diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..9d22602 --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,12 @@ +# Changelog + +## 2026-02-21 + +### Changed +- VM module (`terraform/modules/vm/main.tf`): CPU, memory, and disk blocks are now conditional on `os_type == "linux"` via dynamic blocks — Windows clones inherit all hardware from the template +- VM module: added `lifecycle { ignore_changes = [efi_disk, tpm_state, disk, cpu, memory] }` to prevent Terraform from managing hardware inherited from Windows templates +- VM module: removed `efi_disk` dynamic block (EFI disk is inherited from template, not created by Terraform) +- rds01 specs adjusted to 2 cores / 6144 MB / 50 GB (documentation only — inherited from template) + +### Removed +- ca01 VM (VMID 1005) — AD Certificate Authority removed from management tier diff --git a/terraform/management.tf b/terraform/management.tf index bdbff17..afb1a69 100644 --- a/terraform/management.tf +++ b/terraform/management.tf @@ -4,12 +4,11 @@ # Lighthouse and DNS should be provisioned first. # # VMs: -# 1000 lighthouse 192.168.100.10 - Nebula lighthouse/relay +# 1000 lighthouse 192.168.100.10 - Nebula lighthouse/relay (not yet defined) # 1001 dns 192.168.100.11 - Internal DNS server # 1002 caddy 192.168.100.12 - Reverse proxy # 1003 dc01 192.168.100.13 - AD domain controller (manual) -# 1005 ca01 192.168.100.15 - AD Certificate Authority -# 1006 rds01 192.168.100.16 - Remote Desktop Services + File Server +# 1006 rds01 192.168.100.16 - File Server + Light RDS module "dns" { source = "./modules/vm" @@ -39,20 +38,6 @@ module "caddy" { ssh_key_path = var.ssh_key_path } -module "ca01" { - source = "./modules/vm" - name = "ca01" - vmid = 1005 - node_name = var.proxmox_node - bridge_ip = "192.168.100.15" - os_type = "windows" - datastore_id = var.datastore_id - clone_vmid = var.windows_template_vmid - cores = 2 - memory = 4096 - disk_size = 60 -} - module "rds01" { source = "./modules/vm" name = "rds01" @@ -62,7 +47,7 @@ module "rds01" { os_type = "windows" datastore_id = var.datastore_id clone_vmid = var.windows_template_vmid - cores = 4 - memory = 8192 - disk_size = 100 + cores = 2 # Inherited from template (documentation only) + memory = 6144 # Inherited from template (documentation only) + disk_size = 50 # Inherited from template (documentation only) } diff --git a/terraform/modules/vm/main.tf b/terraform/modules/vm/main.tf index 21075a2..0fa47fc 100644 --- a/terraform/modules/vm/main.tf +++ b/terraform/modules/vm/main.tf @@ -18,27 +18,32 @@ resource "proxmox_virtual_environment_vm" "vm" { vm_id = var.clone_vmid } - cpu { - cores = var.cores + # Hardware configuration — Linux only. + # Windows clones inherit CPU, memory, and disk from the template unchanged. + # These dynamic blocks use for_each as a conditional: [1] = include, [] = skip. + dynamic "cpu" { + for_each = var.os_type == "linux" ? [1] : [] + content { + cores = var.cores + } } - memory { - dedicated = var.memory - floating = var.memory_floating + dynamic "memory" { + for_each = var.os_type == "linux" ? [1] : [] + content { + dedicated = var.memory + floating = var.memory_floating + } } - disk { - datastore_id = var.datastore_id - interface = "scsi0" - iothread = true - discard = "on" - size = var.disk_size - } - - dynamic "efi_disk" { - for_each = var.os_type == "windows" ? [1] : [] + dynamic "disk" { + for_each = var.os_type == "linux" ? [1] : [] content { datastore_id = var.datastore_id + interface = "scsi0" + iothread = true + discard = "on" + size = var.disk_size } } @@ -46,6 +51,11 @@ resource "proxmox_virtual_environment_vm" "vm" { bridge = var.network_bridge } + # Windows template (10000) includes EFI disk + TPM that clones inherit. + lifecycle { + ignore_changes = [efi_disk, tpm_state, disk, cpu, memory] + } + dynamic "initialization" { for_each = var.os_type == "linux" ? [1] : [] content {