skrd/server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First commit

Browse Source
This commit is contained in:
Daniel Cortés
2025-06-09 23:32:10 -04:00
commit 863aaeabc7
92 changed files with 2992 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
terraform/k3s/.gitignore vendored Normal file
View File

@@ -0,0 +1,41 @@
# Local .terraform directories
.terraform/
# .tfstate files
*.tfstate
*.tfstate.*
# Crash log files
crash.log
crash.*.log
# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
*.tfvars.json
# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json
# Ignore transient lock info files created by terraform apply
.terraform.tfstate.lock.info
# Include override files you do wish to add to version control using negated pattern
# !example_override.tf
# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*
# Ignore CLI configuration files
.terraformrc
terraform.rc
# Ignorando secrets
secrets.tfvars
!secrets.tfvars.example

44
terraform/k3s/.terraform.lock.hcl generated Normal file
View File

@@ -0,0 +1,44 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/bpg/proxmox" {
version = "0.72.0"
constraints = "0.72.0"
hashes = [
"h1:LCNKZG6lVHdf9LTkHgM8CPUbiFxLI8k208Tz9ajz46c=",
"zh:031d0ade16874fe111055b9417b4f9c73efe7c755ba39aa28bd697ee77dc5e0e",
"zh:095320d9cfb1e1f1b42d0d31f7aef5380323ab5e0d428606c43c9a30bf3b40db",
"zh:11b9ccfc249e150a174f1aa0dd63b8f96296fcb94353902e807da2da20035822",
"zh:24aa2cb7362db5ffebdcc45b0f53897fdd102f322ec7d9e0e4ef60a87955c182",
"zh:334d6d6c2c12803b530ca7fcafe25def317333582dca531ae889bdc1dcbf966a",
"zh:383376b3ce17877f78168270f14a4401093cfee464adf85dd88214d09951e6a2",
"zh:762d16fefdf4af471fe11ba315c7a0a3e5ff04c4f6e8431cd541b2f78cd518ae",
"zh:7c455e70d262e26c3fda8859ed67b0118d12f72416397fc8fbf5b5b90f2f02c3",
"zh:8401a38d10e1aacc7c3f75ae41f42c88647ab7e0974010c616b69095c7a719c1",
"zh:b7bdc53cdd6a21f208fc15bbbd0502fd39bee268801fd2b9ce89e18b38138bc0",
"zh:c3741939ceb5fbd4c00f9aa541a3e9cb68222c39890ca5ed3602a0ca3fa98a53",
"zh:d0d49355b2d1dc847028c96328f8e0ffc4ce39c3641940f9136684a7177d008f",
"zh:ed137c25a20912962413ea1972aa15931f54dcb922a9c4451d08237b6cad2037",
"zh:f26e0763dbe6a6b2195c94b44696f2110f7f55433dc142839be16b9697fa5597",
"zh:f3e38e9c63ef9b295c7e4d2e302d85700f2e8dbff49285e364457b999b927a72",
]
}
provider "registry.terraform.io/hashicorp/local" {
version = "2.5.2"
hashes = [
"h1:JlMZD6nYqJ8sSrFfEAH0Vk/SL8WLZRmFaMUF9PJK5wM=",
"zh:136299545178ce281c56f36965bf91c35407c11897f7082b3b983d86cb79b511",
"zh:3b4486858aa9cb8163378722b642c57c529b6c64bfbfc9461d940a84cd66ebea",
"zh:4855ee628ead847741aa4f4fc9bed50cfdbf197f2912775dd9fe7bc43fa077c0",
"zh:4b8cd2583d1edcac4011caafe8afb7a95e8110a607a1d5fb87d921178074a69b",
"zh:52084ddaff8c8cd3f9e7bcb7ce4dc1eab00602912c96da43c29b4762dc376038",
"zh:71562d330d3f92d79b2952ffdda0dad167e952e46200c767dd30c6af8d7c0ed3",
"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
"zh:805f81ade06ff68fa8b908d31892eaed5c180ae031c77ad35f82cb7a74b97cf4",
"zh:8b6b3ebeaaa8e38dd04e56996abe80db9be6f4c1df75ac3cccc77642899bd464",
"zh:ad07750576b99248037b897de71113cc19b1a8d0bc235eb99173cc83d0de3b1b",
"zh:b9f1c3bfadb74068f5c205292badb0661e17ac05eb23bfe8bd809691e4583d0e",
"zh:cc4cbcd67414fefb111c1bf7ab0bc4beb8c0b553d01719ad17de9a047adff4d1",
]
}

