9 files changed, 248 insertions, 14 deletions

diff --git a/opentofu/README.md b/opentofu/README.md
index 1bf6e55..25e57d9 100644
--- a/opentofu/README.md
+++ b/opentofu/README.md
@@ -8,7 +8,6 @@ OpenTofu is used to define, manage, and provision infrastructure as code (IaC).
 ## **Project Structure**
 - **`README.md`** – Project overview and documentation.
 - **`examples/`** – Sample configurations demonstrating how to use modules in different scenarios.
-- **`main.tf`** – Primary OpenTofu configuration file, orchestrating resource provisioning.
 - **`modules/`** – Reusable OpenTofu modules for provisioning infrastructure components.
 - **`outputs.tf`** – Definitions of outputs to expose key resource attributes.
 - **`provider.tf`** – Configuration for OpenTofu providers, such as Proxmox.
diff --git a/opentofu/main.tf b/opentofu/docker-server.tf
index 544bc35..3e13b42 100644
--- a/opentofu/main.tf
+++ b/opentofu/docker-server.tf
@@ -1,12 +1,18 @@
 resource "proxmox_vm_qemu" "docker_server" {
 
+  lifecycle {
+    ignore_changes = [
+      bootdisk,
+    ]
+  }
+
   name        = "docker-server"
   desc        = "Debian server with docker installed."
   agent       = 1 # Qemu Guest Agent
   target_node = var.proxmox_node
-  tags        = "debian,docker"
+  tags        = "debian;docker"
 
-  clone      = var.packer_image_name
+  clone      = var.debian_server_bookworm_packer_image_name
   full_clone = true
 
