = "9999"
+ vm_name = "debian-template"
+ template_description = "Debian Bullseye"
+
+ # VM System Settings
+ qemu_agent = true
+
+ # VM Hard Disk Settings
+ scsi_controller = "virtio-scsi-pci"
+
+ disks {
+ disk_size = "3G"
+ format = "raw"
+ storage_pool = "Fast500Gb"
+ type = "scsi"
+ }
+
+ # VM CPU Settings
+ cores = "2"
+ cpu_type = "x86-64-v2-AES"
+
+ # VM Memory Settings
+ memory = "2048"
+
+ # VM Network Settings
+ network_adapters {
+ model = "virtio"
+ bridge = "vmbr0"
+ firewall = "false"
+ }
+
+
+ ssh_username = "mafyuh"
+ # WSL Filesystem
+ ssh_private_key_file = "~/.ssh/id_rsa"
+}
+
+
+build {
+
+ name = "debian"
+ sources = ["source.proxmox-clone.debian2"]
+
+ ## Cleanup for re-template
+ provisioner "shell" {
+ inline = [
+ "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
+ "sudo rm /etc/ssh/ssh_host_*",
+ "sudo truncate -s 0 /etc/machine-id",
+ "sudo apt -y autoremove --purge",
+ "sudo apt -y clean",
+ "sudo apt -y autoclean",
+ "sudo cloud-init clean",
+ "sudo rm -f /var/lib/dbus/machine-id",
+ "sudo rm -f /var/lib/systemd/random-seed",
+ "sudo rm -f /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg",
+ "sudo rm -f /etc/netplan/00-installer-config.yaml",
+ "sudo sync"
+ ]
+ }
+
+ provisioner "file" {
+ source = "files/pve.cfg"
+ destination = "/tmp/pve.cfg"
+ }
+
+ provisioner "shell" {
+ inline = [ "sudo cp /tmp/pve.cfg /etc/cloud/cloud.cfg.d/pve.cfg" ]
+ }
+
+
+ provisioner "shell" {
+ inline = [
+ "sudo apt-get update",
+ "sudo apt-get -y upgrade"
+ ]
+ }
+
+}
diff --git a/packer/debian/debian-11.pkr.hcl b/packer/debian/debian-11.pkr.hcl
new file mode 100644
index 0000000..234604d
--- /dev/null
+++ b/packer/debian/debian-11.pkr.hcl
@@ -0,0 +1,116 @@
+packer {
+ required_plugins {
+ name = {
+ version = "~> 1"
+ source = "github.com/hashicorp/proxmox"
+ }
+ }
+}
+
+variable "proxmox_api_url" {
+ type = string
+}
+
+variable "proxmox_api_token_id" {
+ type = string
+}
+
+variable "proxmox_api_token_secret" {
+ type = string
+ sensitive = true
+}
+
+# Resource Definiation for the VM Template
+source "proxmox-clone" "debian" {
+
+ # Proxmox Connection Settings
+ proxmox_url = "${var.proxmox_api_url}"
+ username = "${var.proxmox_api_token_id}"
+ token = "${var.proxmox_api_token_secret}"
+ insecure_skip_tls_verify = true
+
+ # VM General Settings
+ node = "prox"
+
+
+ clone_vm_id = "8104"
+
+ vm_id = "9998"
+ vm_name = "debian-template"
+ template_description = "Debian Bullseye"
+
+ # VM System Settings
+ qemu_agent = true
+
+ # VM Hard Disk Settings
+ scsi_controller = "virtio-scsi-pci"
+
+ disks {
+ disk_size = "3G"
+ format = "raw"
+ storage_pool = "Fast2Tb"
+ type = "scsi"
+ }
+
+ # VM CPU Settings
+ cores = "2"
+ cpu_type = "x86-64-v2-AES"
+
+ # VM Memory Settings
+ memory = "2048"
+
+ # VM Network Settings
+ network_adapters {
+ model = "virtio"
+ bridge = "vmbr0"
+ firewall = "false"
+ }
+
+
+ ssh_username = "mafyuh"
+ # WSL Filesystem
+ ssh_private_key_file = "~/.ssh/id_rsa"
+}
+
+
+build {
+
+ name = "debian"
+ sources = ["source.proxmox-clone.debian"]
+
+ ## Cleanup for re-template
+ provisioner "shell" {
+ inline = [
