public/deploy-sandbox-vms
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

First push

Browse Source
This commit is contained in:
Dorygann
2026-05-12 23:08:11 +02:00
parent 558cff2def
commit e4d7e6763e
12 changed files with 228 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
.gitignore vendored
View File

@@ -1,83 +0,0 @@
# ---> Terraform
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
crash.*.log
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
*.tfvars.json
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Ignore transient lock info files created by terraform apply
.terraform.tfstate.lock.info
# Include override files you do wish to add to version control using negated pattern
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc
# ---> OpenTofu
# Local .terraform directories
**/.terraform/*
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
crash.*.log
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
*.tfvars.json
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tofu
override.tf.json
override.tofu.json
*_override.tf
*_override.tofu
*_override.tf.json
*_override.tofu.json
# Ignore transient lock info files created by tofu apply
.terraform.tfstate.lock.info
# Include override files you do wish to add to version control using negated pattern
# !example_override.tf
# !example_override.tofu
# Include tfplan files to ignore the plan output of command: tofu plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc

2
README.md
View File

@@ -1,2 +0,0 @@
# deploy-sandbox-vms

19
locals.tf Normal file
View File

@@ -0,0 +1,19 @@
locals {
# Alphabet pour la conversion base 26 des suffixes de noms de VMs.
letters = [
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j",
"k", "l", "m", "n", "o", "p", "q", "r", "s", "t",
"u", "v", "w", "x", "y", "z"
]
# Dict des VMs a deployer, genere dynamiquement a partir de var.vm_count.
# cle = nom unique de la VM ex. "9999aaaa"
# value = parametres specifiques { vmid, ip }
vms = {
for i in range(var.vm_count) :
"9999aa${local.letters[floor(i / 26)]}${local.letters[i % 26]}" => {
vmid = 9010 + i
ip = cidrhost("10.1.90.0/24", 100 + i)
}
}
}

50
main.tf Normal file
View File

@@ -0,0 +1,50 @@
resource "proxmox_virtual_environment_vm" "lab" {
for_each = local.vms
name = each.key
node_name = var.node_name
vm_id = each.value.vmid
clone {
vm_id = var.template_id
full = true
}
agent {
enabled = true
}
cpu {
sockets = var.vm_cpu_sockets
cores = var.vm_cpu_cores
hotplugged = var.vm_cpu_hotplugged
}
memory {
dedicated = var.vm_memory
}
disk {
interface = "scsi0"
size = var.vm_disk_size
datastore_id = "local-lvm"
}
network_device {
bridge = var.bridge
vlan_id = var.vlan_id
}
initialization {
user_account {
username = var.ci_user
keys = [var.ssh_public_key]
}
ip_config {
ipv4 {
address = "${each.value.ip}/24"
gateway = var.gateway
}
}
}
}

17
outputs.tf Normal file
View File

@@ -0,0 +1,17 @@
output "vm_names" {
description = "Liste des noms de VMs creees"
value = [for k, v in proxmox_virtual_environment_vm.lab : v.name]
}
output "vm_ips" {
description = "Mapping nom de VM -> IP"
value = { for name, vm in local.vms : name => vm.ip }
}
output "ssh_commands" {
description = "Commandes SSH pretes a copier pour chaque VM"
value = [
for name, vm in local.vms :
"ssh ${var.ci_user}@${vm.ip} # ${name}"
]
}

5
providers.tf Normal file
View File

@@ -0,0 +1,5 @@
provider "proxmox" {
endpoint = var.proxmox_endpoint
api_token = var.proxmox_api_token
insecure = var.proxmox_insecure
}

1
terraform.tfstate Normal file
View File

@@ -0,0 +1 @@
{"version":4,"terraform_version":"1.11.5","serial":7,"lineage":"500c6307-1c37-d0cc-1c25-be2a978fbbbf","outputs":{},"resources":[],"check_results":[{"object_kind":"var","config_addr":"var.vm_count","status":"unknown","objects":null}]}

