From 9daaec2cc71b9e4ccf819c838d42abd2dc82ea30 Mon Sep 17 00:00:00 2001
From: Petar Cubela <petar.cubela@softbox.de>
Date: Wed, 24 Sep 2025 10:52:31 +0200
Subject: [PATCH] added first ipa client vm

---
 ...it_fedora42_ipa_clients.cloud_config.tftpl | 32 ++++++
 files/user_data_cloud_init_fedora42_ipa.cfg   | 32 ++++++
 ...r_data_cloud_init_fedora42_ipa_clients.cfg | 32 ++++++
 variables.tf                                  |  5 +
 vm_freeipa.tf                                 | 11 ---
 vm_freeipa_clients.tf                         | 99 +++++++++++++++++++
 6 files changed, 200 insertions(+), 11 deletions(-)
 create mode 100644 cloud-inits/cloud_init_fedora42_ipa_clients.cloud_config.tftpl
 create mode 100755 files/user_data_cloud_init_fedora42_ipa.cfg
 create mode 100755 files/user_data_cloud_init_fedora42_ipa_clients.cfg
 create mode 100644 vm_freeipa_clients.tf

diff --git a/cloud-inits/cloud_init_fedora42_ipa_clients.cloud_config.tftpl b/cloud-inits/cloud_init_fedora42_ipa_clients.cloud_config.tftpl
new file mode 100644
index 0000000..e4ab6c4
--- /dev/null
+++ b/cloud-inits/cloud_init_fedora42_ipa_clients.cloud_config.tftpl
@@ -0,0 +1,32 @@
+#cloud-config
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - curl
+  - qemu-guest-agent
+  - vim
+  - htop 
+  - bash-completion
+#  - freeipa-server
+#  - freeipa-server-dns
+
+users:
+- name: sbxadmin
+  groups: sudo
+  shell: /bin/bash
+  sudo: ['ALL=(ALL) NOPASSWD:ALL']
+  ssh_authorized_keys:
+    - ${ssh_key}
+
+preserve_hostname: false
+manage_etc_hosts: false
+fqdn: ${hostname}.${domain}
+hostname: ${hostname}
+prefer_fqdn_over_hostname: true
+create_hostname_file: true
+
+runcmd:
+  - systemctl start qemu-guest-agent
+  - systemctl enable --now qemu-guest-agent
diff --git a/files/user_data_cloud_init_fedora42_ipa.cfg b/files/user_data_cloud_init_fedora42_ipa.cfg
new file mode 100755
index 0000000..b4fda5c
--- /dev/null
+++ b/files/user_data_cloud_init_fedora42_ipa.cfg
@@ -0,0 +1,32 @@
+#cloud-config
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - curl
+  - qemu-guest-agent
+  - vim
+  - htop 
+  - bash-completion
+  - freeipa-server
+  - freeipa-server-dns
+
+users:
+- name: sbxadmin
+  groups: sudo
+  shell: /bin/bash
+  sudo: ['ALL=(ALL) NOPASSWD:ALL']
+  ssh_authorized_keys:
+    - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzh23ZkSVNbmDKk9esAT9qNkOoYFLhpX2nSLKPJaDVZ petar.cubela@sbx-mac-lab.local
+
+preserve_hostname: false
+manage_etc_hosts: false
+fqdn: ipa.lab.softbox.net
+hostname: ipa
+prefer_fqdn_over_hostname: true
+create_hostname_file: true
+
+runcmd:
+  - systemctl start qemu-guest-agent
+  - systemctl enable --now qemu-guest-agent
diff --git a/files/user_data_cloud_init_fedora42_ipa_clients.cfg b/files/user_data_cloud_init_fedora42_ipa_clients.cfg
new file mode 100755
index 0000000..311e2f7
--- /dev/null
+++ b/files/user_data_cloud_init_fedora42_ipa_clients.cfg
@@ -0,0 +1,32 @@
+#cloud-config
+
+package_update: true
+package_upgrade: true
+
+packages:
+  - curl
+  - qemu-guest-agent
+  - vim
+  - htop 
+  - bash-completion
+#  - freeipa-server
+#  - freeipa-server-dns
+
+users:
+- name: sbxadmin
+  groups: sudo
+  shell: /bin/bash
+  sudo: ['ALL=(ALL) NOPASSWD:ALL']
+  ssh_authorized_keys:
+    - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBzh23ZkSVNbmDKk9esAT9qNkOoYFLhpX2nSLKPJaDVZ petar.cubela@sbx-mac-lab.local
+
+preserve_hostname: false
+manage_etc_hosts: false
+fqdn: vm00.lab.softbox.net
+hostname: vm00
+prefer_fqdn_over_hostname: true
+create_hostname_file: true
+
+runcmd:
+  - systemctl start qemu-guest-agent
+  - systemctl enable --now qemu-guest-agent
diff --git a/variables.tf b/variables.tf
index 176aa05..6986bbb 100644
--- a/variables.tf
+++ b/variables.tf
@@ -11,6 +11,11 @@ variable "hostname_ipa" {
     type = string
 }
 
