update for nesting and privilege

terraform/main.tf

@@ -3,6 +3,11 @@ resource "proxmox_virtual_environment_container" "cattle" {
 
   node_name    = each.value.node
   vm_id        = each.key
+  unprivileged = true # Standard for security
+
+  features {
+    nesting = true # Essential for Docker inside LXC
+  }
 
   initialization {
     hostname = each.value.hostname
@@ -18,7 +23,8 @@ resource "proxmox_virtual_environment_container" "cattle" {
   }
 
   operating_system {
-    template_file_id = "local:vdebian-13-standard_13.1-2_amd64.tar.zst"
+    # Updated to your Debian 13 template
+    template_file_id = "local:vztmpl/debian-13-standard_13.1-2_amd64.tar.zst"
     type             = "debian"
   }
 
@@ -30,9 +36,22 @@ resource "proxmox_virtual_environment_container" "cattle" {
     dedicated = each.value.memory
   }
 
+  # Root Disk
   disk {
-    datastore_id = "local-lvm"
+    datastore_id = each.value.datastore_id
-    size         = tonumber(replace(each.value.disk_size, "G", "")) # Converts "20G" to 20
+    size         = each.value.disk_size
+  }
+
+  # Mount Point 0 (/docker)
+  mount_point {
+    volume = each.value.mp0_volume
+    path   = "/docker"
+  }
+
+  # Mount Point 1 (/repo)
+  mount_point {
+    volume = each.value.mp1_volume
+    path   = "/repo"
   }
 
   network_interface {