1
terraform.tfstate.backup Normal file
View File

File diff suppressed because one or more lines are too long

10
terraform.tfvars Normal file
View File

@@ -0,0 +1,10 @@
# Copier en `terraform.tfvars` puis remplacer les placeholders
# par les vraies valeurs. Toutes les variables listees ici sont obligatoires
proxmox_endpoint = "https://npx-666942cd.nia.nidora.lan:8006"
proxmox_api_token = "tofu@pam!opentofu=f59770a7-df52-4744-a7f2-9b44113924f9"
proxmox_insecure = true
node_name = "npx-666942cd"
ssh_public_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDV8PkUNKeIftHKf+nrS9CH9pUlOSJ8s27ejEgqH3kAs dorygann@fedora"

16
terraform.tfvars.example Normal file
View File

@@ -0,0 +1,16 @@
# Copier en `terraform.tfvars` puis remplacer les placeholders par les vraies valeurs.
# Toutes les variables listees ici sont obligatoires (sans default cote variables.tf).
#
# Note : `vm_count` est aussi obligatoire mais volontairement absente ici pour
# etre promptee a chaque `tofu plan` / `tofu apply`. Decommenter la ligne en bas
# si tu veux la figer.
proxmox_endpoint = "https://<pve-adn>:8006"
proxmox_api_token = "root@pam!sio-routage=00000000-0000-0000-0000-000000000000"
proxmox_insecure = true
node_name = "<nom-du-node-pve>"
ssh_public_key = "ssh-ed25519 AAAA... user@host"
# vm_count = 3

99
variables.tf Normal file
View File

@@ -0,0 +1,99 @@
# =================== OBLIGATOIRES (sans default) ===================
variable "proxmox_endpoint" {
description = "URL HTTPS Proxmox"
type = string
}
variable "proxmox_api_token" {
description = "USER@REALM!TOKENID=SECRET"
type = string
sensitive = true
}
variable "proxmox_insecure" {
description = "Skip TLS"
type = bool
}
variable "node_name" {
description = "Nom du node PVE"
type = string
}
variable "ssh_public_key" {
description = "Cle SSH publique cloudinit"
type = string
}
variable "vm_count" {
description = "Nombre de VMs a deployer (1 a 90)"
type = number
validation {
condition = var.vm_count >= 1 && var.vm_count <= 90
error_message = "vm_count doit etre entre 1 et 90 (limite vm_id 9010-9099)."
}
}
# =================== OPTIONNELLES (avec default) ===================
variable "template_id" {
description = "ID Proxmox du template a cloner"
type = number
default = 100
}
variable "vm_cpu_sockets" {
description = "Nombre de sockets alloues a la VM"
type = number
default = 1
}
variable "vm_cpu_cores" {
description = "Nombre de vCPU alloues a la VM"
type = number
default = 12
}
variable "vm_cpu_hotplugged" {
description = "Nombre de vCPUs actifs au boot"
type = number
default = 2
}
variable "vm_memory" {
description = "RAM dediee a la VM en MiB"
type = number
default = 1024
}
variable "vm_disk_size" {
description = "Taille du disque en GiB"
type = number
default = 10
}
variable "bridge" {
description = "Bridge Proxmox"
type = string
default = "vmbr0"
}
variable "vlan_id" {
description = "VLAN tag applique"
type = number
default = 90
}
variable "ci_user" {
description = "Compte unix cree par cloud-init"
type = string
default = "nidoradmin"
}
variable "gateway" {
description = "Gateway IPv4 du subnet"
type = string
default = "10.1.90.1"
}

10
versions.tf Normal file
View File

@@ -0,0 +1,10 @@
terraform {
required_version = ">= 1.8"
required_providers {
proxmox = {
source = "bpg/proxmox"
version = "~> 0.78"
}
}
}