+variable "hostname_vms" {
+    type = list(string)
+}
+
+
 ## PVE
 
 variable "student_vm_template" {
diff --git a/vm_freeipa.tf b/vm_freeipa.tf
index 202204f..7c8bf86 100644
--- a/vm_freeipa.tf
+++ b/vm_freeipa.tf
@@ -1,14 +1,3 @@
-# Source the Cloud Init Config file
-#data "template_file" "cloud_init_fed42_ipa" {
-#  template  = "${file("${path.module}/files/cloud_init_fedora42_ipa.cloud_config")}"
-#
-#  vars = {
-#    ssh_key = var.petar_ssh_public_key
-#    hostname = var.hostname_ipa
-#    domain = var.domain
-#  }
-#}
-
 # Create a local copy of the file, to transfer to Proxmox
 resource "local_file" "cloud_init_fed42_ipa" {
   #content   = data.template_file.cloud_init_deb10_vm-01.rendered
diff --git a/vm_freeipa_clients.tf b/vm_freeipa_clients.tf
new file mode 100644
index 0000000..dd1ac64
--- /dev/null
+++ b/vm_freeipa_clients.tf
@@ -0,0 +1,99 @@
+# Create a local copy of the file, to transfer to Proxmox
+resource "local_file" "cloud_init_fed42_ipa_clients" {
+  content  = templatefile("${var.working_directory}/cloud-inits/cloud_init_fedora42_ipa_clients.cloud_config.tftpl", { ssh_key = var.petar_ssh_public_key, hostname = var.hostname_vms[0] , domain = var.domain })
+  filename  = "${path.module}/files/user_data_cloud_init_fedora42_ipa_clients.cfg"
+}
+
+# Transfer the file to the Proxmox Host
+resource "null_resource" "cloud_init_fed42_ipa_clients" {
+  connection {
+    type    = "ssh"
+    user    = var.prov_user
+    private_key = var.petar_ssh_private_key
+    host    = var.proxmox_host
+  }
+
+  provisioner "file" {
+    source       = local_file.cloud_init_fed42_ipa_clients.filename
+    destination  = "/var/lib/vz/snippets/user_data_cloud_init_fedora42_ipa_clients.yml"
+  }
+}
+
+
+
+resource "proxmox_vm_qemu" "vm00" {
+    name = var.hostname_vms[0]
+
+    depends_on = [
+    null_resource.cloud_init_fed42_ipa_clients
+    ]
+
+    # Node name has to be the same name as within the cluster
+    # this might not include the FQDN
+    target_node = "neo"
+
+    # The template name to clone this vm from
+    clone = "temp-fedora-38"
+
+    # Activate QEMU agent for this VM
+    agent = 1
+
+    #pool = linux
+
+    os_type = "cloud-init"
+    vmid = 1100
+    vm_state = "running"
+    
+    cpu {
+        cores = 2
+        sockets = 1
+        type = "host"
+    }
+    memory      = 2048
+    scsihw      = "virtio-scsi-pci"
+
+    # Setup the disk
+    disks {
+      scsi {
+        scsi0 {
+          # We have to specify the disk from our template, else Terraform will think it's not supposed to be there
+          disk {
+            storage = "local-lvm"
+            # The size of the disk should be at least as big as the disk in the template. If it's smaller, the disk will be recreated
+            size    = "16G" 
+          }
+        }
+      }
+      ide {
+        # Some images require a cloud-init disk on the IDE controller, others on the SCSI or SATA controller
+        ide1 {
+          cloudinit {
+            storage = "local-lvm"
+          }
+        }
+      }
+    }    
+    # Setup the network interface and assign a vlan tag: 256
+
+    network {
+        id = 0
+        model = "virtio"
+        bridge = "vmbr0"
+        macaddr   = "bc:24:11:de:cb:31"
+    }
+    nameserver = "fde4:ed21:b2c0:5600:be24:11ff:fede:cb30"
+
+    onboot = true
+    boot = "order=scsi0"
+    tags = "ldap,samba,kerberos,dns,pki"
+
+    # Setup the ip address using cloud-init.
+    # Keep in mind to use the CIDR notation for the ip.
+    #ipconfig0   = "ip=10.11.12.65/24,gw=10.11.12.254"
+    ipconfig0   = "ip6=auto"
+    ciuser      = var.prov_user
+    cicustom    = "user=local:snippets/user_data_cloud_init_fedora42_ipa_clients.yml" 
+    ciupgrade   = true
+
+    sshkeys     = var.petar_ssh_public_key
+}