add support for fedora 43

.gitignore

@@ -10,7 +10,4 @@ terraform.tfvars.example
 # Terraform plan and output files
 *.tfplan
 *.tfout
-
+.aider*
-
-# Aider files
-*.aider*

README.md

@@ -29,12 +29,16 @@ cloud-init.tf  domain.tf  network.tf  outputs.tf  pool.tf  provider.tf  variable
 - [QEMU](https://www.qemu.org/) 
 - [libvirt](https://libvirt.org/)
 - [Terraform provider for Libvirt](https://github.com/dmacvicar/terraform-provider-libvirt)
-- An SSH key pair to connect to machines that are deployed using cloud-init  
+- An SSH key pair to connect to machines that are deployed using cloud-init. See instructions below.
 
 ## Assumptions
 
 - Your Linux x86_64-based machine has at least 4 GB of available memory and 2 CPUs
 
+## Limitations
+
+- Only a deployment is supported at a time, as some resources are shared. E.g. Ubuntu cannot be deployed alongside Debian. 
+
 ## How to use it
 
 - Clone this repository

download_images.sh

@@ -0,0 +1,84 @@
+#!/bin/bash
+
+# Image URLs with dynamic Fedora URL handling
+IMAGES=(
+    "https://cloud.debian.org/images/cloud/trixie/latest/debian-13-genericcloud-amd64.raw"
+    "https://download.fedoraproject.org/pub/fedora/linux/releases/42/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-42-1.1.x86_64.qcow2"
+    "https://download.opensuse.org/tumbleweed/appliances/openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2"
+    "https://dl.rockylinux.org/pub/rocky/10/images/x86_64/Rocky-10-GenericCloud-Base.latest.x86_64.qcow2"
+    "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
+    "https://cloud.centos.org/centos/10-stream/x86_64/images/CentOS-Stream-GenericCloud-x86_64-10-latest.x86_64.qcow2"
+    "https://download.fedoraproject.org/pub/fedora/linux/releases/43/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-43-1.6.x86_64.qcow2"
+)
+
+# Target directory
+TARGET_DIR="/var/lib/libvirt/images"
+
+# Main script execution
+main() {
+    # Check if we have write permissions to the target directory
+    if [[ ! -w "$TARGET_DIR" ]]; then
+        # Check if we're already running as root
+        if [[ $EUID -ne 0 ]]; then
+            echo "This script requires write access to $TARGET_DIR"
+            echo "Re-executing with sudo..."
+            exec sudo "$0" "$@"
+        else
+            echo "Error: Cannot write to $TARGET_DIR even with sudo privileges."
+            exit 1
+        fi
+    fi
+    
+    # Download all images
+    echo "Starting download of all images..."
+    echo ""
+    
+    local success_count=0
+    local failure_count=0
+    
+    for url in "${IMAGES[@]}"; do
+        # Skip empty URLs
+        if [[ -z "$url" ]]; then
+            continue
+        fi
+        
+        local filename
+        filename=$(basename "$url")
+        local filepath="$TARGET_DIR/$filename"
+        
+        if [[ -f "$filepath" ]]; then
+            echo "Image $filename already exists, skipping..."
+            ((success_count++))
+            continue
+        fi
+        
+        echo "Downloading $filename..."
+        
+        # Use wget with progress and retry options
+        if ! wget -P "$TARGET_DIR" --progress=bar:force:noscroll -c "$url"; then
+            echo "Failed to download $filename"
+            ((failure_count++))
+        else
+            echo "Download completed: $filename"
+            ((success_count++))
+        fi
+    done
+    
+    # Summary
+    echo ""
+    echo "Download summary:"
+    echo "Successful downloads: $success_count"
+    echo "Failed downloads: $failure_count"
+    
+    if [[ $failure_count -gt 0 ]]; then
+        echo "Some downloads failed. Check above messages for details."
+        exit 1
+    else
+        echo "All images downloaded successfully!"
+    fi
+}
+
+# Run main function if script is executed directly
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+    main "$@"
+fi

environments/centos-10-cloud-bios/main.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.8.3"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+module "shared_modules" {
+  source = "../../shared_modules"
+  
+  vm_name      = "cent10-bios"
+  image_location = "https://cloud.centos.org/centos/10-stream/x86_64/images/CentOS-Stream-GenericCloud-x86_64-10-latest.x86_64.qcow2"
+  ssh_key = "" # please provide a SSH public key
+  enable_cloudinit = true
+}

environments/debian-13-cloud-bios/main.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.8.3"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+module "shared_modules" {
+  source = "../../shared_modules"
+  
+  vm_name      = "deb-13-bios" 
+  image_location = "https://cloud.debian.org/images/cloud/trixie/latest/debian-13-genericcloud-amd64.raw"
+  ssh_key = "" # please provide a SSH public key
+  enable_cloudinit = true
+}

environments/fedora-cloud-rawhide-bios/main.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.8.3"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+module "shared_modules" {
+  source = "../../shared_modules"
+  
+  vm_name      = "fraw-bios"
+  image_location = "file:///var/lib/libvirt/images/Fedora-Cloud-Base-Generic-Rawhide-20251024.n.0.x86_64.qcow2"
+  ssh_key = "" # please provide a SSH public key
+  enable_cloudinit = true
+}

