sjat/boma

History

sjat 839fc632a1 fix(tf): declare required_providers in modules; pin offsite lock terraform init failed: child modules using non-hashicorp providers must declare required_providers, else TF infers hashicorp/{hcloud,proxmox} (nonexistent). Add versions.tf to hetzner_vm AND proxmox_vm (same latent bug, never caught because Proxmox TF was never init'd). Track the offsite lock (hcloud 1.65.0). Caught by running 'make tf-init/plan TF_ENV=offsite' on ubongo — static review missed it. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>		2026-06-14 16:14:05 +02:00
..
environments	fix(tf): declare required_providers in modules; pin offsite lock	2026-06-14 16:14:05 +02:00
modules	fix(tf): declare required_providers in modules; pin offsite lock	2026-06-14 16:14:05 +02:00
README.md	Add Terraform VM-provisioning skeleton	2026-05-30 14:10:01 +02:00

README.md

terraform/

Infrastructure provisioning. Terraform owns VM existence only — creating and destroying Proxmox VMs. It writes no DNS records and configures nothing inside a VM; Ansible owns all of that.

modules/proxmox_vm/ — reusable VM module (Proxmox only).
environments/{staging,production}/ — separate state per environment. Add a VM by editing local.vms in that env's main.tf, then make tf-plan → tf-apply → tf-inventory.

Rationale: ADR-006. Handoff to Ansible: ADR-009. Secrets via TF_VAR_* only — never in .tfvars. Not yet terraform inited — see STATUS.md.