move up files to one level and erase default public key

2025-10-18 13:18:32 +02:00
parent f5e85371e4
commit 91e23f0765
16 changed files with 72 additions and 72 deletions
--- a/shared_modules/domain.tf
+++ b/shared_modules/domain.tf
@@ -0,0 +1,67 @@
+resource "libvirt_domain" "domain" {
+  count  = var.instance_count
+  name   = "${var.vm_name}-${count.index}"
+  memory = var.memory
+  vcpu   = var.vcpu
+  machine = "q35"
+
+  # The chipset q35, which does not support the IDE bus, does not work with the terraform-provider-libvirt cloud-init implementation,
+  # which creates an ISO attached to an IDE bus by default. Workaround is implemented 
+  # https://github.com/dmacvicar/terraform-provider-libvirt/issues/1137#issuecomment-2592329846
+  # A cleaner solution might be the following :
+  # https://github.com/dmacvicar/terraform-provider-libvirt/pull/895#issuecomment-1911167872
+
+  xml {
+    xslt = file("${path.module}/q35-workaround.xslt")
+  }
+
+  # Only include cloudinit if enabled
+  cloudinit = var.enable_cloudinit ? libvirt_cloudinit_disk.commoninit[count.index].id : null
+
+  # ---- optional UEFI support ------------------------------------
+  # Firmware – only add the string when a path is supplied
+  firmware = can(var.uefi_firmware) && length(var.uefi_firmware) > 0 ? var.uefi_firmware : null
+
+  # NVRAM block – dynamic block that is evaluated once per VM
+  dynamic "nvram" {
+    # create the block once if a firmware path *and* a template were given
+    for_each = (can(var.uefi_firmware) && length(var.uefi_firmware) > 0
+                && can(var.uefi_nvram_template) && length(var.uefi_nvram_template) > 0
+                ) ? [1] : []
+
+    content {
+      # The NVRAM filename is per‑VM, but we can honour an optional suffix
+      file     = "/var/lib/libvirt/qemu/nvram/${var.vm_name}-${count.index}${var.uefi_nvram_file_suffix}_VARS.fd"
+      template = var.uefi_nvram_template
+    }
+  }
+  # ----------------------------------------------------------------
+
+  cpu {
+    mode = "host-passthrough"
+  }
+
+  disk {
+    volume_id = element(libvirt_volume.vm_disk.*.id, count.index)
+    scsi      = "true"
+  }
+
+  console {
+    type        = "pty"
+    target_port = "0"
+    target_type = "virtio"
+  }
+
+  video {
+    type = "virtio"
+  }
+
+  tpm {
+    backend_type    = "emulator"
+    backend_version = "2.0"
+  }
+
+  network_interface {
+    network_name = "${var.vm_name}-network"
+  }
+}