environments/fedora-cloud-server-42-bios/main.tf

@@ -17,6 +17,6 @@ module "shared_modules" {
   
   vm_name      = "f42-bios"
   image_location = "https://download.fedoraproject.org/pub/fedora/linux/releases/42/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-42-1.1.x86_64.qcow2"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
   enable_cloudinit = true
 }

environments/fedora-cloud-server-43-bios/main.tf

@@ -0,0 +1,23 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.8.3"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu+ssh://lukas@192.168.1.170/system"
+}
+
+module "shared_modules" {
+  source = "../../shared_modules"
+  
+  vm_name      = "f43-bios"
+  image_location = "https://download.fedoraproject.org/pub/fedora/linux/releases/43/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-43-1.6.x86_64.qcow2"
+  ssh_key = "" # please provide a SSH public key
+  enable_cloudinit = true
+# disk_size_bytes = 101474836480
+}

environments/opensuse-tumbleweed-uefi/main.tf

@@ -0,0 +1,23 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.8.3"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+module "shared_modules" {
+  source = "../../shared_modules"
+  
+  vm_name      = "os-tw-uefi" 
+  image_location = "https://download.opensuse.org/tumbleweed/appliances/openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2"
+  ssh_key = "" # please provide a SSH public key
+  enable_cloudinit = true
+
+}

environments/phyllome-42-uefi/main.tf

@@ -17,11 +17,5 @@ module "shared_modules" {
   
   vm_name      = "phyllome-42-uefi" 
   image_location = "/var/lib/libvirt/images/virtual-desktop-hypervisor.img"
-  enable_cloudinit = false
+  uefi_firmware = true
-  # ---- OPTIONAL UEFI SETTINGS ----------------------------------------------
-  uefi_firmware        = "/usr/share/edk2/x64/OVMF_CODE.4m.fd"
-  uefi_nvram_template  = "/usr/share/edk2/x64/OVMF_VARS.4m.fd"
-  uefi_nvram_file_suffix = "-uefi"
-  # ----------------------------------------------------------------
-
 }

environments/rocky-linux-cloud-10-bios/main.tf

@@ -0,0 +1,22 @@
+terraform {
+  required_version = ">= 0.13"
+  required_providers {
+    libvirt = {
+      source  = "dmacvicar/libvirt"
+      version = "0.8.3"
+    }
+  }
+}
+
+provider "libvirt" {
+  uri = "qemu:///system"
+}
+
+module "shared_modules" {
+  source = "../../shared_modules"
+  
+  vm_name      = "rl-bios" 
+  image_location = "https://dl.rockylinux.org/pub/rocky/10/images/x86_64/Rocky-10-GenericCloud-Base.latest.x86_64.qcow2"
+  ssh_key = "" # please provide a SSH public key
+  enable_cloudinit = true
+}

environments/ubuntu-cloud-server-2404-bios/main.tf

@@ -17,6 +17,6 @@ module "shared_modules" {
   
   vm_name      = "u24-bios" 
   image_location = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
   enable_cloudinit = true
 }

environments/ubuntu-cloud-server-2404-uefi/main.tf

@@ -17,14 +17,7 @@ module "shared_modules" {
   
   vm_name      = "u24-uefi" 
   image_location = "https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img"
-  ssh_key = ""
+  ssh_key = "" # please provide a SSH public key
   enable_cloudinit = true
-  # ---- UEFI SETTINGS ----------------------------------------------
+  uefi_firmware = true
-  uefi_firmware        = "/usr/share/edk2/ovmf/OVMF_CODE.fd" # Location on Fedora
-  uefi_nvram_template  = "/usr/share/edk2/ovmf/OVMF_VARS.fd" # Location on Fedora
-  # uefi_firmware        = "/usr/share/edk2/x64/OVMF_CODE.4m.fd" # Location on Arch Linux
-  # uefi_nvram_template  = "/usr/share/edk2/x64/OVMF_VARS.4m.fd" # Location on Arch Linux
-  uefi_nvram_file_suffix = "-uefi"
-  # ----------------------------------------------------------------
-
 }

