init

terraform/stacks/proxmox/lxc/main.tf

@@ -0,0 +1,37 @@
+module "lxc_packer_main" {
+  source = "../../../modules/proxmox/lxc"
+
+  vm_id       = var.lxc_packer_main_vm_id
+  hostname    = var.lxc_packer_main_hostname
+  target_node = var.target_node
+
+  template_file_id = var.lxc_template_file_id
+  os_type          = var.lxc_os_type
+
+  unprivileged = var.lxc_unprivileged
+  nesting      = var.lxc_nesting
+
+  cores     = var.lxc_cores
+  cpu_units = var.lxc_cpu_units
+  memory    = var.lxc_memory
+  swap      = var.lxc_swap
+
+  rootfs_storage  = var.lxc_rootfs_storage
+  rootfs_size_gib = var.lxc_rootfs_size_gib
+
+  bridge     = var.bridge
+  netif_name = var.lxc_netif_name
+  firewall   = var.lxc_firewall
+
+  ipv4_address = var.lxc_ipv4_address
+  ipv4_gateway = var.lxc_ipv4_gateway
+
+  dns_domain  = var.lxc_dns_domain
+  dns_servers = var.lxc_dns_servers
+
+  started       = var.lxc_started
+  start_on_boot = var.lxc_start_on_boot
+
+  password        = var.lxc_root_password
+  ssh_public_keys = var.lxc_ssh_public_keys
+}

terraform/stacks/proxmox/lxc/providers.tf

@@ -0,0 +1,10 @@
+provider "proxmox" {
+  endpoint  = var.pm_api_url
+  api_token = var.pm_api_token
+  insecure  = true
+
+  ssh {
+    username = var.pm_user
+    password = var.pm_password
+  }
+}

terraform/stacks/proxmox/lxc/variables.tf

@@ -0,0 +1,137 @@
+# --- Proxmox provider creds ---
+variable "pm_api_url" {
+  type = string
+}
+
+variable "pm_api_token" {
+  type      = string
+  sensitive = true
+}
+
+variable "pm_user" {
+  type = string
+}
+
+variable "pm_password" {
+  type      = string
+  sensitive = true
+}
+
+# --- Target infra ---
+variable "target_node" {
+  type = string
+}
+
+variable "bridge" {
+  type    = string
+  default = "vmbr0"
+}
+
+# --- LXC конкретный контейнер ---
+variable "lxc_packer_main_vm_id" {
+  type = number
+}
+
+variable "lxc_packer_main_hostname" {
+  type = string
+}
+
+variable "lxc_template_file_id" {
+  type = string
+}
+
+variable "lxc_os_type" {
+  type    = string
+  default = "debian"
+}
+
+variable "lxc_unprivileged" {
+  type    = bool
+  default = true
+}
+
+variable "lxc_nesting" {
+  type    = bool
+  default = true
+}
+
+variable "lxc_cores" {
+  type    = number
+  default = 1
+}
+
+variable "lxc_cpu_units" {
+  type    = number
+  default = 1024
+}
+
+variable "lxc_memory" {
+  type    = number
+  default = 512
+}
+
+variable "lxc_swap" {
+  type    = number
+  default = 512
+}
+
+variable "lxc_rootfs_storage" {
+  type    = string
+  default = "local-lvm"
+}
+
+variable "lxc_rootfs_size_gib" {
+  type    = number
+  default = 8
+}
+
+variable "lxc_netif_name" {
+  type    = string
+  default = "eth0"
+}
+
+variable "lxc_firewall" {
+  type    = bool
+  default = true
+}
+
+variable "lxc_ipv4_address" {
+  type    = string
+  default = "dhcp"
+}
+
+variable "lxc_ipv4_gateway" {
+  type    = string
+  default = null
+}
+
+variable "lxc_dns_domain" {
+  type    = string
+  default = null
+}
+
+variable "lxc_dns_servers" {
+  type    = list(string)
+  default = []
+}
+
+variable "lxc_started" {
+  type    = bool
+  default = true
+}
+
+variable "lxc_start_on_boot" {
+  type    = bool
+  default = true
+}
+
+variable "lxc_root_password" {
+  type      = string
+  sensitive = true
+  default   = null
+}
+
+variable "lxc_ssh_public_keys" {
+  type    = list(string)
+  default = []
+}

