Terraform Setup

Creating the Terraform role in PVE

# pveum user add terraform@pve

# pveum role add Terraform -privs "Realm.AllocateUser, VM.PowerMgmt, VM.GuestAgent.Unrestricted, Sys.Console, Sys.Audit,   Sys.AccessNetwork, VM.Config.Cloudinit, VM.Replicate, Pool.Allocate, SDN.Audit, Realm.Allocate, SDN.Use, Mapping.Modify, VM.Config.Memory, VM.GuestAgent.FileSystemMgmt, VM.Allocate, SDN.Allocate, VM.Console, VM.Clone, VM.Backup, Datastore.AllocateTemplate, VM.Snapshot, VM.Config.Network, Sys.Incoming, Sys.Modify, VM.Snapshot.Rollback, VM.Config.Disk, Datastore.Allocate, VM.Config.CPU, VM.Config.CDROM, Group.Allocate, Datastore.Audit, VM.Migrate, VM.GuestAgent.FileWrite, Mapping.Use, Datastore.AllocateSpace, Sys.Syslog, VM.Config.Options, Pool.Audit, User.Modify, VM.Config.HWType, VM.Audit, Sys.PowerMgmt, VM.GuestAgent.Audit, Mapping.Audit, VM.GuestAgent.FileRead, Permissions.Modify"

# pveum aclmod / -user terraform@pve -role Terraform

# pveum user token add terraform@pve <TokenName> --privsep=0

provider "proxmox" {
  endpoint  = var.virtual_environment_endpoint
  api_token = "terraform@pve!<TokenName>=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
  insecure  = true
  #ssh {
  #  agent    = true
  #  username = "terraform"
  #}
}

Bitwarden Secrets Manager on macOS

New Host Checklist

Sops-Nix Env Files

Sops-Nix Setup

/boot/config.txt

Tailscale Auto Cert Update Service

Service Decommissioning Checlist

Service Provisioning Checlist

Fix Intel Ethernet NIC Hang

Import a qcow2 file

Rename a node

User Provisioning

Terraform Setup

Policy - systemd-resolved

Authentik

CUPS

Docker Healthchecks

docker-socket-proxy

How to upgrade MariaDB inside Docker

Samba/SMB

searx-ng

Syncthing

Troubleshooting

audit

crypttab

Docker Firewall Configuration

FiOS Router

Grafana Alloy

Intel NIC Configuration

lm-sensors

LUKS

traefik

Users/Groups

Terraform Setup

Creating the Terraform role in PVE