main_launcher.sh

@@ -0,0 +1,192 @@
+#!/bin/bash
+
+# Main launcher script for terraform image management tools
+# This script provides a menu interface to run the other scripts in proper order
+
+# Function to display usage
+usage() {
+    echo "Usage: $0 [options]"
+    echo "  options:"
+    echo "    -h, --help     Display this help message"
+    echo "    -y, --yes      Automatically answer 'yes' to all prompts"
+    echo "    -n, --no       Automatically answer 'no' to all prompts"
+    echo ""
+    echo "Example:"
+    echo "  $0                    # Interactive mode with default 'yes'"
+    echo "  $0 -y                 # Non-interactive mode with auto 'yes'"
+    echo "  $0 -n                 # Non-interactive mode with auto 'no'"
+    exit 1
+}
+
+# Parse command line arguments
+AUTO_YES=false
+AUTO_NO=false
+
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        -h|--help)
+            usage
+            ;;
+        -y|--yes)
+            AUTO_YES=true
+            shift
+            ;;
+        -n|--no)
+            AUTO_NO=true
+            shift
+            ;;
+        *)
+            echo "Unknown option: $1"
+            usage
+            ;;
+    esac
+done
+
+# Function to get user confirmation
+confirm() {
+    local prompt="$1"
+    local default="$2"  # "yes" or "no"
+    
+    if [[ "$AUTO_YES" = true ]]; then
+        echo "$prompt [Y/n]: yes"
+        return 0
+    elif [[ "$AUTO_NO" = true ]]; then
+        echo "$prompt [y/N]: no"
+        return 1
+    fi
+    
+    # Default behavior - yes is default
+    if [[ "$default" = "no" ]]; then
+        echo -n "$prompt [y/N]: "
+    else
+        echo -n "$prompt [Y/n]: "
+    fi
+    
+    read -r answer
+    
+    # If empty answer, use default
+    if [[ -z "$answer" ]]; then
+        answer="$default"
+    fi
+    
+    # Convert to lowercase for comparison
+    answer=$(echo "$answer" | tr '[:upper:]' '[:lower:]')
+    
+    if [[ "$answer" = "y" || "$answer" = "yes" ]]; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+# Function to check if a script exists and is executable
+check_script() {
+    local script="$1"
+    if [[ ! -f "$script" ]] || [[ ! -x "$script" ]]; then
+        echo "Error: Script '$script' not found or not executable"
+        return 1
+    fi
+    return 0
+}
+
+# Function to run a script with proper error handling
+run_script() {
+    local script="$1"
+    local description="$2"
+    local args="$3"
+    
+    echo "=== $description ==="
+    
+    if check_script "$script"; then
+        if [[ -n "$args" ]]; then
+            echo "Running: $script $args"
+            "$script" "$args"
+        else
+            echo "Running: $script"
+            "$script"
+        fi
+        
+        local exit_code=$?
+        if [[ $exit_code -eq 0 ]]; then
+            echo "✓ $description completed successfully"
+            return 0
+        else
+            echo "✗ $description failed with exit code $exit_code"
+            return 1
+        fi
+    else
+        echo "✗ $description skipped due to missing script"
+        return 1
+    fi
+}
+
+# Function to check if libvirt images directory exists
+check_images_directory() {
+    local image_dir="/var/lib/libvirt/images"
+    
+    if [[ ! -d "$image_dir" ]]; then
+        echo "Warning: Directory $image_dir does not exist"
+        if confirm "Would you like to create it?" "yes"; then
+            if ! sudo mkdir -p "$image_dir"; then
+                echo "Error: Could not create directory $image_dir"
+                return 1
+            fi
+            echo "Directory $image_dir created successfully"
+        else
+            echo "Skipping image directory check"
+        fi
+    else
+        echo "Directory $image_dir exists"
+    fi
+    
+    return 0
+}
+
+# Main execution logic
+main() {
+    echo "=== Terraform Image Management Launcher ==="
+    echo
+    
+    # Validate image directory
+    if ! check_images_directory; then
+        echo "Exiting due to image directory issues"
+        exit 1
+    fi
+    
+    echo
+    
+    # Ask if user wants to download images
+    if confirm "Do you want to download OS images?" "yes"; then
+        if ! run_script "./download_images.sh" "Downloading OS Images"; then
+            echo "Image download failed. Proceeding to update script..."
+        fi
+    fi
+    
+    echo
+    
+    # Ask if user wants to update image locations
+    if confirm "Do you want to update image locations to use local files?" "yes"; then
+        if ! run_script "./update_image_locations.sh" "Updating Image Locations"; then
+            echo "Image location update failed"
+            exit 1
+        fi
+    fi
+    
+    echo
+    
+    # Ask if user wants to update SSH keys
+    if confirm "Do you want to update SSH keys in terraform files?" "yes"; then
+        if ! run_script "./update_ssh_keys.sh" "Updating SSH Keys"; then
+            echo "SSH key update failed"
+            exit 1
+        fi
+    fi
+    
+    echo
+    echo "=== All operations completed ==="
+}
+
+# Run main function if script is executed directly
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+    main "$@"
+fi

shared_modules/domain.tf

@@ -20,19 +20,15 @@ resource "libvirt_domain" "domain" {
 
   # ---- optional UEFI support ------------------------------------
   # Firmware – only add the string when a path is supplied
-  firmware = can(var.uefi_firmware) && length(var.uefi_firmware) > 0 ? var.uefi_firmware : null
+  firmware = local.detected_firmware
 
