parameterize more values
This commit is contained in:
parent
d41794e65d
commit
20199a65f4
3 changed files with 43 additions and 14 deletions
|
|
@ -2,11 +2,9 @@
|
|||
set -euo pipefail
|
||||
IFS=$'\n\t'
|
||||
|
||||
CAHOST=root@hermes.dmz
|
||||
|
||||
eval "$(jq -r '@sh "PUBKEY=\(.pubkey) HOST=\(.host)"')"
|
||||
eval "$(jq -r '@sh "PUBKEY=\(.pubkey) HOST=\(.host) CAHOST=\(.cahost)"')"
|
||||
|
||||
# TODO: Can this be done more eye-pleasingly?
|
||||
CERT=$(ssh $CAHOST '/root/ca.sh host "'"$PUBKEY"'" "'"$HOST"'".dmz')
|
||||
CERT=$(ssh root@$CAHOST '/root/ca.sh host "'"$PUBKEY"'" "'"$HOST"'".dmz')
|
||||
|
||||
jq -n --arg cert "$CERT" '{"cert":$cert}'
|
||||
|
|
|
|||
11
main.tf
11
main.tf
|
|
@ -32,6 +32,7 @@ data "external" "cert" {
|
|||
query = {
|
||||
pubkey = trimspace(data.tls_public_key.debian.public_key_openssh)
|
||||
host = var.name
|
||||
cahost = var.ca_host
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -49,10 +50,10 @@ resource "null_resource" "cert" {
|
|||
|
||||
resource "libvirt_volume" "debian" {
|
||||
name = "${var.name}.iso"
|
||||
pool = "disk"
|
||||
pool = var.disk_pool
|
||||
size = var.disk_size
|
||||
base_volume_name = "debian-bookworm.qcow2"
|
||||
base_volume_pool = "iso"
|
||||
base_volume_name = var.disk_base
|
||||
base_volume_pool = var.disk_base_pool
|
||||
|
||||
lifecycle {
|
||||
replace_triggered_by = [
|
||||
|
|
@ -63,7 +64,7 @@ resource "libvirt_volume" "debian" {
|
|||
|
||||
resource "libvirt_cloudinit_disk" "debian" {
|
||||
name = "${var.name}.iso"
|
||||
pool = "init"
|
||||
pool = var.cloudinit_pool
|
||||
user_data = local.cloudinit_user_data
|
||||
network_config = file("${path.module}/files/network_config.cfg")
|
||||
}
|
||||
|
|
@ -79,7 +80,7 @@ resource "libvirt_domain" "debian" {
|
|||
}
|
||||
|
||||
network_interface {
|
||||
bridge = "dmzbr"
|
||||
bridge = var.bridge_name
|
||||
hostname = var.name
|
||||
mac = var.mac
|
||||
}
|
||||
|
|
|
|||
40
variables.tf
40
variables.tf
|
|
@ -3,7 +3,7 @@ variable "name" {
|
|||
}
|
||||
|
||||
variable "disk_size" {
|
||||
type = number
|
||||
type = number
|
||||
default = 1024 * 1024 * 1024 * 15
|
||||
}
|
||||
|
||||
|
|
@ -16,21 +16,51 @@ variable "admin_authorized_keys" {
|
|||
}
|
||||
|
||||
variable "memory" {
|
||||
type = number
|
||||
type = number
|
||||
default = 1024
|
||||
}
|
||||
|
||||
variable "mac" {
|
||||
type = string
|
||||
type = string
|
||||
default = null
|
||||
}
|
||||
|
||||
variable "insecure_password" {
|
||||
type = bool
|
||||
type = bool
|
||||
default = false
|
||||
}
|
||||
|
||||
variable "use_host_cert" {
|
||||
type = bool
|
||||
type = bool
|
||||
default = true
|
||||
}
|
||||
|
||||
variable "disk_pool" {
|
||||
type = string
|
||||
default = "disk"
|
||||
}
|
||||
|
||||
variable "disk_base" {
|
||||
type = string
|
||||
default = "debian-bookworm.qcow2"
|
||||
}
|
||||
|
||||
variable "disk_base_pool" {
|
||||
type = string
|
||||
default = "iso"
|
||||
}
|
||||
|
||||
variable "cloudinit_pool" {
|
||||
type = string
|
||||
default = "init"
|
||||
}
|
||||
|
||||
variable "bridge_name" {
|
||||
type = string
|
||||
default = "dmzbr"
|
||||
}
|
||||
|
||||
variable "ca_host" {
|
||||
type = string
|
||||
default = "hermes.dmz"
|
||||
}
|
||||
|
|
|
|||
Reference in a new issue