feat: add opentofu config with API endpoint and token redacted

.gitignore

@@ -0,0 +1,2 @@
+*.env
+variables.tf

main.tofu

@@ -0,0 +1,127 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source = "bpg/proxmox"
+      version = "0.81.0"
+    }
+  }
+}
+
+provider "proxmox" {
+  # Configuration options
+  endpoint = var.virtual_environment_endpoint
+  api_token = var.virtual_environment_token
+  ssh {
+    agent = false
+    username = "root"
+    private_key = file("~/.ssh/id_ed25519")
+  }
+}
+
+resource "proxmox_virtual_environment_file" "cloud_config" {
+  content_type = "snippets"
+  datastore_id = "local"
+  node_name = "homelab-one"
+
+  source_raw {
+    data = <<-EOF
+    #cloud-config
+    package_update: true
+    package_upgrade: true
+    package_reboot_if_required: true
+    packages:
+      - firewalld
+      - dnf-automatic
+    runcmd:
+      - sed -i 's/btrfs defaults/btrfs defaults,nodatacow/g' /etc/fstab
+      - chattr -R +C /
+      - systemctl enable firewalld
+      - reboot
+    allow_public_ssh_keys: true
+    disable_root: false
+    users:
+      - name: root
+        lock_passwd: false
+        hashed_passwd: $6$rounds=4096$pKmTfNGyUfTZamCD$IQV05ysDl2fRReYawsKq6CH/FKH.eOtERtjZ7AQ/XG0ivh/rstZidIqIRRXuTEgXOFNR1Mq8pMCcoFSmABqPd0
+        ssh_authorized_keys:
+          - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIArO9Yty0QuX7jZhDeL6MrZwH+6dbbcidYWWo0qawivb user@homelab-mgmt
+    ssh_authorized_keys:
+      - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIArO9Yty0QuX7jZhDeL6MrZwH+6dbbcidYWWo0qawivb user@homelab-mgmt
+    EOF
+    file_name = "user-data-cloud-config.yaml"
+  }
+}
+resource "proxmox_virtual_environment_vm" "jellyfin" {
+  node_name = "homelab-one"
+  name = "jellyfin"
+  acpi = true
+  bios = "ovmf"
+  boot_order = ["scsi0"]
+  machine = "q35"
+  stop_on_destroy = true
+  scsi_hardware = "virtio-scsi-single"
+  
+  operating_system {
+    type = "l26"  
+  }
+
+  agent {
+    enabled = true
+    trim = true
+  }
+
+  efi_disk {
+    datastore_id = "spinny-zfs"
+    file_format = "raw"
+    type = "4m"
+  }
+
+  serial_device {}
+  
+  vga {
+    type = "virtio"
+  }
+  
+  tpm_state {
+    datastore_id = "spinny-zfs"
+    version = "v2.0"
+  }
+
+  cpu {
+    cores = 4
+    sockets = 1
+    type = "host"
+  }
+
+  memory {
+    dedicated = 4096
+    floating = 2048
+  }
+
+  initialization {
+    datastore_id = "spinny-zfs"
+    user_data_file_id = proxmox_virtual_environment_file.cloud_config.id
+  }
+
+  # boot disk
+  disk {
+    cache = "none"
+    datastore_id = "spinny-zfs"
+    discard = "on"
+    file_id = "local:iso/Fedora-Cloud-Base-UEFI-UKI-42-1.1.x86_64.img"
+    interface = "scsi0"
+    iothread = true
+    replicate = false
+    size = 32
+  }
+
+  network_device {
+    bridge = "vmbr2"
+    vlan_id = 100
+    enabled = true
+    firewall = true
+    mac_address = "BC:24:11:21:6F:61"
+  }
+}
+
+

provision.yaml

@@ -57,4 +57,8 @@
       state: started
       enabled: true
 
-
+   - name: Add /srv dir
+     ansible.builtin.file:
+      path: /src
+      state: directory
+      mode: '0644'