+ "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 1; done",
+ "sudo rm /etc/ssh/ssh_host_*",
+ "sudo truncate -s 0 /etc/machine-id",
+ "sudo apt -y autoremove --purge",
+ "sudo apt -y clean",
+ "sudo apt -y autoclean",
+ "sudo cloud-init clean",
+ "sudo rm -f /var/lib/dbus/machine-id",
+ "sudo rm -f /var/lib/systemd/random-seed",
+ "sudo rm -f /etc/cloud/cloud.cfg.d/subiquity-disable-cloudinit-networking.cfg",
+ "sudo rm -f /etc/netplan/00-installer-config.yaml",
+ "sudo sync"
+ ]
+ }
+
+ provisioner "file" {
+ source = "files/pve.cfg"
+ destination = "/tmp/pve.cfg"
+ }
+
+ provisioner "shell" {
+ inline = [ "sudo cp /tmp/pve.cfg /etc/cloud/cloud.cfg.d/pve.cfg" ]
+ }
+
+
+ provisioner "shell" {
+ inline = [
+ "sudo apt-get update",
+ "sudo apt-get -y upgrade"
+ ]
+ }
+
+}
diff --git a/packer/debian/files/pve.cfg b/packer/debian/files/pve.cfg
new file mode 100644
index 0000000..a78672c
--- /dev/null
+++ b/packer/debian/files/pve.cfg
@@ -0,0 +1 @@
+datasource_list: [ConfigDrive, NoCloud]
\ No newline at end of file
diff --git a/terraform/README.md b/terraform/README.md
index 8239517..7f9f9c9 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -1,6 +1,3 @@
-[](https://github.com/opentofu/opentofu)
-
-
<div align="center">
# IaC
@@ -10,9 +7,5 @@ Infrastructure as Code (IaC) for my homelab using OpenTofu.
</div>
-## Overview
-
-This repository manages the infrastructure for my homelab using OpenTofu and Proxmox.
-
diff --git a/terraform/flux/main.tf b/terraform/flux/main.tf
new file mode 100644
index 0000000..b527f8d
--- /dev/null
+++ b/terraform/flux/main.tf
@@ -0,0 +1,20 @@
+data "bitwarden-secrets_secret" "git_flux_password" {
+ id = "e507c0be-cc1e-4d5b-90a7-b2710067c651"
+}
+
+provider "flux" {
+ kubernetes = {
+ config_path = "~/.kube/config"
+ }
+ git = {
+ url = "https://git.mafyuh.dev/mafyuh/k3s"
+ http = {
+ username = "mafyuh"
+ password = data.bitwarden-secrets_secret.git_flux_password.value
+ }
+ }
+}
+
+resource "flux_bootstrap_git" "flux" {
+ path = "cluster/production"
+}
\ No newline at end of file
diff --git a/terraform/flux/provider.tf b/terraform/flux/provider.tf
new file mode 100644
index 0000000..514a86e
--- /dev/null
+++ b/terraform/flux/provider.tf
@@ -0,0 +1,12 @@
+terraform {
+ required_providers {
+ flux = {
+ source = "fluxcd/flux"
+ version = "1.4.0"
+ }
+ bitwarden-secrets = {
+ source = "sebastiaan-dev/bitwarden-secrets"
+ version = "0.1.2"
+ }
+ }
+}
\ No newline at end of file
diff --git a/terraform/main.tf b/terraform/main.tf
index cc18d41..569d26e 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -24,51 +24,53 @@ terraform {
source = "bpg/proxmox"
version = "0.70.0"
}
+ bitwarden-secrets = {
+ source = "sebastiaan-dev/bitwarden-secrets"
+ version = "0.1.2"
+ }
+ flux = {
+ source = "fluxcd/flux"
+ version = "1.4.0"
+ }
}
}
+provider "bitwarden-secrets" {
+ access_token = var.access_token
+}
+
+
provider "proxmox" {
- endpoint = var.virtual_environment_endpoint
- password = var.ssh_password
+ endpoint = data.bitwarden-secrets_secret.virtual_environment_endpoint.value
+ password = data.bitwarden-secrets_secret.ssh_password.value
username = "root@pam"
insecure = true