96
terraform/k3s/main.tf Normal file
View File

@@ -0,0 +1,96 @@
data "local_file" "ssh_public_key" {
filename = "/home/ryuuji/.ssh/id_rsa.pub"
}
resource "proxmox_virtual_environment_download_file" "ubuntu_cloud_image" {
content_type = "iso"
datastore_id = "storage"
node_name = "talos"
url = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
file_name = "k3s-noble-server-cloudimg-amd64.img"
}
resource "proxmox_virtual_environment_file" "k3s_user_data_cloud_config" {
for_each = var.k3s_vm_config
content_type = "snippets"
datastore_id = "storage"
node_name = "talos"
source_raw {
data = <<-EOF
#cloud-config
hostname: ${each.value.name}
users:
- default
- name: ubuntu
groups:
- sudo
shell: /bin/bash
ssh_authorized_keys:
- ${trimspace(data.local_file.ssh_public_key.content)}
sudo: ALL=(ALL) NOPASSWD:ALL
runcmd:
- apt update
- apt install -y qemu-guest-agent net-tools
- timedatectl set-timezone America/Santiago
- systemctl enable qemu-guest-agent
- systemctl start qemu-guest-agent
- echo "done" > /tmp/cloud-config.done
EOF
file_name = "${each.value.name}-k3s-cloud-config.yaml"
}
}
resource "proxmox_virtual_environment_vm" "k3s_ubuntu_vm" {
for_each = var.k3s_vm_config
name = each.value.name
node_name = "talos"
agent {
enabled = true
}
cpu {
cores = 4
type = "host"
}
memory {
dedicated = each.value.ram
}
disk {
datastore_id = "storage-lvm"
file_id = proxmox_virtual_environment_download_file.ubuntu_cloud_image.id
interface = "virtio0"
iothread = true
discard = "on"
size = 50
}
disk {
datastore_id = "storage-lvm"
iothread = true
interface = "virtio1"
discard = "on"
file_format = "raw"
size = 200
}
network_device {
bridge = "vmbr0"
}
initialization {
datastore_id = "storage-lvm"
ip_config {
ipv4 {
address = "${each.value.ip}/${each.value.cidr}"
gateway = "192.168.1.1"
}
}
user_data_file_id = proxmox_virtual_environment_file.k3s_user_data_cloud_config[each.key].id
}
}

26
terraform/k3s/outputs.tf Normal file
View File

@@ -0,0 +1,26 @@
locals {
ansible_master_lines = [
for name, config in var.k3s_vm_config :
"${config.ip} ansible_user=ubuntu ansible_ssh_private_key_file=/home/ryuuji/.ssh/id_rsa ansible_ssh_common_args='-o StrictHostKeyChecking=no'"
if config.role == "master"
]
ansible_worker_lines = [
for name, config in var.k3s_vm_config :
"${config.ip} ansible_user=ubuntu ansible_ssh_private_key_file=/home/ryuuji/.ssh/id_rsa ansible_ssh_common_args='-o StrictHostKeyChecking=no'"
if config.role == "worker"
]
}
output "ansible_inventory_k3s" {
value = <<EOT
[k3s_master]
${join("\n", local.ansible_master_lines)}
[k3s_workers]
${join("\n", local.ansible_worker_lines)}
[k3s_cluster:children]
k3s_master
k3s_workers
EOT
}

20
terraform/k3s/providers.tf Normal file
View File

@@ -0,0 +1,20 @@
terraform {
required_providers {
proxmox = {
source = "bpg/proxmox"
version = "0.72.0"
}
}
}
provider "proxmox" {
endpoint = var.proxmox_endpoint
username = var.proxmox_username
password = var.proxmox_password
insecure = true
ssh {
agent = true
username = var.proxmox_ssh_username
private_key = file(var.proxmox_ssh_private_key)
}
}

6
terraform/k3s/secrets.tfvars.example Normal file
View File

@@ -0,0 +1,6 @@
proxmox_endpoint = "https://192.168.2.1:8006/"
proxmox_username = "username@pam"
proxmox_password = "SECRET"
proxmox_ssh_username = "username"
proxmox_ssh_private_key = "~/.ssh/id_rsa"

23
terraform/k3s/variables.tf Normal file
View File

@@ -0,0 +1,23 @@
variable "proxmox_endpoint" {}
variable "proxmox_username" {}
variable "proxmox_password" {}
variable "proxmox_ssh_username" {}
variable "proxmox_ssh_private_key" {}
variable "k3s_vm_config" {
type = map(object({
name = string
ip = string
cidr = string
ram = string
role = string
}))
default = {
"vm1" = { name = "k3s-node-1", ip = "192.168.3.1", cidr = "16", ram = "4096", role = "master" }
"vm2" = { name = "k3s-node-2", ip = "192.168.3.2", cidr = "16", ram = "4096", role = "worker" }
"vm3" = { name = "k3s-node-3", ip = "192.168.3.3", cidr = "16", ram = "4096", role = "worker" }
"vm4" = { name = "k3s-node-4", ip = "192.168.3.4", cidr = "16", ram = "4096", role = "worker" }
}
}