opentofu: definition of a docker ready machine

First iteration, will be optimized later

10 files changed, 159 insertions, 12 deletions

diff --git a/.gitignore b/.gitignore
index 8463a41..24b2700 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,8 @@
 .terraform/
 *.tfstate
 *.tfstate.backup
+*.lock.hcl
+credentials.auto.tfvars
 
 # Ansible
 *.retry
diff --git a/ansible/roles/docker/tasks/main.yml b/ansible/roles/docker/tasks/main.yml
index b85e0e1..df1c5d7 100644
--- a/ansible/roles/docker/tasks/main.yml
+++ b/ansible/roles/docker/tasks/main.yml
@@ -21,7 +21,7 @@
   ansible.builtin.apt_repository:
     repo: >-
      deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.asc]
-      {{ docker_repo }} $(lsb_release -cs) stable
+      {{ docker_repo }} {{ ansible_distribution_release }} stable
     state: present
     filename: docker
 
diff --git a/opentofu/README.md b/opentofu/README.md
index c61ac9c..8521989 100644
--- a/opentofu/README.md
+++ b/opentofu/README.md
@@ -1,7 +1,14 @@
-# OpenTofu Configurations
+# OpenTofu Infrastructure Provisioning
 
-This folder contains OpenTofu configurations for provisioning infrastructure in my homelab.
+This folder contains OpenTofu configurations and modules for provisioning infrastructure in my homelab environment.
 
