Initial

main.tf

@@ -0,0 +1,149 @@
+resource "lxd_storage_pool" "virt" {
+  name   = "virt-pool"
+  driver = "zfs"
+  config = {
+    source          = "/var/snap/lxd/common/lxd/disks/virt-pool.img"
+    "zfs.pool_name" = "virt-pool"
+    size            = "50GB"
+  }
+}
+
+resource "lxd_volume" "volume" {
+  name = "virt-volume"
+  pool = lxd_storage_pool.virt.name
+  config = {
+    size = "10GB"
+  }
+}
+
+resource "lxd_network" "lxdbr1" {
+  name = "lxdbr1"
+  type = "bridge"
+  config = {
+    "ipv4.address" = "10.0.10.1/24"
+    "ipv4.nat"     = "true"
+    "ipv6.address" = "none"
+  }
+}
+
+resource "lxd_profile" "virt" {
+  name        = "virt"
+  description = "virt LXD profile"
+
+  config = {
+    "limits.cpu"    = 2
+    "limits.memory" = "3GB"
+  }
+
+  device {
+    name = "eth0"
+    type = "nic"
+
+    properties = {
+      name    = "eth0"
+      network = "lxdbr1"
+    }
+  }
+
+  device {
+    type = "disk"
+    name = "root"
+
+    properties = {
+      pool = lxd_storage_pool.virt.name
+      path = "/"
+      size = "5GiB"
+    }
+  }
+}
+locals {
+  # 'lxc.idmap' and 'lxc.cgroup2.devices.allow'
+  # couse errors
+  lxc-raw           = <<EOF
+lxc.idmap =
+lxc.idmap = u 0 100000 65536
+lxc.idmap = g 0 100000 44
+lxc.idmap = g 44 44 1
+lxc.idmap = g 45 100045 65
+lxc.idmap = g 110 109 1
+lxc.idmap = g 111 100111 65425
+lxc.cgroup2.devices.allow = c 226:0 rwm
+lxc.cgroup2.devices.allow = c 226:128 rwm
+lxc.mount.entry = /dev/dri/card0 dev/dri/card0 none bind,optional,create=file
+lxc.mount.entry = /dev/dri/renderD128 dev/dri/renderD128 none bind,optional,create=file
+EOF
+  cloud-init-config = <<EOF
+#cloud-config
+disable_root: True
+ssh_pwauth: True
+users:
+  - default
+package_upgrade: true
+apt:
+  debconf_selections:
+    set01: ldap-auth-config ldap-auth-config/bindpw password ${var.ldap_rootbindpw}
+    set02: ldap-auth-config ldap-auth-config/rootbindpw password ${var.ldap_rootbindpw}
+    set03: ldap-auth-config ldap-auth-config/ldapns/ldap-server string ${var.ldap_url}
+    set04: ldap-auth-config ldap-auth-config/dblogin boolean false
+    set05: ldap-auth-config ldap-auth-config/override boolean true
+    set06: ldap-auth-config ldap-auth-config/ldapns/ldap_version select 3
+    set07: ldap-auth-config ldap-auth-config/rootbinddn string ${var.ldap_rootbinddn}
+    set08: ldap-auth-config ldap-auth-config/pam_password select crypt
+    set09: ldap-auth-config ldap-auth-config/ldapns/base-dn string ${var.ldap_searchbase}
+    set10: ldap-auth-config ldap-auth-config/move-to-debconf boolean true
+    set11: ldap-auth-config ldap-auth-config/dbrootlogin boolean true
+packages:
+  - libnss-ldap
+  - libpam-ldap
+  - ldap-utils
+  - nscd
+timezone: Europe/Bratislava
+runcmd:
+  - sed -i '/^passwd:/ s/$/ ldap/' /etc/nsswitch.conf
+  - sed -i '/^group:/ s/$/ ldap/' /etc/nsswitch.conf 
+  - sed -i 's/use_authtok//' /etc/pam.d/common-password
+  - echo "session optional  pam_mkhomedir.so  skel=/etc/skel  umask=077" >>/etc/pam.d/common-session
+EOF
+}
+
+resource "lxd_cached_image" "jammy" {
+  source_remote = "ubuntu"
+  source_image  = "22.04"
+}
+
+resource "lxd_instance" "ubuntu" {
+  name      = "ubuntu"
+  image     = lxd_cached_image.jammy.fingerprint
+  profiles  = ["virt"]
+  ephemeral = false
+
+  config = {
+    "boot.autostart" = true
+    "user.user-data" = local.cloud-init-config
+    # "raw.lxc"        = local.lxc-raw
+  }
+
+  limits = {
+    cpu = 2
+  }
+
+  device {
+    name = "virt-volume"
+    type = "disk"
+    properties = {
+      path   = "/mnt/data"
+      source = lxd_volume.volume.name
+      pool   = lxd_storage_pool.virt.name
+    }
+  }
+
+  device {
+    name = "shareddisk"
+    type = "disk"
+    properties = {
+      path   = "/mnt/raid5"
+      source = "/mnt/raid5"
+    }
+  }
+}
+