Homelab/terraform/main.tf

terraform {
  required_providers {
    proxmox = {
      source  = "bpg/proxmox"
      version = "~> 0.66.0"
    }
    random = {
      source  = "hashicorp/random"
      version = "~> 3.6"
    }
  }
}

provider "proxmox" {
  endpoint  = var.pm_api_url
  api_token = "${var.pm_api_token_id}=${var.pm_api_token_secret}"
  insecure  = var.pm_tls_insecure
}

resource "random_integer" "vm_id" {
  min = 200
  max = 9999
}

resource "random_password" "root_password" {
  length           = 16
  special          = true
  override_special = "!#$%&*()-_=+[]?"
}

resource "random_password" "user_password" {
  length           = 16
  special          = true
  override_special = "!#$%&*()-_=+[]?"
}

resource "proxmox_virtual_environment_container" "debian_container" {
  node_name     = var.target_node
  vm_id         = random_integer.vm_id.result
  started       = true
  unprivileged  = true
  start_on_boot = true

  description = <<-EOT
    Managed by Terraform
    Container ID: ${random_integer.vm_id.result}
    Hostname    : lxc-${random_integer.vm_id.result}
    Root user   : root
    Root pass   : ${random_password.root_password.result}
    User        : ${var.container_user}
    User pass   : ${random_password.user_password.result}
  EOT

  initialization {
    hostname = "lxc-${random_integer.vm_id.result}"

    ip_config {
      ipv4 {
        address = "dhcp"
      }
    }

    user_account {
      password = random_password.root_password.result
    }
  }

  cpu {
    cores = var.container_cores
  }

  memory {
    dedicated = var.container_memory
  }

  disk {
    datastore_id = var.container_storage
    size         = var.container_disk_size
  }

  network_interface {
    name   = "eth0"
    bridge = "vmbr0"
  }

  operating_system {
    template_file_id = var.container_template
    type             = "debian"
  }

  features {
    nesting = true
  }
}

output "container_id" {
  description = "Proxmox container ID"
  value       = random_integer.vm_id.result
}

output "container_name" {
  description = "Container hostname"
  value       = "lxc-${random_integer.vm_id.result}"
}

output "root_password" {
  description = "Auto-generated root password"
  value       = random_password.root_password.result
  sensitive   = true
}

output "user_password" {
  description = "Auto-generated user password"
  value       = random_password.user_password.result
  sensitive   = true
}