update for terraform

.gitignore

@@ -7,6 +7,8 @@
 *.cert
 *.pem
 *.crt
+*.tfstate
+*.tfvars
 
 # ===========================
 # 2. GLOBAL GENERICS

terraform/docker-compose.yml

@@ -0,0 +1,16 @@
+services:
+  terraform:
+    image: hashicorp/terraform:latest
+    container_name: terraform-worker
+    # We mount the current folder into the container so it can see your .tf files
+    volumes:
+      - .:/app
+    working_dir: /app
+    # We pass your Komodo secrets into the container
+    environment:
+      - TF_VAR_pve_endpoint=${TF_VAR_pve_endpoint}
+      - TF_VAR_pve_token_id=${TF_VAR_pve_token_id}
+      - TF_VAR_pve_token_secret=${TF_VAR_pve_token_secret}
+    # This prevents the container from trying to run a service; 
+    # we want to trigger commands manually or via Komodo Actions.
+    entrypoint: ["/bin/sh", "-c", "sleep infinity"]

terraform/lxc_nodes.tf

@@ -0,0 +1,18 @@
+resource "proxmox_virtual_environment_container" "disposable_lxc" {
+  node_name = "pve1" # Which physical server to put it on
+  vm_id     = 201
+
+  initialization {
+    hostname = "pve2-lxc1"
+    ip_config {
+      ipv4 {
+        address = "172.16.201.201/24"
+        gateway = "172.16.201.1"
+      }
+    }
+  }
+
+  clone {
+    vm_id = 9000 # YOUR GOLDEN IMAGE ID
+  }
+}

terraform/provider.tf

@@ -0,0 +1,14 @@
+terraform {
+  required_providers {
+    proxmox = {
+      source  = "bpg/proxmox"
+      version = "0.70.1" # Using a stable version
+    }
+  }
+}
+
+provider "proxmox" {
+  endpoint = var.pve_endpoint
+  api_token = "${var.pve_token_id}=${var.pve_token_secret}"
+  insecure = true # Skip SSL check since we use internal IPs
+}