# production/main.tf — Production VM definitions # Add entries to local.vms to provision VMs; remove to destroy them. # ALWAYS run `make tf-plan TF_ENV=production` and review before `make tf-apply TF_ENV=production`. locals { vms = { # control01 = { # ip = "192.168.1.10/24" # group = "control" # cores = 2 # memory_mb = 2048 # } # docker01 = { # ip = "192.168.1.11/24" # group = "docker_hosts" # cores = 4 # memory_mb = 4096 # } } } module "vms" { for_each = local.vms source = "../../modules/proxmox_vm" vm_name = each.key target_node = var.proxmox_node clone_template_id = var.vm_template_id datastore_id = var.vm_datastore_id ip_address = each.value.ip gateway = var.gateway dns_servers = var.dns_servers dns_domain = var.dns_domain ssh_public_keys = var.ssh_public_keys cores = each.value.cores memory_mb = each.value.memory_mb tags = ["production", each.value.group] } # Internal DNS records are NOT managed here. Terraform owns VM existence only; # the Ansible `dns` role renders the internal zone from inventory. See ADR-009.