   # NVRAM block – dynamic block that is evaluated once per VM
   dynamic "nvram" {
-    # create the block once if a firmware path *and* a template were given
+    for_each = (local.detected_firmware != null && local.detected_nvram != null) ? [1] : []
-    for_each = (can(var.uefi_firmware) && length(var.uefi_firmware) > 0
-                && can(var.uefi_nvram_template) && length(var.uefi_nvram_template) > 0
-                ) ? [1] : []
 
     content {
-      # The NVRAM filename is per‑VM, but we can honour an optional suffix
       file     = "/var/lib/libvirt/qemu/nvram/${var.vm_name}-${count.index}${var.uefi_nvram_file_suffix}_VARS.fd"
-      template = var.uefi_nvram_template
+      template = local.detected_nvram
     }
   }
   # ----------------------------------------------------------------

shared_modules/variables.tf

@@ -13,7 +13,19 @@ variable "pool_name" {
 variable "pool_path" {
   description = "Path for the storage pool"
   type        = string
-  default     = "/tmp/tf_tmp_storage"
+  default     = "/opt/tf_tmp_storage"
+}
+
+variable "disk_size_gb" {
+  description = "Disk size in GB"
+  type        = number
+  default     = 20
+}
+
+variable "disk_size_bytes" {
+  description = "Disk size in bytes"
+  type        = number
+  default = 20 * 1024 * 1024 * 1024
 }
 
 variable "instance_count" {
@@ -71,7 +83,7 @@ variable "memory" {
 variable "vcpu" {
   description = "Number of virtual CPUs"
   type        = number
-  default     = 2
+  default     = 1
 }
 
 variable "network_mode" {
@@ -105,23 +117,26 @@ variable "dns_local_only" {
   default     = false
 }
 
+# Improved UEFI variables with automatic detection
+# For backward compatibility with the current module interface
 variable "uefi_firmware" {
   description = <<EOT
-    Path to the UEFI firmware binary (OVMF_CODE.fd, QEMU_CODE.fd, …).
+    Enable UEFI support. Set to true to enable UEFI with auto-detected firmware,
-    Leave empty (or omit on the module call) to create a plain BIOS VM.
+    or provide a specific path to the firmware binary.
+    Set to false or omit to create a plain BIOS VM.
   EOT
   type        = string
-  default     = ""          # “BIOS only” when empty
+  default     = ""
 }
 
 variable "uefi_nvram_template" {
   description = <<EOT
     Path to an NV‑RAM template that backs the UEFI NVRAM.
     If you specify a template, the VM will get a writable NVRAM block.
-    Leave empty for a plain BIOS VM or if you don’t need UEFI NVRAM.
+    Leave empty for a plain BIOS VM or if you don't need UEFI NVRAM.
   EOT
   type        = string
-  default     = ""          # no NVRAM when empty
+  default     = ""
 }
 
 variable "uefi_nvram_file_suffix" {
@@ -138,4 +153,56 @@ variable "uefi_nvram_file_suffix" {
 # Computed variable for network domain (derived from vm_name)
 locals {
   computed_network_domain = var.network_domain != "" ? var.network_domain : "${var.vm_name}.local"
+   
+  # List of common UEFI firmware paths in order of preference  
+  uefi_firmware_paths = [
+    "/usr/share/edk2/ovmf/OVMF_CODE.4m.fd",
+    "/usr/share/edk2/x64/OVMF_CODE.4m.fd",
+    "/usr/share/OVMF/OVMF_CODE.4m.fd", 
+    "/usr/share/ovmf/OVMF_CODE.4m.fd",
+    "/usr/share/edk2/ovmf/OVMF_CODE.fd",
+    "/usr/share/edk2/x64/OVMF_CODE.fd",
+    "/usr/share/OVMF/OVMF_CODE.fd",
+    "/usr/share/ovmf/OVMF_CODE.fd"
+  ]
+  
+  uefi_nvram_paths = [
+    "/usr/share/edk2/ovmf/OVMF_VARS.4m.fd",
+    "/usr/share/edk2/x64/OVMF_VARS.4m.fd", 
+    "/usr/share/OVMF/OVMF_VARS.4m.fd",
+    "/usr/share/ovmf/OVMF_VARS.4m.fd",
+    "/usr/share/edk2/ovmf/OVMF_VARS.fd",
+    "/usr/share/edk2/x64/OVMF_VARS.fd",
+    "/usr/share/OVMF/OVMF_VARS.fd",
+    "/usr/share/ovmf/OVMF_VARS.fd"
+  ]
+  
+  # Determine if UEFI should be enabled
+  uefi_enabled = (
+    var.uefi_firmware == "true" || 
+    var.uefi_firmware == true ||
+    (var.uefi_firmware != "" && var.uefi_firmware != false && var.uefi_firmware != null)
+  )
+  
+  # Function to get first available firmware path or null
+  detected_firmware = (
+    local.uefi_enabled ? (
+      length(local.uefi_firmware_paths) > 0 ? (
+        length([for path in local.uefi_firmware_paths : path if fileexists(path)]) > 0 ? 
+        [for path in local.uefi_firmware_paths : path if fileexists(path)][0] :
+        null
+      ) : null
+    ) : null
+  )
+  
+  # Function to get first available NVRAM template or null
+  detected_nvram = (
+    local.uefi_enabled ? (
+      length(local.uefi_nvram_paths) > 0 ? (
+        length([for path in local.uefi_nvram_paths : path if fileexists(path)]) > 0 ? 
+        [for path in local.uefi_nvram_paths : path if fileexists(path)][0] :
+        null
+      ) : null
+    ) : null
+  )
 }

shared_modules/volume.tf

@@ -1,9 +1,25 @@
-resource "libvirt_volume" "vm_disk" {
+# Base volume (template/parent)
-  count  = var.instance_count
+resource "libvirt_volume" "base_vm_image" {
-  name   = "${var.vm_name}-${count.index}"
+  name   = "${var.vm_name}-base"
   pool   = "${var.vm_name}-pool"
   source = var.image_location
   format = "qcow2"
 