   qemu_os  = "other"
diff --git a/opentofu/init-validate-plan.sh b/opentofu/init-validate-plan.sh
new file mode 100755
index 0000000..21d133e
--- /dev/null
+++ b/opentofu/init-validate-plan.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+plan_file="$1"
+
+# tofu workflow
+tofu init && \
+tofu fmt && \
+tofu validate && \
+tofu plan -out "$plan_file"
diff --git a/opentofu/k8s-cluster.tf b/opentofu/k8s-cluster.tf
new file mode 100644
index 0000000..1241399
--- /dev/null
+++ b/opentofu/k8s-cluster.tf
@@ -0,0 +1,136 @@
+resource "proxmox_vm_qemu" "k8s_cp" {
+
+  lifecycle {
+    ignore_changes = [
+      bootdisk,
+    ]
+  }
+
+  name        = "k8s-cp-01"
+  desc        = "k8s control plane"
+  agent       = 1 # Qemu Guest Agent
+  target_node = var.proxmox_node
+  tags        = "debian;k8s"
+
+  clone      = var.debian_server_bookworm_packer_image_name
+  full_clone = true
+
+  qemu_os  = "other"
+  cores    = 2
+  sockets  = 1
+  cpu_type = "host"
+  memory   = 6144
+
+  scsihw   = "virtio-scsi-pci"
+  bootdisk = "scsi0"
+
+  disks {
+    ide {
+      ide0 {
+        cloudinit {
+          storage = "local-lvm"
+        }
+      }
+    }
+    virtio {
+      virtio0 {
+        disk {
+          storage   = "local-lvm"
+          size      = "32G"
+          iothread  = true
+          replicate = false
+        }
+      }
+    }
+  }
+
+  network {
+    id     = 0
+    model  = "virtio"
+    bridge = "vmbr0"
+  }
+
+  # Cloud-Init settings
+  ipconfig0 = "ip=dhcp"
+  ciuser    = "mas"
+  sshkeys   = var.ssh_public_key
+}
+
+resource "proxmox_vm_qemu" "k8s_worker" {
+
+  lifecycle {
+    ignore_changes = [
+      bootdisk,
+    ]
+  }
+
+  count       = var.k8s_worker_vm_count
+  name        = "${var.k8s_worker_vm_name_prefix}-${count.index}"
+  desc        = "k8s worker"
+  agent       = 1 # Qemu Guest Agent
+  target_node = var.proxmox_node
+  tags        = "debian;k8s"
+
+  clone      = var.debian_server_bookworm_packer_image_name
+  full_clone = true
+
+  qemu_os  = "other"
+  cores    = 1
+  sockets  = 1
+  cpu_type = "host"
+  memory   = 2048
+
+  scsihw   = "virtio-scsi-pci"
+  bootdisk = "scsi0"
+
+  disks {
+    ide {
+      ide0 {
+        cloudinit {
+          storage = "local-lvm"
+        }
+      }
+    }
+    virtio {
+      virtio0 {
+        disk {
+          storage   = "local-lvm"
+          size      = "32G"
+          iothread  = true
+          replicate = false
+        }
+      }
+    }
+  }
+
+  network {
+    id     = 0
+    model  = "virtio"
+    bridge = "vmbr0"
+  }
+
+  # Cloud-Init settings
+  ipconfig0 = "ip=dhcp"
+  ciuser    = "mas"
+  sshkeys   = var.ssh_public_key
+}
+
+
+## Run Ansible playbook after VM creation
+#resource "null_resource" "ansible_provisioner" {
+#  triggers = {
+#    vm_id = proxmox_vm_qemu.k8s-[worker][cp]-[count.index].id
+#  }
+#
+#  provisioner "local-exec" {
+#    command = <<-EOT
+#      ANSIBLE_HOST_KEY_CHECKING=False ANSIBLE_CONFIG=${path.root}/../ansible/ansible.cfg ansible-playbook \
+#	-i '${proxmox_vm_qemu.k8s-[worker][cp]-[count.index].default_ipv4_address},' \
+#	-u ${var.vm_username} \
+#	--private-key ${var.ssh_private_key_path} \
+#	${var.ansible_playbook_path}
+#    EOT
+#  }
+#
+#  depends_on = [proxmox_vm_qemu.docker_server]
+#}
diff --git a/opentofu/outputs.tf b/opentofu/outputs.tf
index 49e86c5..7779a10 100644
--- a/opentofu/outputs.tf
+++ b/opentofu/outputs.tf
@@ -1,4 +1,13 @@
-output "vm_ip" {
-  description = "IP address of the provisioned VM"
-  value       = proxmox_vm_qemu.docker_server.default_ipv4_address
+locals {
+  all_vms = flatten([
+    [proxmox_vm_qemu.k8s_cp],
+    proxmox_vm_qemu.k8s_worker,
+    [proxmox_vm_qemu.docker_server],
+    [proxmox_vm_qemu.ubuntu_server_noble]
+  ])
+}
+
+output "vm_ips" {
+  description = "Mapping of VM names to their IP addresses"
+  value       = { for vm in local.all_vms : vm.name => vm.default_ipv4_address if can(vm.default_ipv4_address) }
 }
diff --git a/opentofu/plan.out b/opentofu/plan.out
new file mode 100644
index 0000000..0a6bf9f
--- /dev/null
+++ b/opentofu/plan.out
diff --git a/opentofu/terraform.tfvars b/opentofu/terraform.tfvars
index 66ee6e8..a457908 100644
--- a/opentofu/terraform.tfvars
+++ b/opentofu/terraform.tfvars
@@ -1,7 +1,8 @@
-proxmox_api_url       = "https://10.0.0.5:8006/api2/json"
-proxmox_node          = "pve"
-packer_image_name     = "debian-server-bookworm-12-9-0-amd64"
-vm_username           = "mas"
-ssh_private_key_path  = "~/.ssh/id_ecdsa"
-ssh_public_key        = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCtB9NZgJMVovVR4foT0OOV9GdHeHZoPtK1TGko2W4wli/reKjpUYBhlSPWbaWD9WUbl0RRqdzkODy1fB001zxs= mas@TMV2"
-ansible_playbook_path = "../ansible/playbooks/docker.yml"
+proxmox_api_url                          = "https://10.0.0.5:8006/api2/json"
+proxmox_node                             = "pve"
+debian_server_bookworm_packer_image_name = "debian-server-bookworm-12-9-0-amd64"
+ubuntu_server_noble_packer_image_name    = "ubuntu-server-noble-24-04-1-amd64"
+vm_username                              = "mas"
+ssh_private_key_path                     = "~/.ssh/id_ecdsa"
+ssh_public_key                           = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCtB9NZgJMVovVR4foT0OOV9GdHeHZoPtK1TGko2W4wli/reKjpUYBhlSPWbaWD9WUbl0RRqdzkODy1fB001zxs= mas@TMV2"
+ansible_playbook_path                    = "../ansible/playbooks/docker.yml"
diff --git a/opentofu/ubuntu-server-noble.tf b/opentofu/ubuntu-server-noble.tf
new file mode 100644
index 0000000..fe64af9
--- /dev/null
+++ b/opentofu/ubuntu-server-noble.tf
@@ -0,0 +1,57 @@
+resource "proxmox_vm_qemu" "ubuntu_server_noble" {
+
+  lifecycle {
+    ignore_changes = [
+      bootdisk,
+    ]
+  }
+
+  name        = "ubuntu-server-noble"
+  desc        = "Plain ubuntu server noble"
+  agent       = 1 # Qemu Guest Agent
+  target_node = var.proxmox_node
+  tags        = "ubuntu"
+
+  clone      = var.ubuntu_server_noble_packer_image_name
+  full_clone = true
+
+  qemu_os  = "other"
+  cores    = 2
+  sockets  = 1
+  cpu_type = "host"
+  memory   = 4096
+
+  scsihw   = "virtio-scsi-pci"
+  bootdisk = "scsi0"
+
+  disks {
+    ide {
+      ide0 {
+        cloudinit {
+          storage = "local-lvm"
+        }
+      }
+    }
+    virtio {
+      virtio0 {
+        disk {
+          storage   = "local-lvm"
+          size      = "20G"
+          iothread  = true
+          replicate = false
+        }
+      }
+    }
+  }
+
+  network {
+    id     = 0
+    model  = "virtio"
+    bridge = "vmbr0"
+  }
+
+  # Cloud-Init settings
+  ipconfig0 = "ip=dhcp"
+  ciuser    = "mas"
+  sshkeys   = var.ssh_public_key
+}
diff --git a/opentofu/variables.tf b/opentofu/variables.tf
index 426b192..bdbc17f 100644
--- a/opentofu/variables.tf
+++ b/opentofu/variables.tf
@@ -17,7 +17,12 @@ variable "proxmox_node" {
   type        = string
 }
 
-variable "packer_image_name" {
+variable "debian_server_bookworm_packer_image_name" {
+  description = "Name of the Packer image to clone"
+  type        = string
+}
+
+variable "ubuntu_server_noble_packer_image_name" {
   description = "Name of the Packer image to clone"
   type        = string
 }
@@ -44,3 +49,15 @@ variable "ansible_playbook_path" {
 }
 
 
+variable "k8s_worker_vm_name_prefix" {
+  description = "VM name prefix"
+  default     = "k8s-worker"
+  type        = string
+}
+
+variable "k8s_worker_vm_count" {
+  description = "Number of servers"
+  default     = 2
+  type        = string
+}
+