ssh {
agent = true
username = "root"
- password = var.ssh_password
+ password = data.bitwarden-secrets_secret.ssh_password.value
node {
name = "prox"
- address = var.prox_ip_address
+ address = data.bitwarden-secrets_secret.prox_ip_address.value
}
node {
name = "pve2"
- address = var.pve2_ip_address
+ address = data.bitwarden-secrets_secret.pve2_ip_address.value
}
}
}
module "proxmox" {
source = "./proxmox"
+
+ providers = {
+ proxmox = proxmox
+ }
+}
- virtual_environment_endpoint = var.virtual_environment_endpoint
- virtual_environment_api = var.virtual_environment_api
- arrbuntu_ip_address = var.arrbuntu_ip_address
- vlan_gateway = var.vlan_gateway
- downloaders_ip_address = var.downloaders_ip_address
- ssh_password = var.ssh_password
- ssh_username = var.ssh_username
- prox_ip_address = var.prox_ip_address
- npm_ip_address = var.npm_ip_address
- init_username = var.init_username
- init_password = var.init_password
- kasm_ip = var.kasm_ip
- kasm_ssh_ip = var.kasm_ssh_ip
- ubu_ip_address = var.ubu_ip_address
- pve2_ip_address = var.pve2_ip_address
- s3_endpoint = var.s3_endpoint
- aws_secret_access_key = var.aws_secret_access_key
- aws_access_key_id = var.aws_access_key_id
-}
\ No newline at end of file
+module "flux" {
+ source = "./flux"
+}
diff --git a/terraform/proxmox/arrbuntu.tf b/terraform/proxmox/arrbuntu.tf
index a887940..8ed3348 100644
--- a/terraform/proxmox/arrbuntu.tf
+++ b/terraform/proxmox/arrbuntu.tf
@@ -8,7 +8,7 @@ resource "proxmox_virtual_environment_vm" "Arrbuntu" {
tags = ["tofu", "ubuntu-22", "auto-homelab-repo", "infrastructure"]
agent {
- enabled = true # read 'Qemu guest agent' section, change to true only when ready
+ enabled = true
}
clone {
@@ -47,8 +47,8 @@ resource "proxmox_virtual_environment_vm" "Arrbuntu" {
initialization {
ip_config {
ipv4 {
- address = var.arrbuntu_ip_address
- gateway = var.vlan_gateway
+ address = data.bitwarden-secrets_secret.arrbuntu_ip.value
+ gateway = data.bitwarden-secrets_secret.vlan_gateway.value
}
}
diff --git a/terraform/proxmox/debian-base.tf b/terraform/proxmox/debian-base.tf
new file mode 100644
index 0000000..85c9941
--- /dev/null
+++ b/terraform/proxmox/debian-base.tf
@@ -0,0 +1,45 @@
+resource "proxmox_virtual_environment_vm" "Debian-Base" {
+ name = "debian-base"
+ node_name = "prox"
+ vm_id = 8104
+ tags = ["tofu"]
+ template = true
+ started = false
+
+ disk {
+ datastore_id = "Fast2Tb"
+ # See https://www.reddit.com/r/Proxmox/comments/1058ko7/comment/j3s4vli/ for how to inject qemu into base image
+ # virt-customize -a debian-11-generic-amd64-20241202-1949.img --install qemu-guest-agent
+ file_id = "local:iso/debian-11-generic-amd64-20241202-1949.img"
+ interface = "virtio0"
+ size = 3
+ }
+
+ agent {
+ enabled = true
+ }
+
+ initialization {
+ ip_config {
+ ipv4 {
+ address = "dhcp"
+ }
+ }
+}
+
+serial_device {}
+
+network_device {
+ bridge = "vmbr0"
+}
+
+vga {
+ type = "serial0"
+ }
+
+cpu {
+ cores = 2
+ type = "host"
+ architecture = "x86_64"
+ }
+}
diff --git a/terraform/proxmox/debian-base2.tf b/terraform/proxmox/debian-base2.tf
new file mode 100644
index 0000000..f0220c0
--- /dev/null
