Skip to content

Latest commit

 

History

History
57 lines (53 loc) · 4.29 KB

README.md

File metadata and controls

57 lines (53 loc) · 4.29 KB

terraform-bpg-pve-node

Based on bpg's provider

Manage a PVE node through Terraform

This module helps with the central management of "all things" (eventually) related to a Proxmox VE node. It has firewall enabled by default at both Datacenter and Node level. IPv6 is unset (no hosts file config and NDP is off).

!Disclaimer:

Intended use case is for single node PVE datacenters. As of now the module does not address PVE clusters!

For a quick deployment you only need to source the module, set the provider correctly (via env vars as you should!) and provide PVE node name.

Inputs

Name Description Type Default Required
dtc-description Description of the datacenter. string "" No
ui-language Language for the PVE user interface. string "en" No
vnc-kb-layout Keyboard layout for vnc server. string "en-us" No
http-proxy HTTP proxy to be used for downloads. string null No
dtc-console-viewer Default console viewer. string "xtermjs" No
dtc-email Email address to send notifications from the datacenter. string null No
dtc-mac-prefix Prefix for autogenerated MAC addresses of virtual guests. string "BC:24:11" No
dtc-migration-type Migration traffic is encrypted using an SSH tunnel by default. string "secure" No
dtc-migration-cidr CIDR range for migration traffic. string null No
dtc-ha-policy Describes the policy for handling HA services on poweroff or reboot of a node. string "conditional" No
dtc-crs Cluster resource scheduling settings. object { ha = "basic", ha-rebalance = false } No
dtc-bw-limits Set I/O bandwidth limit for various operations (in KiB/s). object {} No
dtc-max-workers Defines how many workers (per node) are maximal started on actions like stopall VMs or task from the ha-manager. number 5 No
dtc-vmid-range Control the range for the free VMID auto-selection pool. object { lower = 1000, upper = 1000000 } No
dtc-fw-enabled Enable firewall at datacenter level. bool true No
dtc-fw-ebtables Enable ebtables at datacenter level. bool true No
dtc-fw-inpol Datacenter level firewall input policy. string "DROP" No
dtc-fw-outpol Datacenter level firewall output policy. string "ACCEPT" No
dtc-fw-lrl Datacenter level fw log rate limit configuration. object { enabled = false } No
dtc-fsg Firewall security groups. map {} No
dtc-fw-rules Datacenter level firewall rules. map {} No
dtc-fw-fsg Datacenter level firewall rules that import from a security group. map {} No
dtc-pools Pools for resources. map {} No
node-name Name of the Proxmox VE node. string null Yes
node-timezone Timezone of the Proxmox VE node. string "UTC" No
node-dns PVE node DNS settings. object null No
node-hosts-entries PVE node /etc/hosts entries. map {} No
node-bridges PVE node Linux network bridges. map {} No
run-bootstrap Run bootstrap script on PVE node to configure settings missing (as of yet) in the provider. bool false No
node-ip IP address of the Proxmox VE node. string null No
node-ssh-user Username for the Proxmox VE node ssh connection. string null No
node-ssh-pw Password for the Proxmox VE node ssh connection. string null No
node-ssh-privkey Private key for the Proxmox VE node ssh connection. string null No
dtc-tag [case=<1/0>], [order=<config/alphabetical>], [shape=full/circle/dense/none] object { order = "config" } No
node-fw-enabled Enable firewall at node level. bool true No
node-fw-log-in Log level for incoming packets. string "nolog" No
node-fw-log-out Log level for outgoing packets. string "nolog" No
node-fw-smurfs Enable SMURFS protection at node level. bool true No
node-fw-smurfs-log Log level for SMURFS packets. string "nolog" No
node-fw-tcpflags Enable TCP flags filtering at node level. bool false No
node-fw-tcpflags-log Log level for TCP flags packets. string "nolog" No
node-fw-ndp Enable NDP filtering at node level. bool false No