From 48345dd80d182a51afc0385929b559b680a5c9ca Mon Sep 17 00:00:00 2001
From: admin <jkilloran@mapletree.email>
Date: Wed, 28 Jan 2026 09:33:14 -0700
Subject: [PATCH] update for terraform

---
 .gitignore                   |  2 ++
 terraform/docker-compose.yml | 16 ++++++++++++++++
 terraform/lxc_nodes.tf       | 18 ++++++++++++++++++
 terraform/provider.tf        | 14 ++++++++++++++
 4 files changed, 50 insertions(+)
 create mode 100644 terraform/docker-compose.yml
 create mode 100644 terraform/lxc_nodes.tf
 create mode 100644 terraform/provider.tf

diff --git a/.gitignore b/.gitignore
index b4f1d71..de44ee2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,6 +7,8 @@
 *.cert
 *.pem
 *.crt
+*.tfstate
+*.tfvars
 
 # ===========================
 # 2. GLOBAL GENERICS
diff --git a/terraform/docker-compose.yml b/terraform/docker-compose.yml
new file mode 100644
index 0000000..7ebba07
--- /dev/null
+++ b/terraform/docker-compose.yml
@@ -0,0 +1,16 @@
+services:
+  terraform:
+    image: hashicorp/terraform:latest
+    container_name: terraform-worker
+    # We mount the current folder into the container so it can see your .tf files
+    volumes:
+      - .:/app
+    working_dir: /app
+    # We pass your Komodo secrets into the container
+    environment:
+      - TF_VAR_pve_endpoint=${TF_VAR_pve_endpoint}
+      - TF_VAR_pve_token_id=${TF_VAR_pve_token_id}
+      - TF_VAR_pve_token_secret=${TF_VAR_pve_token_secret}
+    # This prevents the container from trying to run a service; 
+    # we want to trigger commands manually or via Komodo Actions.
+    entrypoint: ["/bin/sh", "-c", "sleep infinity"]
\ No newline at end of file
diff --git a/terraform/lxc_nodes.tf b/terraform/lxc_nodes.tf
new file mode 100644
index 0000000..607eb99
--- /dev/null
+++ b/terraform/lxc_nodes.tf
@@ -0,0 +1,18 @@
+resource "proxmox_virtual_environment_container" "disposable_lxc" {
+  node_name = "pve1" # Which physical server to put it on
+  vm_id     = 201
+
+  initialization {
+    hostname = "pve2-lxc1"
+    ip_config {
+      ipv4 {
+        address = "172.16.201.201/24"
+        gateway = "172.16.201.1"
+      }
+    }
+  }
+
+  clone {
+    vm_id = 9000 # YOUR GOLDEN IMAGE ID
+  }
+}
\ No newline at end of file
diff --git a/terraform/provider.tf b/terraform/provider.tf
new file mode 100644
index 0000000..0565a56
--- /dev/null
+++ b/terraform/provider.tf
@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "bpg/proxmox"
+      version = "0.70.1" # Using a stable version
+    }
+  }
+}
+
+provider "proxmox" {
+  endpoint = var.pve_endpoint
+  api_token = "${var.pve_token_id}=${var.pve_token_secret}"
+  insecure = true # Skip SSL check since we use internal IPs
+}
\ No newline at end of file