+++ b/terraform/proxmox/debian-base2.tf
@@ -0,0 +1,45 @@
+resource "proxmox_virtual_environment_vm" "Debian-Base2" {
+ name = "debian-base"
+ node_name = "pve2"
+ vm_id = 8105
+ tags = ["tofu"]
+ template = true
+ started = false
+
+ disk {
+ datastore_id = "Fast500Gb"
+ # See https://www.reddit.com/r/Proxmox/comments/1058ko7/comment/j3s4vli/ for how to inject qemu into base image
+ # virt-customize -a debian-11-generic-amd64-20241202-1949.img --install qemu-guest-agent
+ file_id = "local:iso/debian-11-generic-amd64-20241202-1949.img"
+ interface = "virtio0"
+ size = 3
+ }
+
+ agent {
+ enabled = true
+ }
+
+ initialization {
+ ip_config {
+ ipv4 {
+ address = "dhcp"
+ }
+ }
+}
+
+serial_device {}
+
+network_device {
+ bridge = "vmbr0"
+}
+
+vga {
+ type = "serial0"
+ }
+
+cpu {
+ cores = 2
+ type = "host"
+ architecture = "x86_64"
+ }
+}
diff --git a/terraform/proxmox/k3s-master1.tf b/terraform/proxmox/k3s-master1.tf
new file mode 100644
index 0000000..9746a71
--- /dev/null
+++ b/terraform/proxmox/k3s-master1.tf
@@ -0,0 +1,67 @@
+resource "proxmox_virtual_environment_vm" "K3s-Master1" {
+
+ # VM General Settings
+ node_name = "prox"
+ vm_id = 329
+ name = "K3s-Master1"
+ description = "Kubernetes master"
+ tags = ["tofu", "debian", "infrastructure", "k3s"]
+ started = true
+
+ agent {
+ enabled = true # read 'Qemu guest agent' section, change to true only when ready
+ }
+
+ clone {
+ vm_id = 9998
+ }
+
+ # VM CPU Settings
+ cpu {
+ cores = 4
+ type = "host"
+ architecture = "x86_64"
+ }
+
+ # VM Memory Settings
+ memory {
+ dedicated = 8192
+ }
+
+ # VM Network Settings
+ network_device {
+ bridge = "vmbr0"
+ vlan_id = 1
+ }
+
+ # VM Disk Settings
+ disk {
+ datastore_id = "Fast2Tb"
+ size = 300
+ interface = "virtio0"
+ }
+
+ vga {
+ type = "serial0"
+ }
+
+ initialization {
+ ip_config {
+ ipv4 {
+ address = "dhcp"
+ }
+ }
+
+ user_data_file_id = proxmox_virtual_environment_file.cloud_config.id
+ }
+
+ lifecycle {
+ ignore_changes = [
+ initialization[0].user_account[0].keys,
+ initialization[0].user_account[0].password,
+ initialization[0].user_account[0].username,
+ initialization[0].user_data_file_id
+ ]
+ }
+
+}
diff --git a/terraform/proxmox/k3s-master2.tf b/terraform/proxmox/k3s-master2.tf
new file mode 100644
index 0000000..92612db
--- /dev/null
+++ b/terraform/proxmox/k3s-master2.tf
@@ -0,0 +1,67 @@
+resource "proxmox_virtual_environment_vm" "K3s-Master2" {
+
+ # VM General Settings
+ node_name = "pve2"
+ vm_id = 321
+ name = "K3s-Master2"
+ description = "Kubernetes Master"
+ tags = ["tofu", "debian", "infrastructure", "k3s"]
+ started = true
+
+ agent {
+ enabled = true # read 'Qemu guest agent' section, change to true only when ready
+ }
+
+ clone {
+ vm_id = 9999
+ }
+
+ # VM CPU Settings
+ cpu {
+ cores = 4
+ type = "host"
+ architecture = "x86_64"
+ }
+
+ # VM Memory Settings
+ memory {
+ dedicated = 8192
+ }
+
+ # VM Network Settings
+ network_device {
+ bridge = "vmbr0"
+ vlan_id = 1
+ }
+
+ # VM Disk Settings
+ disk {
+ datastore_id = "Fast500Gb"
+ size = 100
+ interface = "virtio0"
+ }
+
+ vga {
+ type = "serial0"
+ }
+
+ initialization {
+ ip_config {
+ ipv4 {