-  depends_on = [libvirt_pool.tf_tmp_storage]
+  depends_on = [
+    libvirt_pool.tf_tmp_storage
+  ]
+}
+
+# Clone volume with resizable size
+resource "libvirt_volume" "vm_disk" {
+  count          = var.instance_count
+  name           = "${var.vm_name}-${count.index}"
+  pool           = "${var.vm_name}-pool"
+  format         = "qcow2"
+  size           = var.disk_size_bytes
+  base_volume_id = libvirt_volume.base_vm_image.id
+
+  depends_on = [
+    libvirt_volume.base_vm_image
+  ]
 }

update_image_locations.sh

@@ -0,0 +1,303 @@
+#!/bin/bash
+
+# Script to detect locally available OS images and update image_location URLs in main.tf files
+# This script updates terraform configurations to use local image paths instead of remote URLs
+# It also supports reverting back to original remote URLs using hardcoded values
+
+# Function to display usage
+usage() {
+    echo "Usage: $0 [options]"
+    echo "  options:"
+    echo "    -h, --help     Display this help message"
+    echo "    -d, --dry-run  Show what would be changed without making modifications"
+    echo "    -r, --revert   Revert image_location URLs back to original remote URLs"
+    echo ""
+    echo "Example:"
+    echo "  $0                    # Convert remote URLs to local paths (default)"
+    echo "  $0 -d                 # Dry run - show what would be updated"
+    echo "  $0 -r                 # Revert to original remote URLs"
+    echo "  $0 -r -d              # Dry run revert mode"
+    exit 1
+}
+
+# Parse command line arguments
+DRY_RUN=false
+REVERT_MODE=false
+
+while [[ $# -gt 0 ]]; do
+    case $1 in
+        -h|--help)
+            usage
+            ;;
+        -d|--dry-run)
+            DRY_RUN=true
+            shift
+            ;;
+        -r|--revert)
+            REVERT_MODE=true
+            shift
+            ;;
+        *)
+            echo "Unknown option: $1"
+            usage
+            ;;
+    esac
+done
+
+# Define the directory where images are stored
+IMAGE_DIR="/var/lib/libvirt/images"
+
+# Check if we have write permissions to the target directory
+if [[ ! -d "$IMAGE_DIR" ]]; then
+    echo "Error: Directory $IMAGE_DIR does not exist"
+    exit 1
+fi
+
+# Function to get all locally available image files (including Fedora Rawhide)
+get_local_images() {
+    find "$IMAGE_DIR" -maxdepth 1 -type f \( -name "*.qcow2" -o -name "*.raw" -o -name "*.img" \) | \
+        while read -r image; do
+            basename "$image"
+        done | sort
+}
+
+# Function to check if a local file matches the pattern for a Fedora Rawhide image
+is_fedora_rawhide_image() {
+    local filename=$1
+    # Pattern matching for Fedora Rawhide images that contain "Fedora-Cloud-Base-Generic-Rawhide"
+    if [[ "$filename" =~ ^Fedora-Cloud-Base-Generic-Rawhide.*\.qcow2$ ]]; then
+        return 0
+    fi
+    return 1
+}
+
+# Function to get the latest Fedora Rawhide image path from local directory
+get_latest_fedora_rawhide_path() {
+    local latest_file
+    latest_file=$(find "$IMAGE_DIR" -maxdepth 1 -name "Fedora-Cloud-Base-Generic-Rawhide*.qcow2" -type f \
+        | sort -r \
+        | head -1)
+    
+    if [[ -n "$latest_file" ]]; then
+        echo "$latest_file"
+    fi
+}
+
+# Function to provide a mapping between local files and their original URLs
+create_original_url_mapping() {
+    # Create a hash-like mapping for known images
+    cat << 'EOF'
+noble-server-cloudimg-amd64.img=https://cloud-images.ubuntu.com/noble/current/noble-server-cloudimg-amd64.img
+Fedora-Cloud-Base-Generic-42-1.1.x86_64.qcow2=https://download.fedoraproject.org/pub/fedora/linux/releases/42/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-42-1.1.x86_64.qcow2
+Fedora-Cloud-Base-Generic-43-1.6.x86_64.qcow2=https://download.fedoraproject.org/pub/fedora/linux/releases/43/Cloud/x86_64/images/Fedora-Cloud-Base-Generic-43-1.6.x86_64.qcow2
+openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2=https://download.opensuse.org/tumbleweed/appliances/openSUSE-Tumbleweed-Minimal-VM.x86_64-Cloud.qcow2
+Rocky-10-GenericCloud-Base.latest.x86_64.qcow2=https://dl.rockylinux.org/pub/rocky/10/images/x86_64/Rocky-10-GenericCloud-Base.latest.x86_64.qcow2
+debian-13-genericcloud-amd64.raw=https://cloud.debian.org/images/cloud/trixie/latest/debian-13-genericcloud-amd64.raw
+CentOS-Stream-GenericCloud-x86_64-10-latest.x86_64.qcow2=https://cloud.centos.org/centos/10-stream/x86_64/images/CentOS-Stream-GenericCloud-x86_64-10-latest.x86_64.qcow2
+EOF
+}
+
+# Find all main.tf files and process them
+MAIN_TF_FILES=$(find . -name "main.tf" -type f)
+
+if [ -z "$MAIN_TF_FILES" ]; then
+    echo "No main.tf files found!"
+    exit 1
+fi
+
+echo "Found main.tf files:"
