add logic to automatically detect firmware irrespective of the Linux distribution

update main.tf to match simpler UEFI firmware logic
aider not used so can be ignored
2025-10-20 11:28:28 +02:00 · 2025-10-20 11:27:00 +02:00 · 2025-10-20 11:26:35 +02:00
10 changed files with 83 additions and 53 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -10,7 +10,3 @@ terraform.tfvars.example
 # Terraform plan and output files
 *.tfplan
 *.tfout
 # Aider files
 *.aider*
--- a/environments/debian-13-cloud/main.tf
+++ b/environments/debian-13-cloud/main.tf
@@ -17,14 +17,6 @@ module "shared_modules" {
  vm_name      = "deb-13-bios" 
  image_location  = "https://cloud.debian.org/images/cloud/trixie/latest/debian-13-genericcloud-amd64.raw"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
  enable_cloudinit = true
  # ---- UEFI SETTINGS ----------------------------------------------
  # uefi_firmware        = "/usr/share/edk2/ovmf/OVMF_CODE.fd" # Location on Fedora
  # uefi_nvram_template  = "/usr/share/edk2/ovmf/OVMF_VARS.fd" # Location on Fedora
  uefi_firmware        = "/usr/share/edk2/x64/OVMF_CODE.4m.fd" # Location on Arch Linux
  uefi_nvram_template  = "/usr/share/edk2/x64/OVMF_VARS.4m.fd" # Location on Arch Linux
  uefi_nvram_file_suffix = "-uefi"
  # ----------------------------------------------------------------
 }
--- a/environments/fedora-cloud-server-42-bios/main.tf
+++ b/environments/fedora-cloud-server-42-bios/main.tf
@@ -17,6 +17,6 @@ module "shared_modules" {
  vm_name      = "f42-bios" 
  image_location  = "https://download.fedoraproject.org/pub/fedora/linux/releases/42/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-42-1.1.x86_64.qcow2"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
  enable_cloudinit = true
 }
--- a/environments/opensuse-tumbleweed-uefi/main.tf
+++ b/environments/opensuse-tumbleweed-uefi/main.tf
@@ -17,14 +17,7 @@ module "shared_modules" {
  vm_name      = "os-tw-uefi" 
  image_location  = "https://download.opensuse.org/tumbleweed/appliances/openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
  enable_cloudinit = true
  # ---- UEFI SETTINGS ----------------------------------------------
  # uefi_firmware        = "/usr/share/edk2/ovmf/OVMF_CODE.fd" # Location on Fedora
  # uefi_nvram_template  = "/usr/share/edk2/ovmf/OVMF_VARS.fd" # Location on Fedora
  uefi_firmware        = "/usr/share/edk2/x64/OVMF_CODE.4m.fd" # Location on Arch Linux
  uefi_nvram_template  = "/usr/share/edk2/x64/OVMF_VARS.4m.fd" # Location on Arch Linux
  uefi_nvram_file_suffix = "-uefi"
  # ----------------------------------------------------------------
 }
--- a/environments/phyllome-42-uefi/main.tf
+++ b/environments/phyllome-42-uefi/main.tf
@@ -17,11 +17,5 @@ module "shared_modules" {
  vm_name      = "phyllome-42-uefi" 
  image_location  = "/var/lib/libvirt/images/virtual-desktop-hypervisor.img"
-  enable_cloudinit = false
+  uefi_firmware = true
  # ---- OPTIONAL UEFI SETTINGS ----------------------------------------------
  uefi_firmware        = "/usr/share/edk2/x64/OVMF_CODE.4m.fd"
  uefi_nvram_template  = "/usr/share/edk2/x64/OVMF_VARS.4m.fd"
  uefi_nvram_file_suffix = "-uefi"
  # ----------------------------------------------------------------
 }
--- a/environments/rocky-linux-cloud-10-bios/main.tf
+++ b/environments/rocky-linux-cloud-10-bios/main.tf
@@ -17,6 +17,6 @@ module "shared_modules" {
  vm_name      = "rl-bios" 
  image_location  = "https://dl.rockylinux.org/pub/rocky/10/images/x86_64/Rocky-10-GenericCloud-Base.latest.x86_64.qcow2"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
  enable_cloudinit = true
 }
--- a/environments/ubuntu-cloud-server-2404-bios/main.tf
+++ b/environments/ubuntu-cloud-server-2404-bios/main.tf
@@ -17,6 +17,6 @@ module "shared_modules" {
  vm_name      = "u24-bios" 
  image_location  = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
  enable_cloudinit = true
 }
--- a/environments/ubuntu-cloud-server-2404-uefi/main.tf
+++ b/environments/ubuntu-cloud-server-2404-uefi/main.tf
@@ -17,14 +17,7 @@ module "shared_modules" {
  vm_name      = "u24-uefi" 
  image_location  = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
  enable_cloudinit = true
-  # ---- UEFI SETTINGS ----------------------------------------------
+  uefi_firmware = true
  uefi_firmware        = "/usr/share/edk2/ovmf/OVMF_CODE.fd" # Location on Fedora
  uefi_nvram_template  = "/usr/share/edk2/ovmf/OVMF_VARS.fd" # Location on Fedora
  # uefi_firmware        = "/usr/share/edk2/x64/OVMF_CODE.4m.fd" # Location on Arch Linux
  # uefi_nvram_template  = "/usr/share/edk2/x64/OVMF_VARS.4m.fd" # Location on Arch Linux
  uefi_nvram_file_suffix = "-uefi"
  # ----------------------------------------------------------------
 }
--- a/shared_modules/domain.tf
+++ b/shared_modules/domain.tf
@@ -20,19 +20,15 @@ resource "libvirt_domain" "domain" {
  # ---- optional UEFI support ------------------------------------
  # Firmware – only add the string when a path is supplied
-  firmware = can(var.uefi_firmware) && length(var.uefi_firmware) > 0 ? var.uefi_firmware : null
+  firmware = local.detected_firmware
  # NVRAM block – dynamic block that is evaluated once per VM
  dynamic "nvram" {
-    # create the block once if a firmware path *and* a template were given
+    for_each = (local.detected_firmware != null && local.detected_nvram != null) ? [1] : []
    for_each = (can(var.uefi_firmware) && length(var.uefi_firmware) > 0
                && can(var.uefi_nvram_template) && length(var.uefi_nvram_template) > 0
                ) ? [1] : []
    content {
      # The NVRAM filename is per‑VM, but we can honour an optional suffix
      file     = "/var/lib/libvirt/qemu/nvram/${var.vm_name}-${count.index}${var.uefi_nvram_file_suffix}_VARS.fd"
-      template = var.uefi_nvram_template
+      template = local.detected_nvram
    }
  }
  # ----------------------------------------------------------------
--- a/shared_modules/variables.tf
+++ b/shared_modules/variables.tf
@@ -105,23 +105,25 @@ variable "dns_local_only" {
  default     = false
 }
 # Improved UEFI variables with automatic detection
 variable "uefi_firmware" {
  description = <<EOT
-    Path to the UEFI firmware binary (OVMF_CODE.fd, QEMU_CODE.fd, …).
