cdf58844a8
Defines Hermes Agent LXC (VMID 118) on node gihyeon with 2 cores, 4 GB RAM, 24 GB disk, DHCP on intra01. Token-safe: nesting/keyctl features and bind mounts are intentionally omitted and must be applied via pct set after initial deploy. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
60 lines
1.6 KiB
HCL
60 lines
1.6 KiB
HCL
# Download Debian 12 LXC template to gihyeon (node1).
|
|
resource "proxmox_virtual_environment_download_file" "debian12_template_gihyeon" {
|
|
content_type = "vztmpl"
|
|
datastore_id = "local"
|
|
node_name = var.hermes_node
|
|
url = "http://download.proxmox.com/images/system/debian-12-standard_12.12-1_amd64.tar.zst"
|
|
}
|
|
|
|
# Hermes Agent LXC — token-safe skeleton.
|
|
# IMPORTANT: container `features` (nesting/keyctl) and bind mounts are NOT set
|
|
# here. The Proxmox API token cannot set host-security settings; they are applied
|
|
# once via the PVE web console with `pct set` (see scripts/hermes-bootstrap.sh
|
|
# and docs/superpowers/specs/2026-06-18-hermes-agent-lxc-design.md).
|
|
resource "proxmox_virtual_environment_container" "hermes" {
|
|
description = "Hermes Agent (Nous Research) - Managed by Terraform"
|
|
node_name = var.hermes_node
|
|
vm_id = var.hermes_vmid
|
|
start_on_boot = true
|
|
unprivileged = true
|
|
tags = ["ai", "agent", "terraform"]
|
|
|
|
operating_system {
|
|
template_file_id = proxmox_virtual_environment_download_file.debian12_template_gihyeon.id
|
|
type = "debian"
|
|
}
|
|
|
|
cpu {
|
|
cores = var.hermes_cores
|
|
}
|
|
|
|
memory {
|
|
dedicated = var.hermes_memory
|
|
swap = var.hermes_swap
|
|
}
|
|
|
|
disk {
|
|
datastore_id = var.hermes_datastore
|
|
size = var.hermes_disk_size
|
|
}
|
|
|
|
network_interface {
|
|
name = "eth0"
|
|
bridge = var.hermes_network_bridge
|
|
}
|
|
|
|
initialization {
|
|
hostname = var.hermes_hostname
|
|
|
|
ip_config {
|
|
ipv4 {
|
|
address = "dhcp"
|
|
}
|
|
}
|
|
|
|
dns {
|
|
servers = var.dns_servers
|
|
}
|
|
}
|
|
}
|