+echo "$MAIN_TF_FILES"
+echo ""
+
+# Process each file
+for file in $MAIN_TF_FILES; do
+    echo "Processing $file..."
+    
+    # Check if the file contains image_location lines
+    if ! grep -q "image_location" "$file"; then
+        echo "  No image_location found in $file, skipping..."
+        continue
+    fi
+    
+    if [ "$REVERT_MODE" = true ]; then
+        # Revert operation: change file:// back to original https:// URLs
+        temp_file=$(mktemp)
+        
+        while IFS= read -r line || [[ -n "$line" ]]; do
+            # Check if the line contains a file:// URL
+            if [[ "$line" =~ .*image_location.*=.*\"file://(.*?)\".* ]]; then
+                # Extract local path from the file:// URL
+                local_file_path="${BASH_REMATCH[1]}"
+                local_filename=$(basename "$local_file_path")
+                
+                # Handle Fedora Rawhide images specially
+                if [[ "$local_filename" =~ ^Fedora-Cloud-Base-Generic-Rawhide.*\.qcow2$ ]]; then
+                    echo "  Reverting Fedora Rawhide image: $local_filename"
+                    
+                    # For Rawhide, we'll keep the file:// reference but note that it's a special case
+                    if [ "$DRY_RUN" = false ]; then
+                        echo "$line" >> "$temp_file"
+                    else
+                        echo "  Would process Fedora Rawhide image: $local_filename (keeping file:// reference)"
+                        echo "$line" >> "$temp_file"
+                    fi
+                else
+                    # For regular images, try to map back to original URL
+                    # Create mapping for this specific case
+                    mapping=$(create_original_url_mapping)
+                    
+                    # Find matching original URL
+                    found_match=false
+                    while IFS= read -r mapping_line; do
+                        if [[ -z "$mapping_line" ]] || [[ "$mapping_line" =~ ^#.*$ ]]; then
+                            continue
+                        fi
+                        
+                        file_pattern=$(echo "$mapping_line" | cut -d'=' -f1)
+                        original_url=$(echo "$mapping_line" | cut -d'=' -f2)
+                        
+                        if [[ "$file_pattern" == "$local_filename" ]]; then
+                            echo "  Found matching original URL: $local_filename"
+                            
+                            if [ "$DRY_RUN" = false ]; then
+                                # Use precise string replacement to avoid corrupting the file
+                                new_line="${line/\"file:\/\/$local_file_path\"/\"$original_url\"}"
+                                echo "$new_line" >> "$temp_file"
+                                echo "  Reverted to original URL: $original_url"
+                            else
+                                echo "  Would revert to: $original_url"
+                                echo "$line" >> "$temp_file"
+                            fi
+                            found_match=true
+                            break
+                        fi
+                    done <<< "$mapping"
+                    
+                    if [ "$found_match" = false ]; then
+                        echo "  Warning: No matching original URL found for $local_filename"
+                        echo "$line" >> "$temp_file"
+                    fi
+                fi
+            else
+                # Not a line with image_location, just copy as is
+                echo "$line" >> "$temp_file"
+            fi
+        done < "$file"
+        
+        if [ "$DRY_RUN" = false ]; then
+            mv "$temp_file" "$file"
+        else
+            rm "$temp_file"
+        fi
+        
+    else
+        # Normal operation: convert remote URLs to local paths
+        temp_file=$(mktemp)
+        
+        while IFS= read -r line || [[ -n "$line" ]]; do
+            if [[ "$line" =~ .*image_location.*=.*\"(https://.*)\".* ]]; then
+                remote_url="${BASH_REMATCH[1]}"
+                filename=$(basename "$remote_url")
+                
+                # Check if the local file exists (including Fedora Rawhide cases)
+                local_path="$IMAGE_DIR/$filename"
+                
+                # Special handling for Fedora Rawhide - check if it's the right pattern
+                if [[ "$filename" =~ ^Fedora-Cloud-Base-Generic-Rawhide.*\.qcow2$ ]]; then
+                    # For Fedora Rawhide, we need to be more flexible with matching patterns
