diff --git a/proxmox/terraform/common.tf b/proxmox/terraform/common.tf --- a/proxmox/terraform/common.tf +++ b/proxmox/terraform/common.tf @@ -1,11 +1,12 @@ locals { config = { - dns = var.dns - domain = "internal.softwareheritage.org" - puppet_environment = "production" - puppet_master = var.puppet_master - gateway_ip = "192.168.100.1" - user_admin = var.user_admin - user_admin_ssh_public_key = var.user_admin_ssh_public_key + dns = var.dns + domain = "internal.softwareheritage.org" + puppet_environment = "production" + puppet_master = var.puppet_master + gateway_ip = "192.168.100.1" + user_admin = var.user_admin + user_admin_ssh_public_key = var.user_admin_ssh_public_key + user_admin_ssh_private_key_path = var.user_admin_ssh_private_key_path } } diff --git a/proxmox/terraform/modules/node/main.tf b/proxmox/terraform/modules/node/main.tf --- a/proxmox/terraform/modules/node/main.tf +++ b/proxmox/terraform/modules/node/main.tf @@ -94,7 +94,7 @@ type = "ssh" user = "root" host = lookup(var.networks[0], "ip") - private_key = "${file("~/.ssh/id-rsa-terraform-proxmox")}" # <- something changed + private_key = "${file(var.config["user_admin_ssh_private_key_path"])}" } } diff --git a/proxmox/terraform/staging/staging.tf b/proxmox/terraform/staging/staging.tf --- a/proxmox/terraform/staging/staging.tf +++ b/proxmox/terraform/staging/staging.tf @@ -7,13 +7,14 @@ # (There is no other way to avoid duplication) locals { config = { - dns = var.dns - domain = var.domain - puppet_environment = var.puppet_environment - puppet_master = var.puppet_master - gateway_ip = var.gateway_ip - user_admin = var.user_admin - user_admin_ssh_public_key = var.user_admin_ssh_public_key + dns = var.dns + domain = var.domain + puppet_environment = var.puppet_environment + puppet_master = var.puppet_master + gateway_ip = var.gateway_ip + user_admin = var.user_admin + user_admin_ssh_public_key = var.user_admin_ssh_public_key + user_admin_ssh_private_key_path = var.user_admin_ssh_private_key_path } } diff --git a/proxmox/terraform/variables.tf b/proxmox/terraform/variables.tf --- a/proxmox/terraform/variables.tf +++ b/proxmox/terraform/variables.tf @@ -34,9 +34,16 @@ default = "root" } -# define input variables for the modules +# public key part to install through cloud-init so ssh connection is possible # `pass search terraform-proxmox` in credential store variable "user_admin_ssh_public_key" { type = string default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVKCfpeIMg7GS3Pk03ZAcBWAeDZ+AvWk2k/pPY0z8MJ3YAbqZkRtSK7yaDgJV6Gro7nn/TxdJLo2jEzzWvlC8d8AEzhZPy5Z/qfVVjqBTBM4H5+e+TItAHFfaY5+0WvIahxcfsfaq70MWfpJhszAah3ThJ4mqzYaw+dkr42+a7Gx3Ygpb/m2dpnFnxvXdcuAJYStmHKU5AWGWWM+Fm50/fdMqUfNd8MbKhkJt5ihXQmZWMOt7ls4N8i5NZWnS9YSWow8X/ENOEqCRN9TyRkc+pPS0w9DNi0BCsWvSRJOkyvQ6caEnKWlNoywCmM1AlIQD3k4RUgRWe0vqg/UKPpH3Z root@terraform" } + +# private key path so the provisioning step can leverage the ssh connection +# `pass search terraform-proxmox` in credential store and install the key locally +variable "user_admin_ssh_private_key_path" { + type = string + default = "~/.ssh/id-rsa-terraform-proxmox-root" +}