refactor(hakurei): add kyuuto

tf/cloudflare_records.tf

@@ -20,11 +20,13 @@ module "hakurei_system_records" {
     "id",
     "ldap",
     "freeipa",
+    "smb",
   ]
   global_subdomains = [
     "plex",
     "idp",
     "ldap",
+    "smb",
   ]
 }
 
@@ -38,7 +40,6 @@ module "reimu_system_records" {
   local_v6     = "fd0a::be24:11ff:fec4:66a8"
   local_subdomains = [
     "nfs",
-    "smb",
   ]
 }
 

tf/proxmox_provider.tf

@@ -94,7 +94,7 @@ variable "proxmox_user_arc_last_name" {
 }
 
 resource "proxmox_virtual_environment_user" "arc" {
-  user_id    = "arc@pve"
+  user_id    = "arc@pam"
   email      = var.proxmox_user_arc_email
   first_name = var.proxmox_user_arc_first_name
   last_name  = var.proxmox_user_arc_last_name
@@ -104,6 +104,10 @@ resource "proxmox_virtual_environment_user" "arc" {
   lifecycle {
     ignore_changes = [password]
   }
+
+  depends_on = [
+    terraform_data.proxmox_reisen_users,
+  ]
 }
 
 variable "proxmox_user_kat_email" {
@@ -111,7 +115,7 @@ variable "proxmox_user_kat_email" {
 }
 
 resource "proxmox_virtual_environment_user" "kat" {
-  user_id    = "kat@pve"
+  user_id    = "kat@pam"
   email      = var.proxmox_user_kat_email
   first_name = "Kat"
   last_name  = "Inskip"
@@ -121,6 +125,10 @@ resource "proxmox_virtual_environment_user" "kat" {
   lifecycle {
     ignore_changes = [password]
   }
+
+  depends_on = [
+    terraform_data.proxmox_reisen_users,
+  ]
 }
 
 variable "proxmox_user_kaosubaloo_email" {
@@ -136,7 +144,7 @@ variable "proxmox_user_kaosubaloo_last_name" {
 }
 
 resource "proxmox_virtual_environment_user" "kaosubaloo" {
-  user_id    = "kaosubaloo@pve"
+  user_id    = "kaosubaloo@pam"
   email      = var.proxmox_user_kaosubaloo_email
   first_name = var.proxmox_user_kaosubaloo_first_name
   last_name  = var.proxmox_user_kaosubaloo_last_name
@@ -157,7 +165,7 @@ variable "proxmox_user_connieallure_last_name" {
 }
 
 resource "proxmox_virtual_environment_user" "connieallure" {
-  user_id    = "connieallure@pve"
+  user_id    = "connieallure@pam"
   email      = var.proxmox_user_connieallure_email
   first_name = "Connie"
   last_name  = var.proxmox_user_connieallure_last_name
@@ -167,4 +175,8 @@ resource "proxmox_virtual_environment_user" "connieallure" {
   lifecycle {
     ignore_changes = [password]
   }
+
+  depends_on = [
+    terraform_data.proxmox_reisen_users,
+  ]
 }

tf/proxmox_reisen.tf

@@ -11,6 +11,8 @@ locals {
   proxmox_reisen_net_vmbr0_ipv6 = file("${path.root}/../systems/reisen/net.50-vmbr0-ipv6.conf")
   proxmox_reisen_udev_dri       = file("${path.root}/../systems/reisen/udev.90-dri.rules")
   proxmox_reisen_udev_z2m       = file("${path.root}/../systems/reisen/udev.90-z2m.rules")
+
+  proxmox_reisen_users = jsondecode(file("${path.root}/../systems/reisen/users.json"))
 }
 
 resource "terraform_data" "proxmox_reisen_etc" {
@@ -38,3 +40,23 @@ resource "terraform_data" "proxmox_reisen_etc" {
     ]
   }
 }
+
+resource "terraform_data" "proxmox_reisen_users" {
+  triggers_replace = {
+    users = local.proxmox_reisen_users
+  }
+
+  connection {
+    type     = local.proxmox_reisen_connection.type
+    user     = local.proxmox_reisen_connection.user
+    password = local.proxmox_reisen_connection.password
+    host     = local.proxmox_reisen_connection.host
+    port     = local.proxmox_reisen_connection.port
+  }
+
+  provisioner "remote-exec" {
+    inline = [for user in local.proxmox_reisen_users :
+      "mkpam '${user.name}' '${user.uid}'"
+    ]
+  }
+}