terraform {
    required_providers {
        proxmox = {
            source = "telmate/proxmox"
            version = "2.9.14"
        }
    }
}

data "external" "env" {
    program = ["${path.module}/env.sh"]
}

provider "proxmox" {
    pm_api_url = "https://localhost:8006/api2/json"
    pm_api_token_id = data.external.env.result["PM_API_TOKEN_ID"]
    pm_api_token_secret = data.external.env.result["PM_API_TOKEN_SECRET"]
    pm_log_enable = true
    pm_log_file   = "terraform-plugin-proxmox.log"
    pm_debug      = true
    pm_log_levels = {
        _default    = "debug"
        _capturelog = ""
    }
    # leave tls_insecure set to true unless you have your proxmox SSL certificate situation fully sorted out (if you do, you will know)
    pm_tls_insecure = true
}

# random passwords, we only want to allow access by ssh with keys
resource "random_password" "password" {
  length           = 16
  special          = true
  override_special = "!#$%&*()-_=+[]{}<>:?"
}

# servers definition
resource "proxmox_vm_qemu" "hashi_server" {
    count = 4  # num of instances, 0 to destroy all
    name = "hashi-${count.index + 1}"  # autonum
    target_node = var.proxmox_host  # defined in vars.tf
    clone = var.template_name  # defined in vars.tf
    full_clone = true

    # basic VM settings here. agent refers to guest agent
    agent = 0
    os_type = "cloud-init"
    cores = 2
    sockets = 1
    cpu = "host"
    memory = 2048
    scsihw = "virtio-scsi-pci"
    bootdisk = "scsi0"

    disk {
        slot = 0
        # set disk size here. leave it small for testing because expanding the disk takes time.
        size = "10G"
        type = "scsi"
        storage = "local-lvm"
    }

    # if you want two NICs, just copy this whole network section and duplicate it
    network {
        model = "virtio"
        bridge = "vmbr0"
    }

    # not sure exactly what this is for. presumably something about MAC addresses and ignore network changes during the life of the VM
    lifecycle {
        ignore_changes = [
            network,
        ]
    }

    # the ${count.index + 1} thing appends text to the end of the ip address
    # in this case, since we are only adding a single VM, the IP will
    # be 192.168.1.71 since count.index starts at 0. this is how you can create
    # multiple VMs and have an IP assigned to each (.111, .112, .113, etc.)
    ipconfig0 = "ip=192.168.1.11${count.index + 1}/24,gw=192.168.1.1"

    # username by cloud-init
    ciuser = "alpine"
    cipassword = random_password.password.result # needed for ssh access, without password cant login
                                                 # even though user has authorized_keys configured

    # sshkeys set using variables. the variable contains the text of the key.
    sshkeys = <<EOF
    ${var.ssh_key}
    EOF
}