From 41d78f417f53872e2589760fe616e83d056ab712 Mon Sep 17 00:00:00 2001 From: Jennifer Weir Date: Sat, 9 May 2026 13:17:38 -0400 Subject: [PATCH 1/5] fix(argocd): azure secret locations --- .../argocd/operator/components/argocd.yaml | 6 +- terraform/okd/main.tf | 22 ++++ terraform/okd/provider.tf | 5 - terraform/okd/variables.tf | 5 - terraform/proxmox/main.tf | 110 ++++++++++++++++++ terraform/proxmox/provider.tf | 12 ++ 6 files changed, 147 insertions(+), 13 deletions(-) create mode 100644 terraform/proxmox/main.tf create mode 100644 terraform/proxmox/provider.tf diff --git a/manifests/platform/argocd/operator/components/argocd.yaml b/manifests/platform/argocd/operator/components/argocd.yaml index 3d23006..34c476d 100644 --- a/manifests/platform/argocd/operator/components/argocd.yaml +++ b/manifests/platform/argocd/operator/components/argocd.yaml @@ -103,9 +103,9 @@ spec: # https://argocd-operator.readthedocs.io/en/latest/reference/argocd/#oidc-config oidcConfig: | name: azure - issuer: https://login.microsoftonline.com//v2.0 - clientID: - clientSecret: + issuer: https://login.microsoftonline.com//v2.0 + clientID: + clientSecret: # Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"] requestedScopes: ["openid", "profile", "email", "groups"] # Optional set of OIDC claims to request on the ID token. diff --git a/terraform/okd/main.tf b/terraform/okd/main.tf index 2e326c5..f7f98d1 100644 --- a/terraform/okd/main.tf +++ b/terraform/okd/main.tf @@ -153,6 +153,28 @@ resource "google_secret_manager_secret_iam_member" "quay_pull_secret_accessor" { member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:external-secrets" } +# argocd SA access to Azure AD secrets +resource "google_secret_manager_secret_iam_member" "argocd_azure_tenant_id_accessor" { + project = data.google_project.okd_homelab.project_id + secret_id = "azure_tenant_id" + role = "roles/secretmanager.secretAccessor" + member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:argocd-argocd-repo-server" +} + +resource "google_secret_manager_secret_iam_member" "argocd_azure_client_id_accessor" { + project = data.google_project.okd_homelab.project_id + secret_id = "azure_client_id" + role = "roles/secretmanager.secretAccessor" + member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:argocd-argocd-repo-server" +} + +resource "google_secret_manager_secret_iam_member" "argocd_azure_client_secret_accessor" { + project = data.google_project.okd_homelab.project_id + secret_id = "azure_client_secret" + role = "roles/secretmanager.secretAccessor" + member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:argocd-argocd-repo-server" +} + # Azure ------------------------------------------------------------------------------------------------------------------ resource "azuread_application" "okd_cluster" { diff --git a/terraform/okd/provider.tf b/terraform/okd/provider.tf index a3f944f..4f82524 100644 --- a/terraform/okd/provider.tf +++ b/terraform/okd/provider.tf @@ -1,8 +1,3 @@ -provider "google" { - project = var.homelab_project_id - region = "us-east1" -} - provider "azuread" { tenant_id = var.azure_tenant_id } \ No newline at end of file diff --git a/terraform/okd/variables.tf b/terraform/okd/variables.tf index e273a87..497ea6e 100644 --- a/terraform/okd/variables.tf +++ b/terraform/okd/variables.tf @@ -1,8 +1,3 @@ -variable "homelab_project_id" { - description = "The GCP project ID for homelab management." - type = string -} - variable "azure_tenant_id" { description = "The tenant ID for Azure Active Directory." type = string diff --git a/terraform/proxmox/main.tf b/terraform/proxmox/main.tf new file mode 100644 index 0000000..c9ac72a --- /dev/null +++ b/terraform/proxmox/main.tf @@ -0,0 +1,110 @@ +resource "proxmox_virtual_environment_vm" "fedora_vm" { + name = "terraform-provider-proxmox-fedora-vm" + description = "Managed by Terraform" + tags = ["terraform", "fedora"] + + node_name = "first-node" + vm_id = 4321 + + agent { + # read 'Qemu guest agent' section, change to true only when ready + enabled = false + } + # if agent is not enabled, the VM may not be able to shutdown properly, and may need to be forced off + stop_on_destroy = true + + startup { + order = "3" + up_delay = "60" + down_delay = "60" + } + + cpu { + cores = 2 + type = "x86-64-v2-AES" # recommended for modern CPUs + } + + memory { + dedicated = 2048 + floating = 2048 # set equal to dedicated to enable ballooning + } + + disk { + datastore_id = "local-lvm" + import_from = proxmox_virtual_environment_download_file.latest_fedora_22_jammy_qcow2_img.id + interface = "scsi0" + } + + initialization { + # uncomment and specify the datastore for cloud-init disk if default `local-lvm` is not available + # datastore_id = "local-lvm" + + ip_config { + ipv4 { + address = "dhcp" + } + } + + user_account { + keys = [trimspace(tls_private_key.fedora_vm_key.public_key_openssh)] + password = random_password.fedora_vm_password.result + username = "fedora" + } + + user_data_file_id = proxmox_virtual_environment_file.cloud_config.id + } + + network_device { + bridge = "vmbr0" + } + + operating_system { + type = "l26" + } + + tpm_state { + version = "v2.0" + } + + serial_device {} + + virtiofs { + mapping = "data_share" + cache = "always" + direct_io = true + } +} + +resource "proxmox_virtual_environment_download_file" "latest_fedora_22_jammy_qcow2_img" { + content_type = "import" + datastore_id = "local" + node_name = "pve" + url = "https://cloud-images.fedora.com/jammy/current/jammy-server-cloudimg-amd64.img" + # need to rename the file to *.qcow2 to indicate the actual file format for import + file_name = "jammy-server-cloudimg-amd64.qcow2" +} + +resource "random_password" "fedora_vm_password" { + length = 16 + override_special = "_%@" + special = true +} + +resource "tls_private_key" "fedora_vm_key" { + algorithm = "RSA" + rsa_bits = 2048 +} + +output "fedora_vm_password" { + value = random_password.fedora_vm_password.result + sensitive = true +} + +output "fedora_vm_private_key" { + value = tls_private_key.fedora_vm_key.private_key_pem + sensitive = true +} + +output "fedora_vm_public_key" { + value = tls_private_key.fedora_vm_key.public_key_openssh +} \ No newline at end of file diff --git a/terraform/proxmox/provider.tf b/terraform/proxmox/provider.tf new file mode 100644 index 0000000..cfa148d --- /dev/null +++ b/terraform/proxmox/provider.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + proxmox = { + source = "bpg/proxmox" + version = "0.89.0" + } + } +} + +provider "proxmox" { + # Configuration options +} \ No newline at end of file From dae00813da0e70c919bbd28de7f080a9aa862893 Mon Sep 17 00:00:00 2001 From: Jennifer Weir Date: Sat, 9 May 2026 13:19:37 -0400 Subject: [PATCH 2/5] fix(argocd): azure secret locations --- terraform/proxmox/main.tf | 110 ---------------------------------- terraform/proxmox/provider.tf | 12 ---- 2 files changed, 122 deletions(-) delete mode 100644 terraform/proxmox/main.tf delete mode 100644 terraform/proxmox/provider.tf diff --git a/terraform/proxmox/main.tf b/terraform/proxmox/main.tf deleted file mode 100644 index c9ac72a..0000000 --- a/terraform/proxmox/main.tf +++ /dev/null @@ -1,110 +0,0 @@ -resource "proxmox_virtual_environment_vm" "fedora_vm" { - name = "terraform-provider-proxmox-fedora-vm" - description = "Managed by Terraform" - tags = ["terraform", "fedora"] - - node_name = "first-node" - vm_id = 4321 - - agent { - # read 'Qemu guest agent' section, change