205 lines
6.8 KiB
YAML
205 lines
6.8 KiB
YAML
# Proxmox LXC Deployment Configuration
|
|
# Fill out this configuration file to automate the deployment of QR Code Generator
|
|
|
|
# ==============================================================================
|
|
# PROXMOX HOST CONFIGURATION
|
|
# ==============================================================================
|
|
proxmox:
|
|
# Proxmox host IP address or hostname
|
|
host: "" # Example: 192.168.1.100
|
|
|
|
# Proxmox API port (default: 8006)
|
|
port: 8006
|
|
|
|
# Authentication method: "api_token" or "password"
|
|
auth_method: "api_token" # Recommended: api_token
|
|
|
|
# API Token (if using api_token auth)
|
|
# Format: USER@REALM!TOKENID=UUID
|
|
api_token_id: "" # Example: root@pam!terraform
|
|
api_token_secret: "" # Example: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx
|
|
|
|
# OR Username/Password (if using password auth)
|
|
username: "" # Example: root@pam
|
|
password: "" # Leave empty if using api_token
|
|
|
|
# Node name where LXC should be created
|
|
node: "pve" # Default: pve
|
|
|
|
# Deployment method: "local" (run from Proxmox host) or "remote" (run from this machine)
|
|
deployment_method: "local" # Options: local, remote
|
|
|
|
# ==============================================================================
|
|
# LXC CONTAINER CONFIGURATION
|
|
# ==============================================================================
|
|
lxc:
|
|
# Container ID (must be unique, typically 100-999)
|
|
vmid: 200 # Change this to an available ID
|
|
|
|
# Container hostname
|
|
hostname: "qr-generator"
|
|
|
|
# Linux distribution template
|
|
# Run 'pveam available' on Proxmox to see available templates
|
|
template: "ubuntu-22.04-standard" # Options: ubuntu-22.04-standard, debian-12-standard, alpine-3.18-default
|
|
|
|
# Storage pool for container template
|
|
template_storage: "local" # Where templates are stored
|
|
|
|
# Storage pool for container rootfs
|
|
rootfs_storage: "local-lvm" # Options: local-lvm, local-zfs, etc.
|
|
|
|
# Container type
|
|
unprivileged: true # true = more secure (recommended), false = privileged
|
|
|
|
# Auto-start container on Proxmox boot
|
|
onboot: true # true or false
|
|
|
|
# Start container after creation
|
|
start_after_creation: true # true or false
|
|
|
|
# ==============================================================================
|
|
# RESOURCE ALLOCATION
|
|
# ==============================================================================
|
|
resources:
|
|
# RAM in MB
|
|
memory: 2048 # Recommended: 1024-2048 MB
|
|
|
|
# Swap in MB
|
|
swap: 512 # Recommended: 512 MB
|
|
|
|
# Number of CPU cores
|
|
cores: 2 # Recommended: 1-2 cores
|
|
|
|
# CPU limit (percentage, 0-100)
|
|
cpulimit: 0 # 0 = unlimited
|
|
|
|
# Disk size
|
|
disk_size: "10G" # Example: 8G, 10G, 20G
|
|
|
|
# ==============================================================================
|
|
# NETWORK CONFIGURATION
|
|
# ==============================================================================
|
|
network:
|
|
# Network bridge
|
|
bridge: "vmbr0" # Default: vmbr0
|
|
|
|
# IP configuration method: "dhcp" or "static"
|
|
ip_method: "dhcp" # Options: dhcp, static
|
|
|
|
# Static IP configuration (only if ip_method is "static")
|
|
ip_address: "" # Example: 192.168.1.150/24
|
|
gateway: "" # Example: 192.168.1.1
|
|
nameserver: "" # Example: 8.8.8.8 or 192.168.1.1
|
|
|
|
# VLAN tag (optional, leave empty for no VLAN)
|
|
vlan_tag: "" # Example: 10
|
|
|
|
# Firewall enabled
|
|
firewall: false # true or false
|
|
|
|
# ==============================================================================
|
|
# APPLICATION CONFIGURATION
|
|
# ==============================================================================
|
