modularize tf infrastructure

2024-03-01 16:34:20 +01:00 · 2024-03-01 16:34:20 +01:00 · 6dae248c01
commit 6dae248c01
parent 493daeeb29
14 changed files with 291 additions and 151 deletions
--- a/tofu/main.tf
+++ b/tofu/main.tf
@ -0,0 +1,57 @@
+terraform {
+  required_providers {
+    libvirt = {
+      source = "dmacvicar/libvirt"
+      version = "0.7.6"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu+ssh://vladan@10.4.4.201/system"
+  # uri = "qemu:///system"
+}
+
+module "network" {
+  source = "./network"
+  domain = "hklbgd.org"
+  subnet = ["10.117.3.0/24"]
+}
+
+module "storage" {
+  source = "./storage"
+}
+
+module "kanidm_vm" {
+  source                  = "./service-vm"
+  domain_name             = "kanidm"
+  domain_memory           = "4096"
+  domain_vcpu             = 2
+  domain_pool             = module.storage.pool
+  domain_base_volume_id   = module.storage.base_volume_id
+  domain_data_volume_size = 322122547200  # 300GB
+  domain_ignition_path    = "../ignition/kanidm/service.ign"
+  domain_network          = {
+    network_id = module.network.id
+    hostname = "id.${module.network.domain}"
+    addresses = ["10.117.3.100"]
+    mac_address = "8A:41:86:95:40:35"
+  }
+}
+
+module "forgejo_vm" {
+  source                  = "./service-vm"
+  domain_name             = "forgejo"
+  domain_memory           = "4096"
+  domain_vcpu             = 2
+  domain_pool             = module.storage.pool
+  domain_base_volume_id   = module.storage.base_volume_id
+  domain_data_volume_size = 322122547200  # 300GB
+  domain_ignition_path    = "../ignition/forgejo/service.ign"
+  domain_network          = {
+    network_id = module.network.id
+    hostname = "forge.${module.network.domain}"
+    addresses = ["10.117.3.110"]
+    mac_address = "8A:41:86:11:16:83"
+  }
+}
--- a/tofu/network/main.tf
+++ b/tofu/network/main.tf
@ -0,0 +1,31 @@
+terraform {
+  required_providers {
+    libvirt = {
+      source = "dmacvicar/libvirt"
+      version = "0.7.6"
+    }
+  }
+}
+
+resource "libvirt_network" "hklbgd" {
+  name = "hklbgd-guests"
+
+  mode = "nat"
+  domain = var.domain
+  autostart = true
+
+  addresses = var.subnet
+
+  dns {
+    enabled = true
+    local_only = true
+  }
+}
+
+output "id" {
+  value = libvirt_network.hklbgd.id
+}
+
+output "domain" {
+  value = var.domain
+}
--- a/tofu/network/variables.tf
+++ b/tofu/network/variables.tf
@ -0,0 +1,9 @@
+variable "subnet" {
+  type = list(string)
+  default = ["10.117.3.0/24"]
+}
+
+variable "domain" {
+  type = string
+  default = "proxmox-coreos.hklbgd.org"
+}
--- a/tofu/service-vm/main.tf
+++ b/tofu/service-vm/main.tf
@ -0,0 +1,62 @@
+terraform {
+  required_providers {
+    libvirt = {
+      source = "dmacvicar/libvirt"
+      version = "0.7.6"
+    }
+  }
+}
+
+resource "libvirt_volume" "rootfs" {
+  name           = "${var.domain_name}-rootfs.qcow2"
+  pool           = var.domain_pool
+  base_volume_id = var.domain_base_volume_id
+}
+
+resource "libvirt_volume" "data" {
+  name   = "${var.domain_name}-data.qcow2"
+  pool   = var.domain_pool
+  size   = var.domain_data_volume_size
+  format = "qcow2"
+
+  lifecycle {
+    prevent_destroy = true
+  }
+}
+
+resource "libvirt_ignition" "ign" {
+  name    = "${var.domain_name}-service.ign"
+  pool    = var.domain_pool
+  content = "${var.domain_ignition_path}"
+}
+
+resource "libvirt_domain" "service" {
+  name      = var.domain_name
+  autostart = true
+  memory    = var.domain_memory
+  vcpu      = var.domain_vcpu
+
+  coreos_ignition = libvirt_ignition.ign.id
+
+  disk {
+    volume_id = libvirt_volume.rootfs.id
+  }
+  disk {
+    volume_id = libvirt_volume.data.id
+  }
+  network_interface {
+    network_id     = var.domain_network.network_id
+    hostname       = var.domain_network.hostname
+    addresses      = var.domain_network.addresses
+    mac            = var.domain_network.mac_address
+    wait_for_lease = true
+  }
+  console {
+    type        = "pty"
+    target_port = "0"
+    target_type = "serial"
+  }
+  graphics {
+    type  = "spice"
+  }
+}
--- a/tofu/service-vm/variables.tf
+++ b/tofu/service-vm/variables.tf
@ -0,0 +1,38 @@
+variable "domain_name" {
+  type = string
+}
+
+variable "domain_memory" {
+  type = string
+  default = "2048"
+}
+
+variable "domain_vcpu" {
+  type = number
+  default = 1
+}
+
+variable "domain_pool" {
+  type = string
+}
+
+variable "domain_base_volume_id" {
+  type = string
+}
+
+variable "domain_data_volume_size" {
+  type = number
+}
+
+variable "domain_ignition_path" {
+  type = string
+}
+
+variable "domain_network" {
+  type = object({
+    network_id = string
+    hostname = string
+    addresses = list(string)
+    mac_address = string
+  })
+}
--- a/tofu/storage/main.tf
+++ b/tofu/storage/main.tf
@ -0,0 +1,28 @@
+terraform {
+  required_providers {
+    libvirt = {
+      source = "dmacvicar/libvirt"
+      version = "0.7.6"
+    }
+  }
+}
+
+resource "libvirt_pool" "hklbgd" {
+  name = "hklbgd-guests"
+  type = "dir"
+  path = "/var/lib/libvirt/guest_images"
+}
+
+resource "libvirt_volume" "fcos" {
+  name   = "fedora-coreos-39.20240210.3.0-qemu.x86_64.qcow2"
+  pool   = libvirt_pool.hklbgd.name
+  format = "qcow2"
+}
+
+output "pool" {
+  value = libvirt_pool.hklbgd.name
+}
+
+output "base_volume_id" {
+  value = libvirt_volume.fcos.id
+}