terraform/stacks/proxmox/lxc/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.6"
+
+  required_providers {
+    proxmox = {
+      source  = "bpg/proxmox"
+      version = "0.86.0"
+    }
+  }
+}

terraform/stacks/proxmox/vm/cloud-init/user-data.yaml.tpl

@@ -0,0 +1,36 @@
+#cloud-config
+hostname: ${hostname}
+manage_etc_hosts: true
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - parted
+
+# user
+users:
+  - name: "adminuser"
+    groups: sudo
+    sudo: ALL=(ALL) NOPASSWD:ALL
+    lock_passwd: false
+    passwd: "$6$qL4GPP3AhSodbF9U$Lu4.VSpCSlAVPNIZyPNme0AH8HhbVYE6SAm3P3Er7KSLIYydj799tZBz/n6NRzzRYhyQh9a4h8m8WCbjw2nXg1"
+    shell: /bin/bash
+    ssh_authorized_keys:
+      - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBcTy4Zcj3MHkW7XvnZhakl64vZXnjzDJymYlo+Ax8FM dev-kyiv01-vm-default-main-01-adminuser"
+
+ssh_pwauth: false
+
+runcmd:
+  - |
+    set -euxo pipefail
+
+    # растянуть extended + LVM partition до конца диска
+    growpart /dev/sda 2 || true
+    growpart /dev/sda 5 || true
+    parted -s /dev/sda "resizepart 2 100%" "resizepart 5 100%" || true
+    partprobe /dev/sda || true
+
+    # растянуть PV -> LV(root) -> FS
+    pvresize /dev/sda5
+    lvextend -l +100%FREE -r /dev/vg0/root

terraform/stacks/proxmox/vm/locals.tf

@@ -0,0 +1,72 @@
+locals {
+  vms = {
+    dev_kyiv01_vm_dns_main_01 = {
+      name      = "dev-kyiv01-vm-dns-main-01"
+      cpu       = 2
+      cpu_type  = "x86-64-v2"
+      memory    = 3072
+      disk_size = 20
+      mac       = "02:7A:4C:11:90:64"
+    }
+
+    dev_kyiv01_vm_ntp_main_01 = {
+      name      = "dev-kyiv01-vm-ntp-main-01"
+      cpu       = 1
+      cpu_type  = "x86-64-v2"
+      memory    = 2048
+      disk_size = 8
+      mac       = "02:7A:4C:11:90:65"
+    }
+
+    dev_kyiv01_vm_ceph_main_01 = {
+      name        = "dev-kyiv01-vm-ceph-main-01"
+      cpu         = 2
+      cpu_type    = "x86-64-v2"
+      memory      = 4096
+      disk_size   = 30
+      mac         = "02:7A:4C:11:90:66"
+      osd_storage = "ceph-osd"
+      osd_disks   = [150, 150]
+    }
+
+    dev_kyiv01_vm_ceph_main_02 = {
+      name        = "dev-kyiv01-vm-ceph-main-02"
+      cpu         = 2
+      cpu_type    = "x86-64-v2"
+      memory      = 4096
+      disk_size   = 30
+      mac         = "02:7A:4C:11:90:67"
+      osd_storage = "ceph-osd"
+      osd_disks   = [150, 150]
+    }
+
+    dev_kyiv01_vm_ceph_main_03 = {
+      name        = "dev-kyiv01-vm-ceph-main-03"
+      cpu         = 2
+      cpu_type    = "x86-64-v2"
+      memory      = 4096
+      disk_size   = 30
+      mac         = "02:7A:4C:11:90:68"
+      osd_storage = "ceph-osd"
+      osd_disks   = [150, 150]
+    }
+
+    dev_kyiv01_vm_k8s_master_01 = {
+      name      = "dev-kyiv01-vm-k8s-master-01"
+      cpu       = 2
+      cpu_type  = "x86-64-v2"
+      memory    = 4096
+      disk_size = 40
+      mac       = "02:7A:4C:11:90:69"
+    }
+
+    dev_kyiv01_vm_k8s_worker_01 = {
+      name      = "dev-kyiv01-vm-k8s-worker-01"
+      cpu       = 4
+      cpu_type  = "x86-64-v2"
+      memory    = 8192
+      disk_size = 60
+      mac       = "02:7A:4C:11:90:6A"
+    }
+  }
+}