|
application:
|
|
# Port for Streamlit application
|
|
port: 8501 # Default: 8501
|
|
|
|
# Application directory inside container
|
|
app_dir: "/opt/qr-code-generator"
|
|
|
|
# Python version
|
|
python_version: "3.11" # Options: 3.11, 3.10, 3.9
|
|
|
|
# Git repository URL (leave empty to copy files directly)
|
|
git_repo: "" # Example: https://github.com/yourusername/qr-code-generator.git
|
|
git_branch: "main" # Default: main
|
|
|
|
# Service management
|
|
systemd_service: true # Create systemd service to manage the app
|
|
restart_on_failure: true # Auto-restart service on failure
|
|
|
|
# ==============================================================================
|
|
# REVERSE PROXY & SSL (OPTIONAL)
|
|
# ==============================================================================
|
|
reverse_proxy:
|
|
# Enable reverse proxy (nginx)
|
|
enabled: false # true or false
|
|
|
|
# Domain name for the application
|
|
domain: "" # Example: qr.example.com
|
|
|
|
# Enable SSL/HTTPS
|
|
ssl_enabled: false # true or false
|
|
|
|
# SSL certificate method: "letsencrypt" or "self-signed"
|
|
ssl_method: "letsencrypt" # Options: letsencrypt, self-signed
|
|
|
|
# Let's Encrypt email (required if ssl_method is letsencrypt)
|
|
letsencrypt_email: "" # Example: admin@example.com
|
|
|
|
# HTTP to HTTPS redirect
|
|
force_https: true # true or false
|
|
|
|
# ==============================================================================
|
|
# SECURITY & ACCESS
|
|
# ==============================================================================
|
|
security:
|
|
# SSH key for root access (recommended)
|
|
ssh_public_key: "" # Example: ssh-rsa AAAAB3NzaC1yc2E... user@host
|
|
|
|
# Allow SSH root login
|
|
permit_root_login: true # true or false
|
|
|
|
# Root password (leave empty to keep default or use SSH key only)
|
|
root_password: "" # Leave empty for SSH key auth only
|
|
|
|
# Configure firewall rules
|
|
configure_firewall: false # true or false
|
|
|
|
# Allowed IP addresses/ranges for access (comma-separated)
|
|
allowed_ips: "" # Example: 192.168.1.0/24,10.0.0.0/8 or leave empty for all
|
|
|
|
# ==============================================================================
|
|
# UPDATES & MAINTENANCE
|
|
# ==============================================================================
|
|
maintenance:
|
|
# Enable automatic security updates
|
|
auto_security_updates: true # true or false
|
|
|
|
# Install additional monitoring tools
|
|
monitoring_tools: false # true or false (installs htop, ncdu, etc.)
|
|
|
|
# Timezone
|
|
timezone: "UTC" # Example: America/New_York, Europe/London, UTC
|
|
|
|
# ==============================================================================
|
|
# DEPLOYMENT AUTOMATION PREFERENCES
|
|
# ==============================================================================
|
|
automation:
|
|
# Deployment tool preference
|
|
# Options: "shell" (simple bash scripts), "terraform" (IaC), "ansible" (config management)
|
|
tool: "shell"
|
|
|
|
# Backup configuration before deployment
|
|
backup_enabled: false # true or false
|
|
|
|
# Validate configuration before deployment
|
|
validate_before_deploy: true # true or false
|
|
|
|
# Verbose output during deployment
|
|
verbose: true # true or false
|
|
|
|
# ==============================================================================
|
|
# NOTES
|
|
# ==============================================================================
|
|
# Additional notes or requirements:
|
|
notes: |
|
|
Add any additional notes, requirements, or customizations here.
|
|
|
|
Examples:
|
|
- Need to access from specific VPN
|
|
- Custom DNS requirements
|
|
- Integration with other services
|
|
- Backup requirements
|