terraform-bpg-pve-node

Based on bpg's provider

Manage a PVE node through Terraform

This module helps with the central management of "all things" (eventually) related to a Proxmox VE node. It has firewall enabled by default at both Datacenter and Node level. IPv6 is unset (no hosts file config and NDP is off).

!Disclaimer:

Intended use case is for single node PVE datacenters. As of now the module does not address PVE clusters!

For a quick deployment you only need to source the module, set the provider correctly (via env vars as you should!) and provide PVE node name.

Inputs

Name	Description	Type	Default	Required
dtc-description	Description of the datacenter.	string	""	No
ui-language	Language for the PVE user interface.	string	"en"	No
vnc-kb-layout	Keyboard layout for vnc server.	string	"en-us"	No
http-proxy	HTTP proxy to be used for downloads.	string	null	No
dtc-console-viewer	Default console viewer.	string	"xtermjs"	No
dtc-email	Email address to send notifications from the datacenter.	string	null	No
dtc-mac-prefix	Prefix for autogenerated MAC addresses of virtual guests.	string	"BC:24:11"	No
dtc-migration-type	Migration traffic is encrypted using an SSH tunnel by default.	string	"secure"	No
dtc-migration-cidr	CIDR range for migration traffic.	string	null	No
dtc-ha-policy	Describes the policy for handling HA services on poweroff or reboot of a node.	string	"conditional"	No
dtc-crs	Cluster resource scheduling settings.	object	{ ha = "basic", ha-rebalance = false }	No
dtc-bw-limits	Set I/O bandwidth limit for various operations (in KiB/s).	object	{}	No
dtc-max-workers	Defines how many workers (per node) are maximal started on actions like stopall VMs or task from the ha-manager.	number	5	No
dtc-vmid-range	Control the range for the free VMID auto-selection pool.	object	{ lower = 1000, upper = 1000000 }	No
dtc-fw-enabled	Enable firewall at datacenter level.	bool	true	No
dtc-fw-ebtables	Enable ebtables at datacenter level.	bool	true	No
dtc-fw-inpol	Datacenter level firewall input policy.	string	"DROP"	No
dtc-fw-outpol	Datacenter level firewall output policy.	string	"ACCEPT"	No
dtc-fw-lrl	Datacenter level fw log rate limit configuration.	object	{ enabled = false }	No
dtc-fsg	Firewall security groups.	map	{}	No
dtc-fw-rules	Datacenter level firewall rules.	map	{}	No
dtc-fw-fsg	Datacenter level firewall rules that import from a security group.	map	{}	No
dtc-pools	Pools for resources.	map	{}	No
node-name	Name of the Proxmox VE node.	string	null	Yes
node-timezone	Timezone of the Proxmox VE node.	string	"UTC"	No
node-dns	PVE node DNS settings.	object	null	No
node-hosts-entries	PVE node /etc/hosts entries.	map	{}	No
node-bridges	PVE node Linux network bridges.	map	{}	No
run-bootstrap	Run bootstrap script on PVE node to configure settings missing (as of yet) in the provider.	bool	false	No
node-ip	IP address of the Proxmox VE node.	string	null	No
node-ssh-user	Username for the Proxmox VE node ssh connection.	string	null	No
node-ssh-pw	Password for the Proxmox VE node ssh connection.	string	null	No
node-ssh-privkey	Private key for the Proxmox VE node ssh connection.	string	null	No
dtc-tag	[case=<1/0>], [order=<config/alphabetical>], [shape=full/circle/dense/none]	object	{ order = "config" }	No
node-fw-enabled	Enable firewall at node level.	bool	true	No
node-fw-log-in	Log level for incoming packets.	string	"nolog"	No
node-fw-log-out	Log level for outgoing packets.	string	"nolog"	No
node-fw-smurfs	Enable SMURFS protection at node level.	bool	true	No
node-fw-smurfs-log	Log level for SMURFS packets.	string	"nolog"	No
node-fw-tcpflags	Enable TCP flags filtering at node level.	bool	false	No
node-fw-tcpflags-log	Log level for TCP flags packets.	string	"nolog"	No
node-fw-ndp	Enable NDP filtering at node level.	bool	false	No