terraform/stacks/proxmox/vm/main.tf

@@ -0,0 +1,41 @@
+# 1) Для каждой VM создаём snippet user-data (cloud-init)
+resource "proxmox_virtual_environment_file" "user_data" {
+  for_each = local.vms
+
+  content_type = "snippets"
+  datastore_id = var.snippets_storage
+  node_name    = var.target_node
+
+  source_raw {
+    data = templatefile("${path.module}/cloud-init/user-data.yaml.tpl", {
+      hostname = each.value.name
+    })
+
+    file_name = "user-data-${each.value.name}.yaml"
+  }
+}
+
+# 2) Создаём VM-ки и подцепляем user-data файл
+module "vm" {
+  source   = "../../../modules/proxmox/vm"
+  for_each = local.vms
+
+  name        = each.value.name
+  target_node = var.target_node
+  template_id = var.template_id
+
+  cpu      = each.value.cpu
+  cpu_type = try(each.value.cpu_type, "qemu64")
+  memory   = each.value.memory
+
+  disk_size = each.value.disk_size
+  storage   = var.storage
+  bridge    = var.bridge
+
+  osd_storage = try(each.value.osd_storage, null)
+  osd_disks   = try(each.value.osd_disks, [])
+
+  user_data_file_id = proxmox_virtual_environment_file.user_data[each.key].id
+
+  mac_address = each.value.mac
+}

terraform/stacks/proxmox/vm/providers.tf

@@ -0,0 +1,17 @@
+provider "proxmox" {
+  endpoint  = var.pm_api_url
+  api_token = var.pm_api_token
+  insecure  = true
+
+  ssh {
+    agent       = false
+    username    = "root"
+    private_key = file("/workspaces/infrastructure/.ssh/dev-kyiv01-proxmox-main-01")
+
+    node {
+      name    = "proxmox-main-kyiv-01"
+      address = "176.36.225.227"
+      port    = 25105
+    }
+  }
+}

terraform/stacks/proxmox/vm/variables.tf

@@ -0,0 +1,50 @@
+variable "pm_api_url" {
+  type        = string
+  description = "Proxmox API endpoint, e.g. https://proxmox:8006/api2/json"
+}
+
+variable "pm_api_token" {
+  type        = string
+  description = "Proxmox API token: root@pam!terraform=..."
+  sensitive   = true
+}
+
+variable "pm_user" {
+  type        = string
+  description = "SSH username for Proxmox node"
+  default     = "root"
+}
+
+variable "pm_password" {
+  type        = string
+  description = "SSH password for Proxmox node"
+  sensitive   = true
+}
+
+variable "target_node" {
+  type        = string
+  description = "Target Proxmox node name"
+}
+
+variable "template_id" {
+  type        = number
+  description = "Template VM ID to clone from"
+}
+
+variable "storage" {
+  type        = string
+  description = "Default datastore for OS disk"
+  default     = "local-lvm"
+}
+
+variable "bridge" {
+  type        = string
+  description = "Default VM bridge"
+  default     = "vmbr0"
+}
+
+variable "snippets_storage" {
+  type        = string
+  description = "Datastore where 'snippets' content is enabled (usually 'local')"
+  default     = "local"
+}

terraform/stacks/proxmox/vm/versions.tf

@@ -0,0 +1,10 @@
+terraform {
+  required_version = ">= 1.6"
+
+  required_providers {
+    proxmox = {
+      source  = "bpg/proxmox"
+      version = "0.86.0"
+    }
+  }
+}