+                    echo "  Checking Fedora Rawhide pattern for: $filename"
+                    
+                    # Find the most recent Fedora image that matches the pattern but has different timestamp
+                    latest_rawhide=$(find "$IMAGE_DIR" -maxdepth 1 -name "Fedora-Cloud-Base-Generic-Rawhide*.qcow2" -type f \
+                        | sort -r \
+                        | head -1)
+                    
+                    if [[ -n "$latest_rawhide" ]]; then
+                        echo "  Found matching local Fedora Rawhide image: $(basename $latest_rawhide)"
+                        
+                        if [ "$DRY_RUN" = false ]; then
+                            new_line="${line/\"$remote_url\"/\"file://$latest_rawhide\"}"
+                            echo "$new_line" >> "$temp_file"
+                            echo "  Updated to local file: file://$latest_rawhide"
+                        else
+                            echo "  Would update Fedora Rawhide to: file://$latest_rawhide"
+                            echo "$line" >> "$temp_file"
+                        fi
+                    else
+                        # No matching locally - check if we can find a similar pattern
+                        echo "  Checking for any Fedora-Cloud-Base-Generic-Rawhide*.qcow2 files..."
+                        # Look for any file with the same prefix but different timestamp
+                        local_candidates=$(find "$IMAGE_DIR" -maxdepth 1 -name "*Fedora-Cloud-Base-Generic-Rawhide*" -type f)
+                        
+                        if [[ -n "$local_candidates" ]]; then
+                            most_recent=$(echo "$local_candidates" | sort -r | head -1)
+                            echo "  Found matching local Fedora Rawhide image: $(basename $most_recent)"
+                            
+                            if [ "$DRY_RUN" = false ]; then
+                                new_line="${line/\"$remote_url\"/\"file://$most_recent\"}"
+                                echo "$new_line" >> "$temp_file"
+                                echo "  Updated to local file: file://$most_recent"
+                            else
+                                echo "  Would update Fedora Rawhide to: file://$most_recent"
+                                echo "$line" >> "$temp_file"
+                            fi
+                        else
+                            echo "  Local Fedora Rawhide image not found, using original URL"
+                            echo "$line" >> "$temp_file"
+                        fi
+                    fi
+                elif [[ -f "$local_path" ]]; then
+                    echo "  Found local image: $filename"
+                    
+                    if [ "$DRY_RUN" = false ]; then
+                        # Use precise string replacement to avoid corrupting the file
+                        new_line="${line/\"$remote_url\"/\"file://$local_path\"}"
+                        echo "$new_line" >> "$temp_file"
+                        echo "  Updated to: file://$local_path"
+                    else
+                        echo "  Would update to: file://$local_path"
+                        echo "$line" >> "$temp_file"
+                    fi
+                else
+                    echo "  Local image not found: $filename"
+                    echo "$line" >> "$temp_file"
+                fi
+            else
+                # Not a line with image_location, just copy as is
+                echo "$line" >> "$temp_file"
+            fi
+        done < "$file"
+        
+        if [ "$DRY_RUN" = false ]; then
+            mv "$temp_file" "$file"
+        else
+            rm "$temp_file"
+        fi
+    fi
+done
+
+echo ""
+if [ "$DRY_RUN" = false ]; then
+    if [ "$REVERT_MODE" = true ]; then
+        echo "Image location URLs have been successfully reverted to original remote URLs!"
+    else
+        echo "Image location URLs have been successfully updated in all main.tf files!"
+    fi
+else
+    echo "Dry run completed - no changes were made."
+fi
+
+# Show a summary of what would be changed
+echo ""
+echo "Summary of local image availability:"
+find "$IMAGE_DIR" -maxdepth 1 -type f -name "*.qcow2" -o -name "*.raw" -o -name "*.img" | \
+    while read -r image; do
+        filename=$(basename "$image")
+        echo "  ✓ $filename"
+    done
+
+# If nothing was found, show what images are expected
+if ! find "$IMAGE_DIR" -maxdepth 1 -type f -name "*.qcow2" -o -name "*.raw" -o -name "*.img" | grep -q .; then
+    echo "  No local images found in $IMAGE_DIR"
+    echo "  Run download_images.sh to download required images."
+fi

