boma/terraform/environments/production/terraform.tfvars.example

# Production environment — non-secret values
# Copy to terraform.tfvars and fill in your values.
#
# Secrets must be exported as environment variables before running Terraform:
#   export TF_VAR_proxmox_api_token="terraform@pve!tokenid=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
#
# State is local (see backend.tf) — no Forgejo backend credentials needed.

proxmox_endpoint   = "https://pve0.boma.baobab.band:8006/"
proxmox_insecure   = false
proxmox_node       = "pve0"
vm_template_id     = 9000  # Proxmox VM ID of the Debian 13 cloud-init template
vm_datastore_id    = "local-lvm"

gateway            = "10.20.0.1"
dns_servers        = ["10.20.0.10", "10.20.0.11"]
dns_domain         = "boma.baobab.band"

ssh_public_keys    = [
  # "ssh-ed25519 AAAA... user@host",
]