+    Enable UEFI support. Set to true to enable UEFI with auto-detected firmware,
-    Leave empty (or omit on the module call) to create a plain BIOS VM.
+    or provide a specific path to the firmware binary.
    Set to false or omit to create a plain BIOS VM.
  EOT
  type        = string
-  default     = ""          # “BIOS only” when empty
+  default     = ""
 }
 variable "uefi_nvram_template" {
  description = <<EOT
    Path to an NV‑RAM template that backs the UEFI NVRAM.
    If you specify a template, the VM will get a writable NVRAM block.
-    Leave empty for a plain BIOS VM or if you don’t need UEFI NVRAM.
+    Leave empty for a plain BIOS VM or if you don't need UEFI NVRAM.
  EOT
  type        = string
-  default     = ""          # no NVRAM when empty
+  default     = ""
 }
 variable "uefi_nvram_file_suffix" {
@@ -135,7 +137,71 @@ variable "uefi_nvram_file_suffix" {
  default     = ""
 }
 # Computed variable for network domain (derived from vm_name)
 locals {
  computed_network_domain = var.network_domain != "" ? var.network_domain : "${var.vm_name}.local"
  # List of common UEFI firmware paths in order of preference  
  uefi_firmware_paths = [
    "/usr/share/edk2/ovmf/OVMF_CODE.4m.fd",
    "/usr/share/edk2/x64/OVMF_CODE.4m.fd",
    "/usr/share/OVMF/OVMF_CODE.4m.fd", 
    "/usr/share/ovmf/OVMF_CODE.4m.fd",
    "/usr/share/edk2/ovmf/OVMF_CODE.fd",
    "/usr/share/edk2/x64/OVMF_CODE.fd",
    "/usr/share/OVMF/OVMF_CODE.fd",
    "/usr/share/ovmf/OVMF_CODE.fd"
  ]
  uefi_nvram_paths = [
    "/usr/share/edk2/ovmf/OVMF_VARS.4m.fd",
    "/usr/share/edk2/x64/OVMF_VARS.4m.fd", 
    "/usr/share/OVMF/OVMF_VARS.4m.fd",
    "/usr/share/ovmf/OVMF_VARS.4m.fd",
    "/usr/share/edk2/ovmf/OVMF_VARS.fd",
    "/usr/share/edk2/x64/OVMF_VARS.fd",
    "/usr/share/OVMF/OVMF_VARS.fd",
    "/usr/share/ovmf/OVMF_VARS.fd"
  ]
  # Helper function to find first existing file
  find_first_existing = {
    for path in local.uefi_firmware_paths : 
    path => true if fileexists(path)
  }
  # Function to get first available firmware path or null
  detected_firmware = (
    var.uefi_firmware == "true" || var.uefi_firmware == "" ? (
      length(local.find_first_existing) > 0 ? 
      keys(local.find_first_existing)[0] : 
      null
    ) : (
      var.uefi_firmware != "" ? var.uefi_firmware : null
    )
  )
  # Same for NV-RAM template  
  find_first_nvram = {
    for path in local.uefi_nvram_paths : 
    path => true if fileexists(path)
  }
  detected_nvram = (
    var.uefi_firmware == "true" || var.uefi_firmware == "" ? (
      length(local.find_first_nvram) > 0 ? 
      keys(local.find_first_nvram)[0] : 
      null
    ) : (
      var.uefi_nvram_template != "" ? var.uefi_nvram_template : null
    )
  )
  # Validate that both firmware and NVRAM are provided together if one is specified
  firmware_and_nvram_valid = (
    (local.detected_firmware != null && local.detected_nvram == null) || 
    (local.detected_firmware == null && local.detected_nvram == null) ||
    (local.detected_firmware != null && local.detected_nvram != null)
  )
 }
Author	SHA1	Message	Date
Lukas Greve	8271e05336	add logic to automatically detect firmware irrespective of the Linux distribution	2025-10-20 11:28:28 +02:00
Lukas Greve	7317e390c9	update main.tf to match simpler UEFI firmware logic	2025-10-20 11:27:00 +02:00
Lukas Greve	92404ccc34	aider not used so can be ignored	2025-10-20 11:26:35 +02:00