 ## Structure
-- **modules/**: Reusable OpenTofu modules (e.g., VM, network).
-- **environments/**: Environment-specific configurations (e.g., dev, prod).
+
+- **`README.md`**: Project overview.
+- **`examples/`**: Sample configurations demonstrating module usage.
+- **`main.tf`**: Primary entry point for the OpenTofu configuration.
+- **`modules/`**: Reusable OpenTofu modules for provisioning infrastructure.
+- **`outputs.tf`**: Definitions of outputs from the configuration.
+- **`variables.tf`**: Definitions of input variables for the configuration.
+- **`versions.tf`**: Specifies required provider versions.
+- to complete ..
diff --git a/opentofu/environments/README.md b/opentofu/environments/README.md
deleted file mode 100644
index be0c0ac..0000000
--- a/opentofu/environments/README.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# OpenTofu Environments
-
-This folder contains environment-specific OpenTofu configurations.
-
-## Environments
-- **dev/**: Development environment.
-- **prod/**: Production environment.
diff --git a/opentofu/main.tf b/opentofu/main.tf
new file mode 100644
index 0000000..544bc35
--- /dev/null
+++ b/opentofu/main.tf
@@ -0,0 +1,70 @@
+resource "proxmox_vm_qemu" "docker_server" {
+
+  name        = "docker-server"
+  desc        = "Debian server with docker installed."
+  agent       = 1 # Qemu Guest Agent
+  target_node = var.proxmox_node
+  tags        = "debian,docker"
+
+  clone      = var.packer_image_name
+  full_clone = true
+
+  qemu_os  = "other"
+  cores    = 2
+  sockets  = 1
+  cpu_type = "host"
+  memory   = 4096
+
+  scsihw   = "virtio-scsi-pci"
+  bootdisk = "scsi0"
+
+  disks {
+    ide {
+      ide0 {
+        cloudinit {
+          storage = "local-lvm"
+        }
+      }
+    }
+    virtio {
+      virtio0 {
+        disk {
+          storage   = "local-lvm"
+          size      = "20G"
+          iothread  = true
+          replicate = false
+        }
+      }
+    }
+  }
+
+  network {
+    id     = 0
+    model  = "virtio"
+    bridge = "vmbr0"
+  }
+
+  # Cloud-Init settings
+  ipconfig0 = "ip=dhcp"
+  ciuser    = "mas"
+  sshkeys   = var.ssh_public_key
+}
+
+# Run Ansible playbook after VM creation
+resource "null_resource" "ansible_provisioner" {
+  triggers = {
+    vm_id = proxmox_vm_qemu.docker_server.id
+  }
+
+  provisioner "local-exec" {
+    command = <<-EOT
+      ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_CONFIG=${path.root}/../ansible/ansible.cfg ansible-playbook \
+        -i '${proxmox_vm_qemu.docker_server.default_ipv4_address},' \
+        -u ${var.vm_username} \
+        --private-key ${var.ssh_private_key_path} \
+        ${var.ansible_playbook_path}
+    EOT
+  }
+
+  depends_on = [proxmox_vm_qemu.docker_server]
+}
diff --git a/opentofu/outputs.tf b/opentofu/outputs.tf
new file mode 100644
index 0000000..49e86c5
--- /dev/null
+++ b/opentofu/outputs.tf
@@ -0,0 +1,4 @@
+output "vm_ip" {
+  description = "IP address of the provisioned VM"
+  value       = proxmox_vm_qemu.docker_server.default_ipv4_address
+}
diff --git a/opentofu/provider.tf b/opentofu/provider.tf
new file mode 100644
index 0000000..b78c91a
--- /dev/null
+++ b/opentofu/provider.tf
@@ -0,0 +1,17 @@
+terraform {
+  required_version = ">= 0.13.0"
+
+  required_providers {
+    proxmox = {
+      source  = "telmate/proxmox"
+      version = "3.0.1-rc6"
+    }
+  }
+}
+
+provider "proxmox" {
+  pm_api_url          = var.proxmox_api_url
+  pm_api_token_id     = var.proxmox_api_token_id
+  pm_api_token_secret = var.proxmox_api_token_secret
+  pm_tls_insecure     = true
+}
diff --git a/opentofu/terraform.tfvars b/opentofu/terraform.tfvars
new file mode 100644
index 0000000..66ee6e8
--- /dev/null
+++ b/opentofu/terraform.tfvars
@@ -0,0 +1,7 @@
+proxmox_api_url       = "https://10.0.0.5:8006/api2/json"
+proxmox_node          = "pve"
+packer_image_name     = "debian-server-bookworm-12-9-0-amd64"
+vm_username           = "mas"
+ssh_private_key_path  = "~/.ssh/id_ecdsa"
+ssh_public_key        = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCtB9NZgJMVovVR4foT0OOV9GdHeHZoPtK1TGko2W4wli/reKjpUYBhlSPWbaWD9WUbl0RRqdzkODy1fB001zxs= mas@TMV2"
+ansible_playbook_path = "../ansible/playbooks/docker.yml"
diff --git a/opentofu/variables.tf b/opentofu/variables.tf
new file mode 100644
index 0000000..426b192
--- /dev/null
+++ b/opentofu/variables.tf
@@ -0,0 +1,46 @@
+variable "proxmox_api_url" {
+  description = "Proxmox API URL"
+  type        = string
+}
+
+variable "proxmox_api_token_id" {
+  type = string
+}
+
+variable "proxmox_api_token_secret" {
+  type = string
+}
+
+
+variable "proxmox_node" {
+  description = "Proxmox node to deploy the VM on"
+  type        = string
+}
+
+variable "packer_image_name" {
+  description = "Name of the Packer image to clone"
+  type        = string
+}
+
+variable "vm_username" {
+  description = "Username for SSH access to the VM"
+  type        = string
+  default     = "mas"
+}
+
+variable "ssh_private_key_path" {
+  description = "Path to the SSH private key for Ansible"
+  type        = string
+}
+
+variable "ssh_public_key" {
+  type      = string
+  sensitive = true
+}
+
+variable "ansible_playbook_path" {
+  description = "Path to the Ansible playbook for Docker installation"
+  type        = string
+}
+
+
diff --git a/terraform b/terraform
new file mode 120000
index 0000000..131cc78
--- /dev/null
+++ b/terraform
@@ -0,0 +1 @@
+opentofu/
\ No newline at end of file