This commit is contained in:
Sebastian Serfling
+38
-61
@@ -14,73 +14,50 @@ provider "proxmox" {
|
|||||||
pm_tls_insecure = true
|
pm_tls_insecure = true
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "proxmox_lxc" "staging" {
|
# Create staging LXC mit pct-Befehl
|
||||||
target_node = var.proxmox_node
|
resource "null_resource" "staging_lxc" {
|
||||||
hostname = "hugo-staging"
|
provisioner "local-exec" {
|
||||||
vmid = 200
|
command = <<-EOT
|
||||||
ostemplate = var.lxc_ostemplate
|
pct create 200 \
|
||||||
unprivileged = true
|
${var.lxc_ostemplate} \
|
||||||
start = true
|
--hostname hugo-staging \
|
||||||
onboot = false
|
--cores ${var.lxc_cores} \
|
||||||
|
--memory ${var.lxc_memory} \
|
||||||
cores = 2
|
--swap ${var.lxc_swap} \
|
||||||
memory = 1024
|
--rootfs ${var.lxc_rootfs} \
|
||||||
swap = 512
|
--net0 name=eth0,bridge=${var.lxc_bridge},ip=${var.staging_ip}/24,gw=${var.staging_gw} \
|
||||||
|
--unprivileged 1 \
|
||||||
rootfs {
|
--start 1 \
|
||||||
storage = "SSD"
|
--password '${var.root_password}' \
|
||||||
size = "10G"
|
--ssh-public-keys '${var.ssh_public_key}' \
|
||||||
|
2>/dev/null || true
|
||||||
|
EOT
|
||||||
}
|
}
|
||||||
|
|
||||||
network {
|
provisioner "local-exec" {
|
||||||
name = "eth0"
|
command = "sleep 10"
|
||||||
bridge = var.lxc_bridge
|
|
||||||
ip = "${var.staging_ip}/24"
|
|
||||||
gw = var.staging_gw
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ssh_public_keys = var.ssh_public_key
|
provisioner "local-exec" {
|
||||||
|
command = <<-EOT
|
||||||
# Lifecycle: Erlaubt Destroy von geschützten Ressourcen
|
pct enter 200 -- bash -c '
|
||||||
lifecycle {
|
apt-get update -qq &&
|
||||||
create_before_destroy = false
|
apt-get install -y hugo nginx git rsync curl &&
|
||||||
|
systemctl enable --now nginx &&
|
||||||
|
useradd -m -s /bin/bash deploy 2>/dev/null || true &&
|
||||||
|
mkdir -p /home/deploy/.ssh &&
|
||||||
|
chmod 700 /home/deploy/.ssh &&
|
||||||
|
echo "${var.ssh_public_key}" >> /home/deploy/.ssh/authorized_keys &&
|
||||||
|
chmod 600 /home/deploy/.ssh/authorized_keys &&
|
||||||
|
chown -R deploy:deploy /home/deploy/.ssh &&
|
||||||
|
mkdir -p /var/www/html &&
|
||||||
|
chown -R deploy:deploy /var/www/html &&
|
||||||
|
echo "✅ Staging VM Setup complete!"
|
||||||
|
'
|
||||||
|
EOT
|
||||||
}
|
}
|
||||||
|
|
||||||
provisioner "remote-exec" {
|
|
||||||
inline = [
|
|
||||||
# Root Password setzen
|
|
||||||
"echo 'root:${var.root_password}' | chpasswd",
|
|
||||||
|
|
||||||
# System Setup
|
|
||||||
"apt-get update -qq",
|
|
||||||
"apt-get install -y hugo nginx git rsync curl",
|
|
||||||
"systemctl enable --now nginx",
|
|
||||||
|
|
||||||
# Deploy User mit SSH Key
|
|
||||||
"useradd -m -s /bin/bash deploy || true",
|
|
||||||
"mkdir -p /home/deploy/.ssh",
|
|
||||||
"chmod 700 /home/deploy/.ssh",
|
|
||||||
"echo '${var.ssh_public_key}' >> /home/deploy/.ssh/authorized_keys",
|
|
||||||
"chmod 600 /home/deploy/.ssh/authorized_keys",
|
|
||||||
"chown -R deploy:deploy /home/deploy/.ssh",
|
|
||||||
|
|
||||||
# Web Root
|
|
||||||
"mkdir -p /var/www/html",
|
|
||||||
"chown -R deploy:deploy /var/www/html"
|
|
||||||
]
|
|
||||||
connection {
|
|
||||||
type = "ssh"
|
|
||||||
user = "root"
|
|
||||||
private_key = var.ssh_private_key
|
|
||||||
host = self.network[0].ip
|
|
||||||
timeout = "10m"
|
|
||||||
agent = false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
depends_on = []
|
|
||||||
}
|
}
|
||||||
|
|
||||||
output "staging_ip" {
|
output "staging_ip" {
|
||||||
value = proxmox_lxc.staging.network[0].ip
|
value = "${var.staging_ip}/24"
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user