to true only when ready - enabled = false - } - # if agent is not enabled, the VM may not be able to shutdown properly, and may need to be forced off - stop_on_destroy = true - - startup { - order = "3" - up_delay = "60" - down_delay = "60" - } - - cpu { - cores = 2 - type = "x86-64-v2-AES" # recommended for modern CPUs - } - - memory { - dedicated = 2048 - floating = 2048 # set equal to dedicated to enable ballooning - } - - disk { - datastore_id = "local-lvm" - import_from = proxmox_virtual_environment_download_file.latest_fedora_22_jammy_qcow2_img.id - interface = "scsi0" - } - - initialization { - # uncomment and specify the datastore for cloud-init disk if default `local-lvm` is not available - # datastore_id = "local-lvm" - - ip_config { - ipv4 { - address = "dhcp" - } - } - - user_account { - keys = [trimspace(tls_private_key.fedora_vm_key.public_key_openssh)] - password = random_password.fedora_vm_password.result - username = "fedora" - } - - user_data_file_id = proxmox_virtual_environment_file.cloud_config.id - } - - network_device { - bridge = "vmbr0" - } - - operating_system { - type = "l26" - } - - tpm_state { - version = "v2.0" - } - - serial_device {} - - virtiofs { - mapping = "data_share" - cache = "always" - direct_io = true - } -} - -resource "proxmox_virtual_environment_download_file" "latest_fedora_22_jammy_qcow2_img" { - content_type = "import" - datastore_id = "local" - node_name = "pve" - url = "https://cloud-images.fedora.com/jammy/current/jammy-server-cloudimg-amd64.img" - # need to rename the file to *.qcow2 to indicate the actual file format for import - file_name = "jammy-server-cloudimg-amd64.qcow2" -} - -resource "random_password" "fedora_vm_password" { - length = 16 - override_special = "_%@" - special = true -} - -resource "tls_private_key" "fedora_vm_key" { - algorithm = "RSA" - rsa_bits = 2048 -} - -output "fedora_vm_password" { - value = random_password.fedora_vm_password.result - sensitive = true -} - -output "fedora_vm_private_key" { - value = tls_private_key.fedora_vm_key.private_key_pem - sensitive = true -} - -output "fedora_vm_public_key" { - value = tls_private_key.fedora_vm_key.public_key_openssh -} \ No newline at end of file diff --git a/terraform/proxmox/provider.tf b/terraform/proxmox/provider.tf deleted file mode 100644 index cfa148d..0000000 --- a/terraform/proxmox/provider.tf +++ /dev/null @@ -1,12 +0,0 @@ -terraform { - required_providers { - proxmox = { - source = "bpg/proxmox" - version = "0.89.0" - } - } -} - -provider "proxmox" { - # Configuration options -} \ No newline at end of file From 1c6e59cdfcf11e3d3d9ab5b982802f45670e05f9 Mon Sep 17 00:00:00 2001 From: Jennifer Weir Date: Sat, 9 May 2026 13:17:38 -0400 Subject: [PATCH 3/5] fix(argocd): azure secret locations --- terraform/proxmox/main.tf | 110 ++++++++++++++++++++++++++++++++++ terraform/proxmox/provider.tf | 12 ++++ 2 files changed, 122 insertions(+) create mode 100644 terraform/proxmox/main.tf create mode 100644 terraform/proxmox/provider.tf diff --git a/terraform/proxmox/main.tf b/terraform/proxmox/main.tf new file mode 100644 index 0000000..c9ac72a --- /dev/null +++ b/terraform/proxmox/main.tf @@ -0,0 +1,110 @@ +resource "proxmox_virtual_environment_vm" "fedora_vm" { + name = "terraform-provider-proxmox-fedora-vm" + description = "Managed by Terraform" + tags = ["terraform", "fedora"] + + node_name = "first-node" + vm_id = 4321 + + agent { + # read 'Qemu guest agent' section, change to true only when ready + enabled = false + } + # if agent is not enabled, the VM may not be able to shutdown properly, and may need to be forced off + stop_on_destroy = true + + startup { + order = "3" + up_delay = "60" + down_delay = "60" + } + + cpu { + cores = 2 + type = "x86-64-v2-AES" # recommended for modern CPUs + } + + memory { + dedicated = 2048 + floating = 2048 # set equal to dedicated to enable ballooning + } + + disk { + datastore_id = "local-lvm" + import_from = proxmox_virtual_environment_download_file.latest_fedora_22_jammy_qcow2_img.id + interface = "scsi0" + } + + initialization { + # uncomment and specify the datastore for cloud-init disk if default `local-lvm` is not available + # datastore_id = "local-lvm" + + ip_config { + ipv4 { + address = "dhcp" + } + } + + user_account { + keys = [trimspace(tls_private_key.fedora_vm_key.public_key_openssh)] + password = random_password.fedora_vm_password.result + username = "fedora" + } + + user_data_file_id = proxmox_virtual_environment_file.cloud_config.id + } + + network_device { + bridge = "vmbr0" + } + + operating_system { + type = "l26" + } + + tpm_state { + version = "v2.0" + } + + serial_device {} + + virtiofs { + mapping = "data_share" + cache = "always" + direct_io = true + } +} + +resource "proxmox_virtual_environment_download_file" "latest_fedora_22_jammy_qcow2_img" { + content_type = "import" + datastore_id = "local" + node_name = "pve" + url = "https://cloud-images.fedora.com/jammy/current/jammy-server-cloudimg-amd64.img" + # need to rename the file to *.qcow2 to indicate the actual file format for import + file_name = "jammy-server-cloudimg-amd64.qcow2" +} + +resource "random_password" "fedora_vm_password" { + length = 16 + override_special = "_%@" + special = true +} + +resource "tls_private_key" "fedora_vm_key" { + algorithm = "RSA" + rsa_bits = 2048 +} + +output "fedora_vm_password" { + value = random_password.fedora_vm_password.result + sensitive = true +} + +output "fedora_vm_private_key" { + value = tls_private_key.fedora_vm_key.private_key_pem + sensitive = true +} + +output "fedora_vm_public_key" { + value = tls_private_key.fedora_vm_key.public_key_openssh +} \ No newline at end of file diff --git a/terraform/proxmox/provider.tf b/terraform/proxmox/provider.tf new file mode 100644 index 0000000..cfa148d --- /dev/null +++ b/terraform/proxmox/provider.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + proxmox = { + source = "bpg/proxmox" + version = "0.89.0" + } + } +} + +provider "proxmox" { + # Configuration options +} \ No newline at end of file From 68768288dbabb4264f5bfc9e06ffd913bb10e9c5 Mon Sep 17 00:00:00 2001 From: Jennifer Weir Date: Sat, 9 May 2026 15:28:33 -0400 Subject: [PATCH 4/5] chore(argocd): tweak oidc configuration --- .../argocd/operator/components/argocd.yaml | 6 ++-- .../argocd/overlays/okd/kustomization.yaml | 3 +- .../overlays/okd/oidc-external-secret.yaml | 19 +++++++++++ ...-secret.yaml => quay-external-secret.yaml} | 0 terraform/okd/main.tf | 34 ++++++------------- 5 files changed, 34 insertions(+), 28 deletions(-) create mode 100644 manifests/platform/argocd/overlays/okd/oidc-external-secret.yaml rename manifests/platform/argocd/overlays/okd/{external-secret.yaml => quay-external-secret.yaml} (100%) diff --git a/manifests/platform/argocd/operator/components/argocd.yaml b/manifests/platform/argocd/operator/components/argocd.yaml index 34c476d..e7a0a87 100644 --- a/manifests/platform/argocd/operator/components/argocd.yaml +++ b/manifests/platform/argocd/operator/components/argocd.yaml @@ -103,10 +103,10 @@ spec: # https://argocd-operator.readthedocs.io/en/latest/reference/argocd/#oidc-config oidcConfig: | name: azure - issuer: https://login.microsoftonline.com//v2.0 + issuer: clientID: - clientSecret: + clientSecret: $oidc-azure.azure_client_secret # Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"] - requestedScopes: ["openid", "profile", "email", "groups"] + requestedScopes: ["openid", "profile", "email"] # Optional set of OIDC claims to request on the ID token. requestedIDTokenClaims: {"groups": {"essential": true}} diff --git a/manifests/platform/argocd/overlays/okd/kustomization.yaml b/manifests/platform/argocd/overlays/okd/kustomization.yaml index 755406b..0bb6504 100644 --- a/manifests/platform/argocd/overlays/okd/kustomization.yaml +++ b/manifests/platform/argocd/overlays/okd/kustomization.yaml @@ -3,5 +3,6 @@ kind: Kustomization resources: - ../../operator/base - ../../operator/components - - external-secret.yaml + - oidc-external-secret.yaml + - quay-external-secret.yaml - secretstore.yaml diff --git a/manifests/platform/argocd/overlays/okd/oidc-external-secret.yaml b/manifests/platform/argocd/overlays/okd/oidc-external-secret.yaml new file mode 100644 index 0000000..da1a351 --- /dev/null +++ b/manifests/platform/argocd/overlays/okd/oidc-external-secret.yaml @@ -0,0 +1,19 @@ +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: oidc-azure + namespace: argocd + annotations: + argocd.argoproj.io/sync-wave: "3" +spec: + refreshInterval: 1h + secretStoreRef: + name: gsm-secret-store + kind: SecretStore + target: + name: oidc-azure + creationPolicy: Owner + data: + - secretKey: azure_client_secret + remoteRef: + key: azure_client_secret diff --git a/manifests/platform/argocd/overlays/okd/external-secret.yaml b/manifests/platform/argocd/overlays/okd/quay-external-secret.yaml similarity index 100% rename from manifests/platform/argocd/overlays/okd/external-secret.yaml rename to manifests/platform/argocd/overlays/okd/quay-external-secret.yaml diff --git a/terraform/okd/main.tf b/terraform/okd/main.tf index f7f98d1..64648f9 100644 --- a/terraform/okd/main.tf +++ b/terraform/okd/main.tf @@ -8,6 +8,12 @@ locals { "project_id", "grafana_admin_user", "grafana_admin_password", + "azure_client_id", + "azure_issuer_url" + ] + argocd_eso_secrets = [ + "quay-jennweir-pull-secret", + "azure_client_secret" ] } @@ -146,33 +152,13 @@ resource "google_secret_manager_secret_iam_member" "openshift_monitoring_secret_ } # make k8s service account secretAccessor directly instead of via impersonation of google service account bc of eso limitations -resource "google_secret_manager_secret_iam_member" "quay_pull_secret_accessor" { - project = data.google_project.okd_homelab.project_id - secret_id = "quay-jennweir-pull-secret" - role = "roles/secretmanager.secretAccessor" - member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:external-secrets" -} +resource "google_secret_manager_secret_iam_member" "argocd_eso_secret_access" { + for_each = toset(local.argocd_eso_secrets) -# argocd SA access to Azure AD secrets -resource "google_secret_manager_secret_iam_member" "argocd_azure_tenant_id_accessor" { project = data.google_project.okd_homelab.project_id - secret_id = "azure_tenant_id" - role = "roles/secretmanager.secretAccessor" - member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:argocd-argocd-repo-server" -} - -resource "google_secret_manager_secret_iam_member" "argocd_azure_client_id_accessor" { - project = data.google_project.okd_homelab.project_id - secret_id = "azure_client_id" - role = "roles/secretmanager.secretAccessor" - member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:argocd-argocd-repo-server" -} - -resource "google_secret_manager_secret_iam_member" "argocd_azure_client_secret_accessor" { - project = data.google_project.okd_homelab.project_id - secret_id = "azure_client_secret" + secret_id = each.value role = "roles/secretmanager.secretAccessor" - member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:argocd-argocd-repo-server" + member = "principal://iam.googleapis.com/projects/${data.google_project.okd_homelab.number}/locations/global/workloadIdentityPools/${google_iam_workload_identity_pool.okd_pool.workload_identity_pool_id}/subject/system:serviceaccount:argocd:external-secrets" } # Azure ------------------------------------------------------------------------------------------------------------------ From 9f7823dffe23d07ae15dea75129aabad6669a262 Mon Sep 17 00:00:00 2001 From: Jennifer Weir Date: Sat, 9 May 2026 15:30:15 -0400 Subject: [PATCH 5/5] fix: revert --- terraform/proxmox/main.tf | 110 ---------------------------------- terraform/proxmox/provider.tf | 12 ---- 2 files changed, 122 deletions(-) delete mode 100644 terraform/proxmox/main.tf delete mode 100644 terraform/proxmox/provider.tf diff --git a/terraform/proxmox/main.tf b/terraform/proxmox/main.tf deleted file mode 100644 index c9ac72a..0000000 --- a/terraform/proxmox/main.tf +++ /dev/null @@ -1,110 +0,0 @@ -resource "proxmox_virtual_environment_vm" "fedora_vm" { - name = "terraform-provider-proxmox-fedora-vm" - description = "Managed by Terraform" - tags = ["terraform", "fedora"] - - node_name = "first-node" - vm_id = 4321 - - agent { - # read 'Qemu guest agent' section, change to true only when ready - enabled = false - } - # if agent is not enabled, the VM may not be able to shutdown properly, and may need to be forced off - stop_on_destroy = true - - startup { - order = "3" - up_delay = "60" - down_delay = "60" - } - - cpu { - cores = 2 - type = "x86-64-v2-AES" # recommended for modern CPUs - } - - memory { - dedicated = 2048 - floating = 2048 # set equal to dedicated to enable ballooning - } - - disk { - datastore_id = "local-lvm" - import_from = proxmox_virtual_environment_download_file.latest_fedora_22_jammy_qcow2_img.id - interface = "scsi0" - } - - initialization { - # uncomment and specify the datastore for cloud-init disk if default `local-lvm` is not available - # datastore_id = "local-lvm" - - ip_config { - ipv4 { - address = "dhcp" - } - } - - user_account { - keys = [trimspace(tls_private_key.fedora_vm_key.public_key_openssh)] - password = random_password.fedora_vm_password.result - username = "fedora" - } - - user_data_file_id = proxmox_virtual_environment_file.cloud_config.id - } - - network_device { - bridge = "vmbr0" - } - - operating_system { - type = "l26" - } - - tpm_state { - version = "v2.0" - } - - serial_device {} - - virtiofs { - mapping = "data_share" - cache = "always" - direct_io = true - } -} - -resource "proxmox_virtual_environment_download_file" "latest_fedora_22_jammy_qcow2_img" { - content_type = "import" - datastore_id = "local" - node_name = "pve" - url = "https://cloud-images.fedora.com/jammy/current/jammy-server-cloudimg-amd64.img" - # need to rename the file to *.qcow2 to indicate the actual file format for import - file_name = "jammy-server-cloudimg-amd64.qcow2" -} - -resource "random_password" "fedora_vm_password" { - length = 16 - override_special = "_%@" - special = true -} - -resource "tls_private_key" "fedora_vm_key" { - algorithm = "RSA" - rsa_bits = 2048 -} - -output "fedora_vm_password" { - value = random_password.fedora_vm_password.result - sensitive = true -} - -output "fedora_vm_private_key" { - value = tls_private_key.fedora_vm_key.private_key_pem - sensitive = true -} - -output "fedora_vm_public_key" { - value = tls_private_key.fedora_vm_key.public_key_openssh -} \ No newline at end of file diff --git a/terraform/proxmox/provider.tf b/terraform/proxmox/provider.tf deleted file mode 100644 index cfa148d..0000000 --- a/terraform/proxmox/provider.tf +++ /dev/null @@ -1,12 +0,0 @@ -terraform { - required_providers { - proxmox = { - source = "bpg/proxmox" - version = "0.89.0" - } - } -} - -provider "proxmox" { - # Configuration options -} \ No newline at end of file