+ address = "dhcp"
+ }
+ }
+
+ user_data_file_id = proxmox_virtual_environment_file.cloud_config2.id
+ }
+
+ lifecycle {
+ ignore_changes = [
+ initialization[0].user_account[0].keys,
+ initialization[0].user_account[0].password,
+ initialization[0].user_account[0].username,
+ initialization[0].user_data_file_id
+ ]
+ }
+
+}
diff --git a/terraform/proxmox/k3s-master3.tf b/terraform/proxmox/k3s-master3.tf
new file mode 100644
index 0000000..f4f0eb5
--- /dev/null
+++ b/terraform/proxmox/k3s-master3.tf
@@ -0,0 +1,67 @@
+resource "proxmox_virtual_environment_vm" "K3s-Master3" {
+
+ # VM General Settings
+ node_name = "prox"
+ vm_id = 330
+ name = "K3s-Master3"
+ description = "Kubernetes master"
+ tags = ["tofu", "debian", "infrastructure", "k3s"]
+ started = true
+
+ agent {
+ enabled = true # read 'Qemu guest agent' section, change to true only when ready
+ }
+
+ clone {
+ vm_id = 9998
+ }
+
+ # VM CPU Settings
+ cpu {
+ cores = 4
+ type = "host"
+ architecture = "x86_64"
+ }
+
+ # VM Memory Settings
+ memory {
+ dedicated = 8192
+ }
+
+ # VM Network Settings
+ network_device {
+ bridge = "vmbr0"
+ vlan_id = 1
+ }
+
+ # VM Disk Settings
+ disk {
+ datastore_id = "Fast2Tb"
+ size = 100
+ interface = "virtio0"
+ }
+
+ vga {
+ type = "serial0"
+ }
+
+ initialization {
+ ip_config {
+ ipv4 {
+ address = "dhcp"
+ }
+ }
+
+ user_data_file_id = proxmox_virtual_environment_file.cloud_config.id
+ }
+
+ lifecycle {
+ ignore_changes = [
+ initialization[0].user_account[0].keys,
+ initialization[0].user_account[0].password,
+ initialization[0].user_account[0].username,
+ initialization[0].user_data_file_id
+ ]
+ }
+
+}
diff --git a/terraform/proxmox/kasm.tf b/terraform/proxmox/kasm.tf
index 48706fe..9e0386f 100644
--- a/terraform/proxmox/kasm.tf
+++ b/terraform/proxmox/kasm.tf
@@ -44,8 +44,8 @@ resource "proxmox_virtual_environment_vm" "Kasm" {
initialization {
ip_config {
ipv4 {
- address = var.kasm_ip
- gateway = var.vlan_gateway
+ address = data.bitwarden-secrets_secret.kasm_ip.value
+ gateway = data.bitwarden-secrets_secret.vlan_gateway.value
}
}
diff --git a/terraform/proxmox/npm.tf b/terraform/proxmox/npm.tf
index 0757653..1d33ad4 100644
--- a/terraform/proxmox/npm.tf
+++ b/terraform/proxmox/npm.tf
@@ -47,8 +47,8 @@ resource "proxmox_virtual_environment_vm" "NPM" {
initialization {
ip_config {
ipv4 {
- address = var.npm_ip_address
- gateway = var.vlan_gateway
+ address = data.bitwarden-secrets_secret.npm_ip_address.value
+ gateway = data.bitwarden-secrets_secret.vlan_gateway.value
}
}
diff --git a/terraform/proxmox/provider.tf b/terraform/proxmox/provider.tf
index 567baab..11f77cf 100644
--- a/terraform/proxmox/provider.tf
+++ b/terraform/proxmox/provider.tf
@@ -4,28 +4,9 @@ terraform {
source = "bpg/proxmox"
version = "0.70.0"
}
- }
-}
-
-provider "proxmox" {
- endpoint = var.virtual_environment_endpoint
- password = var.ssh_password
- username = "root@pam"
- insecure = true
-
- ssh {
- agent = true
- username = "root"
- password = var.ssh_password
-
- node {
- name = "prox"
- address = var.prox_ip_address
- }
-
- node {
- name = "pve2"
- address = var.pve2_ip_address
+ bitwarden-secrets = {
