sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
boma/terraform
History
sjat 1ee343dfca feat(tf): open Caddy 80/443 + NetBird 3478 on askari (public_web) 
hetzner_vm gains a public_web bool (default false); offsite sets it true. Firewall
adds 80/443 tcp + 3478 udp from anywhere (SSH-from-ubongo preserved). For M4 Caddy
+ NetBird.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-14 17:38:51 +02:00
..
environments feat(tf): open Caddy 80/443 + NetBird 3478 on askari (public_web) 2026-06-14 17:38:51 +02:00
modules feat(tf): open Caddy 80/443 + NetBird 3478 on askari (public_web) 2026-06-14 17:38:51 +02:00
README.md Add Terraform VM-provisioning skeleton 2026-05-30 14:10:01 +02:00

README.md

terraform/

Infrastructure provisioning. Terraform owns VM existence only — creating and destroying Proxmox VMs. It writes no DNS records and configures nothing inside a VM; Ansible owns all of that.

  • modules/proxmox_vm/ — reusable VM module (Proxmox only).
  • environments/{staging,production}/ — separate state per environment. Add a VM by editing local.vms in that env's main.tf, then make tf-plantf-applytf-inventory.

Rationale: ADR-006. Handoff to Ansible: ADR-009. Secrets via TF_VAR_* only — never in .tfvars. Not yet terraform inited — see STATUS.md.