# ── Proxmox ─────────────────────────────────────────────────────────────────── variable "proxmox_endpoint" { description = "Proxmox API URL, e.g. https://pve01.baobab.band:8006/" type = string } variable "proxmox_api_token" { description = "Proxmox API token (user@realm!tokenid=secret) — set via TF_VAR_proxmox_api_token" type = string sensitive = true } variable "proxmox_insecure" { description = "Skip TLS verification for the Proxmox API (true while using a self-signed cert)" type = bool default = false } variable "proxmox_node" { description = "Default Proxmox node name to place VMs on" type = string } variable "vm_template_id" { description = "Proxmox VM ID of the Debian 13 cloud-init template to clone" type = number } variable "vm_datastore_id" { description = "Proxmox datastore for VM disks and cloud-init drives" type = string default = "local-lvm" } variable "gateway" { description = "Default IPv4 gateway for all VMs" type = string } variable "vlan_tag" { description = "802.1q VLAN tag for provisioned VMs — srv VLAN (ADR-007)" type = number default = 20 } variable "dns_servers" { description = "DNS servers provided to VMs via cloud-init" type = list(string) } variable "dns_domain" { description = "Search domain provided to VMs via cloud-init" type = string } variable "ssh_public_keys" { description = "Public SSH keys provisioned for the ansible user on each VM" type = list(string) } # Note: `dns_servers` / `dns_domain` above are the cloud-init *resolver* settings # (which DNS server a VM queries). Terraform does not write DNS *records* — the # Ansible `dns` role owns the internal zone. See ADR-009.