update_ssh_keys.sh

@@ -5,49 +5,76 @@
 
 # Function to display usage
 usage() {
-    echo "Usage: $0 [ssh_key_name]"
+    echo "Usage: $0 [options] [ssh_key_name]"
+    echo "  options:"
+    echo "    -r, --remove   Remove SSH key from main.tf files"
+    echo "    -h, --help     Display this help message"
+    echo ""
     echo "  ssh_key_name: Name of the SSH key pair (default: terraform_key)"
     echo ""
     echo "Example:"
-    echo "  $0                    # Uses default 'terraform_key'"
+    echo "  $0                    # Updates with default 'terraform_key'"
-    echo "  $0 my_custom_key      # Uses 'my_custom_key' and 'my_custom_key.pub'"
+    echo "  $0 my_custom_key      # Updates with 'my_custom_key'"
+    echo "  $0 -r                 # Remove SSH key from files"
+    echo "  $0 -r my_custom_key   # Remove SSH key from files"
     exit 1
 }
 
-# Set the SSH key name (default to terraform_key)
+# Parse command line arguments
-SSH_KEY_NAME="${1:-terraform_key}"
+REMOVE_KEY=false
+SSH_KEY_NAME="terraform_key"
+
+# Check if any arguments are provided
+if [ $# -eq 0 ]; then
+    # No arguments - use default behavior (update)
+    :
+elif [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
+    usage
+elif [ "$1" = "-r" ] || [ "$1" = "--remove" ]; then
+    # Remove mode enabled
+    REMOVE_KEY=true
+    if [ $# -gt 1 ]; then
+        SSH_KEY_NAME="$2"
+    fi
+else
+    # Normal update mode with key name provided as argument
+    SSH_KEY_NAME="$1"
+fi
 
 # Expand the home directory properly  
 HOME_DIR="${HOME:-/home/$(whoami)}"
 SSH_KEY_PATH="$HOME_DIR/.ssh/$SSH_KEY_NAME"
 SSH_KEY_PUB_PATH="$HOME_DIR/.ssh/$SSH_KEY_NAME.pub"
 
-# Check if SSH key exists
+# If not removing keys, validate SSH key exists
-if [ ! -f "$SSH_KEY_PATH" ] && [ ! -f "$SSH_KEY_PUB_PATH" ]; then
+if [ "$REMOVE_KEY" = false ]; then
+    # Check if SSH key exists
+    if [ ! -f "$SSH_KEY_PATH" ] && [ ! -f "$SSH_KEY_PUB_PATH" ]; then
         echo "Error: SSH key '$SSH_KEY_NAME' not found in $HOME_DIR/.ssh/"
         echo "Please generate your SSH key first:"
         echo "  ssh-keygen -t rsa -b 4096 -f $HOME_DIR/.ssh/$SSH_KEY_NAME"
         exit 1
-fi
+    fi
 
-# Check if public key exists specifically (required for reading)
+    # Check if public key exists specifically (required for reading)
-if [ ! -f "$SSH_KEY_PUB_PATH" ]; then
+    if [ ! -f "$SSH_KEY_PUB_PATH" ]; then
         echo "Error: SSH public key '$SSH_KEY_NAME.pub' not found in $HOME_DIR/.ssh/"
         exit 1
-fi
+    fi
 
-# Get the public key content (remove any trailing whitespace)
+    # Get the public key content (remove any trailing whitespace)
-PUBLIC_KEY=$(cat "$SSH_KEY_PUB_PATH" | tr -d '\n')
+    PUBLIC_KEY=$(cat "$SSH_KEY_PUB_PATH" | tr -d '\n')
 
-# Validate that we got a valid SSH key
+    # Validate that we got a valid SSH key
-if [[ ! "$PUBLIC_KEY" =~ ^ssh-[a-z]+[[:space:]]+[A-Za-z0-9+/]*[=]{0,3} ]]; then
+    if [[ ! "$PUBLIC_KEY" =~ ^ssh-[a-z]+[[:space:]]+[A-Za-z0-9+/]*[=]{0,3} ]]; then
         echo "Error: Invalid SSH public key format detected"
         exit 1
-fi
+    fi
 
-echo "Found SSH public key:"
+    echo "Found SSH public key:"
-echo "$PUBLIC_KEY"
+    echo "$PUBLIC_KEY"
-echo ""
+    echo ""
+fi
 
 # Find all main.tf files and update them
 MAIN_TF_FILES=$(find . -name "main.tf" -type f)
@@ -61,10 +88,17 @@ echo "Updating SSH key in the following files:"
 echo "$MAIN_TF_FILES"
 echo ""
 
-# Replace the ssh_key line in all main.tf files using # as delimiter
+# Process each file based on remove mode
-echo "Replacing SSH key in all main.tf files..."
 for file in $MAIN_TF_FILES; do
+    if [ "$REMOVE_KEY" = true ]; then
+        echo "Removing SSH key from $file..."
+        # Set ssh_key to empty string for idempotent removal
+        sed -i "s/^[[:space:]]*ssh_key[[:space:]]*=[[:space:]]*\"[^\"]*\"/  ssh_key = \"\"/" "$file"
+    else
+        echo "Updating SSH key in $file..."
+        # Update the ssh_key line with new value
         sed -i "s#ssh_key = \".*\"#ssh_key = \"$PUBLIC_KEY\"#g" "$file"
+    fi
 done
 
 # Verify the replacement worked
@@ -72,9 +106,18 @@ echo ""
 echo "Verification:"
 for file in $MAIN_TF_FILES; do
     echo "File: $file"
+    if [ "$REMOVE_KEY" = true ]; then
+        # Show lines with empty ssh_key values
+        grep "ssh_key = \"\"" "$file" | head -1
+    else
+        # Show updated ssh_key lines
         grep "ssh_key =" "$file" | head -1
+    fi
 done
 
 echo ""
-echo "SSH key has been successfully updated in all main.tf files!"
+if [ "$REMOVE_KEY" = true ]; then
-echo "Backup files are saved with timestamp suffixes."
+    echo "SSH key has been successfully removed (set to empty string) in all main.tf files!"
+else
+    echo "SSH key has been successfully updated in all main.tf files!"
+fi