chore: Formatting

pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/machineconfig-cp.yaml.tmpl

@@ -16,7 +16,6 @@ machine:
   kubelet:
     extraArgs:
       pod-max-pids: 1000
-      rotate-server-certificates: true
     extraConfig:
       imageGCHighThresholdPercent: 75
       imageGCLowThresholdPercent: 70
@@ -38,7 +37,6 @@ cluster:
     disabled: true
   extraManifests:
   - https://github.com/kubernetes-sigs/gateway-api/releases/download/v${gateway-api_version}/standard-install.yaml
-  - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/refs/heads/main/deploy/standalone-install.yaml
   inlineManifests:
   - name: cilium-bootstrap
     contents: |

pve01.wheatley.in/k8s-wheatley/modules/talos-bootstrap/templates/machineconfig-worker.yaml.tmpl

@@ -19,7 +19,6 @@ machine:
   kubelet:
     extraArgs:
       pod-max-pids: 1000
-      rotate-server-certificates: true
     extraConfig:
       imageGCHighThresholdPercent: 75
       imageGCLowThresholdPercent: 70
@@ -51,7 +50,6 @@ cluster:
     disabled: true
   extraManifests:
   - https://github.com/kubernetes-sigs/gateway-api/releases/download/v${gateway-api_version}/standard-install.yaml
-  - https://raw.githubusercontent.com/alex1989hu/kubelet-serving-cert-approver/refs/heads/main/deploy/standalone-install.yaml
   inlineManifests:
   - name: cilium-bootstrap
     contents: |

pve01.wheatley.in/k8s-wheatley/modules/talos-node/main.tf

@@ -12,6 +12,7 @@ resource "proxmox_virtual_environment_vm" "talos-node" {
   name      = var.node.name
   node_name = var.node.proxmox_node
   tags      = ["tofu"]
+  bios      = "ovmf"
 
   clone {
     vm_id   = 10000 + tonumber(replace(var.node.talos_version, ".", ""))
@@ -21,7 +22,7 @@ resource "proxmox_virtual_environment_vm" "talos-node" {
   cpu {
     cores   = var.node.cpu
     sockets = 1
-    type    = "x86-64-v2-AES"
+    type    = "host"
   }
 
   memory {

pve01.wheatley.in/templates/.terraform.lock.hcl

@@ -26,6 +26,7 @@ provider "registry.opentofu.org/bpg/proxmox" {
 
 provider "registry.opentofu.org/hashicorp/http" {
   version     = "3.5.0"
+  constraints = "3.5.0"
   hashes = [
     "h1:eClUBisXme48lqiUl3U2+H2a2mzDawS9biqfkd9synw=",
     "zh:0a2b33494eec6a91a183629cf217e073be063624c5d3f70870456ddb478308e9",

pve01.wheatley.in/templates/main.tf

@@ -0,0 +1,25 @@
+terraform {
+  backend "s3" {
+    bucket                      = "13225-wheatley-states"
+    key                         = "pve01-templates.tfstate"
+    region                      = "main"
+    skip_credentials_validation = true
+    skip_metadata_api_check     = true
+    skip_region_validation      = true
+    force_path_style            = true
+  }
+}
+
+provider "proxmox" {
+  endpoint  = var.proxmox_endpoint
+  api_token = var.proxmox_api_token
+  ssh {
+    agent    = true
+    username = "tofu"
+  }
+}
+
+module "talos" {
+  source         = "./talos"
+  talos_versions = ["1.11.5"]
+}

pve01.wheatley.in/templates/talos/main.tf

@@ -1,27 +1,10 @@
 terraform {
-  backend "s3" {
+  required_providers {
-    bucket                      = "13225-wheatley-states"
+    proxmox = {
-    key                         = "pve01-templates.tfstate"
+      source  = "bpg/proxmox"
-    region                      = "main"
+      version = "0.86.0"
-    skip_credentials_validation = true
-    skip_metadata_api_check     = true
-    skip_region_validation      = true
-    force_path_style            = true
     }
   }
-
-provider "proxmox" {
-  endpoint  = var.proxmox_endpoint
-  api_token = var.proxmox_api_token
-  ssh {
-    agent    = true
-    username = "root"
-  }
-}
-
-
-locals {
-  talos_versions = ["1.11.5"]
 }
 
 data "http" "schematic" {
@@ -40,21 +23,20 @@ locals {
 }
 
 resource "proxmox_virtual_environment_download_file" "talos-image" {
-  for_each = toset(local.talos_versions)
+  for_each = toset(var.talos_versions)
 
   node_name    = "pve01"
   datastore_id = "local"
   content_type = "iso"
 
 
-  url                     = "https://factory.talos.dev/image/${local.schematic_id}/v${each.value}/nocloud-amd64-secureboot.raw.gz"
+  url       = "https://factory.talos.dev/image/${local.schematic_id}/v${each.value}/nocloud-amd64-secureboot.iso"
-  file_name               = "talos-${each.value}-nocloud-amd64-secureboot.img"
+  file_name = "talos-${each.value}-nocloud-amd64-secureboot.iso"
-  decompression_algorithm = "gz"
 }
 
 resource "proxmox_virtual_environment_vm" "talos-template" {
   depends_on = [proxmox_virtual_environment_download_file.talos-image]
-  for_each   = toset(local.talos_versions)
+  for_each   = toset(var.talos_versions)
 
   template  = true
   vm_id     = 10000 + tonumber(replace(each.value, ".", ""))
@@ -73,7 +55,7 @@ resource "proxmox_virtual_environment_vm" "talos-template" {
   cpu {
     cores   = 2
     sockets = 1
-    type    = "x86-64-v2-AES"
+    type    = "host"
   }
   memory {
     dedicated = 2048
@@ -93,7 +75,4 @@ resource "proxmox_virtual_environment_vm" "talos-template" {
     datastore_id = local.storagepool
     version      = "v2.0"
   }
-  network_device {
-    bridge = "vmbr1"
-  }
 }

pve01.wheatley.in/templates/talos/variables.tf

@@ -1,8 +1,5 @@
-variable "proxmox_endpoint" {
+variable talos_versions {
-  description = "Proxmox API endpoint"
+  description = "List of Talos versions to create templates for"
-  type        = string
+  type        = list(string)
-}
+  default     = []
-variable "proxmox_api_token" {
-  description = "Proxmox API token"
-  type        = string
 }

pve01.wheatley.in/templates/variables.tf

@@ -0,0 +1,8 @@
+variable "proxmox_endpoint" {
+  description = "Proxmox API endpoint"
+  type        = string
+}
+variable "proxmox_api_token" {
+  description = "Proxmox API token"
+  type        = string
+}