+ source = "sebastiaan-dev/bitwarden-secrets"
+ version = "0.1.2"
}
}
-}
+}
\ No newline at end of file
diff --git a/terraform/proxmox/secrets.tf b/terraform/proxmox/secrets.tf
new file mode 100644
index 0000000..162e575
--- /dev/null
+++ b/terraform/proxmox/secrets.tf
@@ -0,0 +1,19 @@
+data "bitwarden-secrets_secret" "npm_ip_address" {
+ id = "47ef68aa-32a9-45b0-835d-b2080006ce38"
+}
+
+data "bitwarden-secrets_secret" "kasm_ip" {
+ id = "0bc3c1a3-fc48-48ce-85c5-b2080007136a"
+}
+
+data "bitwarden-secrets_secret" "vlan_gateway" {
+ id = "af0ed579-05f8-405f-b0f3-b208000620ca"
+}
+
+data "bitwarden-secrets_secret" "ubu_ip" {
+ id = "d8017351-7a11-42e6-9e8d-b208000739b8"
+}
+
+data "bitwarden-secrets_secret" "arrbuntu_ip" {
+ id = "c65f8886-f6fb-4c17-bc79-b208000604bf"
+}
\ No newline at end of file
diff --git a/terraform/proxmox/ubu.tf b/terraform/proxmox/ubu.tf
index e040bac..e391598 100644
--- a/terraform/proxmox/ubu.tf
+++ b/terraform/proxmox/ubu.tf
@@ -47,8 +47,8 @@ resource "proxmox_virtual_environment_vm" "Ubu" {
initialization {
ip_config {
ipv4 {
- address = var.ubu_ip_address
- gateway = var.vlan_gateway
+ address = data.bitwarden-secrets_secret.ubu_ip.value
+ gateway = data.bitwarden-secrets_secret.vlan_gateway.value
}
}
diff --git a/terraform/proxmox/variables.tf b/terraform/proxmox/variables.tf
deleted file mode 100644
index 2817ae3..0000000
--- a/terraform/proxmox/variables.tf
+++ /dev/null
@@ -1,93 +0,0 @@
-# Define each required variable
-variable "arrbuntu_ip_address" {
- description = "IP address for Arrbuntu VM"
- type = string
-}
-
-variable "init_username" {
- description = "Username for initial configuration"
- type = string
-}
-
-variable "downloaders_ip_address" {
- description = "IP address for Downloaders VM"
- type = string
-}
-
-variable "npm_ip_address" {
- description = "IP address for NPM VM"
- type = string
-}
-
-variable "prox_ip_address" {
- description = "IP address for Proxmox server"
- type = string
-}
-
-variable "kasm_ssh_ip" {
- description = "IP address for Kasm SSH"
- type = string
-}
-
-variable "aws_secret_access_key" {
- description = "AWS Secret Access Key"
- type = string
- sensitive = true
-}
-
-variable "vlan_gateway" {
- description = "Gateway IP for VLAN"
- type = string
-}
-
-variable "virtual_environment_endpoint" {
- description = "Endpoint for virtual environment API"
- type = string
-}
-
-variable "kasm_ip" {
- description = "IP address for Kasm"
- type = string
-}
-
-variable "ssh_username" {
- description = "Username for SSH access"
- type = string
-}
-
-variable "init_password" {
- description = "Password for initial configuration"
- type = string
- sensitive = true
-}
-
-variable "aws_access_key_id" {
- description = "AWS Access Key ID"
- type = string
-}
-
-variable "pve2_ip_address" {
- description = "IP address for PVE2 Proxmox server"
- type = string
-}
-
-variable "s3_endpoint" {
- description = "Endpoint for S3 storage"
- type = string
-}
-
-variable "ubu_ip_address" {
- description = "IP address for Ubu VM"
- type = string
-}
-
-variable "virtual_environment_api" {
- description = "API endpoint for virtual environment"
