init

terraform/modules/proxmox/lxc/main.tf

@@ -0,0 +1,72 @@
+resource "proxmox_virtual_environment_container" "this" {
+  node_name    = var.target_node
+  vm_id        = var.vm_id
+  unprivileged = var.unprivileged
+
+  started       = var.started
+  start_on_boot = var.start_on_boot
+
+  cpu {
+    cores = var.cores
+    units = var.cpu_units
+  }
+
+  memory {
+    dedicated = var.memory
+    swap      = var.swap
+  }
+
+  disk {
+    datastore_id = var.rootfs_storage
+    size         = var.rootfs_size_gib
+  }
+
+  features {
+    nesting = var.nesting
+  }
+
+  network_interface {
+    name     = var.netif_name
+    bridge   = var.bridge
+    enabled  = true
+    firewall = var.firewall
+  }
+
+  operating_system {
+    template_file_id = var.template_file_id
+    type             = var.os_type
+  }
+
+  initialization {
+    hostname = var.hostname
+
+    ip_config {
+      ipv4 {
+        address = var.ipv4_address
+        gateway = var.ipv4_gateway
+      }
+    }
+
+    # user_account делаем опциональным:
+    # - если задан пароль (не null) или есть ssh keys
+    dynamic "user_account" {
+      for_each = (var.password != null || length(var.ssh_public_keys) > 0) ? [1] : []
+      content {
+        # provider норм принимает keys list(string)
+        keys = var.ssh_public_keys
+
+        # password задаём только если не null
+        password = var.password
+      }
+    }
+
+    # DNS опционально
+    dynamic "dns" {
+      for_each = (var.dns_domain != null || length(var.dns_servers) > 0) ? [1] : []
+      content {
+        domain  = var.dns_domain
+        servers = var.dns_servers
+      }
+    }
+  }
+}

terraform/modules/proxmox/lxc/variables.tf

@@ -0,0 +1,126 @@
+variable "vm_id" {
+  type = number
+}
+
+variable "hostname" {
+  type = string
+}
+
+variable "target_node" {
+  type = string
+}
+
+variable "template_file_id" {
+  type = string
+}
+
+variable "os_type" {
+  type    = string
+  default = "debian"
+}
+
+variable "unprivileged" {
+  type    = bool
+  default = true
+}
+
+variable "nesting" {
+  type    = bool
+  default = true
+}
+
+variable "cores" {
+  type    = number
+  default = 1
+}
+
+# Proxmox cpuunits
+variable "cpu_units" {
+  type    = number
+  default = 1024
+}
+
+variable "memory" {
+  type    = number
+  default = 512
+}
+
+variable "swap" {
+  type    = number
+  default = 512
+}
+
+variable "rootfs_storage" {
+  type    = string
+  default = "local-lvm"
+}
+
+variable "rootfs_size_gib" {
+  type    = number
+  default = 8
+}
+
+variable "bridge" {
+  type    = string
+  default = "vmbr0"
+}
+
+variable "netif_name" {
+  type    = string
+  default = "eth0"
+}
+
+variable "firewall" {
+  type    = bool
+  default = true
+}
+
+# DHCP: "dhcp"
+# Static: "192.168.1.50/24"
+variable "ipv4_address" {
+  type    = string
+  default = "dhcp"
+
+  validation {
+    condition     = var.ipv4_address == "dhcp" || can(cidrnetmask(var.ipv4_address))
+    error_message = "ipv4_address must be \"dhcp\" or a valid CIDR like 192.168.1.50/24."
+  }
+}
+
+# gateway допустим только если не dhcp
+variable "ipv4_gateway" {
+  type    = string
+  default = null
+}
+
+# Пароль опциональный (можешь управлять через ssh keys)
+variable "password" {
+  type      = string
+  default   = null
+  sensitive = true
+}
+
+variable "ssh_public_keys" {
+  type    = list(string)
+  default = []
+}
+
+variable "dns_domain" {
+  type    = string
+  default = null
+}
+
+variable "dns_servers" {
+  type    = list(string)
+  default = []
+}
+
+variable "started" {
+  type    = bool
+  default = false
+}
+
+variable "start_on_boot" {
+  type    = bool
+  default = false
+}

terraform/modules/proxmox/lxc/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.6"
+
+  required_providers {
+    proxmox = {
+      source  = "bpg/proxmox"
+      version = "0.86.0"
+    }
+  }
+}