- type = string
-}
-
-variable "ssh_password" {
- description = "Password for SSH access"
- type = string
- sensitive = true
-}
diff --git a/terraform/secrets.tf b/terraform/secrets.tf
new file mode 100644
index 0000000..6109aea
--- /dev/null
+++ b/terraform/secrets.tf
@@ -0,0 +1,19 @@
+data "bitwarden-secrets_secret" "virtual_environment_endpoint" {
+ id = "a4ed343a-bb92-4beb-a421-b2080005bf98"
+}
+
+data "bitwarden-secrets_secret" "virtual_environment_api" {
+ id = "1d250f4a-ae18-4e19-934c-b2080005e132"
+}
+
+data "bitwarden-secrets_secret" "ssh_password" {
+ id = "68f1d77d-4e96-498a-9464-b208000679a4"
+}
+
+data "bitwarden-secrets_secret" "prox_ip_address" {
+ id = "d0c7f3ec-8277-4b1b-9a1b-b2080006b842"
+}
+
+data "bitwarden-secrets_secret" "pve2_ip_address" {
+ id = "17ab7869-c7a1-4ece-8c64-b20800075213"
+}
\ No newline at end of file
diff --git a/terraform/variables.tf b/terraform/variables.tf
index 84d294e..947a9cd 100644
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -1,96 +1,8 @@
-# Define each required variable
-variable "arrbuntu_ip_address" {
- description = "IP address for Arrbuntu VM"
- type = string
-}
-
-variable "init_username" {
- description = "Username for initial configuration"
- type = string
-}
-
-variable "downloaders_ip_address" {
- description = "IP address for Downloaders VM"
- type = string
-}
-
-variable "npm_ip_address" {
- description = "IP address for NPM VM"
- type = string
-}
-
-variable "prox_ip_address" {
- description = "IP address for Proxmox server"
- type = string
-}
-
-variable "kasm_ssh_ip" {
- description = "IP address for Kasm SSH"
- type = string
-}
-
-variable "aws_secret_access_key" {
- description = "AWS Secret Access Key"
- type = string
- sensitive = true
-}
-
-variable "vlan_gateway" {
- description = "Gateway IP for VLAN"
- type = string
-}
-
-variable "virtual_environment_endpoint" {
- description = "Endpoint for virtual environment API"
- type = string
-}
-
-variable "kasm_ip" {
- description = "IP address for Kasm"
- type = string
-}
-
-variable "ssh_username" {
- description = "Username for SSH access"
- type = string
-}
-
-variable "init_password" {
- description = "Password for initial configuration"
- type = string
- sensitive = true
-}
-
-variable "aws_access_key_id" {
- description = "AWS Access Key ID"
- type = string
-}
-
-variable "pve2_ip_address" {
- description = "IP address for PVE2 Proxmox server"
- type = string
-}
-
variable "s3_endpoint" {
description = "Endpoint for S3 storage"
type = string
}
-variable "ubu_ip_address" {
- description = "IP address for Ubu VM"
- type = string
-}
-
-variable "virtual_environment_api" {
- description = "API endpoint for virtual environment"
- type = string
-}
-
-variable "ssh_password" {
- description = "Password for SSH access"
- type = string
- sensitive = true
-}
variable "grafana_auth" {
description = "Service Account token"
@@ -102,4 +14,10 @@ variable "grafana_url" {
description = "Grafana Url"
type = string
sensitive = true
+}
+
+variable "access_token" {
+ description = "Access Token for BWS"
+ type = string
+ sensitive = true
}
\ No newline at end of file